Compare commits
14 Commits
54d627d469
...
f_docker
| Author | SHA1 | Date | |
|---|---|---|---|
| 720fbbe75b | |||
| a681bbd2d2 | |||
| d9ee804c3b | |||
| e320d8670b | |||
| 2d824543d1 | |||
| 6e080907d1 | |||
| 91c3aca9e2 | |||
| 31ab10c3e1 | |||
| 8ff7211f0f | |||
| 2ae85ababb | |||
| 227ba127f8 | |||
| 8417de5756 | |||
| 54eadf3bc3 | |||
| e39ebaac23 |
@@ -7,7 +7,11 @@ WORKDIR /usr/src/app
|
||||
COPY package*.json ./
|
||||
RUN npm install
|
||||
|
||||
RUN apt-get update
|
||||
RUN apt-get -y install \
|
||||
tcpdump
|
||||
|
||||
# Bundle app source
|
||||
COPY ./src/ .
|
||||
|
||||
CMD ["npm", "run"]
|
||||
CMD ["npm", "run", "start"]
|
||||
15
docker-compose.yml
Normal file
15
docker-compose.yml
Normal file
@@ -0,0 +1,15 @@
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rfmon:
|
||||
container_name: rfmon
|
||||
image: # TODO: Add image
|
||||
restart: unless-stopped
|
||||
network_mode: "host"
|
||||
environment:
|
||||
- LOGLEVEL=DEBUG
|
||||
- WIFI_INTERFACE=wlan0
|
||||
- INFLUX_URL=http://influxdb:8086/
|
||||
- INFLUX_TOKEN=
|
||||
- INFLUX_ORG=
|
||||
- INFLUX_BUCKET=
|
||||
@@ -2,10 +2,10 @@
|
||||
"name": "rfmon-to-influx",
|
||||
"version": "1.0.0",
|
||||
"description": "Writing (mostly meta-) data received in Wireless-Monitor-Mode into an InfluxDB",
|
||||
"main": "src/main.js",
|
||||
"main": "main.js",
|
||||
"scripts": {
|
||||
"test": "echo \"Error: no test specified\" && exit 1",
|
||||
"start": "node src/main.js"
|
||||
"start": "node main.js"
|
||||
},
|
||||
"repository": {
|
||||
"type": "git",
|
||||
|
||||
43
src/helper/wifiStateAnalyzer.js
Normal file
43
src/helper/wifiStateAnalyzer.js
Normal file
@@ -0,0 +1,43 @@
|
||||
const { HandshakeStage } = require.main.require('./dto/Packet.js');
|
||||
|
||||
function keyInfoFromRaw(keyInfoRaw) {
|
||||
return {
|
||||
"KeyDescriptorVersion": keyInfoRaw>>0 & 0b111,
|
||||
"KeyType": keyInfoRaw>>3 & 0b1,
|
||||
"KeyIndex": keyInfoRaw>>4 & 0b11,
|
||||
"Install": keyInfoRaw>>6 & 0b1,
|
||||
"KeyACK": keyInfoRaw>>7 & 0b1,
|
||||
"KeyMIC": keyInfoRaw>>8 & 0b1,
|
||||
"Secure": keyInfoRaw>>9 & 0b1,
|
||||
"Error": keyInfoRaw>>10 & 0b1,
|
||||
"Request": keyInfoRaw>>11 & 0b1,
|
||||
"EncryptedKeyData": keyInfoRaw>>12 & 0b1,
|
||||
"SMKMessage": keyInfoRaw>>13 & 0b1,
|
||||
};
|
||||
}
|
||||
|
||||
const HANDSHAKE_STAGE_KEYINFO = {
|
||||
"keys": ["Install", "KeyACK", "KeyMIC", "Secure"],
|
||||
"0100": HandshakeStage[1],
|
||||
"0010": HandshakeStage[2],
|
||||
"1111": HandshakeStage[3],
|
||||
