Closed ianling closed 5 years ago
You can try turning libpcap mode on with conf.use_pcap = True
then add monitor=True
to both your sniffs and sendp calls
If I set conf.use_pcap=True
, I am able to use sendp without monitor=True
. It still does not appear to actually work though.
If I do both conf.use_pcap=True
and monitor=True
, then I get the following error:
Traceback (most recent call last):
File "<console>", line 1, in <module>
File "/usr/local/lib/python3.5/dist-packages/scapy/sendrecv.py", line 335, in sendp
socket = socket or conf.L2socket(iface=iface, *args, **kargs)
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 317, in __init__
monitor=monitor)
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 262, in <lambda>
open_pcap = lambda *args, **kargs: _PcapWrapper_winpcap(*args, **kargs)
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 208, in __init__
raise OSError("Could not activate the pcap handler")
OSError: Could not activate the pcap handler
I have installed libpcap0.8 (this is the libpcap package Debian stretch offers) and pcapy (via pip).
I'm thinking there's probably some driver issues at play here. I can pretty consistently get kernel panics when testing stuff with the aircrack suite. I will try some other drivers.
Please reopen the issue if this is Scapy related.
Environment
scapy 2.4.3
(latest version from pip3 at time of writing)3.5.3
Debian stretch 4.19.0-0.bpo.5-amd64 #1 SMP Debian 4.19.37-4~bpo9+1 (2019-06-19) x86_64 GNU/Linux
I'm finding that when I attempt to send any 802.11 packet, sendp() executes without any errors, but in ifconfig, I see the TX dropped counter incrementing. I am also unable to sniff the packet from other nearby hosts listening on the same channel, so the packet is not making it past the kernel.
Am I missing something obvious?
edit: my wlan2 interface was not in monitor mode. I changed it to monitor mode, and the counter stopped incrementing. However, I am still unable to see the packets in the air from another device monitoring that channel. I do see the packets if I use tcpdump on the same host that is running Scapy.