Script exporting functionality

Chenbro · 02-13-2006

Hello,

I'm embarking over the next two weeks to create a system that will require the use of exporting results from NetStumbler scans. Unfortunately, I've run into a few conceptual problems.

The system will require the data for the following (preferably in a text file):

SSID
Hardware Manufacturer
Default Gateway
Encryption status (WEP/WPA/not encrypted)
Signal strength

The system will then parse the text file to pick the WLAN with the highest signal strength to continue with what it is doing.

I recongnise that a simple VBscript can be used to automate the process of exporting the summary of a scan. However, having looked at the summary produced from NetStumbler, it does not state the Default Gateway or the Encryption status (which it does in the program itself).

Is there a way of producing a script that will state these two parameters as well as the others?

Essentially, the main feature of the system will need to determine whether or not the highest signal strengthed WLAN has encryption or not. It must be able to do this automatically.

Thank you in advance for any help you may offer.

Dutch · 02-13-2006

Quote:

Originally Posted by Chenbro

Hello,

I'm embarking over the next two weeks to create a system that will require the use of exporting results from NetStumbler scans. Unfortunately, I've run into a few conceptual problems.

The system will require the data for the following (preferably in a text file):

SSID
Hardware Manufacturer
Default Gateway
Encryption status (WEP/WPA/not encrypted)
Signal strength

The system will then parse the text file to pick the WLAN with the highest signal strength to continue with what it is doing.

I recongnise that a simple VBscript can be used to automate the process of exporting the summary of a scan. However, having looked at the summary produced from NetStumbler, it does not state the Default Gateway or the Encryption status (which it does in the program itself).

Is there a way of producing a script that will state these two parameters as well as the others?

Essentially, the main feature of the system will need to determine whether or not the highest signal strengthed WLAN has encryption or not. It must be able to do this automatically.

Thank you in advance for any help you may offer.

Could you please elaborate a bit more on what the program is supposed to do ?

Do you want to process data real time, or post process data after a stumble ?

Why the need to automatically determine what kind of encryption on the current strongest WLAN ?

Dutch

Chenbro · 02-13-2006

Thanks, sure thing:

1) The system is supposed to semi automate the process of securing a wireless network (making it easier for users to do so). Thus it needs info on the WLAN hardware in use...i thought NetStumbler would be the best option for this.

2) The results should be after a stumble. The script would start NetStumbler, then export the results an finally close NetStumbler.

3) I need to automatically determine what type of encyption is on the strongest WLAN because this is mostly likely to be the network the user currently owns/operates. If is is insecure, then the system will begin the phases of securing the network.

Hope that helps...thanks again

beakmyn · 02-13-2006

I see one very large flaw in your logic. The strongest signal is not always going to be the closest, I.E. the one you want. You could end up in a very uncomfortable situation if you secure the wrong AP. You'r "customer" should be smart enough to know the SSID of their AP.

Also, why would you want to secure the AP wirelessly. This is an insecure method to secure. All the security you'd be adding would be sent in the clear until the connection was secure. Not a good idea from security standpoint.

It would be easier to create a script that would search the local LAN for the webserver of the AP in question then perform automatic setup based on the AP it finds this way. Typically, you only have your customers AP on the local LAN and not your neighbors.

Chenbro · 02-13-2006

I see your point beakmyn. Fortunately, the system is not required for commercial or business use...merely a proof of concept/research project for uni.

The work I have done so far has meant that at this stage, it is best to continue on with the proposed solution as a complete overhaul would be too time consuming. I will mention your point in the limitations the system carries.

Any other help would of course be appreciated

Dutch · 02-13-2006

Quote:

Originally Posted by Chenbro

I see your point beakmyn. Fortunately, the system is not required for commercial or business use...merely a proof of concept/research project for uni.

The work I have done so far has meant that at this stage, it is best to continue on with the proposed solution as a complete overhaul would be too time consuming. I will mention your point in the limitations the system carries.
a
Any other help would of course be appreciated

Netstumbler doesnt export the data you request in the summary or text files. The data is contained in the binary .NS1 file though.
As you are post processing the data, read the binary file and parse it for the data you need.
The binary NS1 file format description is available on the authors site.

Dutch

Scruge · 02-13-2006

As mentioned before most info you seek is in the NS1 log file. However I don't believe you'll find the "Default gateway" and the hardware Vendor data is a little dated.
You can post process the vendor info yourself using an updated listing.

Chenbro · 02-13-2006

Playing around a bit, I see that the summary text file produced by NetStumbler gives identification of which type of encryption the network uses (by use of Flags) and the hardware manufacturer can be found by comparing the MAC address to the oui.txt file available online. The signal strength is also available by the summary I think, although this is a little harder to parse.

Still need to obtain the default gateway however....

Am I going down the right track by going about it this way? Or should I use NS1 log? The only problem I can see with the use of NS1 logs is that it would not be an autonomous process, as the log would need converting to txt (?).

Thanks in advance

Thorn · 02-13-2006

The Flags in the summary file will only tell youe whether or not encrytion is enabled. It will not tell you the type or manner of encryption. This is also true of NS itself.

streaker69 · 02-13-2006

Quote:

Originally Posted by Chenbro

Playing around a bit, I see that the summary text file produced by NetStumbler gives identification of which type of encryption the network uses (by use of Flags) and the hardware manufacturer can be found by comparing the MAC address to the oui.txt file available online. The signal strength is also available by the summary I think, although this is a little harder to parse.

Still need to obtain the default gateway however....

Am I going down the right track by going about it this way? Or should I use NS1 log? The only problem I can see with the use of NS1 logs is that it would not be an autonomous process, as the log would need converting to txt (?).

Thanks in advance

You are not going to be able to get the default gateway of the device unless you connect to it and retrieve it via DHCP. Doing this without explicit permission of the owner of the network is of course a crime.

Thorn · 02-13-2006

Quote:

Originally Posted by streaker69

You are not going to be able to get the default gateway of the device unless you connect to it and retrieve it via DHCP. Doing this without explicit permission of the owner of the network is of course a crime.

He'll be OK if it's done just as a proof of concept in a closed environment like a university. It that type of situation it wouldn't be much of an issue at all. Out in the real world of course, it could be a major issue.

Chenbro · 02-13-2006

Sorry, I should have explicitly made clear...the system will run when the user has already connected to their own WLAN. In this sense, the legality is not a major issue.

If the user is already connected, how can the default gateway be retrieved via DHCP? I was under under the impression that DHCP is a protocol used only to assign IP addresses to clients...(?)

If I can determine the default gateway then I believe I have everything to feed into the system then...

Cheers

[Edit] Actually, I should add that I would still require a method of determining whether or not an AP supports WEP or WPA encryption...as some of the older ones only have WEP. Any ideas?

streaker69 · 02-13-2006

Quote:

Originally Posted by Chenbro

Sorry, I should have explicitly made clear...the system will run when the user has already connected to their own WLAN. In this sense, the legality is not a major issue.

If the user is already connected, how can the default gateway be retrieved via DHCP? I was under under the impression that DHCP is a protocol used only to assign IP addresses to clients...(?)

If I can determine the default gateway then I believe I have everything to feed into the system then...

Cheers

[Edit] Actually, I should add that I would still require a method of determining whether or not an AP supports WEP or WPA encryption...as some of the older ones only have WEP. Any ideas?

Just off the top of my head, if the person is running Winders2k, or WindersXP you could have this execute

ipconfig /all >>ipconfig.txt

That will return your default gateway.

Thorn · 02-13-2006

Quote:

Originally Posted by Chenbro

...
If the user is already connected, how can the default gateway be retrieved via DHCP? I was under under the impression that DHCP is a protocol used only to assign IP addresses to clients...(?)

If I can determine the default gateway then I believe I have everything to feed into the system then...

DHCP is a Networking 101 issue. It hands off a fair amount of information, including IP Address, Subnet Mask, Default Gateway and a list of DNS servers. I'd suggest looking at the RFC for DHCP. I think the latest is 2131, although you may want to check.

http://www.ietf.org/rfc/rfc2131.txt

Quote:

Originally Posted by Chenbro

[Edit] Actually, I should add that I would still require a method of determining whether or not an AP supports WEP or WPA encryption...as some of the older ones only have WEP. Any ideas?

You cannot do this with NetStumbler.

Chenbro · 02-13-2006

Thanks for all the help....I eventually got the Default Gateway figured out using VBscript in which it outputs the value to a text file, without the need to parse ipconfig/all. As it's not a NetStumbler script, I won't post it here....but if anyone needs it for any other reason, it's available if needed.

I know now that NetStumbler cannot determine whether an AP supports WEP or WPA, so i'll just have to work on that...ah well!

02-13-2006	#1 (permalink)
Chenbro Registered Member Join Date: Apr 2004 Posts: 10	Script exporting functionality Hello, I'm embarking over the next two weeks to create a system that will require the use of exporting results from NetStumbler scans. Unfortunately, I've run into a few conceptual problems. The system will require the data for the following (preferably in a text file): SSID Hardware Manufacturer Default Gateway Encryption status (WEP/WPA/not encrypted) Signal strength The system will then parse the text file to pick the WLAN with the highest signal strength to continue with what it is doing. I recongnise that a simple VBscript can be used to automate the process of exporting the summary of a scan. However, having looked at the summary produced from NetStumbler, it does not state the Default Gateway or the Encryption status (which it does in the program itself). Is there a way of producing a script that will state these two parameters as well as the others? Essentially, the main feature of the system will need to determine whether or not the highest signal strengthed WLAN has encryption or not. It must be able to do this automatically. Thank you in advance for any help you may offer.

02-13-2006	#3 (permalink)
Chenbro Registered Member Join Date: Apr 2004 Posts: 10	Thanks, sure thing: 1) The system is supposed to semi automate the process of securing a wireless network (making it easier for users to do so). Thus it needs info on the WLAN hardware in use...i thought NetStumbler would be the best option for this. 2) The results should be after a stumble. The script would start NetStumbler, then export the results an finally close NetStumbler. 3) I need to automatically determine what type of encyption is on the strongest WLAN because this is mostly likely to be the network the user currently owns/operates. If is is insecure, then the system will begin the phases of securing the network. Hope that helps...thanks again Last edited by Chenbro : 02-13-2006 at 04:32 AM.

02-13-2006	#4 (permalink)
beakmyn root\.workspace\.garbage. Join Date: Aug 2003 Posts: 4,805	I see one very large flaw in your logic. The strongest signal is not always going to be the closest, I.E. the one you want. You could end up in a very uncomfortable situation if you secure the wrong AP. You'r "customer" should be smart enough to know the SSID of their AP. Also, why would you want to secure the AP wirelessly. This is an insecure method to secure. All the security you'd be adding would be sent in the clear until the connection was secure. Not a good idea from security standpoint. It would be easier to create a script that would search the local LAN for the webserver of the AP in question then perform automatic setup based on the AP it finds this way. Typically, you only have your customers AP on the local LAN and not your neighbors. __________________ Daughter with arms inside shirt: "Daddy I'm not Armish" ┌──────────────────────────────┐ ╞ NS Icons Explained\|et hoc genus omne ╡ └──────────────────────────────┘

02-13-2006	#8 (permalink)
Chenbro Registered Member Join Date: Apr 2004 Posts: 10	Playing around a bit, I see that the summary text file produced by NetStumbler gives identification of which type of encryption the network uses (by use of Flags) and the hardware manufacturer can be found by comparing the MAC address to the oui.txt file available online. The signal strength is also available by the summary I think, although this is a little harder to parse. Still need to obtain the default gateway however.... Am I going down the right track by going about it this way? Or should I use NS1 log? The only problem I can see with the use of NS1 logs is that it would not be an autonomous process, as the log would need converting to txt (?). Thanks in advance Last edited by Chenbro : 02-13-2006 at 07:15 AM.

02-13-2006	#9 (permalink)
Thorn Did you do the math? Join Date: Apr 2002 Location: Villa Straylight Posts: 10,096	The Flags in the summary file will only tell youe whether or not encrytion is enabled. It will not tell you the type or manner of encryption. This is also true of NS itself. __________________ Thorn "I'm The Doctor. I'm a Time Lord. I am from the planet Gallifrey in the constellation Kasterborous. I'm 903 years old and I am the man who is going to save your lives and all 6 billion people on the planet below... You got a problem with that?"

02-13-2006	#5 (permalink)
Chenbro Registered Member Join Date: Apr 2004 Posts: 10	I see your point beakmyn. Fortunately, the system is not required for commercial or business use...merely a proof of concept/research project for uni. The work I have done so far has meant that at this stage, it is best to continue on with the proposed solution as a complete overhaul would be too time consuming. I will mention your point in the limitations the system carries. Any other help would of course be appreciated

02-13-2006	#7 (permalink)
Scruge Nyuk nyuk! Join Date: Jan 2005 Location: TX Posts: 1,380	As mentioned before most info you seek is in the NS1 log file. However I don't believe you'll find the "Default gateway" and the hardware Vendor data is a little dated. You can post process the vendor info yourself using an updated listing.

02-13-2006	#12 (permalink)
Chenbro Registered Member Join Date: Apr 2004 Posts: 10	Sorry, I should have explicitly made clear...the system will run when the user has already connected to their own WLAN. In this sense, the legality is not a major issue. If the user is already connected, how can the default gateway be retrieved via DHCP? I was under under the impression that DHCP is a protocol used only to assign IP addresses to clients...(?) If I can determine the default gateway then I believe I have everything to feed into the system then... Cheers [Edit] Actually, I should add that I would still require a method of determining whether or not an AP supports WEP or WPA encryption...as some of the older ones only have WEP. Any ideas? Last edited by Chenbro : 02-13-2006 at 08:14 AM.

02-13-2006	#15 (permalink)
Chenbro Registered Member Join Date: Apr 2004 Posts: 10	Thanks for all the help....I eventually got the Default Gateway figured out using VBscript in which it outputs the value to a text file, without the need to parse ipconfig/all. As it's not a NetStumbler script, I won't post it here....but if anyone needs it for any other reason, it's available if needed. I know now that NetStumbler cannot determine whether an AP supports WEP or WPA, so i'll just have to work on that...ah well!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode