CODEWITHSUNDEEP
c++pcaplibpcap
user542966
user542966

Reputation: 53

pcap_set_rfmon does not work?

I am trying to set my device to monitor mode, and i know its capable of being in monitor mode doing a "iwconfig wlan0 mode monitor" works, i run my code and i can capture packets from anywhere.

The problem is that in libpcap it fails to set my device to monitor mode at all(without entering the above-mentioned command line).I can't capture any packets until i manually connect to a access point.

       pcap_t *handler = pcap_create("wlan0",errbuff);
       if(pcap_set_rfmon(handler,1)==0 )
       {
           std::cout << "monitor mode enabled" << std::endl;
       }
       handler=pcap_open_live ("wlan0", 2048,0,512,errbuff);
       int status = pcap_activate(handler); //it returns 0 here.

so is this a code problem, or the pcap library problem?Anybody successfully set their device to monitor mode without using command lines?I am using a Realtek2500 btw.

Upvotes: 1

Views: 3512

Answers (3)

abbas
abbas

Reputation: 1

caution: pcap_set_rfmon() returns 0 on success...
so this code is correct: 

   pcap_t *handler = pcap_create("wlan0",errbuff);
   **if(pcap_set_rfmon(handler,1) )**
   {
       std::cout << "monitor mode enabled" << std::endl;
   }

Upvotes: 0

smartxiaofish
smartxiaofish

Reputation: 36

in addtion to Guy Harris's answer. using pcap_open_live to open your device will make it been activated. you will get PCAP_ERROR_ACTIVATED -4, , when you continue to call pcap_set_rfmon.

/* the operation can't be performed on already activated captures */    
#define     PCAP_ERROR_ACTIVATED   -4

so use pcap_create to open the handle, and set rfmon, and call pcap_activate to activate it.

Upvotes: 0

user862787
user862787

Reputation:

You're not supposed to use pcap_open_live and pcap_create/pcap_activate in the same code. Try doing

pcap_t *handler = pcap_create("wlan0",errbuff);
if (handler == NULL)
{
    std::cerr << "pcap_create failed: " << errbuf << std::endl;
    return; // or exit or return an error code or something
}
if(pcap_set_rfmon(handler,1)==0 )
{
    std::cout << "monitor mode enabled" << std::endl;
}
pcap_set_snaplen(handler, 2048);  // Set the snapshot length to 2048
pcap_set_promisc(handler, 0); // Turn promiscuous mode off
pcap_set_timeout(handler, 512); // Set the timeout to 512 milliseconds
int status = pcap_activate(handler);

and, of course, check the value of status.

Upvotes: 11

Related Questions