From b464ab337dcc9177c039327d8da9b909ff3f1e64 Mon Sep 17 00:00:00 2001
From: Michael Scalzetti <maestromike5@gmail.com>
Date: Wed, 26 Oct 2022 20:42:31 -0400
Subject: [PATCH] added more ouis for aruba, wrote out a func to get unique
 wifi clients

---
 src/packet_processer.py | 53 +++++++++++++++++++++++++----------------
 1 file changed, 32 insertions(+), 21 deletions(-)

diff --git a/src/packet_processer.py b/src/packet_processer.py
index be1b1b4..bcb688d 100644
--- a/src/packet_processer.py
+++ b/src/packet_processer.py
@@ -1,33 +1,44 @@
-import pcap, dpkt
-from scapy.all import Ether, ARP
 from time import sleep
 
-def process_packet(info, timestamp, packet):
-    src = packet.src
-    dst = packet.dst
-    print(f"{timestamp} | {src}[{1 if is_ap(src) else 0}]  -->  {packet.dst}[{1 if is_ap(dst) else 0}]")
-    #packet.display()
-    #sleep(.5)
-
-def get_scapy_packet(raw_packet):
-    eth_frame = dpkt.ethernet.Ethernet(raw_packet)
-
-    return Ether(raw_packet)
 
 def is_ap(mac_address):
-    aruba_ouis = ['94:60:D5', '48:2F:6B', '94:64:24', 'A8:5B:F7', 'F0:61:C0', 'EC:50:AA', '6C:C4:9F']
+    aruba_ouis = ["00:0B:86","00:1A:1E","00:24:6C","04:BD:88","0C:97:5F","10:4F:58",
+            "18:64:72","18:7A:3B","1C:28:AF","20:4C:03","20:9C:B4","24:62:CE","24:DE:C6",
+            "28:DE:65","34:3A:20","34:8A:12","38:10:F0","38:21:C7","38:BD:7A","40:E3:D6",
+            "44:12:44","44:5B:ED","48:2F:6B","48:B4:C3","54:D7:E3","60:26:EF","64:E8:81",
+            "6C:C4:9F","6C:F3:7F","70:3A:0E","74:9E:75","7C:57:3C","84:D4:7E","88:25:10",
+            "88:3A:30","8C:85:C1","90:20:C2","94:60:D5","94:64:24","94:B4:0F","9C:1C:12",
+            "A0:A0:01","A4:0E:75","A8:5B:F7","AC:A3:1E","B0:1F:8C","B4:5D:50","B8:3A:5A",
+            "B8:D4:E7","BC:9F:E4","BC:D7:A5","CC:88:C7","CC:D0:83","D0:15:A6","D0:4D:C6",
+            "D0:D3:E0","D4:E0:53","D8:C7:C8","DC:B7:AC","E8:26:89","EC:02:73","EC:50:AA",
+            "F0:1A:A0","F0:5C:19","F0:61:C0","F4:2E:7F","F8:60:F0","FC:7F:F1"]
+
     for oui in aruba_ouis:
         if oui in mac_address:
             return True
     return False
 
-def sniff(interface, timeout_ms=500):
-    info = {}
 
-    sniff = pcap.pcap(name=interface, promisc=True, timeout_ms=timeout_ms)
-    
-    for timestamp, raw_packet in sniff:
-        packet = get_scapy_packet(raw_packet)
-        info = process_packet(info, timestamp, packet)
+def get_unique_clients_packets(packets):
+    unique_client_packets = []
+    for packet in packets:
+        if not "Station MAC" in packet:
+            continue
+        print(  f"{packet['Station MAC']} --> {packet['BSSID']}"  )
+        mac = packet["Station MAC"].strip()
+        if not (mac in unique_client_packets ): #or is_ap(mac)):
+            #FILTERS
+            #print(packet["Power"].strip())
+            #if int(packet["Power"].strip()) >= -70:
+            #    continue
 
+            #if not is_ap(packet["BSSID"].strip()):
+            #    continue
+
+            unique_client_packets.append(packet)
+
+    #print( unique_client_packets )
+    for packet in unique_client_packets:
+        print(packet)
+    return unique_client_packets