下表是利用 omnipeek 抓下約 3 秒鐘的無線包
- _" ~, h! W6 b7 D. \, |& u4 T
, [. @$ ]! D( s; ]8 _5 z' l動作:
. m4 ?9 I& Z1 \; O% y" P1) 啟動 Cisco AP,host 名為 Openplatform,2.4G Mac 地址為 00:19:07:58:9F:20,沒有加密,頻道為 9* ~; P6 y3 Z" D' ] w
2) 利用 Summit 無線卡,啟動 CCX,連上 Cisco AP, 2.4G Mac 地址為 00:17:23:0D:2C:7D2 Z8 Q, k9 W+ T0 ^8 @5 O$ ?0 ?) g% x
$ D/ d, |" }( F$ A
** 登入論壇後資料顯示更整齊 *** V( x% s4 P, B( ^" D
% f" A: Z/ _; n0 B" t
PacketSourceDestinationData RateRelative TimeProtocol
8 ]6 j0 K" X7 p" ^. w( t7 K100:19:07:58:9F:20Ethernet Broadcast10802.11 Beacon0 z" d4 r4 z8 g5 ]' S
200:19:07:58:9F:20Ethernet Broadcast10.102401802.11 Beacon6 O+ I) c4 T7 q5 s
300:19:07:58:9F:20Ethernet Broadcast10.204804802.11 Beacon
3 T+ k; Q6 v4 b$ w1 F400:19:07:58:9F:20Ethernet Broadcast10.307203802.11 Beacon) G, i. G; {1 y* L+ ~/ ]
500:19:07:58:9F:20Ethernet Broadcast10.409604802.11 Beacon, b; C4 Q' \$ w% a% @5 w! q( }2 F
600:19:07:58:9F:20Ethernet Broadcast10.512005802.11 Beacon* Q/ i# f# v4 }
700:19:07:58:9F:20Ethernet Broadcast10.614406802.11 Beacon
4 I9 c) U; ]5 m- B) @2 x800:19:07:58:9F:20Ethernet Broadcast10.716807802.11 Beacon" d8 j; f; P7 q" a
900:19:07:58:9F:20Ethernet Broadcast10.819208802.11 Beacon
% C. q9 `4 Q& e" u: a( Y1000:19:07:58:9F:20Ethernet Broadcast11.024009802.11 Beacon
; ~4 o7 w7 L; D% C1 D1100:19:07:58:9F:20Ethernet Broadcast11.12641802.11 Beacon
' n2 i# M, W; g1200:17:23:0D:2C:7DEthernet Broadcast11.175586802.11 Probe Req5 V' \, ]& C1 I+ y/ |. N
1300:17:23:0D:2C:7DEthernet Broadcast11.208822802.11 Probe Req
5 S" ~" Q. H; {0 M1400:19:07:58:9F:20Ethernet Broadcast11.228811802.11 Beacon7 ~, S" z# k: f: P1 `
1500:19:07:58:9F:20Ethernet Broadcast11.331212802.11 Beacon6 E/ l+ h2 {3 w2 g! z6 J, v5 u7 r# R
1600:17:23:0D:2C:7DEthernet Broadcast11.385512802.11 Probe Req
6 F# C/ I# E6 |" j( r; n17Ethernet Broadcast00:19:07:58:9F:2011.422788802.11 Ack
4 ?4 r$ W. W: C/ i* U. X1800:19:07:58:9F:20Ethernet Broadcast11.433613802.11 Beacon& A& J7 j2 h& ~* @3 W. v1 A( G
1900:19:07:58:9F:2000:17:23:0D:2C:7D11.4586802.11 Probe Rsp
' o; k# f( m4 I2 W7 V2000:19:07:58:9F:2000:17:23:0D:2C:7D11.460278802.11 Probe Rsp* s, e& m+ b6 S* a% H: }$ j+ ^
2100:17:23:0D:2C:7D00:19:07:58:9F:2011.460593802.11 Ack
- i- [1 { @# v: P2200:17:23:0D:2C:7D00:19:07:58:9F:2011.527452802.11 Auth: I1 b* ~3 G) A1 ]" Y! p) a
2300:19:07:58:9F:2000:17:23:0D:2C:7D11.527764802.11 Ack
# e5 K' R6 M0 D6 q# \2400:19:07:58:9F:2000:17:23:0D:2C:7D111.528054802.11 Auth) N, p5 S2 t) r" o, B
2500:17:23:0D:2C:7D00:19:07:58:9F:2011.528362802.11 Ack+ ]- K0 c" V, \4 t, \
2600:17:23:0D:2C:7D00:19:07:58:9F:2011.529416802.11 Assoc Req$ U) l- s, ~$ z1 T% X' y% A) p% Y* S
