trackerjacker 2.0.4__tar.gz → 2.0.6__tar.gz

trackerjacker-2.0.6/PKG-INFO

@@ -0,0 +1,350 @@
+Metadata-Version: 2.4
+Name: trackerjacker
+Version: 2.0.6
+Summary: Finds and tracks wifi devices through raw 802.11 monitoring
+Home-page: https://github.com/calebmadrigal/trackerjacker
+Author: Caleb Madrigal
+Author-email: caleb@gods.art
+License: MIT
+Keywords: hacking,network,wireless,packets,scapy
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.2
+Classifier: Programming Language :: Python :: 3.3
+Classifier: Programming Language :: Python :: 3.4
+Classifier: Programming Language :: Python :: 3.5
+Classifier: Programming Language :: Python :: 3.6
+Classifier: Programming Language :: Python :: 3.7
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Programming Language :: Python :: 3.15
+Classifier: Programming Language :: Python :: Implementation :: CPython
+Classifier: Topic :: System :: Networking
+Classifier: Topic :: System :: Networking :: Monitoring
+Classifier: Topic :: Security
+Classifier: Operating System :: POSIX :: Linux
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: scapy>=2.5.0
+Requires-Dist: pyaml>=17.12.1
+Requires-Dist: ruamel.yaml>=0.15.35
+Dynamic: author
+Dynamic: author-email
+Dynamic: classifier
+Dynamic: description
+Dynamic: description-content-type
+Dynamic: home-page
+Dynamic: keywords
+Dynamic: license
+Dynamic: license-file
+Dynamic: requires-dist
+Dynamic: summary
+
+# trackerjacker
+
+Like nmap for mapping wifi networks you're not connected to. Maps and tracks wifi networks and devices through raw 802.11 monitoring.  
+
+PyPI page: https://pypi.python.org/pypi/trackerjacker
+
+#### Install
+
+    pip3 install trackerjacker
+
+*Supported platforms*: Linux (tested on Ubuntu, Kali, and RPi) and macOS (pre-alpha)
+
+![visual description](https://i.imgur.com/I5NH5KM.jpg)
+
+trackerjacker can help with the following:
+
+* I want to know all the nearby wifi networks **and know all the devices connected to each network.**
+* I want to know who's hogging all the bandwidth.
+* I want to run a command when this MAC address sends more than 100000 bytes in a 30 second window (maybe to determine when an IP camera is uploading a video, which is indicative that it just saw motion).
+* I want to deauth anyone who uses more than 100000 bytes in a 10 second window.
+* I want to deauth every Dropcam in the area so my Airbnb hosts don't spy on me.
+* I want to be alerted when any MAC address is seen at a power level greater than -40dBm that I've never seen before.
+* I want to see when this particular person is nearby (based on the MAC of their mobile phone) and run a command to alert me.
+* I want to write my own plugin to run some script to do something fun every time a new Apple device shows up nearby.
+
+## Usage
+
+Find detailed usage like this:
+
+	trackerjacker -h
+
+There are 2 major usage modes for `trackerjacker`: **map** mode and **track** mode:
+
+### Map mode example
+
+Map command:
+
+	trackerjacker -i wlan1337 --map
+
+By default, this outputs the `wifi_map.yaml` YAML file, which is a map of all the nearby WiFi networks and all of their users. Here's an example `wifi_map.yaml` file:
+	
+	TEST_SSID:
