74 lines
2.3 KiB
Python
Executable file
74 lines
2.3 KiB
Python
Executable file
#!/usr/bin/env python3
|
|
import pyshark
|
|
import argparse
|
|
|
|
def analyze_radiotap_info(pcapng_path, limit=100):
|
|
cap = pyshark.FileCapture(
|
|
pcapng_path,
|
|
display_filter='radiotap',
|
|
use_json=True,
|
|
include_raw=False,
|
|
keep_packets=False
|
|
)
|
|
|
|
print(f"\nAnalyzing up to {limit} packets for radiotap metadata...\n")
|
|
|
|
count = 0
|
|
for packet in cap:
|
|
if not hasattr(packet, 'radiotap'):
|
|
continue
|
|
|
|
print(f"Packet #{count + 1}")
|
|
|
|
# Grab what you can from radiotap
|
|
signal = getattr(packet.radiotap, 'dbm_antsignal', None)
|
|
noise = getattr(packet.radiotap, 'dbm_antnoise', None)
|
|
channel = getattr(packet.radiotap, 'channel_freq', None)
|
|
rate = getattr(packet.radiotap, 'rate', None)
|
|
antenna = getattr(packet.radiotap, 'antenna', None)
|
|
flags = getattr(packet.radiotap, 'flags', None)
|
|
|
|
if signal is not None:
|
|
print(f" Signal Strength: {signal} dBm")
|
|
else:
|
|
print(" Signal Strength: [unavailable]")
|
|
|
|
if noise is not None:
|
|
print(f" Noise Level: {noise} dBm")
|
|
else:
|
|
print(" Noise Level: [missing or fake]")
|
|
|
|
if channel:
|
|
print(f" Channel Frequency: {channel} MHz")
|
|
else:
|
|
print(" Channel Frequency: [unavailable]")
|
|
|
|
if rate:
|
|
print(f" Data Rate: {rate} Mbps")
|
|
else:
|
|
print(" Data Rate: [unavailable]")
|
|
|
|
if antenna:
|
|
print(f" Antenna Index: {antenna}")
|
|
if flags:
|
|
print(f" Radiotap Flags: {flags}")
|
|
|
|
print("-" * 50)
|
|
count += 1
|
|
if count >= limit:
|
|
break
|
|
|
|
cap.close()
|
|
|
|
if count == 0:
|
|
print("No usable radiotap packets found. Either the capture is cursed or your Panda is just decorative.")
|
|
|
|
print(f"\nFinished analyzing {count} packet(s). Radiotap field spelunking complete.\n")
|
|
|
|
if __name__ == '__main__':
|
|
parser = argparse.ArgumentParser(description="Panda Truth Probe: Radiotap Field Dump")
|
|
parser.add_argument('--pcapng', required=True, help='Path to your .pcapng file')
|
|
parser.add_argument('--limit', type=int, default=50, help='Max number of packets to analyze')
|
|
args = parser.parse_args()
|
|
|
|
analyze_radiotap_info(args.pcapng, args.limit)
|