#! /usr/bin/perl # # # $intsize=4; open (NS,$ARGV[0]) || die "Could not open $ARGV[0]\n"; read(NS,$buffer,51200);$pos=0; @buffer=unpack("C1" x 51200,$buffer); ($id,$version,$fields)=unpack("A4 L1 L1",buffer(3*$intsize)); #print "$id $version\n"; #print "$fields Fields.\n"; for ($ap=0;$ap < $fields; $ap++) { $c=ord(buffer(1)); $essid=unpack("A$c",buffer($c)); #print "($c)ESSID=[$essid]\n"; @mac=unpack("C6",buffer(6));$mac=''; for ($i=0;$i<6;$i++) {$mac.=sprintf("%02x:",$mac[$i]);} $mac=~s/:$//; #print "MAC=$mac\n"; print "SKIP\n"; $pos++; $SIG=getint('signed'); $NOISE=getint('signed'); $SNR=getint('signed'); #print "SIG=$SIG NOISE=$NOISE SNR=$SNR pos=$pos\n"; $flags=getint(); $intval=getint(); #print "FL= $flags $intval\n"; $firstl=getint(); $firsth=getint(); #print "FIRST= $firstl $firsth\n"; $first=windows2unixtime($firstl,$firsth); #print "TIME: $first" . localtime($first) . "\n"; #print " " . time() . "\n"; $lastl=getint(); $lasth=getint(); #print "LAST= $lastl $lasth\n"; $lat=unpack("d1",buffer($intsize*2)); $lat=unpack("d1",buffer($intsize*2)); #printf ("LAT: %f LON: %f\n",$lat,$lon); #print "$buffer"; printf ("%s % 30s % 3d % 3d % 3d\n",$mac,$essid,$SIG,$NOISE,$SNR); $encounter=getint(); $prev_sig=0; print "Encounters: $encounter\n"; for ($i=0;$i<$encounter;$i++) { print "Encounter: $i\n"; #hexdump($pos); $etimel=getint(); $etimeh=getint(); #print "EFIRST= $etimel $etimeh\n"; $ESIG=getint('signed'); $ENOISE=getint('signed'); # print "ESIG=$ESIG ENOISE=$ENOISE pos=$pos PREG: $prev_sig\n"; #hexdump($pos); $SRCID=getint(''); #print "SRCID: $SRCID\n"; # if ($SRCID eq 0) {last;} if (0) { #print "Doing SRC\n"; $elat=unpack("d1",buffer($intsize*2)); $elon=unpack("d1",buffer($intsize*2)); $ealt=unpack("d1",buffer($intsize*2)); $escnt=getint(); $espd=unpack("d1",buffer($intsize*2)); $etrk=unpack("d1",buffer($intsize*2)); $evar=unpack("d1",buffer($intsize*2)); $ehdop=unpack("d1",buffer($intsize*2)); } if (($ESIG eq -149) && ($prev_sig eq 149)) {last;} if ($SRCID eq 27) { $c=ord(buffer(1)); $c=$SRCID-1; $name=unpack("A$c",buffer($c)); print "NAME: $name\n"; $lowmask=getint(); $highmask=getint(); $lastchn=getint(); $ip=getint(); #hexdump($pos); last; } $prev_sig=$ESIG; } #exit; } close(NS); sub buffer { local($len)=@_; local($i); local(@result); for ($i=0;$i<$len;$i++) {@result[$i]=chr($buffer[$pos+$i]);} $pos+=$len; return(join('',@result)); } sub hexdump { local($pos)=@_; local($i,$c); local($asc)=''; printf "%08x ",$pos; # local(@buf)=unpack("C1" x 16,buffer($pos)); for ($i=0; $i < 16; $i++) { $c=$buffer[$pos+$i]; printf "%02x ",$c; if ($i eq 7) {print " ";} if (chr($c)=~/[a-z0-9~!@#$%^&*()_+=\[\]{};:"'-<>,.\/?]/i) {$asc.=chr($c);} else {$asc.=".";} } print " |$asc|\n"; } sub getint { local($signed)=@_; local($result)=($buffer[$pos]<<24)+($buffer[$pos+1]<<16)+($buffer[$pos+2]<<8)+$buffer[$pos+3]; if ($signed && ($result >= 0x80000000)) {$result-=0x100000000;} $pos+=4; return($result); } sub windows2unixtime { local($low,$high)=@_; local($unixtime); $unixtime=`echo '((($high*(2^32))+$low)/10000000)-11644473600'|bc`; chomp($unixtime); return($unixtime); } #def conv_time(l,h): # #converts 64-bit integer specifying the number of 100-nanosecond # #intervals which have passed since January 1, 1601. # #This 64-bit value is split into the # #two 32 bits stored in the structure. # d=116444736000000000L #diference between 1601 and 1970 # #we divide by 10million to convert to seconds # return (((long(h)<< 32) + long(l))-d)/10 000 000 #