Add raw wifi packet injection to Npcap

[trancelover17]

Hello! Does npcap support sending raw 802.11 packages to the radio broadcast? I form the packet: radiotap + 802.11 header, I send via the PacketSendPacket function, the packets accumulate in the buffer, and if the capture works, I see them. But on the radio broadcast there are not (I scan the second adapter). If this function is implemented in npcap, tell me, please, how to call and use it correctly.

[dmiller-nmap]

WiFi packet injection is not supported by Npcap at this time. Here is a different project that claims to be able to do this; I have not tested or investigated it myself: https://www.codeproject.com/Articles/28713/Packet-Injection-for-Windows

[gpotter2]

I wonder if it's possible to adapt such code in Npcap. May I try to have a look into that?

Edit: there is acutually no real code publicly available on that project :/ only examples on how to use a driver, which source isn’t included

[binarymaster]

@gpotter2 of course you can!

However Packet11 driver by Ryan Grevious is still closed-source, I left a comment and sent mail to him, maybe he would response.

I'm very interested in this feature too.

[gpotter2]

@binarymaster Great ! If you ever get any response, please forward it to me :)

[binarymaster]

However Packet11 driver by Ryan Grevious is still closed-source

It seems the driver got reversed: https://github.com/Felis-Sapiens/packet11

The author of this GitHub repository said he didn't tested it much, but I hope it will help us to get 802.11 packet injection feature with Npcap.

If you ever get any response, please forward it to me :)

Cc @gpotter2

[fyodor]

I'm re-opening this as a tracking issue for a possible future raw wifi sending feature. It's interesting that Packet11 is allegedly able to do this using their filter driver. If we figure out how they do it (they mention that the API is "undocumented"), we could potentially add it to Npcap. And perhaps the technique could even be helpful in improving Npcap's limited raw wifi packet capture support.

[gpotter2]

That would be awesome.

FTR the code linked above seems to have parts directly taken from the filter ndis example driver (since it's based on filtering tricks.. most likely an old version of those files). I wasn't able to make Packet11 work on my machine (you'll need to bypass signing, but the device seems to never be created. devicetree seems to confirm this).

[ghrist]

I'm new to this, if Packet11 is a basic program for recognizing an electrical pattern, recording it and then editing it in some way then what does only Windows drivers accomplish?

On Tue, May 19, 2020 at 9:41 PM Gabriel notifications@github.com wrote:

That would be awesome. FTR the code linked above seems to have parts directly taken from https://github.com/microsoft/Windows-driver-samples/tree/master/network/ndis/filter

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/nmap/nmap/issues/1144#issuecomment-631182754, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFAWMU2VTOVRVMJORIRNXZTRSMYNDANCNFSM4ERWFFGQ .

[binarymaster]

but the device seems to never be created. devicetree seems to confirm this

@gpotter2 it's a filter driver, afaik these shouldn't be in the device tree, isn't it? They should be in network adapter properties instead, along with IP protocols, and etc.

[gpotter2]

Yeah you're right, pretty sure I meant the filter driver never showed up in the device properties, nor was I able to enable it.

[dozan0]

Is there any progress? I really need this feature. I need to transfer data from one wifi adapter to another.