+	  00:10:18:6b:7a:ea:
+	    bssid: 00:10:18:6b:7a:ea
+	    bytes: 5430
+	    channels:
+	    - 11
+	    devices:
+	      3c:07:71:15:f1:48:
+	        bytes: 798
+	        signal: 1
+	        vendor: Sony Corporation
+	      78:31:c1:7f:25:43:
+	        bytes: 4632
+	        signal: -52
+	        vendor: Apple, Inc.
+	    signal: -86
+	    ssid: TEST_SSID
+	    vendor: Broadcom
+	
+	BRANSONS_WIFI:
+	  90:48:9a:e3:58:25:
+	    bssid: 90:48:9a:e3:58:25
+	    bytes: 5073
+	    channels:
+	    - 1
+	    devices:
+	      01:00:5e:96:e1:89:
+	        bytes: 476
+	        signal: -62
+	        vendor: ''
+	      30:8c:fb:66:23:91:
+	        bytes: 278
+	        signal: -46
+	        vendor: Dropcam
+	      34:23:ba:1c:ba:e7:
+	        bytes: 548
+	        signal: 4
+	        vendor: SAMSUNG ELECTRO-MECHANICS(THAILAND)
+	    signal: -80
+	    ssid: BRANSONS_WIFI
+	    vendor: Hon Hai Precision Ind. Co.,Ltd.
+	
+	hacker_network:
+	  80:2a:a8:e5:de:92:
+	    bssid: 80:2a:a8:e5:de:92
+	    bytes: 5895
+	    channels:
+	    - 11
+	    devices:
+	      80:1f:02:e6:44:96:
+	        bytes: 960
+	        signal: -46
+	        vendor: Edimax Technology Co. Ltd.
+	      80:2a:a8:8a:ec:c8:
+	        bytes: 472
+	        signal: 4
+	        vendor: Ubiquiti Networks Inc.
+	      80:2a:a8:be:09:a9:
+	        bytes: 5199
+	        signal: 4
+	        vendor: Ubiquiti Networks Inc.
+	      d8:49:2f:7a:f0:8f:
+	        bytes: 548
+	        signal: 4
+	        vendor: CANON INC.
+	    signal: -46
+	    ssid: hacker
+	    vendor: Ubiquiti Networks Inc.
+	  80:2a:a8:61:aa:2f:
+	    bssid: 80:2a:a8:61:aa:2f
+	    bytes: 5629
+	    channels:
+	    - 44
+	    - 48
+	    devices:
+	      78:88:6d:4e:e2:c9:
+	        bytes: 948
+	        signal: -52
+	        vendor: ''
+	      e4:8b:7f:d4:cb:25:
+	        bytes: 986
+	        signal: -48
+	        vendor: Apple, Inc.
+	    signal: -48
+	    ssid: null
+	    vendor: Ubiquiti Networks Inc.
+	  82:2a:a8:51:32:25:
+	    bssid: 82:2a:a8:51:32:25
+	    bytes: 3902
+	    channels:
+	    - 48
+	    devices:
+	      b8:e8:56:f5:a0:70:
+	        bytes: 1188
+	        signal: -34
+	        vendor: Apple, Inc.
+	    signal: -14
+	    ssid: hacker
+	    vendor: ''
+	  82:2a:a8:fc:33:b6:
+	    bssid: 82:2a:a8:fc:33:b6
+	    bytes: 7805
+	    channels:
+	    - 10
+	    - 11
+	    - 12
+	    devices:
+	      78:31:c1:7f:25:43:
+	        bytes: 4632
+	        signal: -52
+	        vendor: Apple, Inc.
+	      7c:dd:90:fe:b4:87:
+	        bytes: 423223
+	        signal: 4
+	        vendor: Shenzhen Ogemray Technology Co., Ltd.
+	      80:2a:a8:be:09:a9:
+	        bytes: 5199
+	        signal: 4
+	        vendor: Ubiquiti Networks Inc.
+	    signal: -62
+	    ssid: null
+	    vendor: ''
+
+Note that, since this is YAML, you can easily use it as an input for other scripts of your own devising. I have an example script to parse this "YAML DB" here: [parse_trackerjacker_wifi_map.py](https://gist.github.com/calebmadrigal/fdb8855a6d05c87bbb0254a1424ee582).
+
+### Example: Track mode with trigger command
+
+Track mode allows you to specify some number of MAC addresses to watch, and if any specific devices exceeds the threshold (in bytes), specified here with the `--threshold 4000` (specifying an alert threshold of 4000 bytes) an alert will be triggered.
