Hello! trying to sniff my network via some methods like wireshark, bettercap, ettercap and getting wrong results with protocols
adapter alfa network 036nh ( also tried tp-link t2u v1 ) os kali and it can find my adapter it's in promiscuous mode
iptables on ip_forwarding on
wireshark turning on monitor mode capturing eapol 4-way handshake adding wpa-pass and ssid and most of the time i can see only ssdp records and inside it some http, but i cann' capture any other stuff like headers etc and mdns ( tested all my devices from ios to old androids) only once i got http and it was w/o any headers too
and because of that i cannot use bettercap/ettercap ( not in monitor mode ofc coz that's not gonna work )
im recieving this kind of packets 192.168.0.0/24 > 192.168.0.94 » [20:22:13] [net.sniff.mdns] mdns 192.168.0.5 : PTR query for lb._dns-sd._udp.local 192.168.0.0/24 > 192.168.0.94 » [20:22:13] [net.sniff.mdns] mdns fe80::: PTR query for _rdlink._tcp.local 192.168.0.0/24 > 192.168.0.94 » [20:22:13] [net.sniff.mdns] mdns fe80: : PTR query for _companion-link._tcp.local 192.168.0.0/24 > 192.168.0.94 » [20:22:13] [net.sniff.mdns] mdns fe80::: PTR query for lb._dns-sd._udp.local
with that settings set arp.spoof.fullduplex true arp.spoof on net.sniff on set net.sniff.local true
http.proxy on
http.server on
https.proxy on