Date: 07 Jun 2002 10:08:19 -0400 From: Greg Troxel <gdt@ir.bbn.com> To: "M. Warner Losh" <imp@village.org> Cc: chris-freebsd@randomcamel.net, freebsd-mobile@FreeBSD.ORG Subject: Re: Orinoco cards in RF Monitor mode Message-ID: <rmi7klbdvvw.fsf@fnord.ir.bbn.com> In-Reply-To: "M. Warner Losh"'s message of "Wed, 05 Jun 2002 23:52:01 -0600 (MDT)" References: <20020605201706.GA25709@zot.electricrain.com> <20020605.235201.94348592.imp@village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I was able to use dwepdump (from dachb0den) on an orinoco gold card
purchased last summer, I think with firmware 7.12. I used prism2ctl
to set monitor mode, and got undecrypted 802.11 frames stored in
tcpdump format. I'm sure, because I decrypted them with rc4 and the
key (that I already knew), and got valid data back (but didn't check
the crc). I am also seeing beacon, probe response, etc. Now, it may
be that the format of the monitored data is different; I was munging
tcpdump as I went to do this. So, the thing to do is:
get the dachb0den stuff
apply their kernel patches if they aren't already included
read the dwepdump/dwepcrack instructions
set monitor with 'prism2ctl -m' (I think)
use tcpdump, or dwepdump to capture
You'll then have a tcpdump-format file that has monitor-mode frames
(rather than the Ethernet frames tcpdump normally produces on wi0).
Greg Troxel <gdt@ir.bbn.com>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-mobile" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?rmi7klbdvvw.fsf>