A python implementation of airodump-ng - the classic wifi sniffing tool.
airodump-iv is probably inferior in a lot of ways to airodump-ng but is being written as a learning tool. It might also be useful to python developers interested in wifi sniffing.
Currently the only feature in airodump-iv not in airodump-ng is clearly identifying the SSIDs for hidden networks (when possible).
airodump.py is being developed in ubuntu precise with an Alpha AWUS036H or D-Link DWA-123 wireless card.
TODO
airodump.py makes uses of scapy for sniffing and protocol/structure parsing
My interest in this project was kicked off by a wifi penetration class @ Blackhat EU. Since then I've read quite a few protocol documents.
less /usr/include/linux/wireless.h
Steps to run include:
git clone git://github.com/ivanlei/airodump-iv.git
git submodule init
git submodule update
cd airodump-iv/airoiv
sudo airmon-ng check kill
sudo airmon-ng start wlan0
sudo python airodump-iv.py
CTRL-C
(... repeatedly sometimes)Useful options include:
--iface=IFACE
- Set the interface to sniff on. By default mon0
.--channel=CHANNEL
- Monitor a single channel. By default it will channel-hop.--max-channel=MAX_CHANNEL
- Set maximum channel during hopping. By default queries Wireless Extensions.--packet_count=PACKET_COUNT
- Number of packets to capture. By default unlimited.--input-file=INPUT_FILE
- Read from PCAP file.-v
- Verbose mode. Does not play well with curses mode.--no-curses
- Disable the curses interface.A Ubuntu precise Vagrantfile is included in the project. It will use puppet standalone to configure a clean wifi test environment in VirtualBox that includes airocrack-ng (from unofficial apt repo), iw tools, wireless-tools, and the contents of this repo.
After installing Vagrant and Virtualbox:
cd airodump-iv/Vagrant
vagrant up airoiv01
vagrant ssh airoiv01
vboxmanage list usbhost
and find the UUID of the USB devicevboxmanage list vms
and find the UUID of the vmvboxmanager controlvm <UUID-of-vm> usbattach <UUID-of-usb-device>