mirror of
https://github.com/bettercap/bettercap
synced 2025-08-14 10:46:57 -07:00
new: wifi.recon now reports wifi.client.new and wifi.client.lost events
This commit is contained in:
evilsocket
parent
44629f62ca
commit
4c5a776f86
4 changed files with 73 additions and 24 deletions
|
|
@ -44,7 +44,7 @@ func (s *EventsStream) viewWiFiApEvent(e session.Event) {
|
|||
}
|
||||
|
||||
func (s *EventsStream) viewWiFiClientProbeEvent(e session.Event) {
|
||||
probe := e.Data.(WiFiProbe)
|
||||
probe := e.Data.(WiFiProbeEvent)
|
||||
desc := ""
|
||||
if probe.FromAlias != "" {
|
||||
desc = fmt.Sprintf(" (%s)", probe.FromAlias)
|
||||
|
|
@ -86,6 +86,25 @@ func (s *EventsStream) viewWiFiHandshakeEvent(e session.Event) {
|
|||
hand.File)
|
||||
}
|
||||
|
||||
func (s *EventsStream) viewWiFiClientEvent(e session.Event) {
|
||||
ce := e.Data.(WiFiClientEvent)
|
||||
if e.Tag == "wifi.client.new" {
|
||||
fmt.Fprintf(s.output, "[%s] [%s] new wifi client %s detected for %s (%s)\n",
|
||||
e.Time.Format(eventTimeFormat),
|
||||
tui.Green(e.Tag),
|
||||
ce.Client.BSSID(),
|
||||
tui.Bold(ce.AP.ESSID()),
|
||||
tui.Dim(ce.AP.BSSID()))
|
||||
} else if e.Tag == "wifi.client.lost" {
|
||||
fmt.Fprintf(s.output, "[%s] [%s] wifi client %s disconnected from %s (%s)\n",
|
||||
e.Time.Format(eventTimeFormat),
|
||||
tui.Green(e.Tag),
|
||||
ce.Client.BSSID(),
|
||||
tui.Bold(ce.AP.ESSID()),
|
||||
tui.Dim(ce.AP.BSSID()))
|
||||
}
|
||||
}
|
||||
|
||||
func (s *EventsStream) viewWiFiEvent(e session.Event) {
|
||||
if strings.HasPrefix(e.Tag, "wifi.ap.") {
|
||||
s.viewWiFiApEvent(e)
|
||||
|
|
@ -93,5 +112,9 @@ func (s *EventsStream) viewWiFiEvent(e session.Event) {
|
|||
s.viewWiFiClientProbeEvent(e)
|
||||
} else if e.Tag == "wifi.client.handshake" {
|
||||
s.viewWiFiHandshakeEvent(e)
|
||||
} else if e.Tag == "wifi.client.new" || e.Tag == "wifi.client.lost" {
|
||||
s.viewWiFiClientEvent(e)
|
||||
} else {
|
||||
fmt.Fprintf(s.output, "[%s] [%s] %v\n", e.Time.Format(eventTimeFormat), tui.Green(e.Tag), e)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
27
modules/wifi_events.go
Normal file
27
modules/wifi_events.go
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
package modules
|
||||
|
||||
import (
|
||||
"net"
|
||||
|
||||
"github.com/bettercap/bettercap/network"
|
||||
)
|
||||
|
||||
type WiFiClientEvent struct {
|
||||
AP *network.AccessPoint
|
||||
Client *network.Station
|
||||
}
|
||||
|
||||
type WiFiProbeEvent struct {
|
||||
FromAddr net.HardwareAddr
|
||||
FromVendor string
|
||||
FromAlias string
|
||||
SSID string
|
||||
RSSI int8
|
||||
}
|
||||
|
||||
type WiFiHandshakeEvent struct {
|
||||
File string
|
||||
NewPackets int
|
||||
AP net.HardwareAddr
|
||||
Station net.HardwareAddr
|
||||
}
|
||||
|
|
@ -17,32 +17,17 @@ import (
|
|||
|
||||
var maxStationTTL = 5 * time.Minute
|
||||
|
||||
type WiFiProbe struct {
|
||||
FromAddr net.HardwareAddr
|
||||
FromVendor string
|
||||
FromAlias string
|
||||
SSID string
|
||||
RSSI int8
|
||||
}
|
||||
|
||||
type WiFiHandshakeEvent struct {
|
||||
File string
|
||||
NewPackets int
|
||||
AP net.HardwareAddr
|
||||
Station net.HardwareAddr
|
||||
}
|
||||
|
||||
func (w *WiFiModule) stationPruner() {
|
||||
w.reads.Add(1)
|
||||
defer w.reads.Done()
|
||||
|
||||
log.Debug("WiFi stations pruner started.")
