Posts

Showing posts from March, 2017

CWSP Study Guide Exercise PCAP Files

I'm really, REALLY enjoying the CWSP Study Guide. One thing I noticed is that the provided link to exercise PCAP files in the book does not seem to work. I dug around and was able to find them on Sybex' website.

Here's a direct download link.

Replaying Beacons with the AirPcap Nx

Image
The company I work for makes a Wi-Fi scanner, and while I think that it does a really good job of interpreting 802.11 beacons and probe responses, every now and then a customer finds a little bug, or at least a weird beacon from an access point or SOHO wireless router.

For a long time, I wished that I had a way to replay those beacons to see how our Wi-Fi scanner would interpret them, firsthand. Today, I had an epiphany. I have an AirPcap Nx, which in addition to being a packet capture device is also a packet injection tool!

If you have a PCAP file containing beacons, you can easily replay them with the AirPcap Nx. Here's how to do it:

1. Open the PCAP file in Wireshark.

2. Select the beacon that you wish to replay by clicking on it.

3. Save the selected beacon off to a new file in File > Export Specified Packet with the Selected Packet option.



4. Open AirPcapReplay.

5. Set the Transmit Mode to User-defined Packet Period, check Respect Packet Channel, and check Respect Packet R…