"0011": HandshakeStage[4],
|
||||
};
|
||||
function handshakeStageFromKeyInfo(keyInfo){
|
||||
|
||||
// Extract compare-keys
|
||||
let keyData = "";
|
||||
for (const key of HANDSHAKE_STAGE_KEYINFO['keys']) {
|
||||
keyData += keyInfo[key].toString();
|
||||
}
|
||||
|
||||
// Get and return stage
|
||||
return HANDSHAKE_STAGE_KEYINFO[keyData];
|
||||
}
|
||||
|
||||
|
||||
// Specify exports
|
||||
module.exports = {
|
||||
keyInfoFromRaw,
|
||||
handshakeStageFromKeyInfo,
|
||||
};
|
||||
@@ -56,13 +56,13 @@ if(errorMsg){
|
||||
|
||||
logger.info("Starting tcpdump..");
|
||||
const TCPDUMP_BASECMD = "tcpdump -vvv -e -n -X -s0 -i"
|
||||
let cmd = `sudo ${TCPDUMP_BASECMD} ${env.WIFI_INTERFACE}`;
|
||||
let cmd = `${TCPDUMP_BASECMD} ${env.WIFI_INTERFACE}`;
|
||||
|
||||
let proc = exec(cmd);
|
||||
logger.debug("Creating & Attaching streams..");
|
||||
proc.stdout
|
||||
.setEncoding("utf8")
|
||||
.pipe(new RegexBlockStream(/^[0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{6}.*(\n( {4,8}|\t\t?).*){1,}\n/gm))
|
||||
.pipe(new RegexBlockStream(/^\d{2}:\d{2}:\d{2}.\d{6}.*(\n( {4,8}|\t\t?).*)+\n/gm))
|
||||
.pipe(new PacketStreamFactory())
|
||||
.pipe(new PacketInfluxPointFactory())
|
||||
.pipe(new InfluxPointWriter(influxDb, env.INFLUX_ORG, env.INFLUX_BUCKET));
|
||||
|
||||
@@ -3,6 +3,7 @@ const { Transform } = require('stream');
|
||||
const { DateTime } = require("luxon");
|
||||
const { PacketType, FlagType, Packet, PacketWithSSID, BeaconPacket, ProbeRequestPacket, ProbeResponsePacket, AuthenticationPacket, AuthenticationType, AssociationResponsePacket, DisassociationPacket, HandshakePacket, HandshakeStage } = require.main.require('./dto/Packet.js');
|
||||
const hexConv = require.main.require("./helper/hexConverter.js");
|
||||
const wifiStateAnalyser = require.main.require("./helper/wifiStateAnalyzer.js");
|
||||
|
||||
const PACKET_TYPE_MAP = {
|
||||
"Beacon": PacketType.Beacon,
|
||||
@@ -65,17 +66,22 @@ class PacketStreamFactory extends Transform{
|
||||
?.forEach(match => packet.flags[FLAG_TYPE_MAP[match]] = true) // Set them to true in flags
|
||||
);
|
||||
|
||||
packet.dataRate = Number(data.match(/(?<=^|\s)[0-9]+(\.[0-9]+)?(?=\sMb\/?s($|\s))/i)?.[0]) || null;
|
||||
packet.frequency = Number(data.match(/(?<=^|\s)[0-9]{4}(?=\sMHz($|\s))/i)?.[0]) || null;
|
||||
packet.dataRate = Number(data.match(/(?<=^|\s)\d+(\.\d+)?(?=\sMb\/?s($|\s))/i)?.[0]) || null;
|
||||
packet.frequency = Number(data.match(/(?<=^|\s)\d{4}(?=\sMHz($|\s))/i)?.[0]) || null;
|
||||
|
||||
packet.durationMicros = Number(data.match(/(?<=^|\s)[0-9]{1,4}(?=us($|\s))/i)?.[0]) || null;
|
||||
packet.durationMicros = Number(data.match(/(?<=^|\s)\d{1,4}(?=us($|\s))/i)?.[0]) || null;
|
||||
|
||||
packet.signal = Number(data.match(/(?<=^|\s)-[0-9]{2,3}(?=dBm\sSignal($|\s))/i)?.[0]) || null;
|
||||
packet.signal = Number(data.match(/(?<=^|\s)-\d{2,3}(?=dBm\sSignal($|\s))/i)?.[0]) || null;
|
||||
|
||||
let packetTypeStr = data.match(new RegExp('(?<=^|\\s)('+ PACKET_TYPES_REGEX +')(?=$|\\s)', 'i'))?.[0];
|
||||
packet.packetType = packetTypeStr? PACKET_TYPE_MAP[packetTypeStr]:
|
||||
data.match(/(SA|TA|DA|RA|BSSID):.{17}\s*$/i)? PacketType.NoData:
|
||||
PacketType.Unknown;
|
||||
if(packetTypeStr)
|
||||
packet.packetType = PACKET_TYPE_MAP[packetTypeStr];
|
||||
else if(data.match(/(SA|TA|DA|RA|BSSID):.{17}\s*$/i)){
|
||||
packet.packetType = PacketType.NoData
|
||||
}
|
||||
else {
|
||||
packet.packetType = PacketType.Unknown;
|
||||
}
|
||||
|
||||
packet.srcMac = data.match(/(?<=(^|\s)(SA|TA):).{17}(?=$|\s)/i)?.[0] ?? null;
|
||||
|
||||
@@ -129,25 +135,9 @@ class PacketStreamFactory extends Transform{
|
||||
|
||||
// Read key-information
|
||||
const keyInfoRaw = (packet.payloadData[0x5]<<0x8) + packet.payloadData[0x6];
|
||||
const keyInfo = {
|
||||
"KeyDescriptorVersion": keyInfoRaw>>0 & 0b111,
|
||||
"KeyType": keyInfoRaw>>3 & 0b1,
|
||||
"KeyIndex": keyInfoRaw>>4 & 0b11,
|
||||
"Install": keyInfoRaw>>6 & 0b1,
|
||||
"KeyACK": keyInfoRaw>>7 & 0b1,
|
||||
"KeyMIC": keyInfoRaw>>8 & 0b1,
|
||||
"Secure": keyInfoRaw>>9 & 0b1,
|
||||
"Error": keyInfoRaw>>10 & 0b1,
|
||||
"Request": keyInfoRaw>>11 & 0b1,
|
||||
"EncryptedKeyData": keyInfoRaw>>12 & 0b1,
|
||||
"SMKMessage": keyInfoRaw>>13 & 0b1,
|
||||
};
|
||||
const keyInfo = wifiStateAnalyser.keyInfoFromRaw(keyInfoRaw); // Convert
|
||||
|
||||
newPacket.handshakeStage = (!keyInfo.Install && keyInfo.KeyACK && !keyInfo.KeyMIC && !keyInfo.Secure)? HandshakeStage[1] :
|
||||
(!keyInfo.Install && !keyInfo.KeyACK && keyInfo.KeyMIC && !keyInfo.Secure)? HandshakeStage[2] :
|
||||
( keyInfo.Install && keyInfo.KeyACK && keyInfo.KeyMIC && keyInfo.Secure)? HandshakeStage[3] :
|
||||
(!keyInfo.Install && !keyInfo.KeyACK && keyInfo.KeyMIC && keyInfo.Secure)? HandshakeStage[4] :
|
||||
null;
|
||||
newPacket.handshakeStage = wifiStateAnalyser.handshakeStageFromKeyInfo(keyInfo); // Get stage
|
||||
break;
|
||||
}
|
||||
if(newPacket) packet = Object.assign(newPacket, packet);
|
||||
|
||||
Reference in New Issue
Block a user