I want to sniff wifi packets with wireshark but monitor mode seems to fail. I'm using backtrack 5 and an alpha AWUS036H wifi usb card, i try to sniff my own box without encryption. Here is what i'm doing to activate monitor mode :
wich seems to be working :
However when i start capturing on mon0 in wireshark i'm only getting broadcast packets. In capture options the "capture packets in monitor mode" option is grayed out. I do not understand what's going on. Any Ideas ? asked 05 Feb '12, 05:16  kyori |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
use airodump-ng and look at the tracefile saved from it, if thats working it might be a wireshark issue, if not make sure your wlan0 device is NOT used to connect to a wireless network, which might corrupt your monitor mode settings on mon0
At least with some versions of Linux and some devices and drivers, you can run in monitor mode when connected to a wireless network. Given the
wlan0andmon0, the driver for the adapter is probably a mac80211 driver, so I wouldn't be surprised if it supported running in monitor mode when connected to a wireless network.Right, that should work - I was just suggesting there might be a conflict if the card already seems to be in mon. mode but the issues appear it might be a conflict where normally there shouldn't be one