hryk · November 28, 2012 13:03
diff --git a/monitor_ds.py b/monitor_ds.py
 #!/usr/bin/env python

 import re
 import string
 import sets
 import sys
 import urllib2
 import os.path
 import subprocess
 from gntp.notifier import mini

 def get_oui_txt():
    content = []
    if os.path.exists('./oui.txt'):
        with open('./oui.txt', 'r') as f:
            content = f.readlines()
    else:
        oui_txt = 'http://standards.ieee.org/develop/regauth/oui/oui.txt'
        res = urllib2.urlopen(oui_txt)
        f = open('./oui.txt', 'w')
        for line in res:
            f.write(line)
            content.append(line)
    return content

 def get_oui_of(vendor=None):
    res = get_oui_txt()
    ouis = {}
    for line in res:
        line = line.strip()
        if line != '':
            match = re.search('^([\d\w]+)\s+?\((base\s16)\)\s+(.+)$', line)
            if match is not None:
                if match.group(2) == 'base 16':
                    if ouis.has_key(match.group(3)):
                        ouis[match.group(3)].append(match.group(1)) 
                    else:
                        ouis[match.group(3)] = []
                        ouis[match.group(3)].append(match.group(1)) 

    if vendor is not None:
        return ouis[vendor]
    else:
        return ouis

 def get_prefix(mac):
    return string.replace(mac[0:8], ':', '').upper()

 def notify(message):
    mini(message, applicationName='MonitorDS', title="Monitor DS")

 def monitor_prefix(prefix_to_monitor):
    command = ["tshark", "-i", "en1", "-I", "-Ttext", "-n"]
    pattern   = re.compile("(?:[\d\w]{2}:){5}[\d\w]{2}")
    whitelist = sets.Set(['ff:ff:ff:ff:ff:ff'])
    proc = subprocess.Popen(command, bufsize=1,
            stdout=subprocess.PIPE, stderr=subprocess.STDOUT,
            universal_newlines=True)
    # Start Monitoring
    notify("vendor prefix monitoring start")
    while proc.poll() is None:
        line = proc.stdout.readline()
        if line:
            matched = re.findall(pattern, line)
            if len(matched) > 0:
                for mac in matched:
                    if mac in whitelist:
                        continue
                    if get_prefix(mac) in prefix_to_monitor:
                        print "!!! Detected Nintendo. %s" % mac
                        notify("!!! Detected Nintendo. %s" % mac)
                    else:
                        whitelist.add(mac)

 def main():
    monitor_prefices = get_oui_of('Nintendo Co., Ltd.')
    monitor_prefices += get_oui_of('Nintendo Co.,Ltd.')
    if len(sys.argv) > 1:
        monitor_vendor = sys.argv[1]
        monitor_prefices += get_oui_of(monitor_vendor)
    ds_prefixes = sets.Set(monitor_prefices)
    print """
    Monitor Following prrefixes.
    %r
    """ % ds_prefixes
    monitor_prefix(ds_prefixes)

 if __name__ == '__main__':
    main()
	#!/usr/bin/env python

	import re
	import string
	import sets
	import sys
	import urllib2
	import os.path
	import subprocess
	from gntp.notifier import mini

	def get_oui_txt():
	content = []
	if os.path.exists('./oui.txt'):
	with open('./oui.txt', 'r') as f:
	content = f.readlines()
	else:
	oui_txt = 'http://standards.ieee.org/develop/regauth/oui/oui.txt'
	res = urllib2.urlopen(oui_txt)
	f = open('./oui.txt', 'w')
	for line in res:
	f.write(line)
	content.append(line)
	return content

	def get_oui_of(vendor=None):
	res = get_oui_txt()
	ouis = {}
	for line in res:
	line = line.strip()
	if line != '':
	match = re.search('^([\d\w]+)\s+?\((base\s16)\)\s+(.+)$', line)
	if match is not None:
	if match.group(2) == 'base 16':
	if ouis.has_key(match.group(3)):
	ouis[match.group(3)].append(match.group(1))
	else:
	ouis[match.group(3)] = []
	ouis[match.group(3)].append(match.group(1))

	if vendor is not None:
	return ouis[vendor]
	else:
	return ouis

	def get_prefix(mac):
	return string.replace(mac[0:8], ':', '').upper()

	def notify(message):
	mini(message, applicationName='MonitorDS', title="Monitor DS")

	def monitor_prefix(prefix_to_monitor):
	command = ["tshark", "-i", "en1", "-I", "-Ttext", "-n"]
	pattern = re.compile("(?:[\d\w]{2}:){5}[\d\w]{2}")
	whitelist = sets.Set(['ff:ff:ff:ff:ff:ff'])
	proc = subprocess.Popen(command, bufsize=1,
	stdout=subprocess.PIPE, stderr=subprocess.STDOUT,
	universal_newlines=True)
	# Start Monitoring
	notify("vendor prefix monitoring start")
	while proc.poll() is None:
	line = proc.stdout.readline()
	if line:
	matched = re.findall(pattern, line)
	if len(matched) > 0:
	for mac in matched:
	if mac in whitelist:
	continue
	if get_prefix(mac) in prefix_to_monitor:
	print "!!! Detected Nintendo. %s" % mac
	notify("!!! Detected Nintendo. %s" % mac)
	else:
	whitelist.add(mac)

	def main():
	monitor_prefices = get_oui_of('Nintendo Co., Ltd.')
	monitor_prefices += get_oui_of('Nintendo Co.,Ltd.')
	if len(sys.argv) > 1:
	monitor_vendor = sys.argv[1]
	monitor_prefices += get_oui_of(monitor_vendor)
	ds_prefixes = sets.Set(monitor_prefices)
	print """
	Monitor Following prrefixes.
	%r
	""" % ds_prefixes
	monitor_prefix(ds_prefixes)

	if __name__ == '__main__':
	main()
No results found