Comments (1)
Running your filter:
"wlan addr1 c4:12:f5:b0:5b:b4 or wlan addr2 c4:12:f5:b0:5b:b4 or wlan addr3 c4:12:f5:b0:5b:b4"
only frames addressed to this MAC and coming from this MAC are allowed.
All other frames are filtered out. That include undirected PROBEREQUEST frames.
Additional this filter does not allow CLIENTs to connect to hcxdumptool (especially when MAC randomization is used by the CLIENT.
BTW:
You should know that if you run tcpdump to build a filter the filter code is designed to be used by tcpdump.
Ti improve performance, hcxdumptool use a different snap len.
I suggest to read
$ hcxdumptool -h
--bpfc=<filter>: compile Berkeley Packet Filter (BPF) and exit
$ hcxdumptool --bpfc="wlan addr3 112233445566" > filter.bpf
see man pcap-filter
--bpf=<file> : input Berkeley Packet Filter (BPF) code (maximum 4096 instructions) in tcpdump decimal numbers format
see --help for more information
and
$ hcxdumptool --help
-----------------------
tcpdump decimal numper format:
example: tcpdump high level compiler:
$ tcpdump -s 1024 -y IEEE802_11_RADIO wlan addr3 112233445566 -ddd > filter.bpf
see man pcap-filter
example: bpf_asm low level compiler
$ bpf_asm filter.asm | tr ',' '\n' > filter.bpf
see https://www.kernel.org/doc/html/latest/networking/filter.html
example: bpfc low level compiler:
$ bpfc -f tcpdump -i filter.asm > filter.bpf
see man bpfc
tcpdump C style format:
example: tcpdump high level compiler:
$ tcpdump -s 1024 -y IEEE802_11_RADIO wlan addr3 112233445566 -dd > filter.bpf
see man pcap-filter
example: bpfc low level compiler:
$ bpfc -f C -i filter.asm > filter.bpf
see man bpfc
Additional I suggest to read this:
#420
BTW:
I'll move this to discussions, because it is more a wrong usage of the BPF than an issue.
from hcxdumptool.
Related Issues (20)
- hcxdumptool: unrecognized option 'enable_status=15' HOT 2
- Is the problem in the driver or in the operating system? HOT 1
- Add a gpiowait.svg alongside gpiowait.odg HOT 2
- attack behaviors rules HOT 65
- openwrt: Issue finding interfaces HOT 44
- Android build instructions HOT 5
- prevent spoofed beacons from transmitting HOT 3
- How can I delete this tool? HOT 2
- hcxdumptool missing options HOT 2
- What to use it in 2024?
- error using option "-o" to write the dump file.
- Older version HOT 1
- rds Usage HOT 1
- Atheros chipset (ERRORs caused by misconfigured KALI) HOT 21
- Arrays explained HOT 1
- Documentation about attack vectors and what options affect them HOT 7
- How to filter (skip) certain access points? HOT 1
- Issues using hcxdumptool in conjuction with ALFA AWUS036ACH HOT 8
- rtw8822ce: hcxdumptool exits on unknown error HOT 15
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hcxdumptool.