Showing posts from March, 2017

CWSP Study Guide Exercise PCAP Files

I'm really, REALLY enjoying the CWSP Study Guide . One thing I noticed is that the provided link to exercise PCAP files in the book does not seem to work. I dug around and was able to find them on Sybex' website . Here's a direct download link .

Replaying Beacons with the AirPcap Nx

The company I work for makes a Wi-Fi scanner, and while I think that it does a really good job of interpreting 802.11 beacons and probe responses, every now and then a customer finds a little bug, or at least a weird beacon from an access point or SOHO wireless router. For a long time, I wished that I had a way to replay those beacons to see how our Wi-Fi scanner would interpret them, firsthand. Today, I had an epiphany. I have an AirPcap Nx, which in addition to being a packet capture device is also a packet injection tool! If you have a PCAP file containing beacons, you can easily replay them with the AirPcap Nx. Here's how to do it: 1. Open the PCAP file in Wireshark. 2. Select the beacon that you wish to replay by clicking on it. 3. Save the selected beacon off to a new file in File  > Export Specified Packet  with the Selected Packet  option.   4. Open AirPcapReplay . 5. Set the Transmit Mode  to User-defined Packet Period , check Respect Packet Channel , an