Fixed several bugs, added find_nearby_strangers plugin

calebmadrigal · calebmadrigal · commit bc7bf3b87ddd · 2018-04-25T18:38:54.000-05:00
diff --git a/plugin_examples/find_nearby_strangers.py b/plugin_examples/find_nearby_strangers.py
@@ -0,0 +1,85 @@
+"""Finds nearby strangers. Basically a low-pass filter that alerts on infrequently seen (or unseen) nearby devices."""
+import os
+import time
+import pickle
+import datetime
+
+__author__ = 'Caleb Madrigal'
+__email__ = 'caleb.madrigal@gmail.com'
+__version__ = '0.0.1'
+__apiversion__ = 1
+__config__ = {'power': -100, 'trigger_cooldown': 60, 'channel_switch_scheme': 'round_robin', 'time_per_channel': 0.1}
+
+DEVS_TO_IGNORE = {'ff:ff:ff:ff:ff:ff', '00:00:00:00:00:00'}
+POWER_THRESHOLD = -50
+TIME_THRESHOLD = 15 * 60  # 15 minutes
+SAVE_PERIOD = 30  # seconds
+SAVE_FILE = 'find_nearby_strangers.pkl'
+
+
+class Trigger:
+    def __init__(self):
+        self.mac_to_seen = {}
+        self.last_save = time.time()
+        if os.path.exists(SAVE_FILE):
+            with open(SAVE_FILE, 'rb') as f:
+                self.mac_to_seen = pickle.load(f)
+                print('Loaded {} devices from disk: {}'.format(len(self.mac_to_seen), list(self.mac_to_seen.keys())))
+
+    def __call__(self, dev_id=None, dev_type=None, power=None, vendor=None, **kwargs):
+        # Only look at individual devices (device and bssids), and only look when power is present
+        if ((not power) or
+                (not dev_id) or
+                (dev_type == 'ssid') or
+                (dev_id in DEVS_TO_IGNORE) or
+                (power < POWER_THRESHOLD)):
+            return
+
+        seen_first_time = False
+
+        if dev_id not in self.mac_to_seen:
+            seen_first_time = True
+            last_seen = time.time()
+            self.mac_to_seen[dev_id] = [last_seen]
+        else:
+            last_seen = self.mac_to_seen[dev_id][-1]
+            self.mac_to_seen[dev_id].append(time.time())
+
+        if time.time() - last_seen > TIME_THRESHOLD:
+            self.alert_stranger(dev_id, vendor, last_seen, power)
+        elif seen_first_time:
+            self.alert_stranger(dev_id, vendor, last_seen, power, first_seen=True)
+
+        if time.time() - self.last_save > SAVE_PERIOD:
+            self.save_to_disk()
+
+    def alert_stranger(self, dev_id, vendor, last_seen, power, first_seen=False):
+        # visual indicator
+        if first_seen:
+            msg = '[!] '
+        else:
+            msg = '[*] '
+
+        # timestamp
+        msg += '{} - '.format(str(datetime.datetime.now().replace(microsecond=0)))
+
+        # device id
+        msg += '{} '.format(dev_id)
+        if vendor:
+            msg += '({}) '.format(vendor)
+
+        # spotted at
+        msg += 'spotted at {:+d} '.format(power)
+
+        # last seen
+        if first_seen:
+            msg += '(never before seen)'
+        else:
+            msg += '(last seen {} seconds ago)'.format(int(time.time() - last_seen))
+
+        # actually display msg
+        print(msg)
+
+    def save_to_disk(self):
+        with open(SAVE_FILE, 'wb') as f:
+            pickle.dump(self.mac_to_seen, f)
diff --git a/setup.py b/setup.py
@@ -24,7 +24,7 @@ def get_readme():
 
 setup(
     name = 'trackerjacker',
-    packages = ['trackerjacker'],
+    packages = ['trackerjacker', 'trackerjacker/plugins'],
     url = 'https://github.com/calebmadrigal/trackerjacker',
     version = get_version(),
     description = 'Finds and tracks wifi devices through raw 802.11 monitoring',
diff --git a/trackerjacker/__main__.py b/trackerjacker/__main__.py
@@ -8,6 +8,7 @@
 import errno
 import pprint
 import logging
+import inspect
 import traceback
 
