On Sunday 04 March 2007 20:02, Andy Green wrote: > How about for injection on the Management interface, it expects to find > a PRISM2 header prepended to the ieee80211 one and the payload, in > exactly the same format as is delivered by Monitor Mode? The PRISM2 > capture header structure has a bunch of fields for things like rate and > antenna selection already. This has the satisfying aspect that you can > literally replay the whole Monitor Mode packet capture down the > Management Interface and get it to go out at the same rate. > Isn't this what aircrack does? I think many other drivers that support frame injection do it in a similar way (TX AVS frame on monitor interface), and this is also the way I prefer the frame injection interface. It does have the nice property of being able to directly replay captured traffic as you mentioned. Just note that AVS/prism2 is planned to be removed in favor of radiotap which is more extensible. Radiotap should also work for frame injection, though it isn't as easy as using a fixed length header format. Note that modifying the management interface to do this is possible, but it would break hostap (and probably wpa_supplicant w/ MLME). Doing packet injection on monitor interfaces instead is safer in that regard. -Michael Wu
Attachment:
pgpe5SblWBEFS.pgp
Description: PGP signature