+
+    trackerjacker --track -m 3c:2e:ff:31:32:59 --threshold 4000 --trigger-command "./alert.sh" --channels-to-monitor 10,11,12,44
+    Using monitor mode interface: wlan1337
+    Monitoring channels: {10, 11, 12, 44}
+
+    [@] Device (3c:2e:ff:31:32:59) threshold hit: 4734
+
+    [@] Device (3c:2e:ff:31:32:59) threshold hit: 7717
+
+    [@] Device (3c:2e:ff:31:32:59) threshold hit: 7124
+
+    [@] Device (3c:2e:ff:31:32:59) threshold hit: 8258
+
+    [@] Device (3c:2e:ff:31:32:59) threshold hit: 8922
+
+In this particular example, I was watching a security camera to determine when it was uploading a video (indicating motion was detected) so that I could turn on my security system sirens (which was the original genesis of this project).
+
+### Example: Track mode with foxhunt plugin
+
+    trackerjacker -i wlan1337 --track --trigger-plugin foxhunt
+
+Displays a curses screen like this:
+
+      POWER        DEVICE ID                VENDOR
+    =======        =================        ================================
+     -82dBm        1c:1b:68:35:c6:5d        ARRIS Group, Inc.
+     -84dBm        fc:3f:db:ed:e9:8e        Hewlett Packard
+     -84dBm        dc:0b:34:7a:11:63        LG Electronics (Mobile Communications)
+     -84dBm        94:62:69:af:c3:64        ARRIS Group, Inc.
+     -84dBm        90:48:9a:34:15:65        Hon Hai Precision Ind. Co.,Ltd.
+     -84dBm        64:00:6a:07:48:13        Dell Inc.
+     -84dBm        00:30:44:38:76:c8        CradlePoint, Inc
+     -86dBm        44:1c:a8:fc:c0:53        Hon Hai Precision Ind. Co.,Ltd.
+     -86dBm        18:16:c9:c0:3b:75        Samsung Electronics Co.,Ltd
+     -86dBm        01:80:c2:62:9e:36
+     -86dBm        01:00:5e:11:90:47
+     -86dBm        00:24:a1:97:68:83        ARRIS Group, Inc.
+     -88dBm        f8:2c:18:f8:f3:aa        2Wire Inc
+     -88dBm        84:a1:d1:a6:34:08
+
+
+* Note that `foxhunt` is a builtin plugin, but you can define your own plugins using the same Plugin API.
+
+### Example: Track mode with trigger plugin
+
+    $ trackerjacker --track -m 3c:2e:ff:31:32:59 --threshold 10 --trigger-plugin examples/plugin_example1.py --channels-to-monitor 10,11,12,44 --trigger-cooldown 1
+    Using monitor mode interface: wlan1337
+    Monitoring channels: {10, 11, 12, 44}
+    [@] Device (device 3c:2e:ff:31:32:59) threshold hit: 34 bytes
+    3c:2e:ff:31:32:59 seen at: [1521926768.756529]
+    [@] Device (device 3c:2e:ff:31:32:59) threshold hit: 11880 bytes
+    3c:2e:ff:31:32:59 seen at: [1521926768.756529, 1521926769.758929]
+    [@] Device (device 3c:2e:ff:31:32:59) threshold hit: 18564 bytes
+    3c:2e:ff:31:32:59 seen at: [1521926768.756529, 1521926769.758929, 1521926770.7622838]
+
+This runs `examples/plugin_example1.py` every time `3c:2e:ff:31:32:59` is seen sending/receiving 10 bytes or more.
+
+trackerjacker plugins are simply python files that contain either:
+* `Trigger` class which defines a `__call__(**kwargs)` method (example: `examples/plugin_example1.py`)
+* `trigger(**kwargs)` function (example: `examples/plugin_example2.py`)
+