 from . import config_management
@@ -202,7 +203,11 @@ def start(self):
         self.iface_manager.start()
         while True:
             try:
-                scapy.sniff(iface=self.iface_manager.iface, prn=self.process_packet, store=0, exceptions=True)
+                if 'exceptions' in inspect.signature(scapy.sniff).parameters:
+                    scapy.sniff(iface=self.iface_manager.iface, prn=self.process_packet, store=0, exceptions=True)
+                else:
+                    # For versions of scapy that don't provide the exceptions kwarg
+                    scapy.sniff(iface=self.iface_manager.iface, prn=self.process_packet, store=0)
             except KeyboardInterrupt:
                 break
             except OSError:
diff --git a/trackerjacker/config_management.py b/trackerjacker/config_management.py
@@ -238,7 +238,9 @@ def build_config(args):
     # Allow any plugins to override config
     if config['trigger_plugin']:
         trigger_plugin_path = get_real_plugin_path(config['trigger_plugin'])
-        parsed_trigger_plugin = plugin_parser.parse_trigger_plugin(trigger_plugin_path, config['plugin_config'])
+        parsed_trigger_plugin = plugin_parser.parse_trigger_plugin(trigger_plugin_path,
+                                                                   config['plugin_config'],
+                                                                   parse_only=True)
 
         # Allow plugin to override any config parameters
         if 'config' in parsed_trigger_plugin:
@@ -283,6 +285,7 @@ def get_real_plugin_path(trigger_plugin):
         possible_builtin_path = os.path.join(os.path.dirname(__file__),
                                              'plugins',
                                              '{}.py'.format(trigger_plugin))
+        print('Possible builtin path: {}'.format(possible_builtin_path))
         if os.path.exists(possible_builtin_path):
             trigger_plugin = possible_builtin_path
     return trigger_plugin
diff --git a/trackerjacker/dot11_tracker.py b/trackerjacker/dot11_tracker.py
@@ -3,6 +3,7 @@
 
 import re
 import time
+import traceback
 import threading
 import subprocess
 from functools import reduce
@@ -281,8 +282,8 @@ def do_trigger_alert(self,
                                                channel=frame.channel,
                                                frame_type=frame.frame_type_name(),
                                                frame=raw_frame)
-            except Exception as e:
-                raise TJException('Error occurred in trigger plugin: {}'.format(e))
+            except Exception:
+                raise TJException('Error occurred in trigger plugin: {}'.format(traceback.format_exc()))
 
         elif self.trigger_command:
             # Start trigger_command in background process - fire and forget
diff --git a/trackerjacker/plugin_parser.py b/trackerjacker/plugin_parser.py
@@ -29,7 +29,7 @@
 CURRENT_TRIGGER_API_VERSION = 1
 
 
-def parse_trigger_plugin(trigger_path, plugin_config):
+def parse_trigger_plugin(trigger_path, plugin_config, parse_only=False):
     """Parse plugin file and return the trigger config."""
 
     # Open and exec plugin definitions
@@ -44,19 +44,22 @@ def parse_trigger_plugin(trigger_path, plugin_config):
     trigger = trigger_vars.get('trigger', None)
     trigger_class = trigger_vars.get('Trigger', None)
 
-    if trigger_class:
-        # Pass optional plugin_config to trigger class
-        plugin_config = parse_plugin_config(plugin_config)
-
-        # Instantiate class. Note that only a trigger function or class can be defined (and class takes priority)
-        # Assume the class is called 'Trigger'
-        try:
-            trigger = trigger_class(**plugin_config)
-        except Exception as e:
-            raise TJException('Error loading plugin ({}): {}'.format(trigger_path, e))
-
-    if not trigger:
-        raise TJException('Plugin file must specify a "trigger" function or a "Trigger" class')
+    if parse_only:
+        trigger = None
+    else:
+        if trigger_class:
+            # Pass optional plugin_config to trigger class
+            plugin_config = parse_plugin_config(plugin_config)
+
+            # Instantiate class. Note that only a trigger function or class can be defined (and class takes priority)
+            # Assume the class is called 'Trigger'
+            try:
+                trigger = trigger_class(**plugin_config)
+            except Exception as e:
+                raise TJException('Error loading plugin ({}): {}'.format(trigger_path, e))
+
+        if not trigger:
+            raise TJException('Plugin file must specify a "trigger" function or a "Trigger" class')
 
     return {'trigger': trigger, 'api_version': api_version, 'config': config}
 
diff --git a/trackerjacker/plugins/__init__.py b/trackerjacker/plugins/__init__.py
diff --git a/trackerjacker/version.py b/trackerjacker/version.py
@@ -1 +1 @@
-__version__ = "1.7.6"
+__version__ = "1.7.7"

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-__version__ = "1.7.6"`
	`1`	`+__version__ = "1.7.7"`