IEEE 802.11 and stuff¶

Base IEEE 802.11
IEEE 802.11 data frames
IEEE 802.11 management frames
- Assoc
- Auth
- Beacon
- Probes
IEEE 802.11 control frames
Helpers

Base IEEE 802.11 ¶

class Dot11(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.PDU

Base Dot11 packet

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr -- not used

class ControlSubtypes¶

Bases: enum.IntEnum

the different subtypes of 802.11 control frames

Attributes: BLOCK_ACK_REQ, BLOCK_ACK, PS, RTS, CTS, ACK, CF_END, CF_END_ACK

class Dot11.DataSubtypes¶

Bases: enum.IntEnum

the different subtypes of 802.11 data frames

Attributes: DATA_DATA, DATA_CF_ACK, DATA_CF_POLL, DATA_CF_ACK_POLL, DATA_NULL, CF_ACK, CF_POLL, CF_ACK_POLL, QOS_DATA_DATA, QOS_DATA_CF_ACK, QOS_DATA_CF_POLL, QOS_DATA_CF_ACK_POLL, QOS_DATA_NULL

class Dot11.ManagementSubtypes¶

Bases: enum.IntEnum

the different subtypes of 802.11 management frames

Attributes: ASSOC_REQ, ASSOC_RESP, REASSOC_REQ, REASSOC_RESP, PROBE_REQ, PROBE_RESP, BEACON, ATIM, DISASSOC, AUTH, DEAUTH

class Dot11.OptionTypes¶

Bases: enum.IntEnum

the different types of tagged options

Attributes: SSID, SUPPORTED_RATES, FH_SET, DS_SET, CF_SET, TIM, IBSS_SET, COUNTRY, HOPPING_PATTERN_PARAMS, HOPPING_PATTERN_TABLE, REQUEST_INFORMATION, BSS_LOAD, EDCA, TSPEC, TCLAS, SCHEDULE, CHALLENGE_TEXT, POWER_CONSTRAINT, POWER_CAPABILITY, TPC_REQUEST, TPC_REPORT, SUPPORTED_CHANNELS, CHANNEL_SWITCH, MEASUREMENT_REQUEST, MEASUREMENT_REPORT, QUIET, IBSS_DFS, ERP_INFORMATION, TS_DELAY, TCLAS_PROCESSING, QOS_CAPABILITY, RSN, EXT_SUPPORTED_RATES, VENDOR_SPECIFIC

class Dot11.Types¶

Bases: enum.IntEnum

the different types of 802.11 frames

Attributes: MANAGEMENT, CONTROL, DATA

Dot11.add_option(identifier, data=None)¶

Adds a new option to this Dot11 PDU.

Parameters:	identifier (int or `OptionTypes`) data (bytes)

static Dot11.from_bytes(buf)¶

Static. Allocates an Dot11 PDU from a buffer.

Instantiate the appropriate subclass of Dot11 from the given buffer. The type of the allocated class will be figured out from the the buffer.

Parameters:	buf (bytes or bytearray or memoryview)
Returns:	pdu (`Dot11`)

Dot11.options()¶

Returns the list of options

Returns:	l (list of (int, bytes))

Dot11.search_option(identifier)¶

Look up a tagged option in the option list. Returns None if the option is not found.

Parameters:	identifier (int or `OptionTypes`)
Returns:	option (bytes)

Dot11.addr1¶: First address (read-write, HWAddress)

Dot11.duration_id¶: Duration-ID field (read-write, uint16_t)

Dot11.from_ds¶: From-DS field (read-write, bool)

Dot11.more_frag¶: More-Frag field (read-write, bool)

Dot11.order¶: Order field (read-write, bool)

Dot11.power_mgmt¶: Power-Management field (read-write, bool)

Dot11.protocol¶: protocol version field (read-write, uint8_t)

Dot11.retry¶: Retry field (read-write, bool)

Dot11.subtype¶: subtype field (read-write, 4 bits int)

Dot11.to_ds¶: To-DS field (read-write, bool)

Dot11.type¶: type field (read-write, 2 bits int)

Dot11.wep¶: WEP field (read-write, bool)

IEEE 802.11 data frames ¶

class Dot11Data(self, dst_hw_addr=None, src=None)¶

Bases: cycapture.libtins._tins.Dot11

802.11 Data frame

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

addr2¶: the second address (read-write, HWAddress)

addr3¶: the third address (read-write, HWAddress)

addr4¶: the fourth address (read-write, HWAddress)

bssid_addr¶

the frame's BSSID address (read-only, HWAddress)

It is a wrapper over the addr* methods that takes into account the value of the FromDS and ToDS bits.

