Comments (2)
To answer your question:
--filterlist=targetBSSID --filtermode=2
has been replaced by
--bpf=filter.bpf
The kernel include a fantastic (packet capture) filter method and hcxdumptool use it. The entire filtering is now done inside the kernel space via a Berkeley Packet Filter (BPF) which can be applied to hcxdumptool by the option bpf (--bpf=filter.bpf). That is fast as lightning and more flexible than the old user space filtering method.
There are several ways to build this filter, e.g.:
via tcpdump == the simplest way and easy to use for a beginner
via filter code that needs to be compiled == the most flexible way
How to create this filter is described in --help:
--bpf=<file> : input kernel space Berkeley Packet Filter (BPF) code
steps to create a BPF (it only has to be done once):
$ hcxdumptool -m <interface>
create BPF to protect MACs
$ tcpdump -i <INTERFACE> not wlan addr2 11:22:33:44:55:66 -ddd > protect.bpf
recommended to protect own devices
create BPF to attack a MAC
$ tcpdump -i <INTERFACE> wlan addr1 11:22:33:44:55:66 or wlan addr2 11:22:33:44:55:66 or wlan addr3 11:22:33:44:55:66 -ddd > attack.bpf
it is strongly recommended to allow all PROBEREQUEST frames (wlan_type mgt && wlan_subtype probe-req)
$ tcpdump -i <interface> wlan addr1 11:22:33:44:55:66 or wlan addr2 11:22:33:44:55:66 or wlan addr3 11:22:33:44:55:66 or wlan addr3 ff:ff:ff:ff:ff:ff -ddd > attack.bpf
see man pcap-filter for a list of all filter options
add BPF code:
$ hcxdumptool -i <INTERFACE> --bpf=attack.bpf ...
BPF is explained here:
https://en.wikipedia.org/wiki/Berkeley_Packet_Filter
https://www.kernel.org/doc/html/latest/bpf/index.html
https://www.kernel.org/doc/html/latest/networking/filter.html
https://andreaskaris.github.io/blog/networking/bpf-and-tcpdump/
Closed this here, because it is not a bug. If you have some more questions, you please open a discussion.
from hcxdumptool.
BTW:
Using a BPF is nothing new. It is present in hcxdumptool since 06.03.2020 (changelog):
06.03.2020
==========
added option to import Berkeley packet Filter code from tcpdump as alternative to apfilterlist and clientfilterlist
from hcxdumptool.
Related Issues (20)
- hcxdumptool: invalid option -- 'o' HOT 5
- HCXDumpTool runtime error on MediaTEK MT7922 / MT7921E HOT 19
- HCXDumpTool & MediaTEK MT7922 / MT7921E (Part 2) HOT 3
- orange pi zero HOT 1
- hcxdumptool: unrecognized option 'enable_status=15' HOT 2
- Is the problem in the driver or in the operating system? HOT 1
- Add a gpiowait.svg alongside gpiowait.odg HOT 2
- attack behaviors rules HOT 65
- openwrt: Issue finding interfaces HOT 44
- Android build instructions HOT 5
- prevent spoofed beacons from transmitting HOT 3
- How can I delete this tool? HOT 2
- hcxdumptool missing options HOT 2
- What to use it in 2024?
- error using option "-o" to write the dump file.
- Older version HOT 1
- undirected proberequest frames. HOT 1
- rds Usage HOT 1
- Atheros chipset (ERRORs caused by misconfigured KALI) HOT 21
- Arrays explained HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hcxdumptool.