+And optionally a `__apiversion__ = 1` line (for future backward compatibility)
+
+### Example: Configuring with config file
+
+	trackerjacker.py -c my_config.json
+
+And here's the example config file called `my_config.json`:
+
+```
+{
+    "iface": "wlan1337",
+    "devices_to_watch": {"5f:cb:53:1c:8a:2c": 1000, "32:44:1b:d7:a1:5b": 2000},
+    "aps_to_watch": {"c6:23:ef:33:cc:a2": 500},
+    "threshold_window": 10,
+    "channels_to_monitor": [1, 6, 11, 52],
+    "channel_switch_scheme": "round_robin"
+}
+```
+
+A few notes about this:
+
+* `threshold_bytes` is the default threshold of bytes which, if seen, a causes the alert function to be called
+* `threshold_window` is the time window in which the `threshold_bytes` is analyzed.
+* `devices_to_watch` is a list which can contain either strings (representing MACs) or dicts (which allow the specification of a `name` and `threshold`)
+	- `name` is simply what a label you want to be printed when this device is seen.
+	- `threshold` in the "Security camera" is how many bytes must be seen
+* `channels_to_monitor` - list of 802.11 wifi channels to monitor. The list of channels your wifi card supports is printed when trackerjacker starts up. By default, all supported channels are monitored.
+* `channel_switch_scheme` - either `default`, `round_robin`, or `traffic_based`. `traffic_based` determines the channels of most traffic, and probabilistically monitors them more.
+
+### Example: Enable/Disable monitor mode on interface
+
+Trackerjacker comes with a few other utility functions relevant to WiFi hacking. One of these is the ability to turn on monitor mode on a specific interface.
+
+Enable monitor mode:
+
+    trackerjacker --monitor-mode-on -i wlan0
+
+Disable monitor mode:
+
+    trackerjacker --monitor-mode-off -i wlan0mon
+
+Note that trackerjacker will automatically enable/disable monitor mode if necessary. This functionality is just useful if you want to enable monitor mode on an interface for use with other applications (or for quicker starup of trackerjacker, if you plan to be starting/exiting to test stuff).
+
+### Example: Set adapter channel
+
+    trackerjacker --set-channel 11 -i wlan0
+
+Note that trackerjacker will automatically switch channels as necessary during normal map/track actions. This option is just useful if you want to set the channel on an interface for use with other applications.
+
+## Recommended hardware
+
+* Panda PAU07 N600 Dual Band (nice, small, 2.4GHz and 5GHz)
+* Panda PAU09 N600 Dual Band (higher power, 2.4GHz and 5GHz)
+* Alfa AWUS052NH Dual-Band 2x 5dBi (high power, 2.4GHz and 5GHz, large, ugly)
+* TP-Link N150 (works well, but not dual band)
+
+## Roadmap
+
+- [x] Hosted in PyPI
+- [x] Radio signal strength for APs
+- [x] Radio signal strength for individual macs
+- [x] Build map by data exchanged (exclude beacons)
+- [x] Packet count by AP
+- [x] Packet count by MAC
+- [x] Easier way to input per-device tracking thresholds
+- [x] Plugin system
+- [x] Fox hunt mode
+- [x] Tracking by SSID (and not just BSSID)
+- [x] Basic macOS (OS X) support (pre-alpha)
+- [ ] Mapping a specific SSID
+- [ ] Performance enhancement: not shelling out for channel switching
+- [ ] "Jack" mode - deauth attacks
+

