aknik · April 9, 2018 15:55
diff --git a/fakebeacon.py b/fakebeacon.py
 #!/usr/bin/env python
 # -*- coding: UTF-8 -*-
 #
 # source: https://www.4armed.com/blog/forging-wifi-beacon-frames-using-scapy/
 # 
 # requires:
 #     radiotap supported wifi nic/driver (frame injection) (works fine with Ralink RT2571W)
 #     iwconfig $iface mode monitor
 #     iw dev $iface set channel $channel
 #       or
 #     iwlist iface scan
 #  
 # example:
 #    spawn 1000 essids (0-999)
 #    #> python fakebeacon.py $(python -c "print ' '.join(i for i in xrange(1000))")
 #
 from scapy.all import Dot11,Dot11Beacon,Dot11Elt,RadioTap,sendp,hexdump,RandMAC
 import sys
 import random
 import os

 def main():
    ssids = sys.argv[2:]       #Network name here
    iface = sys.argv[1]         #Interface name here
    frames =[]
    for netSSID in ssids:
        print netSSID
        dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff',
        addr2=str(RandMAC()), addr3=str(RandMAC()))
        beacon = Dot11Beacon(cap='ESS+privacy')
        essid = Dot11Elt(ID='SSID',info=netSSID, len=len(netSSID))
        rsn = Dot11Elt(ID='RSNinfo', info=(
          '\x01\x00'                 #RSN Version 1
          '\x00\x0f\xac\x02'         #Group Cipher Suite : 00-0f-ac TKIP
          '\x02\x00'                 #2 Pairwise Cipher Suites (next two lines)
          '\x00\x0f\xac\x04'         #AES Cipher
          '\x00\x0f\xac\x02'         #TKIP Cipher
          '\x01\x00'                 #1 Authentication Key Managment Suite (line below)
          '\x00\x0f\xac\x02'         #Pre-Shared Key
          '\x00\x00'))               #RSN Capabilities (no extra capabilities)


        frame = RadioTap()/dot11/beacon/essid/rsn
        print "SSID=%-20s   %r"%(netSSID,frame)
        frames.append(frame)
    sendp(frames, iface=iface, inter=0.0100 if len(frames)<10 else 0, loop=1)
    
 if __name__=="__main__":
    main()
	#!/usr/bin/env python
	# -- coding: UTF-8 --
	#
	# source: https://www.4armed.com/blog/forging-wifi-beacon-frames-using-scapy/
	#
	# requires:
	# radiotap supported wifi nic/driver (frame injection) (works fine with Ralink RT2571W)
	# iwconfig $iface mode monitor
	# iw dev $iface set channel $channel
	# or
	# iwlist iface scan
	#
	# example:
	# spawn 1000 essids (0-999)
	# #> python fakebeacon.py $(python -c "print ' '.join(i for i in xrange(1000))")
	#
	from scapy.all import Dot11,Dot11Beacon,Dot11Elt,RadioTap,sendp,hexdump,RandMAC
	import sys
	import random
	import os

	def main():
	ssids = sys.argv[2:] #Network name here
	iface = sys.argv[1] #Interface name here
	frames =[]
	for netSSID in ssids:
	print netSSID
	dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff',
	addr2=str(RandMAC()), addr3=str(RandMAC()))
	beacon = Dot11Beacon(cap='ESS+privacy')
	essid = Dot11Elt(ID='SSID',info=netSSID, len=len(netSSID))
	rsn = Dot11Elt(ID='RSNinfo', info=(
	'\x01\x00' #RSN Version 1
	'\x00\x0f\xac\x02' #Group Cipher Suite : 00-0f-ac TKIP
	'\x02\x00' #2 Pairwise Cipher Suites (next two lines)
	'\x00\x0f\xac\x04' #AES Cipher
	'\x00\x0f\xac\x02' #TKIP Cipher
	'\x01\x00' #1 Authentication Key Managment Suite (line below)
	'\x00\x0f\xac\x02' #Pre-Shared Key
	'\x00\x00')) #RSN Capabilities (no extra capabilities)


	frame = RadioTap()/dot11/beacon/essid/rsn
	print "SSID=%-20s %r"%(netSSID,frame)
	frames.append(frame)
	sendp(frames, iface=iface, inter=0.0100 if len(frames)<10 else 0, loop=1)

	if __name__=="__main__":
	main()