|
1 | | -import os |
2 | | -import subprocess |
3 | | -import hexdump |
4 | | - |
5 | | -from zigdiggity.misc.pcap_writer import PcapWriter |
6 | | -from zigdiggity.observers.observer import Observer |
7 | | -from zigdiggity.packets.dot154decode import * |
8 | | -from scapy.layers.dot15d4 import * |
9 | | -from scapy.layers.zigbee import * |
10 | | - |
11 | | -DLT_IEEE802_15_4 = 195 |
12 | | - |
13 | | -stumbled = {} |
14 | | - |
15 | | -class StdoutObserver(Observer): |
16 | | - |
17 | | - def __init__(self): |
18 | | - pass |
19 | | - |
20 | | - def notify(self, channel, packet): |
21 | | - if len(bytes(packet)) < 26: |
22 | | - return |
23 | | - |
24 | | - d154 = Dot154PacketParser() |
25 | | - # Chop the packet up |
26 | | - pktdecode = d154.pktchop(bytes(packet)) |
27 | | - |
28 | | - # Byte-swap the frame control field |
29 | | - fcf = struct.unpack("<H", pktdecode[0])[0] |
30 | | - print("Type: %d" % (fcf & DOT154_FCF_TYPE_MASK)) |
31 | | - |
32 | | - # Check if this is a beacon frame |
33 | | - if (fcf & DOT154_FCF_TYPE_MASK) == DOT154_FCF_TYPE_BEACON: |
34 | | - # The 6th element offset in the Dot154PacketParser.pktchop() method |
35 | | - # contains the beacon data in its own list. Extract the Ext PAN ID. |
36 | | - spanid = pktdecode[4] |
37 | | - source = pktdecode[5] |
38 | | - beacondata = pktdecode[6] |
39 | | - extpanid = beacondata[6][::-1] |
40 | | - stackprofilever = beacondata[4] |
41 | | - assocPermit = struct.unpack("<H", beacondata[0])[0] & 0x8000 == 0x8000 |
42 | | - if assocPermit: |
43 | | - assoc = " ### Permitting New Associations ###" |
44 | | - else: |
45 | | - assoc = "" |
46 | | - |
47 | | - key = spanid + source |
48 | | - value = [spanid, source, extpanid, stackprofilever, channel] |
49 | | - if not key in stumbled: |
50 | | - print("Beacon represents new network!" + assoc) |
51 | | - stumbled[key] = value |
52 | | - else: |
53 | | - if args.verbose: |
54 | | - print("Received beacon response." + assoc) |
55 | | - |
56 | | - def close(self): |
57 | | - pass |
| 1 | +import os |
| 2 | +import subprocess |
| 3 | +import hexdump |
| 4 | + |
| 5 | +from zigdiggity.observers.observer import Observer |
| 6 | +from scapy.layers.dot15d4 import * |
| 7 | +from scapy.layers.zigbee import * |
| 8 | + |
| 9 | +DOT154_FCF_TYPE_MASK = 0x0007 #: Frame type mask |
| 10 | + |
| 11 | +PACKET_TYPES = { |
| 12 | + "0": "Beacon", #: Beacon frame |
| 13 | + "1": "Data", #: Data frame |
| 14 | + "2": "Ack", #: Acknowledgement frame |
| 15 | + "3": "Mac Cmd" #: MAC Command frame |
| 16 | +} |
| 17 | + |
| 18 | +class StdoutObserver(Observer): |
| 19 | + |
| 20 | + def __init__(self): |
| 21 | + pass |
| 22 | + |
| 23 | + def notify(self, channel, packet): |
| 24 | + if packet == None: |
| 25 | + return |
| 26 | + |
| 27 | + fcf = struct.unpack("<H",bytes(packet)[0:2])[0] & DOT154_FCF_TYPE_MASK |
| 28 | + if (str(fcf) in PACKET_TYPES): |
| 29 | + print("Type:", PACKET_TYPES[str(fcf)]) |
| 30 | + else: |
| 31 | + print("Type: Unknown") |
| 32 | + |
| 33 | + hexdump.hexdump(bytes(packet)) |
| 34 | + return |
| 35 | + |
| 36 | + def close(self): |
| 37 | + pass |
0 commit comments