[Prism54-devel] Re: Active testing rules
Feyd
feyd at seznam.cz
Wed Jan 26 12:05:31 UTC 2005
On Wed, 26 Jan 2005 00:50:16 +0100
Jean-Baptiste Note <jean-baptiste.note at wanadoo.fr> wrote:
>
> I'm still at a loss as to how to send data, however :(
This is a log of a ping:
0e -> (trigger update)
00000000: 0F 08 00 00 00 40 40 00 00 00 .....@@...
81 <- (caused by the update?)
00000000: 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00000010: 01 80 08 00 00 A8 07 C9 08 00 07 07 00 01 75 00 ..............u.
00000020: 30 26 10 10 0&..
01 -> (ping req sent once) 01 -> (probe req template for comparison)
00000000: 6C 08 02 00 B6 00 00 00 00 00 00 00 00 00 00 00 l............... 00000000: 6C 06 02 00 70 00 00 00 00 00 00 00 00 00 00 00 l...p...........
00000010: 10 40 7C 00 00 A8 07 C9 01 00 07 07 08 07 06 04 .@|............. 00000010: 00 40 34 00 00 48 4A CF 00 00 01 01 00 00 00 00 . at 4..HJ.........
00000020: 11 11 10 10 00 00 01 05 FE 1D 11 A1 11 00 00 00 ................ 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00000030: 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 ................ 00000030: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
00000040: 00 00 02 7F 33 00 00 00 02 04 08 41 00 00 00 04 ...3......A..... 00000040: 00 00 00 00 00 00 00 00 04 00 00 00 40 00 00 00 ............ at ...
00000050: E2 80 9C 8E 00 0C 41 DA 29 4C 00 04 E2 80 9C 8E ......A.)L...... 00000050: FF FF FF FF FF FF 00 0C 41 DA 29 4C FF FF FF FF ........A.)L....
00000060: 00 00 4F 44 00 00 AA AA 03 00 00 00 08 00 45 00 ..OD..........E. 00000060: FF FF 00 00 00 0A 50 52 49 53 4D 2D 53 53 49 44 ......PRISM-SSID
00000070: 00 54 00 4E 40 00 40 01 E0 35 AC 10 01 04 AC 10 .T.N at .@..5...... 00000070: 01 04 02 04 0B 16 32 08 0C 12 18 24 30 48 60 6C ......2....$0H`l
00000080: 01 01 08 00 16 C4 15 42 4E 00 41 C4 61 1D 00 09 .......BN.A.a...
00000090: F0 0B 08 09 0A 0B 0C 0D 0E 0F 10 11 12 13 14 15 ................
000000a0: 16 17 18 19 1A 1B 1C 1D 1E 1F 20 21 22 23 24 25 .......... !"#$%
000000b0: 26 27 28 29 2A 2B 2C 2D 2E 2F 30 31 32 33 34 35 &'()*+,-./012345
000000c0: 36 37 00 00 00 00 D3 F4 67......
81 <- (ping response)
00000000: 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00000010: 53 00 80 00 A3 09 00 08 75 00 01 1E F2 F7 39 18 S.......u.....9.
00000020: 00 00 00 00 08 42 2C 00 00 0C 41 DA 29 4C 00 04 .....B,...A.)L..
00000030: E2 80 9C 8E 00 04 E2 80 9C 8E 70 24 E8 9A 0A 00 ..........p$....
00000040: AA AA 03 00 00 00 08 00 45 00 00 54 D1 79 00 00 ........E..T.y..
00000050: 40 01 4F 0A AC 10 01 01 AC 10 01 04 00 00 1E C4 @.O.............
00000060: 15 42 4E 00 41 C4 61 1D 00 09 F0 0B 08 09 0A 0B .BN.A.a.........
00000070: 0C 0D 0E 0F 10 11 12 13 14 15 16 17 18 19 1A 1B ................
00000080: 1C 1D 1E 1F 20 21 22 23 24 25 26 27 28 29 2A 2B .... !"#$%&'()*+
00000090: 2C 2D 2E 2F 30 31 32 33 34 35 36 37 32 42 16 C9 ,-./012345672B..
000000a0: 7A 47 AD 34 zG.4
The probe template is the first one possibly filled into a previously
zeroed buffer, so the nonzero bytes could be usefull to look at.
Comparing the two frames and verifying in the logs I see this:
00-04: 00 02 02 00 mgmt (prism, not 802.11) frame
6c XX 02 00, XX in 06-09, all other frames
05-06: size of the data after the header (0x10 bytes)
10,11: 00 40 probe template, assoc, auth, deauth
02 40 beacon template
10 40 data, auth, disassoc
00 80 wireless info/stats request?
01 80 mgmt (prism)
12-13: size of the encapsulated data
15-17: ??
18-1b: 00 00 01 01 probe template, beacon template
01 00 07 07 all other data
1c-25: 08 07 06 04 11 11 10 10 00 00 data frame (ping and arp)
00 00 00 00 00 00 00 00 00 00 mgmt (802.11) frame
26-2c(37?): wep key
38,48: 00 04 beacon template
01 04 probe template
02 04 mgmt (802.11) frame
04 02 data frame
42-44: ??
49-4b: ??
4c-XX: 802.11 frame
Feyd
More information about the Prism54-devel
mailing list