SCAPY PYTHON-获取802.11 DS状态 [英] SCAPY PYTHON - Get 802.11 DS Status

问题描述

我正在尝试使用SCAPY创建一个嗅探程序，以演示802.11设备在802.11网络中的关联和角色。

I'm trying to use SCAPY to create a sniffing program to demonstrate 802.11 device association[s] and roles within an 802.11 network.

SCAPY具有简单的功能，可以识别信标帧，探测请求和探测响应。我正在尝试进行更深入的研究，并根据DS状态进行我自己的评估，以显示所有其他流量关联。

SCAPY has simple functions to identify Beacon frames, probe requests and probe responses. I'm trying to dig a bit deeper than that and do my own evaluation based upon the DS status to show all other traffic association[s].

我不能做什么它确定如何获取DS状态值（00、01、10、11）。如果确定，那么我可以相应地处理框架以获取源代码，BSSID，接收器，发送器和目的地以适合我的代码。

What I cannot do it determine how to get the value of the DS status (00, 01,10,11). If determined, then I can handle the frame accordingly to get SOURCE, BSSID, RECEIVER, TRANSMITTER and DESTINATION to suit my code.

我发现我应该能够通过tshark（wlan.fc.ds）获取DS Status，因此，如果需要，我可以将帧传递给tshark派生的进程；但是我首先想尝试使用SCAPY来完成所有操作，因为我才刚刚开始使用带有PYTHON的SCAPY进行编码，而且我不想一开始就跳到其他MAC帧分析程序。

I have found that I should be able to get DS Status with tshark (wlan.fc.ds) so, if required, I could pass the frame to a tshark derived process; but I'd firstly like to attempt to do it all using SCAPY as I've only just started coding using SCAPY with PYTHON and I don't want to jump to other MAC frame analytical programs at the first hurdle.

除了创建我的程序来演示设备关联之外；我还将它用作一种工具，这意味着我可以了解有关802.11，PYTHON和SCAPY的更多信息，因此，我希望对每个帧进行一些深入研究，并将它们分组为DS状态。
谢谢，
鲍勃

In addition to creating my program to demonstrate device associations; I'm also using it as a tool means for me to learn more about 802.11, PYTHON and SCAPY therefore I wish to dig into each frame a bit, grouping them on the DS state. Thanks, Bob

推荐答案

Scapy 的源代码显示了 To DS 和 From DS 值位于 FCField （代表 Frame Control 字段）内：

Scapy's source code reveals that the To DS and From DS values reside within FCField (which stands for Frame Control Field):

class Dot11(Packet):
    name = "802.11"
    fields_desc = [
                    BitField("subtype", 0, 4),
                    BitEnumField("type", 0, 2, ["Management", "Control", "Data", "Reserved"]),
                    BitField("proto", 0, 2),
                    FlagsField("FCfield", 0, 8, ["to-DS", "from-DS", "MF", "retry", "pw-mgt", "MD", "wep", "order"]),
                    ShortField("ID",0),
                    MACField("addr1", ETHER_ANY),
                    Dot11Addr2MACField("addr2", ETHER_ANY),
                    Dot11Addr3MACField("addr3", ETHER_ANY),
                    Dot11SCField("SC", 0),
                    Dot11Addr4MACField("addr4", ETHER_ANY) 
                    ]

因此，一旦掌握了 Dot11 数据包，便可以检查其 DS 状态：

Therefore, once you've got hold of a Dot11 packet, you can inspect its DS status via the following code:

DS = pkt.FCfield & 0x3
to_DS = DS & 0x1 != 0
from_DS = DS & 0x2 != 0

这篇关于SCAPY PYTHON-获取802.11 DS状态的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！