{trackerjacker-2.0.4 → trackerjacker-2.0.6}/README.md

@@ -166,9 +166,9 @@ Note that, since this is YAML, you can easily use it as an input for other scrip
 
 ### Example: Track mode with trigger command
 
-Track mode allows you to specify some number of MAC addresses to watch, and if any specific devices exceeds the threshold (in bytes), specified here with the `-t 4000` (specifying an alert threshold of 4000 bytes) an alert will be triggered.
+Track mode allows you to specify some number of MAC addresses to watch, and if any specific devices exceeds the threshold (in bytes), specified here with the `--threshold 4000` (specifying an alert threshold of 4000 bytes) an alert will be triggered.
 
-    trackerjacker --track -m 3c:2e:ff:31:32:59 --t 4000 --trigger-command "./alert.sh" --channels-to-monitor 10,11,12,44
+    trackerjacker --track -m 3c:2e:ff:31:32:59 --threshold 4000 --trigger-command "./alert.sh" --channels-to-monitor 10,11,12,44
     Using monitor mode interface: wlan1337
     Monitoring channels: {10, 11, 12, 44}
 
@@ -297,10 +297,6 @@ Note that trackerjacker will automatically switch channels as necessary during n
 - [x] Fox hunt mode
 - [x] Tracking by SSID (and not just BSSID)
 - [x] Basic macOS (OS X) support (pre-alpha)
-- [ ] macOS support: get signal strength values correct (will be fixed in https://github.com/secdev/scapy/pull/1381
-- [ ] macOS support: reverse airport binary to determine how to set true monitor mode
-- [ ] macOS support: diverse interface support (not just `en0`)
-- [ ] macOS support: get interface supported channels
 - [ ] Mapping a specific SSID
 - [ ] Performance enhancement: not shelling out for channel switching
 - [ ] "Jack" mode - deauth attacks

{trackerjacker-2.0.4 → trackerjacker-2.0.6}/requirements.txt

@@ -1,4 +1,4 @@
-scapy==2.5.0
+scapy>=2.5.0
 pyaml>=17.12.1
 ruamel.yaml>=0.15.35
 

{trackerjacker-2.0.4 → trackerjacker-2.0.6}/setup.cfg

@@ -1,5 +1,5 @@
 [metadata]
-description-file = README.md
+description_file = README.md
 
 [pep8]
 max-line-length = 120

{trackerjacker-2.0.4 → trackerjacker-2.0.6}/setup.py

@@ -28,10 +28,10 @@ setup(
     url = 'https://github.com/calebmadrigal/trackerjacker',
     version = get_version(),
     description = 'Finds and tracks wifi devices through raw 802.11 monitoring',
-    long_description_content_type='text/x-rst',
+    long_description_content_type='text/markdown',
     long_description = get_readme(),
     author = 'Caleb Madrigal',
-    author_email = 'caleb.madrigal@gmail.com',
+    author_email = 'caleb@gods.art',
     license = 'MIT',
     keywords = ['hacking', 'network', 'wireless', 'packets', 'scapy'],
     install_requires = requirements,
@@ -53,11 +53,13 @@ setup(
         'Programming Language :: Python :: 3.10',
         'Programming Language :: Python :: 3.11',
         'Programming Language :: Python :: 3.12',
+        'Programming Language :: Python :: 3.13',
+        'Programming Language :: Python :: 3.14',
+        'Programming Language :: Python :: 3.15',
         'Programming Language :: Python :: Implementation :: CPython',
         'Topic :: System :: Networking',
         'Topic :: System :: Networking :: Monitoring',
         'Topic :: Security',
         'Operating System :: POSIX :: Linux',
-        'Operating System :: MacOS'
     ],
 )

{trackerjacker-2.0.4 → trackerjacker-2.0.6}/trackerjacker/__main__.py

@@ -33,18 +33,21 @@ LOG_NAME_TO_LEVEL = {'DEBUG': 10, 'INFO': 20, 'WARNING': 30, 'ERROR': 40, 'CRITI
 def make_logger(log_path=None, log_level_str='INFO'):
     logger = logging.getLogger('trackerjacker')
     formatter = logging.Formatter('%(asctime)s: (%(levelname)s): %(message)s')
+
     if log_path:
         log_handler = logging.FileHandler(log_path)
         log_handler.setFormatter(formatter)
-        # Print errors to stderr if logging to a file
-        stdout_handler = logging.StreamHandler(sys.stderr)
-        stdout_handler.setLevel('ERROR')
-        stdout_handler.setFormatter(logging.Formatter('%(message)s'))
-        logger.addHandler(stdout_handler)
+        logger.addHandler(log_handler)
+
+        stderr_handler = logging.StreamHandler(sys.stderr)
+        stderr_handler.setLevel(logging.ERROR)
+        stderr_handler.setFormatter(logging.Formatter('%(message)s'))
+        logger.addHandler(stderr_handler)
     else:
         log_handler = logging.StreamHandler(sys.stdout)
         log_handler.setFormatter(logging.Formatter('%(message)s'))
-    logger.addHandler(log_handler)
+        logger.addHandler(log_handler)
+
     log_level = LOG_NAME_TO_LEVEL.get(log_level_str.upper(), 20)
     logger.setLevel(log_level)
     return logger
@@ -119,9 +122,15 @@ class TrackerJacker:
             else:  # track mode
                 channel_switch_scheme = 'traffic_based'
 
