WIFI_Device_Scanner/Program.cs at master · Trosper3/WIFI_Device_Scanner · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Threading;
using System.Net.Sockets;
using PacketDotNet;
using SharpPcap;
using SharpPcap.LibPcap;
using Newtonsoft.Json;
using System.Net;

namespace WIFI_Device_Observer
{
    /* Program by Michael Trosper
     * This is a small program that identifies what devices are on a WIFI network and flags unwelcome devices every 1 minute
     * Allowed devices can be inputed in MAC number form in "/bin/Debug/net8.0/Allowlist.txt"
     * The log for tracking devices is located in "/bin/Debug/net8.0/alerts.log"
     * Please enjoy.
     */
    class Program
    {
        //static HashSet<string> allowlistMacs = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
        //static HashSet<string> alertedMacs = new HashSet<string>(StringComparer.OrdinalIgnoreCase);

        static async Task Main(string[] args)
        {
            // Write that the program has started to "alerts.log" and Console //
            Logger.LogInfo("Wi-Fi Security Monitor Started");

            while (true)
            {
                // Setup a way to track allowed devices //
                HashSet<string> allowlistMacs = new HashSet<string>(StringComparer.OrdinalIgnoreCase);

                // Setup a way to track unwelcome devices have been flagged //
                HashSet<string> alertedMacs = new HashSet<string>(StringComparer.OrdinalIgnoreCase);

                // Display that devices are being scanned for //
                Logger.LogInfo($"\n[{DateTime.Now}] Scanning for devices...\n");

                // Compare devices in use on WIFI to allowed devices and flag unknown devices //
                var arpTable = ArpTableReader.GetArpTable();
                var unknownDevices = DeviceComparer.FindUnknownDevices(arpTable, "Allowlist.txt");

                // If unknown device is found //
                if (unknownDevices.Count > 0)
                {
                    // All unknown devices are flagged and listed in "alerts.log" and Console //
                    foreach (var device in unknownDevices)
                    {
                        string mac = device.Value.ToUpper();
                        Logger.Alert($"Unknown device detected: IP = {device.Key}, \tMAC = {mac}");
                    }
                    Logger.LogInfo("\n");
                }
                // If no unknown devices //
                else
                {
                    Logger.LogInfo("No unknown devices found.");
                }

                // Wait a minute and rescan WIFI //
                Thread.Sleep(60000);
            }
        }

        // ---------- Potential Program Expansions / Old Program Ideas ---------- //
        /*
        private static void Device_OnPacketArrival(object sender, CaptureEventArgs e)
        {
            try
            {
                var packet = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);

                var ethernetPacket = packet.Extract<EthernetPacket>();
                if (ethernetPacket == null) return;

                string srcMac = ethernetPacket.SourceHardwareAddress.ToString().ToUpper();
                string dstMac = ethernetPacket.DestinationHardwareAddress.ToString().ToUpper();

                CheckAndAlertDevice(srcMac);
                // Optionally check destination too
                // CheckAndAlertDevice(dstMac);
            }
            catch (Exception ex)
            {
                Console.WriteLine($"Error processing packet: {ex.Message}");
            }
        }

        private static void LoadAllowlist(string filename)
        {
            if (System.IO.File.Exists(filename))
            {
                var lines = System.IO.File.ReadAllLines(filename);
                foreach (var line in lines)
                {
                    var mac = line.Trim().ToUpper();
                    if (!string.IsNullOrEmpty(mac))
                        allowlistMacs.Add(mac);
                }
                Console.WriteLine($"Loaded {allowlistMacs.Count} allowlist MAC addresses.");
            }
            else
            {
                Console.WriteLine("Allowlist.txt not found, starting with empty allowlist.");
            }
        }

        private static void CheckAndAlertDevice(string mac)
        {
            if (!allowlistMacs.Contains(mac) && !alertedMacs.Contains(mac))
            {
                alertedMacs.Add(mac);
                string alertMsg = $"Unknown device detected with MAC: {mac} at {DateTime.Now}";
                Console.WriteLine(alertMsg);
                Logger.Alert(alertMsg); // Make sure Logger class is implemented
            }
        }
        */
    }
}