I want to fetch the human-readable date/time format from IEEE 802.11[a,b,g,n] wireless packets.
We have an open-source project for wireless pen-testing that called Aircrack-ng. This package has a tool that called Airodump-ng.
I found a function in Airodump-ng's source that can convert this timestamp to readable format.
source-code:
https://github.com/aircrack-ng/aircrack-ng/blob/master/src/airodump-ng.c#L3039
https://github.com/aircrack-ng/aircrack-ng/blob/master/src/airodump-ng.c#L3044
#define TSTP_SEC 1000000ULL /* It's a 1 MHz clock, so a million ticks per second! */
#define TSTP_MIN (TSTP_SEC * 60ULL)
#define TSTP_HOUR (TSTP_MIN * 60ULL)
#define TSTP_DAY (TSTP_HOUR
static char *parse_timestamp(unsigned long long timestamp) {
static char s[15];
unsigned long long rem;
unsigned int days, hours, mins, secs;
days = timestamp / TSTP_DAY;
rem = timestamp % TSTP_DAY;
hours = rem / TSTP_HOUR;
rem %= TSTP_HOUR;
mins = rem / TSTP_MIN;
rem %= TSTP_MIN;
secs = rem / TSTP_SEC;
snprintf(s, 14, "%3ud %02u:%02u:%02u", days, hours, mins, secs);
return s; }
In Airodump-ng, I saw below human-readable up-times for access-points:
- ADSL-ADSL: 0d 01:04:08
- ViroooS: 0d 18:13:10
- Python2: 0d 12:50:40
- G4_3355: 0d 00:07:34
- apple: 4d 12:23:28
- Maya: 8d 22:44:50
for example: the up-time of G4_3355 as an Access-Point is ~7 minutes.
for testing, i have a PCAP file and you can parse it with Wireshark.
download link of PCAP file: https://ufile.io/y0cca
a screenshot from Airodump-ng tool: https://ufile.io/qpv5t
How we can write above function (C codes) in Python !?
the <bsstimestamp>183258624319</bsstimestamp> as input.
ts = 183258624319
result: a Date/Time readable format.
note: the format of timestamps in wireshark is not like as above TS. https://www.epochconverter.com/
Help me to convert the timestamps of this PCAP file to readable format like as above examples.
Thanks a lot.
