wifi sniff issue in wireshark and bettercap
trying to sniff my network via some methods like wireshark, getting results that i doesn't satisfy me
trying to figure out that adapter issue? read about 2x2 MIMO, mb that's the right question?
also tried bettercap, ettercap
adapter alfa network 036nh ( also tried tp-link t2u v1 ) os kali and it can find my adapter it's in promiscuous mode
iptables on
ip_forwarding on
wireshark issue explanation turning on monitor mode capturing eapol 4-way handshake adding wpa-pass and ssid and most of the time i can see only ssdp records and inside it some http, but i cann' capture any other stuff like headers etc and mdns ( tested all my devices from ios to old androids) only once i got http and it was w/o any headers too
and because of that i cannot use bettercap/ettercap ( not in monitor mode ofc coz that's not gonna work )
im recieving this kind of packets
192.168.0.0/24 > 192.168.0.94 » [20:22:13] [net.sniff.mdns] mdns 192.168.0.5 : PTR query for lb._dns-sd._udp.local
192.168.0.0/24 > 192.168.0.94 » [20:22:13] [net.sniff.mdns] mdns fe80::: PTR query for _rdlink._tcp.local
192.168.0.0/24 > 192.168.0.94 » [20:22:13] [net.sniff.mdns] mdns fe80: : PTR query for _companion-link._tcp.local
192.168.0.0/24 > 192.168.0.94 » [20:22:13] [net.sniff.mdns] mdns fe80::: PTR query for lb._dns-sd._udp.local
with that settings
set arp.spoof.fullduplex true
arp.spoof on
net.sniff on
set net.sniff.local true
Can you describe exactly what you are trying to do? What headers are you looking for?
hey. im just messing around and trying to capture some headers from vulnweb http site already tested login page and some sites like httpforever
most of the time i can only see 802.11 and rarely some udp but for some reason wireshark sometimes give udp /http but they kind of empty
and i also fixed bettercap
and btw i have no filters in wireshark