I'am trying to capture the traffic between an android smartphone and a wifi enabled photo camera, I have achieved it with some limitations using Wireshark 1.2.5 plus an AirPcap Classic USB 802.11b/g Adapter (capture only) but I have done the error of updating the Wireshark to the version 1.12.3 Now I can't see neither the android nor the camera but if I open one of the files with the traffic that I have captured with the version 1.2.5 and then I am going to capture from the new version I can see the android and the camera (but many packets of the traffic get lost). I'm probably doing something wrong, someone can help me please? Thanks! asked 20 Mar '15, 03:45  andrew500w showing 5 of 15 show 10 more comments |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
You mentioned that you were able to capture some traffic with limitations with the previous version of Wireshark. Were you able to capture Data or QoS-Data between the Android smartphone and camera? Does the AirPcap WiFi adapter support 802.11n?
There is a version that supports 802.11n and is not the one I'm using, the version I use is the basic one and only supports 802.11b/g
With the first version of Wireshark I have managed to capture the traffic between the two devices but with limitations, I can see the traffic of the camera but I don't see the commands that the smartphone sends to the camera.
Is there a way you can post or send the PCAP file?
No problem I can send you the file ".pcapng" by mail, just giveme your address
would you mind to upload the file somewhere (dropbox, google drive, cloudshark) and to post the link here?
https://www.dropbox.com/s/0f8x41cqif6kum4/pana%20and%201.pcapng?dl=0
Is the MAC address of the Android phone = 3c:a1:0d:e5:6b:2e Is the MAC address of the camera = 90:b6:86:05:66:35
I will assume the above MAC addresses are the correct ones to analyze. In that case, the connection is made using 802.11n. This can be seen in the association request and association response frames. Also, the capture did not include EAP message #3 so decrypting the frames is also not possible.
So according to your opinion what can I do to be able to keep on trying?
Your answer has been converted to a comment as that's how this site works. Please read the FAQ for more information.
Hi andrew500w - to progress any further, you will need a WiFi adapter that supports 802.11n and works with Wireshark.
Hi Amato,
The AirCap NX supports 802.11n but for me it's impossible to spend $ 700, I'm using the AirPcap Classic because it belongs to a friend.
There is any way to use a wifi adapter like the D-Link DWA-182.A1 that supports 802.11a/g/n/ac?
Thanks
@andrew500w
Your "answer" has been converted to a comment (again) as that's how this site works. Please read the FAQ for more information.
Hi andrew - the D-Link DWA-182.A1 WiFi adapter will be able to capture 802.11n traffic, but will the driver support capturing WiFi traffic?
For that question, please read the Wireshark Wiki for capturing WiFi traffic: https://wiki.wireshark.org/CaptureSetup/WLAN
Also, if you are using Windows, Netmon may also be an option.
Hi Amato,
Thanks a lot for your help, I will read the information in detail.