在此示例中,是用于为Proberequests创建应答机的代码。结果是 AP正在设备上显示。以下是我的代码。为了使它正常工作,我不得不进行一些更改。
import sys
import os
import time
from scapy.all import *
os.sys.path.append('/usr/lib/python2.7/dist-packages')
conf.iface = "wlan0mon"
class ProbeRequest_am(AnsweringMachine):
function_name = "pram"
mac = "00:11:22:33:44:55"
def is_request(self, pkt):
return Dot11ProbeReq in pkt
def make_reply(self, req):
rep = RadioTap()
rep /= Dot11(addr1=req.addr2, addr2=self.mac, addr3=self.mac, ID = RandShort(), SC= RandShort())
rep /= Dot11ProbeResp(cap="ESS", timestamp=int(time.time()))
rep /= Dot11Elt(ID="SSID",info ="Scapy !")
rep /= Dot11Elt(ID="Rates", info=b'\x82\x84\x0b\x16\x96')
rep /= Dot11Elt(ID="DSset", info=chr(10))
return rep
ProbeRequest_am()()
首先,AP在我拥有的任何设备上都不可见。但是输出与我的设备在家里寻找我的AP有关。AFAIK我的智能手机(iOS 12.2)不会将其实际的MAC用于Proberequest,并且该程序仅应对Proberequest作出反应。但这是运行脚本的输出(我的iPhone的实际MAC,但已更改为发布= d0:c5:f3:00:00:00):
RadioTap / 802.11 Management 4 d0:c5:f3:00:00:00 > ff:ff:ff:ff:ff:ff …