Open CatcherMo opened 3 years ago
Ubuntu 20.04 gcc v9.3.0 libpcap-dev v1.9.1 libtins v4.2
config.set_promisc_mode(true); config.set_immediate_mode(true); config.set_rfmon(true);
The 3rd step Dot11Auth frame Type = 0, Subtype = 11, Algorithm = 1(Shared key), SEQ = 3
Type = 0, Subtype = 11, Algorithm = 1(Shared key), SEQ = 3
Dot11Auth3.pcap file include the problem frame. WEP key is 'zzzzz' Dot11Auth3.zip
The 2 packets are same except the RadioTap headers. One RadioTap is normal and the other is empty.
RadioTap of Packets 1 (Normal):
Frame 68: 89 bytes on wire (712 bits), 89 bytes captured (712 bits) Radiotap Header v0, Length 26 Header revision: 0 Header pad: 0 Header length: 26 Present flags MAC timestamp: 0 Flags: 0x10 Channel frequency: 2472 [BG 13] Channel flags: 0x00a0, Complementary Code Keying (CCK), 2 GHz spectrum Antenna signal: -50dBm Antenna: 0 RX flags: 0x0000 802.11 radio information IEEE 802.11 Beacon frame, Flags: ........C Type/Subtype: Beacon frame (0x0008) Frame Control Field: 0x8000 .000 0000 0000 0000 = Duration: 0 microseconds Receiver address: Broadcast (ff:ff:ff:ff:ff:ff) Destination address: Broadcast (ff:ff:ff:ff:ff:ff) Transmitter address: Shenzhen_8b:94:15 (44:01:bb:8b:94:15) Source address: Shenzhen_8b:94:15 (44:01:bb:8b:94:15) BSS Id: Shenzhen_8b:94:15 (44:01:bb:8b:94:15) .... .... .... 0000 = Fragment number: 0 0001 1011 0100 .... = Sequence number: 436 Frame check sequence: 0x528c596f [correct] [FCS Status: Good] IEEE 802.11 Wireless Management
RadioTap of Packets 2 (Empty):
Frame 69: 70 bytes on wire (560 bits), 70 bytes captured (560 bits) Radiotap Header v0, Length 11 Header revision: 0 Header pad: 0 Header length: 11 Present flags 802.11 radio information IEEE 802.11 Beacon frame, Flags: ........ Type/Subtype: Beacon frame (0x0008) Frame Control Field: 0x8000 .000 0000 0000 0000 = Duration: 0 microseconds Receiver address: Broadcast (ff:ff:ff:ff:ff:ff) Destination address: Broadcast (ff:ff:ff:ff:ff:ff) Transmitter address: Shenzhen_8b:94:15 (44:01:bb:8b:94:15) Source address: Shenzhen_8b:94:15 (44:01:bb:8b:94:15) BSS Id: Shenzhen_8b:94:15 (44:01:bb:8b:94:15) .... .... .... 0000 = Fragment number: 0 0001 1011 0100 .... = Sequence number: 436 IEEE 802.11 Wireless Management
If anyone could help me on these issue? Thanks a lot. @mfontanini @jedahan @kylemcdonald @rioderelfte
Ubuntu 20.04 gcc v9.3.0 libpcap-dev v1.9.1 libtins v4.2
1. libtins can't sniff the 3rd step of Dot11Auth packet using WEP. But tcpdump and scapy is ok on the same interface.
The 3rd step Dot11Auth frame
Type = 0, Subtype = 11, Algorithm = 1(Shared key), SEQ = 3Dot11Auth3.pcap file include the problem frame. WEP key is 'zzzzz' Dot11Auth3.zip
2. There are always 2 packets to be send when using sender.send()
The 2 packets are same except the RadioTap headers. One RadioTap is normal and the other is empty.
RadioTap of Packets 1 (Normal):
RadioTap of Packets 2 (Empty):
If anyone could help me on these issue? Thanks a lot. @mfontanini @jedahan @kylemcdonald @rioderelfte