If FromDS == ToDS == 1, None is returned.

dst_addr¶

the frame's destination address (read-only, HWAddress)

It is a wrapper over the addr* methods that takes into account the value of the FromDS and ToDS bits.

If FromDS == ToDS == 1, None is returned.

frag_num¶: the fragment number field (read-write, uint8_t)

seq_num¶: the sequence number field (read-write, uint16_t)

src_addr¶

the frame's source address (read-only, HWAddress)

It is a wrapper over the addr* methods that takes into account the value of the FromDS and ToDS bits.

If FromDS == ToDS == 1, None is returned.

class Dot11QoSData(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11Data

802.11 QoS Data frame

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

qos_control¶: the QOS Control field (read-write, uint16_t)

IEEE 802.11 management frames ¶

class Dot11ManagementFrame(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11

Abstract class for all Management frames in the 802.11 family.

Raises:	`exception` (NotImplementedError) --

class ReasonCodes¶

Bases: enum.IntEnum

Reason codes

Attributes: UNSPECIFIED, PREV_AUTH_NOT_VALID, STA_LEAVING_IBSS_ESS, INACTIVITY, CANT_HANDLE_STA, CLASS2_FROM_NO_AUTH, CLASS3_FROM_NO_AUTH, STA_LEAVING_BSS, STA_NOT_AUTH_WITH_STA, POW_CAP_NOT_VALID, SUPPORTED_CHANN_NOT_VALID, INVALID_CONTENT, MIC_FAIL, HANDSHAKE_TIMEOUT, GROUP_KEY_TIMEOUT, WRONG_HANDSHAKE, INVALID_GROUP_CIPHER, INVALID_PAIRWISE_CIPHER, INVALID_AKMP, UNSOPPORTED_RSN_VERSION, INVALID_RSN_CAPABILITIES, AUTH_FAILED, CIPHER_SUITE_REJECTED, UNSPECIFIED_QOS_REASON, NOT_ENOUGH_BANDWITH, POOR_CHANNEL, STA_OUT_OF_LIMITS, REQUESTED_BY_STA_LEAVING, REQUESTED_BY_STA_REJECT_MECHANISM, REQUESTED_BY_STA_REJECT_SETUP, REQUESTED_BY_STA_TIMEOUT, PEER_STA_NOT_SUPPORT_CIPHER

Dot11ManagementFrame.addr2¶: Second address (read-write, HWAddress)

Dot11ManagementFrame.addr3¶: Third address (read-write, HWAddress)

Dot11ManagementFrame.addr4¶: Fourth address (read-write, HWAddress)

Dot11ManagementFrame.bss_load¶: BSS Load tagged option (read-write, bss_load_t)

Dot11ManagementFrame.cf_parameter_set¶: cf paramater set tagged option (read-write, cf_params)

Dot11ManagementFrame.challenge_text¶: challenge text option (read-write, bytes)

Dot11ManagementFrame.channel_switch¶: Channel switch (read-write, channel_switch_t)

Dot11ManagementFrame.country¶: country tagged option (read-write, country_params)

Dot11ManagementFrame.ds_parameter_set¶: ds paramater set (read-write, uint8_t)

Dot11ManagementFrame.erp_information¶: ERP information (read-write, uint8_t)

Dot11ManagementFrame.extended_supported_rates¶: Extended supported rates (read-write, list of floats)

Dot11ManagementFrame.fh_parameter_set¶: fh paramater set tagged option (read-write, fh_params)

Dot11ManagementFrame.fh_parameters¶: FH parameters set tagged option (read-write, (uint8_t, uint8_t))

Dot11ManagementFrame.fh_pattern_table¶: FH pattern table tagged option (read-write, fh_pattern)

Dot11ManagementFrame.frag_num¶: the fragment number (read-write, 4-bits int)

Dot11ManagementFrame.ibss_dfs¶: IBSS DFS tagged option (read-write, dfs_params)

Dot11ManagementFrame.ibss_parameter_set¶: ibss parameter (read-write, uint8_t)

Dot11ManagementFrame.power_capability¶: Power capability (read-write, uint8_t)

