Ask Your Question

Revision history [back]

Here is how I achieved the Capture that I wanted on the mesh network that is delivered through the BT Whole Home Wi-Fi.

The following description assumes that you have already installed a driver, which permits you to select Monitor Mode for your Wi-Fi adapter and that you have already prepared Wireshark with the proper Passphrase or Key for your BT Whole Home Wi-Fi mesh network.

  1. Log in to the BT Whole Home Wi-Fi main device and go to Setup > Wi-Fi Settings and make a note of the channel(s) used. Also, go to Systen > Information and make a note of the MAC Addresses for the Disc(s). Each disc has three Mac Addresses: Ethernet, 2.4GHz Wi-Fi and 5GHz Wi-Fi. Logout when finished.
  2. Get as close to the target (IP Camera) as possible with the laptop and mobile telephone.
  3. Put the Wi-Fi adapter of the laptop into Monitor Mode with the Channel recorded above e.g. sudo airmon-ng start wlan1 11, where wlan1 is the ID of the Wi-Fi adapter and 11 is the channel to be operated on. Note: most IP Cameras use the 2.4GHz channels.
  4. Start Wireshark and select the Wi-Fi adapter that is running in Monitor Mode. Start a Capture.
  5. Run aireplay-ng -deauth using the 2.4GHz MAC Address for the BT Whole Home Wi-Fi disc that is anticipated to service the IP Camera e.g. aireplay-deauth 6 -a [ROUTER MAC] wlan1mon, where 6 is the number of death attacks required, [ROUTER MAC] is theBT Whole Home disc 2.4GHz MAC Address (colon-separated) and wlan1mon is the Wi-Fi adapter in Monitor Mode. Note: a specific target can be addressed for deauth by adding -c [DEVICE MAC] after the number for the deauth attacks quantity and before the -a [ROUTER MAC].
  6. Wait a short while and then use the mobile telephone app to contact the IP Camera - watch a few frames from the camera and then close the app.
  7. Stop Wireshark and use the Display Filter eapol to check that you've captured the four-way key handshake - there should be at least two sets: one for the IP Camera and one for the Mobile Telephone but there are likely to be several more if you did not specify a specific target using -c [DEVICE MAC] in the aireplay-ng command.

I hope this helps anyone trying to use Wireshark on Mesh Networks.