forked from brannondorsey/ProbeKit
-
Notifications
You must be signed in to change notification settings - Fork 0
Developer Notes
Brannon Dorsey edited this page Mar 16, 2015
·
12 revisions
Here is a mock-up standard to represent probe requests as JSON
{
}Make sure that your wireless card is up using ifconfig. If it is not then you can bring it up with:
# sudo ifconfig <device_name> up
sudo ifconfig wlan0 up
Next, set the device in monitor mode:
# sudo ifconfig <device_name> mode monitor
sudo ifconfig wlan0 mode monitor
This should drop your wlan0 device into monitor mode. Now start tshark with filter to only collect probe requests:
# tshark -i <device_name> -n -I -l subtype probereq [|]
tshark -i wlan0 -n -I -l subtype probereq
Here the -n flag tells tshark disable network object name resolution (such as hostname, TCP and UDP port names), -I tells tshark to use monitor mode, and the -l flag line buffers stdout so that each stream represents one packet. More info about tshark here.
You should now receive a stream of probe requests to stdout. You can easily pipe the output of tshark by appending | to the end of the command.