Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
4.2k views
in Technique[技术] by (71.8m points)

python - 802.11 wifi packet missing addr2

I am very new to network and packet sniffing. What I am trying to do is sniffing the wifi network and print out all packets with their types and subtypes. What I have tried so far is using scapy with Python and the code is running on a raspberry pi with wifi adapter in monitor mode.

A strange behavior I discovered is in many cases when the packet type is 1 the addr2 (sender/source MAC address) was be missing. I simply get 'None' value in the console output.

Below is part of code I tried to capture all packets:

def PacketHandler(pkt):
        if pkt.haslayer(Dot11):
             print('Pkt type: ', pkt.type, 'Pkt subtype: ', pkt.subtype)
             deviceList.append((pkt.addr2, datetime.fromtimestamp(pkt.time).strftime('%H:%M:%S')))
for i in range(args.numOfEp):
         print("This is epoch: " + str(i))
         sniff(iface=args.iface, prn=PacketHandler, timeout=args.epoch)

I am only interested in capturing sender MAC for now so I used pkt.addr2 here. Below is a part of the output: enter image description here

I have also checked many articles online and none of them seem to explain if and when the addr2 MAC address may be omitted in certain type of packets. Maybe my code isn't correct? Please give me some idea why this is happening. It will even be better if you can point out some papers or publications which address this issue. Thanks a lot in advance!


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)
等待大神解答

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...