From fdc38e6413e8125812a43b2196f6207e5cbf79ee Mon Sep 17 00:00:00 2001 From: Yaro Kasear Date: Thu, 1 May 2025 14:20:17 -0500 Subject: [PATCH] Add support for including probe responses in AP detection and implement suspect SSID reporting --- listener.py | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/listener.py b/listener.py index 2ca4d5d..6a1d42c 100755 --- a/listener.py +++ b/listener.py @@ -24,6 +24,7 @@ ap_clients = defaultdict(lambda: defaultdict(int)) target_ap_bssid = None beacon_counts = defaultdict(int) current_channel = None +include_probes = False # === Signal handling === def stop_sniff(signum, frame): @@ -79,8 +80,8 @@ def handle_packet(pkt): a1 = dot11.addr1.lower() if dot11.addr1 else None a2 = dot11.addr2.lower() if dot11.addr2 else None - # === Detect APs via beacon frames only === - if dot11.type == 0 and dot11.subtype == 8: + # === Detect APs via beacon (and optionally probe response) frames === + if dot11.type == 0 and dot11.subtype in ([8, 5] if include_probes else [8]): if a2 and is_unicast(a2): beacon_counts[a2] += 1 if beacon_counts[a2] > 1: @@ -168,6 +169,19 @@ def get_connected_bssid(interface): except Exception as e: print(f"[!] Failed to get connected BSSID for {interface}: {e}") return None + +def print_suspect_aps(): + print("\n[?] Suspect SSIDs (possibly printers, IoT, weird stuff):") + suspects = [] + keywords = ("setup", "direct-", "hp", "epson", "canon", "brother", "smart", "wifi-", "printer") + for bssid, ssid in ssid_map.items(): + if any(kw in ssid.lower() for kw in keywords): + suspects.append((bssid, ssid)) + if suspects: + for bssid, ssid in suspects: + print(f" - {bssid} (SSID: {ssid})") + else: + print(" None found (yet).") # === Main === def main(): @@ -176,6 +190,7 @@ def main(): parser.add_argument("--monitor-iface", required=True, help="Monitor interface to sniff on") parser.add_argument("--outfile", required=True, help="CSV file to append metrics row") parser.add_argument("--channel", type=int, help="Channel to lock monitor interface to (overrides main iface)") + parser.add_argument("--include-probes", action="store_true", help="Include probe responses as valid APs") args = parser.parse_args() @@ -220,6 +235,7 @@ def main(): ssid = ssid_map.get(bssid, "") print(f" - {bssid} (SSID: {ssid})") print(f"[+] Total APsOnChannel: {len(aps)}") + print_suspect_aps() reset_interface(args.monitor_iface)