Dot11ManagementFrame.power_constraint¶: Power constraint (read-write, uint8_t)

Dot11ManagementFrame.qos_capability¶: QoS capability (read-write, uint8_t)

Dot11ManagementFrame.quiet¶: Quiet tagged option (read-write, quiet_t)

Dot11ManagementFrame.request_information¶: Request information (read-write, list of uint8_t)

Dot11ManagementFrame.rsn_information¶: RSN information option (read-write, RSNInformation)

Dot11ManagementFrame.seq_num¶: the sequence number field (read-write, uint16_t)

Dot11ManagementFrame.ssid¶: SSID field (read-write, bytes)

Dot11ManagementFrame.supported_channels¶: Supported channels (read-write, list of uint8_t)

Dot11ManagementFrame.supported_rates¶: Supported rates (read-write, list of floats)

Dot11ManagementFrame.tim¶: TIM tagged option (read-write, tim_t)

Dot11ManagementFrame.tpc_report¶: TPC Report tagged option (read-write, (uint8_t, uint8_t))

Dot11ManagementFrame.vendor_specific¶: Vendor Specific tagged option (read-write, vendor_specific_t)

Assoc ¶

class Dot11Disassoc(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11ManagementFrame

802.11 Disassociation frame

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

reason_code¶: reason code field (read-write, uint16_t)

class Dot11AssocRequest(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11ManagementFrame

802.11 Association Request frame

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

capabilities¶: Capabilities (read-only, Capabilities)

listen_interval¶: listen interval field (read-write, uint16_t)

class Dot11AssocResponse(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11ManagementFrame

802.11 Association Response frame

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

aid¶: AID field (read-write, uint16_t)

capabilities¶: Capabilities (read-only, Capabilities)

status_code¶: status code field (read-write, uint16_t)

class Dot11ReAssocRequest(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11ManagementFrame

802.11 ReAssociation Request frame

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

capabilities¶: Capabilities (read-only, Capabilities)

current_ap¶: current ap field (read-write, HWAddress)

listen_interval¶: listen interval field (read-write, uint16_t)

class Dot11ReAssocResponse(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11ManagementFrame

802.11 Association Response frame

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

aid¶: AID field (read-write, uint16_t)

capabilities¶: Capabilities (read-only, Capabilities)

status_code¶: Status code (read-write, uint16_t)

Auth ¶

class Dot11Authentication(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11ManagementFrame

802.11 Authentication Request frame.

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

auth_algorithm¶: Authetication Algorithm Number field (read-write, uint16_t)

auth_seq_number¶: Authentication Sequence Number field (read-write, uint16_t)

status_code¶: Status code (read-write, uint16_t)

class Dot11Deauthentication(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11ManagementFrame

802.11 Deauthentication frame.

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

reason_code¶: reason code field (read-write, uint16_t)

Beacon ¶

class Dot11Beacon(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11ManagementFrame

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

capabilities¶: Capabilities (read-only, Capabilities)

interval¶: the interval field (read-write, uint16_t)

timestamp¶: the timestamp field (read-write, uint64_t)

Probes ¶

class Dot11ProbeRequest(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11ManagementFrame

802.11 Probe Request frame.

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

class Dot11ProbeResponse(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11ManagementFrame

802.11 Probe Response frame.

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

capabilities¶: Capabilities (read-only, Capabilities)

interval¶: interval field (read-write, uint16_t)

timestamp¶: the timestamp field (read-write, uint64_t)

IEEE 802.11 control frames ¶

class Dot11Control(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11

802.11 control frame

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (any) -- ignored

class Dot11RTS(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11Control

IEEE 802.11 RTS frame.

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

target_addr¶: target address field (read-write, HWAddress)

class Dot11PSPoll(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11Control

802.11 PS-Poll frame.

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

target_addr¶: target address field (read-write, HWAddress)

class Dot11CFEnd(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11Control

802.11 CF-End frame.

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

target_addr¶: target address field (read-write, HWAddress)

class Dot11EndCFAck(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11Control

802.11 End-CF-Ack frame.

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

target_addr¶: target address field (read-write, HWAddress)

class Dot11Ack(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11Control

802.11 Ack frame.

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (any) -- ignored

class Dot11BlockAckRequest(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11Control

802.11 Block Ack Request frame.

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

bar_control¶: bar control field (read-write, 4-bits int)

fragment_number¶: fragment number field (read-write, 4-bits int)

start_sequence¶: start sequence field (read-write, 12-bits int)

target_addr¶: target address field (read-write, HWAddress)

class Dot11BlockAck(dst_hw_addr=None, src_hw_addr=None)¶

Bases: cycapture.libtins._tins.Dot11Control

802.11 Block Ack frame.

Parameters:	dst_hw_addr (`HWAddress`) -- The destination hardware address src_hw_addr (`HWAddress`) -- The source hardware address

bar_control¶: bar control field (read-write, 4-bits int)

bitmap¶: the bitmap field (read-write, bytes (8 bytes long))

fragment_number¶: fragment number field (read-write, 4-bits int)

start_sequence¶: start sequence field (read-write, 12-bits int)

target_addr¶: target address field (read-write, HWAddress)

Helpers ¶

Capabilities ¶

class Capabilities¶

Bases: object

Represents the IEEE 802.11 frames's capability information.

apsd¶: apsd flag (read-write, bool)

cf_poll¶: cf_poll flag (read-write, bool)

cf_poll_req¶: cf_poll_req flag (read-write, bool)

channel_agility¶: channel_agility flag (read-write, bool)

delayed_block_ack¶: delayed_block_ack flag (read-write, bool)

dsss_ofdm¶: dsss_ofdm flag (read-write, bool)

ess¶: ess flag (read-write, bool)

ibss¶: ibss flag (read-write, bool)

immediate_block_ack¶: immediate_block_ack flag (read-write, bool)

pbcc¶: pbcc flag (read-write, bool)

privacy¶: privacy flag (read-write, bool)

qos¶: qos flag (read-write, bool)

reserved¶: reserved flag (read-write, bool)

short_preamble¶: short_preamble flag (read-write, bool)

spectrum_mgmt¶: spectrum_mgmt flag (read-write, bool)

sst¶: sst flag (read-write, bool)

RSN information ¶

class RSNInformation¶

Bases: object

The RSN information structure

The version is set to 1.

class AKMSuites¶

Bases: enum.IntEnum

the different akm suites

Attributes: PMKSA, PSK

class RSNInformation.CypherSuites¶

Bases: enum.IntEnum

the different cypher suites

Attributes: WEP_40, TKIP, CCMP, WEP_104

RSNInformation.add_akm_cypher(akm)¶

Add an akm suite

Parameters:	akm (`AKMSuites`) -- The akm suite

RSNInformation.add_pairwise_cypher(cypher)¶

Add a pairwise cypher suite

Parameters:	cypher (`CypherSuites`) -- The pairwise cypher suite

static RSNInformation.from_buffer()¶

Constructs an RSNInformation object

Parameters:	buf (bytes or bytearray or memoryview)
Returns:	obj (`RSNInformation`)

RSNInformation.get_akm_cyphers()¶

get_pairwise_cyphers() Returns the akm suite list.

Returns:	suites (list of `AKMSuites`)

RSNInformation.get_pairwise_cyphers()¶

Returns the pairwise cypher suite list.

Returns:	suites (list of `CypherSuites`)

RSNInformation.serialize()¶

Serialize the object.

Returns:	s (bytes)

RSNInformation.capabilities¶: capabilities field (read-write, uint16_t)

RSNInformation.group_suite¶: group suite cypher field (read-write, CypherSuites)

RSNInformation.version¶: Version field (read-write, uint16_t)

Named tuples ¶

class fh_params(dwell_time, hop_set, hop_pattern, hop_index)¶: Bases: tuple

class cf_params(cfp_count, cfp_period, cfp_max_duration, cfp_dur_remaining)¶: Bases: tuple

class dfs_params(dfs_owner, recovery_interval, channel_map)¶: Bases: tuple

class country_params(country, first_channel, number_channels, max_transmit_power)¶: Bases: tuple

class fh_pattern(flag, number_of_sets, modulus, offset, random_table)¶: Bases: tuple

class channel_switch_t(switch_mode, new_channel, count)¶: Bases: tuple

class quiet_t(quiet_count, quiet_period, quiet_duration, quiet_offset)¶: Bases: tuple

class bss_load_t(station_count, channel_utilization, available_capacity)¶: Bases: tuple

class tim_t(dtim_count, dtim_period, bitmap_control, partial_virtual_bitmap)¶: Bases: tuple

class vendor_specific_t(oui, data)¶: Bases: tuple

Quick search

IEEE 802.11 and stuff¶