AirPcap

Wireless traffic packet capture is not easy as wired traffic. Linux and OSX have several solutions but if you’re stuck with Windows the first problem is to find a compatible adapter.

My choice is AirPcap, fully compatible with Wireshark and very esay to install.

Install and setup

Download and install Wireshark and AirPcap drivers.

Using AirPcap Control Panel, set the channel to listen. Each adapter can listen one channel ad time, that’s why there’re bundles with 3 adapters if you use channel 1,6,11 in your WLAN.

Start Wireshark. If the WiFi network uses WPA or WEP encryption set the keys, instructions HERE.

Notice that Wireshark can’t decrypt Enterprise mode WPA/WPA2.

Now you cant start to capture WiFi traffic selecting AirPcap interface. The list of supported display filters for 802.11 is HERE.

 
comments powered by Disqus