In [58]:
# imports and link xml
import re
from math import radians, cos, sin, asin, sqrt
import folium
from IPython.display import display
import pandas as pd
import xml.etree.ElementTree as ET
tree = ET.parse('session/Kismet-20191011-18-31-55-1.netxml')
root = tree.getroot()

In [59]:
StationList = [] # MAC, [[min GPS],[max GPS]], [[first seen],[last seen]], device type, encryption, ESSID

In [60]:
def getDeviceType(bssid): # find vendor based off MAC address
    file = open('mac-vendors.txt', 'r', encoding="utf8")
    raw=[]
    mac_dict={}
    for line in file:
        raw.append(re.split(r'\t+', line.strip()))
    for pair in raw:
        mac_dict[pair[0]]= pair[1]
    return mac_dict.get(bssid[:8])

In [61]:
def haversine(lon1, lat1, lon2, lat2): # haversine formula for point distance
    lon1, lat1, lon2, lat2 = map(radians, [lon1, lat1, lon2, lat2])
    dlon = lon2 - lon1 
    dlat = lat2 - lat1 
    a = sin(dlat/2)**2 + cos(lat1) * cos(lat2) * sin(dlon/2)**2
    c = 2 * asin(sqrt(a)) 
    m = 6371* c/ 1.069
    return m

In [62]:
def appendArray(net, child): # parse xml and create array data
    if (child.tag == net) :
        bssid, essid = "", ""
        gps, time, encryption = [], [], []
        if (net=="wireless-network"): # network xml tag
            scan= 'BSSID'
        else:
            scan= 'client-mac'        # client xml tag
        for bssid_tag in child.findall(scan):
            bssid = bssid_tag.text
        for gps_tag in child.findall("gps-info"):
            gps= [[gps_tag[0].text, gps_tag[1].text],[gps_tag[4].text, gps_tag[5].text]]
        time = [child.attrib['first-time'],child.attrib['last-time']]
        for ssid_tag in child.findall('SSID'):
            for essid_tag in ssid_tag.findall('essid'):
                essid= essid_tag.text
            for info_tag in ssid_tag :
                if (info_tag.tag == "encryption"):
                    encryption.append(info_tag.text)
        StationList.append([bssid,gps,time,getDeviceType(bssid),encryption,essid]) 

In [63]:
for child in root:
    appendArray("wireless-network",child) #networks
    for subchild in child:
        appendArray("wireless-client", subchild) #clients
# lists all wireless devices
# pd.DataFrame(StationList, columns=["BSSID", "GPS","Dates","Manufacturer","Encryption","ESSID"])

### creep detecting starts here

In [104]:
creeps = [] # list of creeps
for index in range(0,len(StationList)):
    distance = haversine(float(StationList[index][1][0][0]),float(StationList[index][1][0][1]),float(StationList[index][1][1][0]),float(StationList[index][1][1][1]))
    if (distance > .20): # .20 mile threshold
        creeps.append(StationList[index])
        
# filter duplicates from Kismet output
unique, duplicate = [], []
for creep, i in zip(creeps, range(len(creeps))) :
    if creep[0] not in unique:
        unique.append(creep[0])
    else:
        duplicate.append(i)
for index in sorted(duplicate, reverse=True):
    del creeps[index]
pd.DataFrame(creeps, columns=["BSSID", "GPS","Dates","Manufacturer","Encryption","ESSID"])

Unnamed: 0,BSSID,GPS,Dates,Manufacturer,Encryption,ESSID
0,00:0D:97:00:5B:33,"[[34.190987, -118.341560], [34.196323, -118.34...","[Fri Oct 11 18:35:27 2019, Fri Oct 11 18:45:34...",ABB Inc./Tropos,[None],BWP Free WiFi
1,00:0D:97:09:B1:A4,"[[34.190887, -118.341789], [34.195740, -118.34...","[Fri Oct 11 18:36:36 2019, Fri Oct 11 18:45:43...",ABB Inc./Tropos,[None],
2,10:DA:43:C7:32:ED,"[[34.191067, -118.341705], [34.193405, -118.34...","[Fri Oct 11 18:37:01 2019, Fri Oct 11 18:43:06...",NETGEAR,"[WPA+PSK, WPA+AES-CCM]",A-BEK-5G
3,00:01:5C:A6:8A:46,"[[34.191067, -118.341705], [34.193405, -118.34...","[Fri Oct 11 18:37:01 2019, Fri Oct 11 18:43:06...",CADANT INC.,[],
4,8C:45:00:0C:F2:95,"[[34.190895, -118.341751], [34.196323, -118.34...","[Fri Oct 11 18:32:48 2019, Fri Oct 11 18:45:39...",,[],
5,B0:72:BF:EE:15:42,"[[34.190895, -118.341743], [34.196342, -118.34...","[Fri Oct 11 18:32:28 2019, Fri Oct 11 18:43:30...","Murata Manufacturing Co., Ltd.",[],
6,B6:E6:2D:53:20:76,"[[34.190865, -118.341728], [34.196136, -118.34...","[Fri Oct 11 18:33:13 2019, Fri Oct 11 18:45:24...",,"[WPA+TKIP, WPA+PSK, WPA+AES-CCM]",Creeper


In [103]:
LDN_COORDINATES = (34.196136, -118.340164)
myMap = folium.Map(location=LDN_COORDINATES, zoom_start=60) 
display(myMap)