|
|
dachb0den .
|
|
users .
|
|
projects .
|
|
archives .
|
|
|
|
|
|
Introduction
prism2dump is a tcpdump-like protocol analysis tool built specifically for analyzing 802.11 network traffic. It's a basic proof-of-concept application I wrote mainly to make sure the debug mode kernel modifications worked properly. in the future, i'm going to migrate similar code into dstumbler (or an entirely new application) to do detection and auditing of ap's entirely through the use of analyzing management packets and sending out probe requests.
Screenshots
Compiliation
To compile prism2dump for a bsd operating system, simply review the Makefile for any options you might want to change, and then run make.
$ vi Makefile
$ make
Installation
To install prism2dump, simply run make install. The Makefile will install prism2dump /usr/local/bin by default and chmod/chown it to 700/root.wheel so you can only run it as root: (root is required to run prism2dump)
$ sudo make install
Running
There are a few command line options you can use when running prism2dump:
usage: prism2dump <device> [-p] [-v 0|1|2]
device: you must specify the device to use
-p: specifies the use of a non-prism2 card in procframe mode
-v: sets the verbose level
parameters:
0: only prints the 802.11 frame information
1: prints the 802.11 frame info as well as basic data/mgmt/control protocol info
2: prints all protocol information
for prism2dump to work, it requires you set your prism2 card into monitor mode:
# prism2ctl wi0 -m
or if you're using a non-prism2 card (prism1/orinoco/etc):
# wiconfig wi0 -F 1 (or wicontrol depending on the OS)
note: if you use a non-prism2 card prism2dump will only analyze the data packets that are normally passed to it from the kernel, as non-prism2 cards don't have documented support for monitor mode.
|
|
|
|
|
|
copyright © 2001, dachb0den labs - aus der dose. please send any comments, suggestions, questions to the .
all information is property of dachb0den, distribution is permitted as long as credit is given.
|
|
|