2700:19:07:58:9F:2000:17:23:0D:2C:7D11.529731802.11 Ack4 T8 @7 V/ F+ z7 T( r; S
2800:19:07:58:9F:2000:17:23:0D:2C:7D111.530343802.11 Assoc Rsp T0 O. d2 }/ |3 X0 h) Q9 f. @, f
2900:17:23:0D:2C:7D00:19:07:58:9F:2011.530655802.11 Ack
8 K6 _' b6 g7 h3 K# ]30192.168.21.54224.0.0.1111.531262IGMP% b7 o9 |- x9 z; E5 t1 s% l
31192.168.21.54224.0.0.1111.532943IGMP
* o8 N6 P7 ]8 X3200:17:23:0D:2C:7D00:19:07:58:9F:20111.533059802.11 Ack
( d; }: |- c; F: c3300:19:07:58:9F:2000:17:23:0D:2C:7D111.533673WLCCP
2 R7 O0 P$ f$ {7 ]: P3400:17:23:0D:2C:7D00:19:07:58:9F:20111.53379802.11 Ack6 `( C4 f7 k: L2 K! ^0 I) S
3500:19:07:58:9F:20Ethernet Broadcast11.536016802.11 Beacon, ^; {: e2 P# {8 J
3600:19:07:58:9F:20Ethernet Broadcast11.638414802.11 Beacon6 d( P: F1 `- q4 e
3700:19:07:58:9F:20Ethernet Broadcast11.740816802.11 Beacon# s2 |4 [" ]* G
3800:19:07:58:9F:20Ethernet Broadcast11.843218802.11 Beacon
7 K6 a0 O2 A6 _) V; S" [" t3900:19:07:58:9F:20Ethernet Broadcast11.945617802.11 Beacon
+ J, H. T+ O# j/ h4000:19:07:58:9F:20Ethernet Broadcast12.048018802.11 Beacon7 w8 B! ]4 @, G) t
4100:19:07:58:9F:20Ethernet Broadcast12.150419802.11 Beacon5 |. i) m* m4 ]
42192.168.21.54224.0.0.1112.172736IGMP
0 A$ d7 f N, }4300:17:23:0D:2C:7D00:19:07:58:9F:20112.172852802.11 Ack" L& |. e% ?9 A; p: m
4400:19:07:58:9F:20Ethernet Broadcast12.25282802.11 Beacon" c t& b5 w! l4 I1 Q( e
4500:19:07:58:9F:20Ethernet Broadcast12.355221802.11 Beacon _& X4 G# S+ O4 x
4600:19:07:58:9F:20Ethernet Broadcast12.457622802.11 Beacon
* t& c% j7 E$ e) F
5 l5 r- b, C0 V/ q9 D, n) l
) n! N8 w& }6 y. ?3 k# D把一些無關痛癢的包不管,整個握手過程為包括
% w; E5 R6 m# bBeacon8 N6 y2 O6 h! L) L
802.11 Probe Req -> 802.11 Probe Rsp) J5 P. c& @7 z/ ^7 D4 ?
802.11 Auth -> 802.11 Auth
% V) @0 a6 \2 U/ i+ _1 c802.11 Assoc Req -> 802.11 Assoc Rsp
* _: M2 c5 [* |
8 H, y( L! A: L" X# t& M7 q而每當Source 傳一個包給 Destination, Destionation 都會向 source 回應 802.11 Ack,這個暫不理,那麼我們把上表簡化為下表,跟著會詳細把每個包的重點提出來。# o8 e+ n& }7 x m& n7 O8 ^$ V
L6 [+ S8 [6 M0 V' V% Z5 s
& C2 t7 u" d0 E
PacketSourceDestinationData RateRelative TimeProtocol
( V, a' o$ K( z7 o+ l E1 M100:19:07:58:9F:20Ethernet Broadcast10802.11 Beacon2 k1 t9 W5 u% f1 c( |/ Q# p
1600:17:23:0D:2C:7DEthernet Broadcast11.385512802.11 Probe Req
0 w; ^2 X$ J2 [$ |0 Q$ L$ ^2000:19:07:58:9F:2000:17:23:0D:2C:7D11.460278802.11 Probe Rsp
o& s" Y# n9 T& n2200:17:23:0D:2C:7D00:19:07:58:9F:2011.527452802.11 Auth; _4 b' X7 ~, N7 w
2400:19:07:58:9F:2000:17:23:0D:2C:7D111.528054802.11 Auth) t# C9 A; v* T
2600:17:23:0D:2C:7D00:19:07:58:9F:2011.529416802.11 Assoc Req1 Q# j& c2 W! a4 u6 W
2800:19:07:58:9F:2000:17:23:0D:2C:7D111.530343802.11 Assoc Rsp
4 }( g( b" i7 m% l! R |
