Fatal编程技术网
  • python/
  • Python 发送探测请求并接收探测响应

Python 发送探测请求并接收探测响应

python

Python 发送探测请求并接收探测响应,python,wireless,scapy,wifi,Python,Wireless,Scapy,Wifi,我正在尝试执行发送802.11探测请求并从中接收探测响应的任务。但结果并不好 这是我的发送帧部分,我在python中使用Scapy: class Scapy80211(): def __init__(self,intf='wlan0',ssid='test',\ source='00:00:de:ad:be:ef',\ bssid='00:11:22:33:44:55',srcip='10.10.10.10'): self.rate

我正在尝试执行发送802.11探测请求并从中接收探测响应的任务。但结果并不好

这是我的发送帧部分,我在python中使用
Scapy

  class Scapy80211(): 
    def  __init__(self,intf='wlan0',ssid='test',\
          source='00:00:de:ad:be:ef',\
          bssid='00:11:22:33:44:55',srcip='10.10.10.10'):
    self.rates = "\x03\x12\x96\x18\x24\x30\x48\x60"
    self.ssid    = ssid
    self.source  = source
    self.srcip   = srcip
    self.bssid   = bssid
    self.intf    = intf
    self.intfmon = intf + 'mon'

    def ProbeReq(self,count=10,ssid='',dst='ff:ff:ff:ff:ff:ff', fc=0):
      if not ssid: ssid=self.ssid
      param = Dot11ProbeReq()
      essid = Dot11Elt(ID='SSID',info=ssid)
      rates  = Dot11Elt(ID='Rates',info=self.rates)
      dsset = Dot11Elt(ID='DSset',info='\x01')
      pkt = RadioTap()\
        /Dot11(type=0,subtype=4,FCfield=fc,addr1=dst,addr2=self.source,addr3=self.bssid)\
        /param/essid/rates/dsset

      print '[*] 802.11 Probe Request: SSID=[%s], count=%d' % (ssid,count)
      try:
        sendp(pkt,count=count,inter=0.1,verbose=1)
      except:
        raise

ssid = 'aa' #This is the AP I want to interact with
sdot11 = Scapy80211(intf='mon0')
sdot11.ProbeReq(ssid=ssid)
sniff(count=10, timeout=5, prn=PacketHandler, filter="type mgt subtype probe-resp")
我运行代码20次,有一次我可以得到结果

另外,结果也有点奇怪,当我能收到回复的时候,我当时经常收到很多

有人能帮我吗?您通常如何进行发送和接收工作

我已将代码更改为
srp()
。我删除sniff()语句并用srp()替换sendp()。这是我的结果,我很困惑

[*] 802.11 Probe Request: SSID=[aa], count=10
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.

Received 0 packets, got 0 answers, remaining 1 packets
[*] 802.11 Probe Request: SSID=[aa], count=10
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.
Begin emission:
Finished to send 1 packets.

Received 12 packets, got 0 answers, remaining 1 packets
我想从aa接收探测响应帧,即我向其发送探测请求的帧

那么结果是没有答案?我不确定这是否与我没有填写正确的参数有关,比如SSID、source、bssid。我是否应该将目的地从“ff:ff:ff:ff:ff:ff”更改为MAC地址aa

除非我错了,否则您正在发送探测,然后嗅探响应。如果一个答案到达,它很可能同时到达

您可能应该使用
srp()
函数来发送帧并匹配答案。

试试您的代码:
如果不是ssid:ssid=self.ssid 而不是:
如果ssid!=“”:ssid=self.ssid

我希望这会有帮助

是的,我就是这么做的。我已将我的代码更改为
srp()
,我发布了结果和我的不确定信息。你能帮我看看吗?