Question on sniffing with scapy - msg#00008

Previous Message by Date: click to view message preview

0EM Software

TOP 10 NEW TITLES ON SALE NOW! 1 Office Pro 2003 2 Adobe Photoshop 9.0 3 Windows XP Pro 4 Adobe Acrobat 7 Pro 5 Flash MX 2004 6 Corel Draw 12 7 Norton Antivirus 2005 8 Windows 2003 Server 9 Alias Maya 6 Wavefrt 10 Adobe Illustrator 11 See more by this manufacturer Microsoft Symantec Adobe Microsoft Office Professional Edition 2003 by Microsoft ListPrice: $550.00 OurPrice: $69.95 YouSave: $480.05 ( 87%) Availability: Available for INSTANT download! Sales Rank: #1 Average Customer Review: (based on 44 reviews) Microsoft Windows XP Professional by Microsoft ListP rice: $200.00 OurPrice: $49.95 YouSave: $150.05 ( 75%) Availability: Available for INSTANT download! Sales Rank: #2 Average Customer Review: (based on 38 reviews) Adobe Photoshop CS2 V 9.0 by Adobe ListPrice: $599.00 OurPrice: $69.95 YouSave: $529.05 ( 88%) Availability: Available for INSTANT download! Sales Rank: #3 Average Customer Review: (based on 33 reviews)

Next Message by Date: click to view message preview

Re: Question on sniffing with scapy

On Wed, 7 Dec 2005, Lee Chin Sheng wrote: I have forwarded the question here since I think I can seek more help because currently I'm not using scapy for wireless stuffs. ---------- Forwarded message ---------- From: Tobias Kuehne <Tobias.Kuehne@xxxxxxxxxxxxxxxxxxxxxxxx> Date: Dec 7, 2005 5:59 PM Subject: Question on sniffing with scapy To: geek00l@xxxxxxxxx Hi! I just found your blog http://geek00l.blogspot.com/ and read some posts on scapy. I've got a problem with it. I am trying to reinject 802.11 frames, using an Atheros Card and the patched madwifi driver on Linux 2.4.31. Also I'm sniffing the traffic, to see what it is reinjecting on another machine with a prism 2 card. The problem is: on every packet I sniff with scapy with sniff(iface="ath0raw", filter="ether dst 00:09:5b:12:3d:5b", count = 1) it adds 4 more bytes at the end and I don't know why... any idea? It seems to be the ICV field, that tcpdump discard. As I don't have the WEP key, I can't decrypt the packet and check nothing is missing. -- Philippe Biondi <phil@ secdev.org> SecDev.org Computer Security/R&D http://www.secdev.org PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2 --------------------------------------------------------------------- Desinscription: envoyez un message a: scapy.ml-unsubscribe@xxxxxxxxxx Pour obtenir de l'aide, ecrivez a: scapy.ml-help@xxxxxxxxxx

Previous Message by Thread: click to view message preview

0EM Software

TOP 10 NEW TITLES ON SALE NOW! 1 Office Pro 2003 2 Adobe Photoshop 9.0 3 Windows XP Pro 4 Adobe Acrobat 7 Pro 5 Flash MX 2004 6 Corel Draw 12 7 Norton Antivirus 2005 8 Windows 2003 Server 9 Alias Maya 6 Wavefrt 10 Adobe Illustrator 11 See more by this manufacturer Microsoft Symantec Adobe Microsoft Office Professional Edition 2003 by Microsoft ListPrice: $550.00 OurPrice: $69.95 YouSave: $480.05 ( 87%) Availability: Available for INSTANT download! Sales Rank: #1 Average Customer Review: (based on 44 reviews) Microsoft Windows XP Professional by Microsoft ListP rice: $200.00 OurPrice: $49.95 YouSave: $150.05 ( 75%) Availability: Available for INSTANT download! Sales Rank: #2 Average Customer Review: (based on 38 reviews) Adobe Photoshop CS2 V 9.0 by Adobe ListPrice: $599.00 OurPrice: $69.95 YouSave: $529.05 ( 88%) Availability: Available for INSTANT download! Sales Rank: #3 Average Customer Review: (based on 33 reviews)

Next Message by Thread: click to view message preview

Re: Question on sniffing with scapy

On Wed, 7 Dec 2005, Lee Chin Sheng wrote: I have forwarded the question here since I think I can seek more help because currently I'm not using scapy for wireless stuffs. ---------- Forwarded message ---------- From: Tobias Kuehne <Tobias.Kuehne@xxxxxxxxxxxxxxxxxxxxxxxx> Date: Dec 7, 2005 5:59 PM Subject: Question on sniffing with scapy To: geek00l@xxxxxxxxx Hi! I just found your blog http://geek00l.blogspot.com/ and read some posts on scapy. I've got a problem with it. I am trying to reinject 802.11 frames, using an Atheros Card and the patched madwifi driver on Linux 2.4.31. Also I'm sniffing the traffic, to see what it is reinjecting on another machine with a prism 2 card. The problem is: on every packet I sniff with scapy with sniff(iface="ath0raw", filter="ether dst 00:09:5b:12:3d:5b", count = 1) it adds 4 more bytes at the end and I don't know why... any idea? It seems to be the ICV field, that tcpdump discard. As I don't have the WEP key, I can't decrypt the packet and check nothing is missing. -- Philippe Biondi <phil@ secdev.org> SecDev.org Computer Security/R&D http://www.secdev.org PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2 --------------------------------------------------------------------- Desinscription: envoyez un message a: scapy.ml-unsubscribe@xxxxxxxxxx Pour obtenir de l'aide, ecrivez a: scapy.ml-help@xxxxxxxxxx

Subject: Question on sniffing with scapy - msg#00008

List: security.scapy.general

Previous Message by Date: click to view message preview

Next Message by Date: click to view message preview

Previous Message by Thread: click to view message preview

Next Message by Thread: click to view message preview

Recent Threads

Recent Comments: