下表是利用 omnipeek 抓下約 3 秒鐘的無線包/ s; j# l% O! P5 K4 e) {
- t/ D. P$ P, ^+ y R! Q
動作:
8 o9 w- Q. r% m- I. \! f( L3 `1) 啟動 Cisco AP,host 名為 Openplatform,2.4G Mac 地址為 00:19:07:58:9F:20,沒有加密,頻道為 9* E9 \, l8 K; \6 Z+ k% d: x% f
2) 利用 Summit 無線卡,啟動 CCX,連上 Cisco AP, 2.4G Mac 地址為 00:17:23:0D:2C:7D5 y* I: J1 T2 c- b* m" L% B+ ~, p' M
* X1 h; E$ {+ q/ u** 登入論壇後資料顯示更整齊 ***
! E, |, J; c2 Q% ^$ |- n2 c6 f3 A" x; }' Z5 z0 G* |$ EPacketSourceDestinationData RateRelative TimeProtocol& ^- B2 D" b2 K$ i% R; d
100:19:07:58:9F:20Ethernet Broadcast10802.11 Beacon% X, n! I) W, V
200:19:07:58:9F:20Ethernet Broadcast10.102401802.11 Beacon; N% m2 M" M' J! F
300:19:07:58:9F:20Ethernet Broadcast10.204804802.11 Beacon
* x" s/ C$ D% x5 E8 T$ a1 o400:19:07:58:9F:20Ethernet Broadcast10.307203802.11 Beacon9 ? N& z! D7 `( ]/ t3 m. {
500:19:07:58:9F:20Ethernet Broadcast10.409604802.11 Beacon: j; n1 o/ R9 _$ l( b
600:19:07:58:9F:20Ethernet Broadcast10.512005802.11 Beacon- @+ Z) V; } A& |/ B @0 e
700:19:07:58:9F:20Ethernet Broadcast10.614406802.11 Beacon
' ^5 H V* R" g" l D% g800:19:07:58:9F:20Ethernet Broadcast10.716807802.11 Beacon2 z; Z5 F7 N+ \8 f* H% t
900:19:07:58:9F:20Ethernet Broadcast10.819208802.11 Beacon
) k) }3 `! M; b1000:19:07:58:9F:20Ethernet Broadcast11.024009802.11 Beacon. J, V. Q7 [$ b; Q! e" S! ^! P
1100:19:07:58:9F:20Ethernet Broadcast11.12641802.11 Beacon
2 r% C: c" [4 Q7 ^4 `1200:17:23:0D:2C:7DEthernet Broadcast11.175586802.11 Probe Req
6 u0 f! T2 s Q1300:17:23:0D:2C:7DEthernet Broadcast11.208822802.11 Probe Req
, j* l3 P5 B! D* T1400:19:07:58:9F:20Ethernet Broadcast11.228811802.11 Beacon. b2 C5 H/ C' X& T6 z4 U
1500:19:07:58:9F:20Ethernet Broadcast11.331212802.11 Beacon
6 W2 B7 G7 c/ f' A" j: P3 q4 t1600:17:23:0D:2C:7DEthernet Broadcast11.385512802.11 Probe Req3 W: m# V$ `- {9 U
17Ethernet Broadcast00:19:07:58:9F:2011.422788802.11 Ack; @: V0 \( J. J" i
1800:19:07:58:9F:20Ethernet Broadcast11.433613802.11 Beacon& M5 d: I; u( C( g* ^% m* x5 o2 v! t
1900:19:07:58:9F:2000:17:23:0D:2C:7D11.4586802.11 Probe Rsp
+ [! ~" V9 `$ W& |( g; t% [" H& X2000:19:07:58:9F:2000:17:23:0D:2C:7D11.460278802.11 Probe Rsp
- s$ N' J1 Q% N7 A- i+ e% t2100:17:23:0D:2C:7D00:19:07:58:9F:2011.460593802.11 Ack
. ?5 j5 W! W/ J: g7 ], H1 N2200:17:23:0D:2C:7D00:19:07:58:9F:2011.527452802.11 Auth8 u& G6 [# E! \' |
2300:19:07:58:9F:2000:17:23:0D:2C:7D11.527764802.11 Ack
A3 k' F/ l' ]/ Q7 y7 u0 @2400:19:07:58:9F:2000:17:23:0D:2C:7D111.528054802.11 Auth$ Z4 y. M, ]$ Z& J
2500:17:23:0D:2C:7D00:19:07:58:9F:2011.528362802.11 Ack3 }+ C4 d9 r' z3 _0 {8 y
2600:17:23:0D:2C:7D00:19:07:58:9F:2011.529416802.11 Assoc Req
6 T& A A% N1 x6 P. ], k0 I* G& c2700:19:07:58:9F:2000:17:23:0D:2C:7D11.529731802.11 Ack
; }. @/ M5 r4 c3 y3 @2800:19:07:58:9F:2000:17:23:0D:2C:7D111.530343802.11 Assoc Rsp; d3 Q6 w7 r% T' i; b. X N% ]" A
2900:17:23:0D:2C:7D00:19:07:58:9F:2011.530655802.11 Ack
8 a, Y8 |7 p2 W0 t30192.168.21.54224.0.0.1111.531262IGMP0 A* L! ^' I7 m. u* O7 B; Z
31192.168.21.54224.0.0.1111.532943IGMP% X1 y( j/ [& c4 w9 C
3200:17:23:0D:2C:7D00:19:07:58:9F:20111.533059802.11 Ack4 I. i: M. F+ h$ z1 F& p3 U
3300:19:07:58:9F:2000:17:23:0D:2C:7D111.533673WLCCP
* z# k2 ~, P4 }8 g4 ?! d3400:17:23:0D:2C:7D00:19:07:58:9F:20111.53379802.11 Ack/ ~6 o; R+ j3 B1 k4 @$ x
3500:19:07:58:9F:20Ethernet Broadcast11.536016802.11 Beacon
- d1 f0 J3 I% Z9 p. z$ c) k3600:19:07:58:9F:20Ethernet Broadcast11.638414802.11 Beacon4 }' c' H& y1 N. O* @3 D
3700:19:07:58:9F:20Ethernet Broadcast11.740816802.11 Beacon7 E# T: u+ O* F6 w- D3 E' P
3800:19:07:58:9F:20Ethernet Broadcast11.843218802.11 Beacon
M* B$ e! p1 ]3900:19:07:58:9F:20Ethernet Broadcast11.945617802.11 Beacon! }. a! p+ b- x9 ?, X
4000:19:07:58:9F:20Ethernet Broadcast12.048018802.11 Beacon
' E9 b( p! n i- E/ d2 y& z/ H4100:19:07:58:9F:20Ethernet Broadcast12.150419802.11 Beacon/ ]6 h# S" ~3 f( a1 l: F5 i, k! R7 }
42192.168.21.54224.0.0.1112.172736IGMP8 I1 N2 i2 _ g
4300:17:23:0D:2C:7D00:19:07:58:9F:20112.172852802.11 Ack+ T8 s9 T5 _! E+ N/ I# J0 H
4400:19:07:58:9F:20Ethernet Broadcast12.25282802.11 Beacon
; ?, O/ l7 ^+ g( Q0 {3 l4500:19:07:58:9F:20Ethernet Broadcast12.355221802.11 Beacon% O: V, N3 D1 @
4600:19:07:58:9F:20Ethernet Broadcast12.457622802.11 Beacon% w$ U- z5 F9 k6 f1 N& J; M4 V
h2 w& F) v& o* r7 A
4 w2 N: \5 n( w7 w# b! h4 Z# ^把一些無關痛癢的包不管,整個握手過程為包括 2 z; M5 A& D+ q
Beacon
/ b2 y) `# O+ n+ b3 H5 Z802.11 Probe Req -> 802.11 Probe Rsp$ l9 Q, y- h; `, ]4 ~1 h
802.11 Auth -> 802.11 Auth e% Y" \0 v/ e0 \
802.11 Assoc Req -> 802.11 Assoc Rsp1 ?* D! ^; }1 o6 _ @
6 P/ J9 }" m0 S, S$ H
而每當Source 傳一個包給 Destination, Destionation 都會向 source 回應 802.11 Ack,這個暫不理,那麼我們把上表簡化為下表,跟著會詳細把每個包的重點提出來。% V6 q5 E& q3 O Y C1 F
$ D9 U- d3 V" D( D, q5 \( ?& }+ Q4 }* I% d9 wPacketSourceDestinationData RateRelative TimeProtocol% J% I! W) g4 a. [3 ?: x* y
100:19:07:58:9F:20Ethernet Broadcast10802.11 Beacon
* N4 N/ n7 v& L7 [; N z# C1600:17:23:0D:2C:7DEthernet Broadcast11.385512802.11 Probe Req
0 e! N2 g C" b6 H6 v2000:19:07:58:9F:2000:17:23:0D:2C:7D11.460278802.11 Probe Rsp9 b2 C x, c, n& J
2200:17:23:0D:2C:7D00:19:07:58:9F:2011.527452802.11 Auth0 d2 Z: @( Y* A# x
2400:19:07:58:9F:2000:17:23:0D:2C:7D111.528054802.11 Auth, u8 K- B8 o1 E6 K3 h: F
2600:17:23:0D:2C:7D00:19:07:58:9F:2011.529416802.11 Assoc Req, v) ~6 ?+ Q8 U- [7 S2 Y/ G
2800:19:07:58:9F:2000:17:23:0D:2C:7D111.530343802.11 Assoc Rsp) g# T) w" {1 h& z9 J5 F; R" n$ u |