|
||||
log.Debug("wifi stations pruner started.")
|
||||
for w.Running() {
|
||||
// loop every AP
|
||||
for _, ap := range w.Session.WiFi.List() {
|
||||
sinceLastSeen := time.Since(ap.LastSeen)
|
||||
if sinceLastSeen > maxStationTTL {
|
||||
log.Debug("Station %s not seen in %s, removing.", ap.BSSID(), sinceLastSeen)
|
||||
log.Debug("station %s not seen in %s, removing.", ap.BSSID(), sinceLastSeen)
|
||||
w.Session.WiFi.Remove(ap.BSSID())
|
||||
continue
|
||||
}
|
||||
|
|
@ -50,8 +35,13 @@ func (w *WiFiModule) stationPruner() {
|
|||
for _, c := range ap.Clients() {
|
||||
sinceLastSeen := time.Since(c.LastSeen)
|
||||
if sinceLastSeen > maxStationTTL {
|
||||
log.Debug("Client %s of station %s not seen in %s, removing.", c.String(), ap.BSSID(), sinceLastSeen)
|
||||
log.Debug("client %s of station %s not seen in %s, removing.", c.String(), ap.BSSID(), sinceLastSeen)
|
||||
ap.RemoveClient(c.BSSID())
|
||||
|
||||
w.Session.Events.Add("wifi.client.lost", WiFiClientEvent{
|
||||
AP: ap,
|
||||
Client: c,
|
||||
})
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -117,7 +107,7 @@ func (w *WiFiModule) discoverProbes(radiotap *layers.RadioTap, dot11 *layers.Dot
|
|||
return
|
||||
}
|
||||
|
||||
w.Session.Events.Add("wifi.client.probe", WiFiProbe{
|
||||
w.Session.Events.Add("wifi.client.probe", WiFiProbeEvent{
|
||||
FromAddr: dot11.Address2,
|
||||
FromVendor: network.ManufLookup(dot11.Address2.String()),
|
||||
FromAlias: w.Session.Lan.GetAlias(dot11.Address2.String()),
|
||||
|
|
@ -130,7 +120,16 @@ func (w *WiFiModule) discoverClients(radiotap *layers.RadioTap, dot11 *layers.Do
|
|||
w.Session.WiFi.EachAccessPoint(func(bssid string, ap *network.AccessPoint) {
|
||||
// packet going to this specific BSSID?
|
||||
if packets.Dot11IsDataFor(dot11, ap.HW) {
|
||||
ap.AddClient(dot11.Address2.String(), int(radiotap.ChannelFrequency), radiotap.DBMAntennaSignal)
|
||||
bssid := dot11.Address2.String()
|
||||
freq := int(radiotap.ChannelFrequency)
|
||||
rssi := radiotap.DBMAntennaSignal
|
||||
|
||||
if station, isNew := ap.AddClientIfNew(bssid, freq, rssi); isNew {
|
||||
w.Session.Events.Add("wifi.client.new", WiFiClientEvent{
|
||||
AP: ap,
|
||||
Client: station,
|
||||
})
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue