$ sudo apt-get update && sudo apt-get install python3 python3-pip tshark -y

$ git clone https://github.com/xdavidhu/probeSniffer

$ cd probeSniffer/

$ python3 -m pip install -r requirements.txt

im installing this lines but when i try to execute the last one i get the following

/usr/bin/python3: No module named pip.main; 'pip' is a package and cannot be directly executed

Option -a does not save duplicate probe requests to sqlite3 database

I believe this line 223 of probeSniffer.py should read
saveToMYSQL(mac_address, vendor, ssid, rssi_val, bssid)

Instead of:
saveToMYSQL(mac_address, vendor, ssid, rssi_val)

When running this script I get the following errors. I am not super familiar with regex syntax but there may be an issue. Can you please look into this.

awk: parse-tcpdump.awk: line 2: syntax error at or near ,
awk: parse-tcpdump.awk: line 7: syntax error at or near ,
awk: parse-tcpdump.awk: line 13: syntax error at or near ,

[!] Failed to import the dependencies... Please make sure to install all of the requirements and try again.
Traceback (most recent call last):
  File "probeSniffer.py", line 25, in <module>
    parser = argparse.ArgumentParser(
NameError: name 'argparse' is not defined

Having this error when running. Yes, I did install all requirements. Python3 version is 3.5.3, so argparse is included/already installed. Any idea what is happening?

All of the values of RSSI are -1. Is this normal?

This tool shows lots more devices than others I've tried. However, some SSIDs seem truncated ("direct..." in the example below):

[D] f0:34:04:b5:dc:8f (TctMobil) [-83] ==> 'SSID: '
f2:34:04:b6:ea:3e (RESOLVE-ERROR) [-86] ==> 'DIRECT-'
d0:87:e2:b4:37:ad (SamsungE) [-85] ==> 'kitl9reybhvs2i7'
d0:87:e2:b4:37:ad (SamsungE) [-85] ==> 'SSID: '
54:60:09:44:2f:ab (Google) [-83] ==> 'TP-LINK_27E1'
...

Like i am targeting a network to get all the prob requests from its clients

I wanted to do a Pull Request, but it's not a problem in the code - they are truncated in oui.json. Is there any reason for that?

I just let probeSniffer.py running for a few hours (4 hours I think) and when I return I found out that 3/4(three quarter) of my main memory (8GB) was fully used.

I killed probeSniffer.py (with CTRL-C) and I was able to get that memory back, freeing it.

Is there some memory leak, or is it the expected behavior given that it runs for hours ?

hi
hether solved IOS Random MAC ?
IOS8? IOS9? IOS10? IOS11?
thks.

Hello!

I've installed all the requirements, followed every required step but when I launch the script and come close to it with an iPhone there are some errors showing up. In the image below you can see them. I don't know how to solve this as I'm not familiar with Python.

Thanks for the answer and the script!
Regards

[I] Stopping...
[I] Results saved to 'DB-probeSniffer.db'

[I] probeSniffer stopped.

DB-probeSniffer.db was created, but there are no entries. Although in the terminal they are displayed

How hard would it be to run data in the mysql instance through the wigle api to get geoip coords and then pop it on a map along with the AP name?

also - love this - sensepost did something similar with snoopy-ng but they don't maintain the code well.

Even if -d is not specified, duplicates are not logged into the DB.

I don't know if it could qualify as a bug, or if it is more a feature request.

The feature request is to log the duplicates into the DB.

Is it possible to build in a try and catch or something when the network card drops? I get the following error:

!] An error occurred. Debug:
Traceback (most recent call last):
  File "./probeSniffer.py", line 341, in main
    sniff(iface=monitor_iface, prn=PacketHandler)
  File "/usr/local/lib/python3.5/dist-packages/scapy/sendrecv.py", line 590, in sniff
    p = s.recv(MTU)
  File "/usr/local/lib/python3.5/dist-packages/scapy/arch/linux.py", line 502, in recv
    pkt, sa_ll = self.ins.recvfrom(x)
OSError: [Errno 100] Network is down

If I re-run it, it works again for a minute or 2. So is it possible to implement a loop to retry without exiting the program?

Getting import error line 13, import urllib.request as urllib2 - No module named request

Hello,
How to view data in DB-probeSniffer.db.
sqlitebrowser ?
Thank

Traceback (most recent call last):
File "probeSniffer.py", line 13, in
import urllib.request as urllib2
ImportError: No module named request

So I was able to get it up but it doesn't seem to find any sort of packets. I turned debug on and it just keeps switching channels perpetually. I am using a Raspberry Pi 3 with a TL-WN722N v1. Any suggestions?

Hi, i have an error when i try to run the probeSniffer
I have follow the step in the decription, but this error happen:

Traceback (most recent call last):
File "probeSniffer.py", line 9, in
import pyshark
ImportError: No module named 'pyshark'

Thank you
AntonioG