2️⃣ Wireshark (Win)
Last updated
Was this helpful?
Last updated
Was this helpful?
Even if you already have Wireshark installed! We need to reinstall it with a critical (non-default) checkbox checked
From the 'Choose Components' screen Expand Tools Select 'Ssh dump & Ciscodump' checkbox
This option enables remote packet capture via SSH
All other options can (& should) be left as default
Download wlandump.zip and extract the contents onto your desktop
Move both wlandump files into folder
C:\Program Files\Wireshark\extcap
For wlan-extcap source and additional information go to GitHub: https://github.com/adriangranados/wlan-extcap
Open Wireshark
You should see 'Wi-Fi remote capture' in the list of available interfaces
The wifidump
capture interface allows you to perform remote Wi-Fi packet captures on a specified channel and channel width using a Linux device with a compatible Wi-Fi adapter (one that can be put into monitor mode).
Click the gear icon next to "Wi-Fi remote capture" to display the interface options, then choose the interface name, channel, and channel width you want to capture on
All 802.11 channels are listed, however, the Wi-Fi adapter on the WLAN Pi device may support only a subset of them. If you choose a channel that is not supported by the Wi-Fi adapter or a channel width that doesn't apply to the selected channel, the capture will fail.
Go to the Server tab and enter the remote SSH server address
With an OTG connection to the WLAN Pi 169.254.42.1
Go to the Authentication tab and enter the username and password
The password is not saved, this means every time you stop and start a new capture you will have to re-enter your password.
This hassle can be avoided by configuring passwordless SSH authentication to the WLAN Pi (we are not going to cover this here and now)
Click the Start button to begin capturing frames