Metadata-Version: 1.1
Name: trackerjacker
Version: 0.7.1
Summary: Finds and tracks wifi devices through raw 802.11 monitoring
Home-page: https://github.com/calebmadrigal/trackerjacker
Author: Caleb Madrigal
Author-email: caleb.madrigal@gmail.com
License: MIT
Description: trackerjacker
        =============
        
        Finds and tracks wifi devices through raw 802.11 monitoring.
        
        Install
        -------
        
        ::
        
            pip3 install trackerjacker
        
        Usage
        -----
        
        Find detailed usage like this:
        
        ::
        
            trackerjacker -h
        
        There are 2 major usage modes for ``trackerjacker``: **map** mode and
        **track** mode:
        
        Map mode example
        ~~~~~~~~~~~~~~~~
        
        Map mode is used to find the Access Points and Devices within the range.
        Think of it like ``nmap`` for raw 802.11 mode.
        
        ::
        
            $ trackerjacker --map -i wlan0mon
            Channels available on wlan0mon: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 36, 38, 40, 44, 46, 48, 52, 54, 56, 60, 62, 64, 100, 102, 104, 108, 110, 112]
            Map output file: wifi_map.yaml
            MAC found: 90:48:9a:29:85:8c, Channel: 1
            MAC found: ff:ff:ff:ff:ff:ff, Channel: 1
            SSID found: EDWARDS23, BSSID: 90:48:9a:29:85:8c, Channel: 1
            MAC found: 54:e4:bd:8d:a6:b0, Channel: 1
            MAC found: 9c:d2:1e:dc:ed:06, Channel: 1
            MAC found: 00:00:00:00:00:00, Channel: 1
            MAC found: 38:3b:c8:fe:15:3f, Channel: 1
            SSID found: Castle Grey Skull, BSSID: 38:3b:c8:fe:15:3f, Channel: 1
            MAC found: 38:3b:c8:fe:15:3d, Channel: 1
            MAC found: cc:0d:ec:27:de:fb, Channel: 1
            SSID found: [NULL][NULL][NULL][NULL][NULL][NULL][NULL], BSSID: cc:0d:ec:27:de:fb, Channel: 1
            MAC found: 58:67:1a:f6:80:04, Channel: 1
        
        Map mode outputs ``wifi_map.yaml``, which looks something like this:
        
        ::
        
            # trackerjacker map
            1:  # channel
              "38:3b:c8:fe:15:3e":  # bssid; 2Wire Inc
                ssid: "ATT8ais9uw"
                macs:
                  - "38:3b:c8:fe:15:3d"  # 2Wire Inc
              "38:3b:c8:fe:15:3f":  # bssid; 2Wire Inc
                ssid: "Castle Grey Skull"
                macs:
              "44:e1:37:52:d5:20":  # bssid; ARRIS Group, Inc.
                ssid: "ATT760"
                macs:
              "90:48:9a:29:85:8c":  # bssid; Hon Hai Precision Ind. Co.,Ltd.
                ssid: "EDWARDS23"
                macs:
                  - "54:e4:bd:8d:a6:b0"  # FN-LINK TECHNOLOGY LIMITED
                  - "9c:d2:1e:dc:ed:06"  # Hon Hai Precision Ind. Co.,Ltd.
              "cc:0d:ec:27:de:fb":  # bssid; Cisco SPVTG
                ssid: "[NULL][NULL][NULL][NULL][NULL][NULL][NULL]"
                macs:
              "f8:35:dd:43:1a:25":  # bssid; Gemtek Technology Co., Ltd.
                ssid: "MOTOROLA-903E1"
                macs:
              "unassociated":  # bssid; 
                macs:
                  - "2c:54:cf:bd:a7:45"  # LG Electronics (Mobile Communications)
                  - "58:67:1a:f6:80:04"  # Barnes&Noble
        
        Track mode example
        ~~~~~~~~~~~~~~~~~~
        
        Track mode allows you to specify some number of MAC addresses to watch,
        and if the specified devices exceeds the threshold (in bytes), an alert
        will be triggered.
        
