/probeSniffer

🔍 A tool for sniffing unencrypted wireless probe requests from devices.

Primary LanguagePythonMIT LicenseMIT

 ____  ____   ___  ____    ___ _________  ____ _____ _____  ___ ____    
|    \|    \ /   \|    \  /  _/ ___|    \|    |     |     |/  _|    \   
|  o  |  D  |     |  o  )/  [(   \_|  _  ||  ||   __|   __/  [_|  D  )  
|   _/|    /|  O  |     |    _\__  |  |  ||  ||  |_ |  |_|    _|    /   
|  |  |    \|     |  O  |   [_/  \ |  |  ||  ||   _]|   _|   [_|    \   
|  |  |  .  |     |     |     \    |  |  ||  ||  |  |  | |     |  .  \  
|__|  |__|\_|\___/|_____|_____|\___|__|__|____|__|  |__| |_____|__|\__|
                                       v3.0 by David Schütz (@xdavidhu)

Build Status Compatibility License Stars

A tool for sniffing unencrypted wireless probe requests from devices

new in 3.0:

  • Less packet drop
  • Offline / Faster vendor resolving
  • Way better performance on slower systems
  • Switching from scapy to tshark packet capture
  • Displaying / Logging BSSID's from probe requests (only if not broadcast)

features:

  • Capturing and displaying probe requests real time
  • Offline vendor resolving from MAC addresses
  • Displaying the number of devices nearby
  • Displaying the RSSIs of probe requests
  • Settable nicknames for mac addresses
  • Option to filter output by mac address
  • Displaying BSSIDs from probe requests
  • Capturing 'broadcast' probe requests (without ssid)
  • Logging the probe requests to an SQLite database file

requirements:

  • Kali Linux / Raspbian with root privileges
  • Python3 & pip3 & tshark & pyshark
  • A wireless card (capable for monitor mode)

options:

  • -h / display the help message
  • -d / do not show duplicate requests
  • -b / do not show 'broadcast' requests (without ssid)
  • -a / save duplicate requests to SQL
  • --filter / only show requests from the specified mac address
  • --norssi / do not include RSSI in output
  • --nosql / disable SQL logging completely
  • --addnicks / add nicknames to mac addresses
  • --flushnicks / flush nickname database
  • --noresolve / skip resolving mac address
  • --debug / turn debug mode on

installing:

Kali Linux / Raspbian:

$ sudo apt-get update && sudo apt-get install python3 python3-pip tshark -y

$ git clone https://github.com/xdavidhu/probeSniffer

$ cd probeSniffer/

$ python3 -m pip install -r requirements.txt

WARNING: probeSniffer is only compatible with Python 3.3 & 3.4 & 3.5 & 3.6

usage:

Make sure to put your interface into monitor mode before!

$ sudo python3 probeSniffer.py [monitor-mode-interface] [options]

disclaimer:

I'm not responsible for anything you do with this program, so please only use it for good and educational purposes.