____ ____ ___ ____ ___ _________ ____ _____ _____ ___ ____
| \| \ / \| \ / _/ ___| \| | | |/ _| \
| o | D | | o )/ [( \_| _ || || __| __/ [_| D )
| _/| /| O | | _\__ | | || || |_ | |_| _| /
| | | \| | O | [_/ \ | | || || _]| _| [_| \
| | | . | | | \ | | || || | | | | | . \
|__| |__|\_|\___/|_____|_____|\___|__|__|____|__| |__| |_____|__|\__|
v3.0 by David Schütz (@xdavidhu)
⚠️ Warning! This project is no longer maintained and may not work as excepted.
A tool for sniffing unencrypted wireless probe requests from devices
new in 3.0:
- Less packet drop
- Offline / Faster vendor resolving
- Way better performance on slower systems
- Switching from scapy to tshark packet capture
- Displaying / Logging BSSID's from probe requests (only if not broadcast)
features:
- Capturing and displaying probe requests real time
- Offline vendor resolving from MAC addresses
- Displaying the number of devices nearby
- Displaying the RSSIs of probe requests
- Settable nicknames for mac addresses
- Option to filter output by mac address
- Displaying BSSIDs from probe requests
- Capturing 'broadcast' probe requests (without ssid)
- Logging the probe requests to an SQLite database file
requirements:
- Kali Linux / Raspbian with root privileges
- Python3 & pip3 & tshark & pyshark
- A wireless card (capable for monitor mode)
options:
- -h / display the help message
- -d / do not show duplicate requests
- -b / do not show 'broadcast' requests (without ssid)
- -a / save duplicate requests to SQL
- --filter / only show requests from the specified mac address
- --norssi / do not include RSSI in output
- --nosql / disable SQL logging completely
- --addnicks / add nicknames to mac addresses
- --flushnicks / flush nickname database
- --noresolve / skip resolving mac address
- --debug / turn debug mode on
installing:
Kali Linux / Raspbian:
$ sudo apt-get update && sudo apt-get install python3 python3-pip tshark -y
$ git clone https://github.com/xdavidhu/probeSniffer
$ cd probeSniffer/
$ python3 -m pip install -r requirements.txt
WARNING: probeSniffer is only compatible with Python 3.3 & 3.4 & 3.5 & 3.6
usage:
Make sure to put your interface into monitor mode before!
$ sudo python3 probeSniffer.py [monitor-mode-interface] [options]
disclaimer:
I'm not responsible for anything you do with this program, so please only use it for good and educational purposes.