        ::
        
            $ trackerjacker -i wlan0mon --track -m 7C:70:BC:57:F0:77 -t 450000 --alert-command "/root/trigger_alarm.sh" --channels-to-monitor 11
            Channels available on wlan0mon: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 36, 38, 40, 44, 46, 48, 52, 54, 56, 60, 62, 64, 100, 102, 104, 108, 110, 112]
            Bytes received in last 10 seconds for 7c:70:bc:57:f0:77: 0
            Bytes received in last 10 seconds for 7c:70:bc:57:f0:77: 599
            Bytes received in last 10 seconds for 7c:70:bc:57:f0:77: 647
            Bytes received in last 10 seconds for 7c:70:bc:57:f0:77: 0
            Bytes received in last 10 seconds for 7c:70:bc:57:f0:77: 541386
            2017-03-27 22:22:19.155201: Detected 7c:70:bc:57:f0:77
                Congratulations! You've fired the alarm_triggered event
        
        Example use-cases
        -----------------
        
        -  Map out all the nearby wifi devices (and which devices are asspciated
           with which Access Points)
        -  Track when a particular MAC is seen
        -  Track when a particular MAC sends some threshold of data in some time
           period
        -  Track when traffic is happening on a particular Access Point
        -  Find/track all connections on a particular Access Point
        
        Example usage
        -------------
        
        Example: configuring with command-line args
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        
        ::
        
            python3 trackerjacker.py -m 8a:23:ab:75:8e:2b --alert-command "date >> /tmp/test.txt"
        
        Notes:
        
        -  This monitors for the MAC address: ``8a:23:ab:75:8e:2b``
        -  When detected, the current time is appended to ``/tmp/test.txt``
        
        Example: configuring with config file
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        
        ::
        
            python3 trackerjacker.py -c my_config.json
        
        And here's the example config file called ``my_config.json``:
        
        ::
        
            {
                "iface": "wlan0mon",
                "devices_to_watch": [
                    {"mac": "5f:cb:53:1c:8a:2c", "name": "Bob's iPhone"},
                    {"mac": "32:44:1b:d7:a1:5b", "name": "Alice's iPhone"},
                    {"mac": "f2:43:2b:e5:c3:6d", "name": "Security camera", "threshold": 20000},
                    "44:61:32:C6:34:8F"],
                "aps_to_watch": [{"bssid": "c6:23:ef:33:cc:a2"}],
                "threshold_bytes": 1,
                "threshold_window": 10,
                "channels_to_monitor": [1, 6, 11, 52],
                "channel_switch_scheme": "round_robin"
            }
        
        A few notes about this:
        
        -  ``threshold_bytes`` is the default threshold of bytes which, if seen,
           a causes the alert function to be called
        -  ``threshold_window`` is the time window in which the
           ``threshold_bytes`` is analyzed.
        -  ``devices_to_watch`` is a list which can contain either strings
           (representing MACs) or dicts (which allow the specification of a
           ``name`` and ``threshold``)
        
           -  ``name`` is simply what a label you want to be printed when this
              device is seen.
           -  ``threshold`` in the "Security camera" is how many bytes must be
              seen
        
        -  ``channels_to_monitor`` - list of 802.11 wifi channels to monitor.
           The list of channels your wifi card supports is printed when
           trackerjacker starts up. By default, all supported channels are
           monitored.
        -  ``channel_switch_scheme`` - either ``default``, ``round_robin``, or
           ``traffic_based``. ``traffic_based`` determines the channels of most
           traffic, and probabilistically monitors them more.
        
        Example: Enable/Disable monitor mode on interface
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        
        Enable monitor mode:
        
        ::
        
            python3 trackerjacker.py --monitor-mode-on -i wlan0
        
        Disable monitor mode:
        
        ::
        
            python3 trackerjacker.py --monitor-mode-off -i wlan0mon
        
        Note that trackerjacker will automatically enable/disable monitor mode
        if necessary. This functionality is just useful if you want to enable
        monitor mode on an interface for use with other applications.
        
        Example: Set adapter channel
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        
        ::
        
            python3 trackerjacker.py --set-channel 11 -i wlan0
        
        Note that trackerjacker will automatically switch channels as necessary
        during normal map/track actions. This option is just useful if you want
        to set the channel on an interface for use with other applications.
        
        Roadmap
        -------
        
        -  [x] Hosted in PyPI
        -  [ ] Radio signal strength
        -  [ ] "Jack" mode - deauth attacks
        -  [ ] Mac (OS X) support
        
Keywords: hacking,network,wireless,packets,scapy
Platform: UNKNOWN
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.2
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: Implementation :: CPython
Classifier: Topic :: System :: Networking
Classifier: Topic :: System :: Networking :: Monitoring
Classifier: Topic :: Security
Classifier: Operating System :: POSIX :: Linux
