- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I want to use CYW43907 to fulfill the requirement of WiFi sniffing.
Can Wiced SDK provide me below data? I also need beacon frames.
D,026f9c,61d83a,,-27,0-
2,26,26,wakultip,OPPO,ipad,wakulthip,wakuthip,waku
ntip,ipsd,bangkoK007,wakulti
R,2294e6,df6963,,-62,2-4,40,40,JARDIN-PRESTIGE
D,32727b,cdf1c1,,-35,0-
2,40,40,virginmedia5330910,BlackBerry Mobile
Hotspot 8739,JARDIN-PRESTIGE
D,02084f,8ee4a0,,-40,0-2,40,40
C,b06ebf,936095,,-90,4-6,40,40
D,40b395,496b93,Apple,-35,0-2,40,40
D,828559,566b47,,-26,0-2,40,40
D,d4389c,d6b6a5,Sony,-37,0-2,40,45,John-Lewis-
WiFi,@AirportTrueFreeWiFi,FREE-Hooters-WiFi,@
WiFi-by-BTOpenzone,@AirportAISFreeWiFi,@ AIS SUPER
WiFi,Furama Silom,Pizza Hut - Free
McDonaldsAIS,castrobar015GHz,Camelot Outdoor WiFi
1,TP-LINKWA850RE
D,02cb79,0e3581,,-84,4-6,40,40
D,dec157,b055ef,,-90,4-6,41,41
D,22932f,c91f4b,,-92,4-6,41,41
A,000b86,e40720,Aruba,-94,4-6,41,41,BAGNETWIFI
A,000b86,e40724,Aruba,-94,4-6,41,41,wBALHRT5
D,963317,306f65,,-51,2-4,188,188
D,76cc11,3adb8a,,-75,4-6,188,188
D,968a9c,e87af9,,-60,2-4,188,188
D,84b541,abf114,Samsung,-37,0-2,189,189,fort
arabesque
D,6e9fa8,ad74ac,,-71,4-6,190,190
D,2054fa,a4aac7,Cisco,-72,4-6,129,129
DD,1101,0,Apple,8,190,190
AD,1270,0,Aruba,30,190,190
For the first column:
D = a device
C = is a device that is connected to an access point
(this output is not showing the mac address of the connected
access point, but we do capture it)
A = an access point
R = This a a device that is randomising its’ mac
address, but we can track it despite this.
DD = Device density. This is a count of the top number
of device manufactures (based on the OUI) we are interested in.
The example data set is reporting that (in the previous 60 seconds)
it detected 8 Apple devices.
AB = Access point density. As DD, but for access
points.
Columns 2 and 3 are the OUI and Address that make up the mac
address
Column 4 shows the human-readable manufacturer of a device that
has a identifiable OUI (we are only tracking a limited number of
OUIs due to memory limitations of the ESP2866 chip)
Column 5 is the (average) RSSI of the device in the scanning
window (15 seconds in this output)
Column 6 is a human-readable estimate of the distance range of the
device in meters.
Column 7 is the start time that we saw the device
Column 8 is the last time that we saw the device
Solved! Go to Solution.
- Labels:
-
WICED Studio
-
Wifi+Bluetooth
-
Wireless MCU
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
The feature that you have requested is "Monitor Mode". We haven't tested the monitor mode of CYW43907. Refer to the following link:
https://community.cypress.com/message/206984#206984
You can refer the sample program in snip\packet_filter in WICED. You can also refer to snip\scan sample code in WICED which will display the lists of the access points, MAC address of the access points, RSSI. You can resolve the MAC address to obtain access point density and OUI.
PFA image showing the scan results of snip.scan.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
The feature that you have requested is "Monitor Mode". We haven't tested the monitor mode of CYW43907. Refer to the following link:
https://community.cypress.com/message/206984#206984
You can refer the sample program in snip\packet_filter in WICED. You can also refer to snip\scan sample code in WICED which will display the lists of the access points, MAC address of the access points, RSSI. You can resolve the MAC address to obtain access point density and OUI.
PFA image showing the scan results of snip.scan.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is there any other chip with MCU can support Monitor mode?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
We haven't tested and validated the functionality of "Monitor Mode" for WICED devices. You can use CYW43907 and can refer to snip\packet_filter sample code. The sample code can provide partial results for your application. You may refer to the following link:
Wifi chip transmits when monitor mode is enabled
Documentation related to monitor mode can be found in CYW43XX Technical Information - WL Tool for Embedded 802.11 Systems
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
From RAW packet capture, can I get the below information?
MAC header
typedef struct {
wifi_header_frame_control_t frame_ctrl;
unsigned duration_id:16;
uint8_t addr1[6]; /* receiver address */
uint8_t addr2[6]; /* sender address */
uint8_t addr3[6]; /* filtering address */
unsigned sequence_ctrl:16;
uint8_t addr4[6]; /* optional */
} wifi_ieee80211_mac_hdr_t;
MAC header frame control
typedef struct {
unsigned protocol:2;
unsigned type:2;
unsigned subtype:4;
unsigned to_ds:1;
unsigned from_ds:1;
unsigned more_frag:1;
unsigned retry:1;
unsigned pwr_mgmt:1;
unsigned more_data:1;
unsigned wep:1;
unsigned strict:1;
} wifi_header_frame_control_t;
Beacon frame
typedef struct{
unsigned interval:16;
unsigned capability:16;
unsigned tag_number:8;
unsigned tag_length:8;
char ssid[0];
uint8 rates[1];
} wifi_mgmt_beacon_t;
Packet types and subtypes
typedef enum{
WIFI_PKT_MGMT,
WIFI_PKT_CTRL,
WIFI_PKT_DATA,
WIFI_PKT_MISC,
} wifi_promiscuous_pkt_type_t;
typedef enum {
ASSOCIATION_REQ,
ASSOCIATION_RES,
REASSOCIATION_REQ,
REASSOCIATION_RES,
PROBE_REQ,
PROBE_RES,
NU1, /* ......................*/
NU2, /* 0110, 0111 not used */
BEACON,
ATIM,
DISASSOCIATION,
AUTHENTICATION,
DEAUTHENTICATION,
ACTION,
ACTION_NACK,
} wifi_mgmt_subtypes_t;
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
You can try snip\packet_filter and can get results for the wifi_mgmt_subtypes_t, from_ds, to_ds, receiver address, sender address, filtering address. As we haven't validated and tested the "Monitor Mode" so you may get partial results. You can refer to the links in the previous responses.
Thanks