+        print(f'devices_to_watch = {devices_to_watch}, aps_to_watch = {aps_to_watch}')
         self.devices_to_watch_set = set([dev['mac'].lower() for dev in devices_to_watch if 'mac' in dev])
         self.aps_to_watch_set = set([ap['bssid'].lower() for ap in aps_to_watch if 'bssid' in ap])
 
+        if len(self.devices_to_watch_set) > 0:
+            print(f'Tracking devices: {self.devices_to_watch_set}')
+        if len(self.aps_to_watch_set) > 0:
+            print(f'Tracking Access Points: {self.aps_to_watch_set}')
+
         if self.do_track:
             # Build trigger hit function
             if trigger_plugin:
@@ -149,57 +158,60 @@ class TrackerJacker:
                                                                      time_per_channel)
 
     def process_packet(self, pkt):
-        if pkt.haslayer(scapy.Dot11):
-            looking_for_specifics_and_none_found = self.aps_to_watch_set or self.devices_to_watch_set
-
-            try:
-                frame = dot11_frame.Dot11Frame(pkt,
-                                               int(self.iface_manager.current_channel),
-                                               iface=self.iface_manager.iface)
-            except Exception as e:
-                # Thank you DEF CON (https://github.com/secdev/scapy/issues/1552)
-                self.logger.warning('Error decoding Dot11Frame: %s', e)
-                return
-
-            if self.do_map:
-                self.log_newly_found(frame)
-
-            if self.display_all_packets:
-                print('\t', pkt.summary())
-
-            # See if any APs we care about (if we're looking for specific APs)
-            if self.aps_to_watch_set:
-                if frame.bssid not in self.aps_to_watch_set:
-                    looking_for_specifics_and_none_found = False
-
-            # See if any MACs we care about (if we're looking for specific MACs)
-            if self.devices_to_watch_set:
-                matched_macs = self.devices_to_watch_set & frame.macs
-                if matched_macs:
-                    looking_for_specifics_and_none_found = False
-
-                    # Display matched packets (if specified)
-                    if self.display_matching_packets and not self.display_all_packets:
-                        print('\t', pkt.summary())
-
-            # If we are looking for specific APs or Devices and none are found, no further processing needed
-            if looking_for_specifics_and_none_found:
-                return
-
-            # If map mode enabled, do it. Note that we don't exclude non-matching MACs from the mapping
-            # (which is why this isn't under the 'if matched_matcs' block).
-            # Note: we update the map whether do_map is true or false since it's used for tracking; just don't save map
-            self.dot11_map.add_frame(frame)
-            if self.do_map:
-                if time.time() - self.map_last_save >= self.map_save_interval:
-                    self.dot11_map.save_to_file(self.map_file)
-                    self.map_last_save = time.time()
-
-            if self.do_track:
-                self.dot11_tracker.add_frame(frame, pkt)
-
-            # Update device tracking (for traffic-based)
-            self.iface_manager.add_frame(frame)
+        try:
+            if pkt.haslayer(scapy.Dot11):
+                looking_for_specifics_and_none_found = self.aps_to_watch_set or self.devices_to_watch_set
+
+                try:
+                    frame = dot11_frame.Dot11Frame(pkt,
+                                                int(self.iface_manager.current_channel),
+                                                iface=self.iface_manager.iface)
+                except Exception as e:
+                    # Thank you DEF CON (https://github.com/secdev/scapy/issues/1552)
+                    self.logger.warning('Error decoding Dot11Frame: %s', e)
+                    return
+
+                if self.do_map:
+                    self.log_newly_found(frame)
+
+                if self.display_all_packets:
+                    print('\t', pkt.summary())
+
+                # See if any APs we care about (if we're looking for specific APs)
+                if self.aps_to_watch_set:
+                    if frame.bssid not in self.aps_to_watch_set:
+                        looking_for_specifics_and_none_found = False
+
+                # See if any MACs we care about (if we're looking for specific MACs)
+                if self.devices_to_watch_set:
+                    matched_macs = self.devices_to_watch_set & frame.macs
+                    if matched_macs:
+                        looking_for_specifics_and_none_found = False
+
+                        # Display matched packets (if specified)
+                        if self.display_matching_packets and not self.display_all_packets:
+                            print('\t', pkt.summary())
+
+                # If we are looking for specific APs or Devices and none are found, no further processing needed
+                if looking_for_specifics_and_none_found:
+                    return
+
+                # If map mode enabled, do it. Note that we don't exclude non-matching MACs from the mapping
+                # (which is why this isn't under the 'if matched_matcs' block).
+                # Note: we update the map whether do_map is true or false since it's used for tracking; just don't save map
+                self.dot11_map.add_frame(frame)
+                if self.do_map:
+                    if time.time() - self.map_last_save >= self.map_save_interval:
+                        self.dot11_map.save_to_file(self.map_file)
+                        self.map_last_save = time.time()
+
+                if self.do_track:
+                    self.dot11_tracker.add_frame(frame, pkt)
+
+                # Update device tracking (for traffic-based)
+                self.iface_manager.add_frame(frame)
+        except Exception as e:
+            self.logger.debug('Error in process_packet: {e}')
 
     def log_newly_found(self, frame):
         # Log newly-found things
@@ -282,10 +294,6 @@ def do_simple_tasks_if_specified(args):
 
 
 def main():
-    if not os.getuid() == 0:
-        print('trackerjacker requires r00t!', file=sys.stderr)
-        sys.exit(errno.EPERM)
-
     argparse_args = config_management.get_arg_parser().parse_args()
 
     # Some command-line args specify to just perform a simple task and then exit
@@ -308,6 +316,11 @@ def main():
     # Setup logger
     logger = make_logger(config.pop('log_path'), config.pop('log_level'))
 
+    # Any actual trackerjacker usage requires root (monitor mode in scapy requires it)
+    if not os.getuid() == 0:
+        print('trackerjacker requires r00t!', file=sys.stderr)
+        sys.exit(errno.EPERM)
+
     try:
         tj = TrackerJacker(**dict(config, **{'logger': logger}))  # pylint: disable=E1123
         tj.start()

{trackerjacker-2.0.4 → trackerjacker-2.0.6}/trackerjacker/dot11_tracker.py

@@ -45,7 +45,8 @@ class Dot11Tracker:
         self.last_alerted = {}
 
         # Same as self.arg = arg for every arg (except devices_to_watch and aps_to_watch)
-        self.__dict__.update({k: v for k, v in locals().items() if k != 'aps_to_watch'})
+        #self.__dict__.update({k: v for k, v in locals().items() if k != 'aps_to_watch'})
+        self.__dict__.update({k: v for k, v in locals().items()})
 
         # If no particular things are specified to be watched, assume everything should be watched
         self.track_all = (not aps_to_watch and not devices_to_watch)
@@ -91,7 +92,7 @@ class Dot11Tracker:
                                           frame=frame,
                                           raw_frame=raw_frame)
 
-            if self.power and frame.signal_strength > self.power:
+            if self.power and frame.signal_strength and frame.signal_strength > self.power:
                 self.do_trigger_alert(mac,
                                       'mac',
                                       vendor=dev_node['vendor'],
@@ -288,7 +289,7 @@ class Dot11Tracker:
         elif self.trigger_command:
             try:
                 # Start trigger_command in background process - fire and forget
-                subprocess.Popen(self.trigger_command)
+                subprocess.run(self.trigger_command, shell=True)
             except Exception:
                 raise TJException('Error occurred in trigger command: {}'.format(traceback.format_exc()))