From 412d8762a5497d91951c4a1e354227a341c982c6 Mon Sep 17 00:00:00 2001 From: Yaro Kasear Date: Wed, 16 Apr 2025 08:50:16 -0500 Subject: [PATCH] Enhance analyze_pcap function to track SSIDs and BSSIDs, and collect signal strengths for improved analysis --- enrich.py | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/enrich.py b/enrich.py index db8f364..eb8ca3e 100755 --- a/enrich.py +++ b/enrich.py @@ -4,6 +4,7 @@ import csv from datetime import datetime import pyshark from statistics import mean +from collections import defaultdict # United States regulatory domain channel lookup table @@ -296,6 +297,11 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel): max_ap_signal = 0 unlinked_devices = 0 + ssid_clients = defaultdict(set) + ssid_signals = defaultdict(list) + ssid_to_bssids = defaultdict(set) + bssid_to_ssid = {} + try: # Filter packets manually by timestamp filtered_packets = [] @@ -307,6 +313,42 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel): except Exception: continue + for packet in filtered_packets: + try: + if 'radiotap' not in packet or 'wlan' not in packet or 'wlan.mgt' not in packet: + continue + + radio = packet.radiotap + wlan = packet.wlan + + if not hasattr(radio.channel, 'freq'): + continue + + packet_freq = int(radio.channel.freq) + packet_channel = get_channel_from_freq(packet_freq) + + subtype = int(getattr(wlan, 'type_subtype', 0), 16) + if subtype not in (5, 8): # Probe Response or Beacon + continue + + ssid = getattr(packet.wlan.mgt, 'ssid', None).strip() + bssid = getattr(wlan, 'bssid', '').lower() + + # For debugging purposes, print the SSID and BSSID + print(f"SSID: {ssid}, BSSID: {bssid}") + + if not ssid or not bssid or bssid == 'ff:ff:ff:ff:ff:ff': + continue + + bssid_to_ssid[bssid] = ssid + ssid_to_bssids[ssid].add(bssid) + + signal = getattr(radio, 'dbm_antsignal', None) + if signal: + ssid_signals[ssid].append(int(signal)) + except: + continue + clients_on_ap = get_clients_on_ap(filtered_packets, ap_bssid) clients_on_channel = get_clients_on_channel(filtered_packets, ap_channel, ap_bssid) aps_on_channel = get_aps_on_channel(filtered_packets, ap_channel)