From 0bb9acf033bb6a5619a87c961dc7a6988c3f0214 Mon Sep 17 00:00:00 2001
From: evilsocket <evilsocket@gmail.com>
Date: Mon, 11 Feb 2019 11:53:22 +0100
Subject: [PATCH] new: new wifi.rssi.min parameter

---
 modules/wifi/wifi.go       | 12 +++++++++++-
 modules/wifi/wifi_recon.go | 26 +++++++++++++++-----------
 2 files changed, 26 insertions(+), 12 deletions(-)

diff --git a/modules/wifi/wifi.go b/modules/wifi/wifi.go
index 3ffd2c2c..a3099f0a 100644
--- a/modules/wifi/wifi.go
+++ b/modules/wifi/wifi.go
@@ -27,6 +27,7 @@ type WiFiModule struct {
 
 	handle              *pcap.Handle
 	source              string
+	minRSSI             int
 	channel             int
 	hopPeriod           time.Duration
 	hopChanges          chan bool
@@ -54,6 +55,7 @@ type WiFiModule struct {
 func NewWiFiModule(s *session.Session) *WiFiModule {
 	w := &WiFiModule{
 		SessionModule: session.NewSessionModule("wifi", s),
+		minRSSI:       -200,
 		channel:       0,
 		stickChan:     0,
 		hopPeriod:     250 * time.Millisecond,
@@ -108,6 +110,10 @@ func NewWiFiModule(s *session.Session) *WiFiModule {
 			return err
 		}))
 
+	w.AddParam(session.NewIntParameter("wifi.rssi.min",
+		"-200",
+		"Minimum WiFi signal strength in dBm."))
+
 	w.AddHandler(session.NewModuleHandler("wifi.deauth BSSID", `wifi\.deauth ((?:[a-fA-F0-9:]{11,})|all|\*)`,
 		"Start a 802.11 deauth attack, if an access point BSSID is provided, every client will be deauthenticated, otherwise only the selected client. Use 'all', '*' or a broadcast BSSID (ff:ff:ff:ff:ff:ff) to iterate every access point with at least one client and start a deauth attack for each one.",
 		func(args []string) error {
@@ -291,6 +297,10 @@ func (w *WiFiModule) Configure() error {
 		}
 	}
 
+	if err, w.minRSSI = w.IntParam("wifi.rssi.min"); err != nil {
+		return err
+	}
+
 	ifName := w.Session.Interface.Name()
 
 	if w.source != "" {
@@ -354,7 +364,7 @@ func (w *WiFiModule) Configure() error {
 			if err = network.SetInterfaceChannel(ifName, 1); err != nil {
 				return fmt.Errorf("error while initializing %s to channel 1: %s", ifName, err)
 			}
-			log.Info("WiFi recon active with channel hopping.")
+			log.Info("wifi.recon started (min rssi: %d dBm)", w.minRSSI)
 		}
 	}
 
diff --git a/modules/wifi/wifi_recon.go b/modules/wifi/wifi_recon.go
index 0d5a0c89..fb67e372 100644
--- a/modules/wifi/wifi_recon.go
+++ b/modules/wifi/wifi_recon.go
@@ -60,19 +60,23 @@ func (w *WiFiModule) discoverAccessPoints(radiotap *layers.RadioTap, dot11 *laye
 		}
 
 		if !network.IsZeroMac(from) && !network.IsBroadcastMac(from) {
-			var frequency int
-			bssid := from.String()
+			if int(radiotap.DBMAntennaSignal) >= w.minRSSI {
+				var frequency int
+				bssid := from.String()
 
-			if found, channel := packets.Dot11ParseDSSet(packet); found {
-				frequency = network.Dot11Chan2Freq(channel)
+				if found, channel := packets.Dot11ParseDSSet(packet); found {
+					frequency = network.Dot11Chan2Freq(channel)
+				} else {
+					frequency = int(radiotap.ChannelFrequency)
+				}
+
+				if ap, isNew := w.Session.WiFi.AddIfNew(ssid, bssid, frequency, radiotap.DBMAntennaSignal); !isNew {
+					ap.EachClient(func(mac string, station *network.Station) {
+						station.Handshake.SetBeacon(packet)
+					})
+				}
 			} else {
-				frequency = int(radiotap.ChannelFrequency)
-			}
-
-			if ap, isNew := w.Session.WiFi.AddIfNew(ssid, bssid, frequency, radiotap.DBMAntennaSignal); !isNew {
-				ap.EachClient(func(mac string, station *network.Station) {
-					station.Handshake.SetBeacon(packet)
-				})
+				log.Debug("skipping %s with %d dBm", from.String(), radiotap.DBMAntennaSignal)
 			}
 		}
 	}