WiFi monitor mode and commands to enforce monitor mode in Linux / Ubuntu

Monitor mode, or RFMON (Radio Frequency MONitor) mode, allows a computer with a wireless network interface controller (WNIC) to monitor all traffic received from the wireless network. Monitor mode allows packets to be captured without having to associate with an access point or ad hoc network first. Monitor mode is one of the eight modes … Read more

How to check IP address, network interface details in Linux ?

If you want to know the IP address and currently active network interfaces on Linux, we need to use “ifconfig” command. The ifconfig command is part of “net-tools” package in ubuntu, hence we first need to make sure it is installed, if its not we need to install it as below, Now, you can check … Read more

Sending ARP request and receiving ARP Reply using C code

This post is in continuation of our previous post “Understanding ARP (Address Resolution Protocol) basics“ To visualise what ARP reply we are getting from arping command, we need to write an ARP reply receiver code as below, compile this code as, So, as we can see “arping” sent above ARP reply to broadcast destination mac … Read more

Capture and analyze network packets using tcpdump and tshark

We can use tcpdump to capture the packets whereas tshark to analyse the packets. Using above help, lets capture the packets and try to write it to a file name captured_packets.pcap as, Lets do some network operations, like browse website etc, for testing ( you could already be getting packaets flowing in network even if … Read more

sniffex – C program to Capture wifi packets using libpcap

libpcap provides functions for user-level packet capture, used in low-level network monitoring. Following program captures the packets from the wireless interface of the device on which the compiled binary will be running. We have compiled this on ubuntu 16.04, and run it on laptop with wifi interface as wlan0, hence it will capture the wifi … Read more