You need to prepare:
- An Ubuntu computer
- Wireless network card: Cisco WUSB600N wireless network card (other wireless network cards can also be used instead)
This article is divided into the following two parts:
- wireshark installation
- Wirehark & use of wireless network card
1. Installation of wireshark
Open the terminal and run in the terminal:
sudo apt-get install wireshark
To complete the wiresharkinstallation. The installation process may encounter 是否授权非 root 用户 抓包权限a statement choose yes. Then you can enter sudo wiresharkto open wireshark. If the following error occurs when directly running wireshark:
Lua: Error during loading:
[string “/usr/share/wireshark/init.lua”]:45: dofile has been disabled
To this point init.luato modify the terminal is opened and run:
sudo gedit /usr/share/wireshark/init.lua
The penultimate line change –dofile(DATA_DIR..”console.lua”)can be.
2. The use of wireshark & wireless network card
First enter in the terminal ifconfig, observe the output information, then insert the wireless network card, enter again ifconfig, and compare the difference between the two terminal outputs, we can find the relevant information of the wireless network card, the author's wireless network card information corresponds to the following reference:
wlx00259ce05a61: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 00:25:9c:e0:5a:61 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
You can find the network card name of this wireless network card wlx00259ce05a61.
Then type in the terminal:
sudo ifconfig wlx00259ce05a61 down
sudo iwconfig wlx00259ce05a61 mode monitor
sudo ifconfig wlx00259ce05a61 up
To initialize and configure this wireless network card.
Note: The above instructions
wlx00259ce05a61need to use your own wireless card instead of the name.
You can also enter in a terminal iwconfigto check whether the wireless card has entered the monitor mode. Then enter:
sudo wireshark
Let's open wireshark. After opening, select the corresponding wireless network card wlx00259ce05a61, see the red box
in the figure below: In the opened interface, you also need to configure the following information:
- Click on the top menu of
viewoptions, select Openwireless_toolbarto start the Wireless Tools - Adjust your Wi-Fi channel according to the actual situation. (View the router information
192.168.1.1, etc.) - In the above
filterdevice the input information column grasp the package, such as inputwlan.addr ==30:ae:a4:80:Preferences58:54. Filter the packages we need by device mac address - The filtered package is
802.11 Preferences
The reference picture is as follows (note the red frame part):
