Re^4: Net::Pcap with wireless

Well, I tried setting the data link type with this:

#!/usr/bin/perl -w
# by trevelyn.
#
use warnings;
use Net::Pcap;
use NetPacket::Ethernet;
use NetPacket::IP;
use NetPacket::TCP;
my $error;
my $type = 'DLT_IEEE802_11';
my $device = $ARGV[0];
my $WiFiobject = Net::Pcap::open_live($device, 2048, 1, -1, \$error);
my $w802 = Net::Pcap::datalink($type);
Net::Pcap::set_datalink($Wifiobject, $w802);

unless (defined $WiFiobject) { die 'Unable to create packet capture on
+ device ', $device, ' - ', $error; }

Net::Pcap::loop($WiFiobject, -1, \&syn_packets, '') || die 'Unable to 
+perform packet capture';
Net::Pcap::close($WiFiobject);

sub syn_packets {
        my ($user_data, $header, $packet) = @_;
        my $macaddr = NetPacket::Ethernet->decode($packet);
        print "$macaddr->{'src_mac'},  $macaddr->{'dest_mac'}\n";

}
[download]

Doesn't seem to want to work at all anymore. I am completely lost now? :(

Comment on Re^4: Net::Pcap with wireless Download Code

Replies are listed 'Best First'.
Re^5: Net::Pcap with wireless by Khen1950fx (Canon) on Oct 25, 2009 at 20:59 UTC
Try this. It's a little better, but needs some work:-) #!/usr/bin/perl use strict; use warnings; use Net::Pcap; use NetPacket::Ethernet; use NetPacket::IP; use NetPacket::TCP; my $err; my $type = 'DLT_IEEE802_11'; my $dev = Net::Pcap::lookupdev( \$err ); if ( defined $err ) { die "Unable to determine network device for monitoring - ", $err; } my ( $addr, $net, $mask ); if ( Net::Pcap::lookupnet( $dev, \$net, \$mask, \$err ) ) { die "Unable to look up device information for ", $dev, " - ", $err +; } print STDOUT "${dev}: addr/mask -> $addr/$mask\n"; my $WiFiobject = Net::Pcap::open_live( $dev, 2048, 1, -1, \$err ); my $w802 = Net::Pcap::datalink($type); Net::Pcap::set_datalink( $WiFiobject, $w802 ); unless ( defined $WiFiobject ) { die 'Unable to create packet capture on device ', $dev, ' - ', $er +r; } die 'Unable to perform packet capture' unless Net::Pcap::loop( $WiFiobject, -1, \&syn_packets, '' ); Net::Pcap::close($WiFiobject); sub syn_packets { my ( $user_data, $header, $packet ) = @_; my $macaddr = NetPacket::Ethernet->decode($packet); print "$macaddr->{'src_mac'}, $macaddr->{'dest_mac'}\n"; } [download] Update: Making some progress. This is better still. I added Net::Pcap::FindDevice #!/usr/bin/perl use strict; use warnings; use Data::Dumper; use Net::Pcap; use Net::Pcap::FindDevice; use NetPacket::Ethernet; use NetPacket::IP; use NetPacket::TCP; my $err; my $type = 'DLT_IEEE802_11'; my $dev = find_device($ARGV[0]); my ( $addr, $net, $mask ); if ( Net::Pcap::lookupnet( $dev, \$net, \$mask, \$err ) ) { die "Unable to look up device information for ", $dev, " - ", $err +; } print STDOUT "${dev}: addr/mask -> $addr/$mask\n"; my $WiFiobject = Net::Pcap::open_live( $dev, 128000, -1, 500, \$err ); my $w802 = Net::Pcap::datalink_name_to_val($type); Net::Pcap::set_datalink( $WiFiobject, $w802 ); unless ( defined $WiFiobject ) { die 'Unable to create packet capture on device ', $dev, ' - ', $er +r; } die 'Unable to perform packet capture' unless Net::Pcap::loop( $WiFiobject, -1, \&syn_packets, '' ); print Dumper ($WiFiobject); Net::Pcap::close($WiFiobject); sub syn_packets { my ( $user_data, $header, $packet ) = @_; my $macaddr = NetPacket::Ethernet->decode($packet); print "$macaddr->{'src_mac'}, $macaddr->{'dest_mac'}\n"; } [download]	[reply] [d/l] [select]
Re^6: Net::Pcap with wireless by trevelyn (Novice) on Oct 26, 2009 at 02:40 UTC
works perfectly with wired ethernet. I can do that with the first version i posted, but when i use wireless i get errors `Unable to look up device information for wifi - wifi: no IPv4 address +assigned at catchme-ng.pl line 17.` [download] so i comment that part out and it sniffs! But it thinks all source MAC addresses are elite: `wifi: addr/mask -> / 000031333337, 440000009000 000031333337, 440000009000 ^C` [download] :( I feel like i am so close. I just need to sniff MAC addresses from wireless packets (ALL). like Airodump-ng does.	[reply] [d/l] [select]
Re^7: Net::Pcap with wireless by traveler (Parson) on Nov 02, 2009 at 23:18 UTC
in khen1950fx's code `my $dev = find_device($ARGV[0]);` says that the name "wifi" printed in the error message is retrieved from `$ARGV[0]`. You call your device `wlan0` not `wifi`. Maybe try `wlan0` as the argument?	[reply] [d/l] [select]


Your skill will accomplish what the force of many cannot
	PerlMonks