Below are some examples of 802.11 wireshark filters. Have a reference to these helps a lot for quick troubleshooting. This will be an ongoing list.
wlan.fc.type_subtype== 0x08 – Beacon frames
wlan.fc.type_subtype== 0x4 – Probe Request
wlan.fc.type_subtype== 0x5 – Probe response
wlan.fc.type_subtype== 0xb — Authentication frames
wlan.fc.type_subtype==0x0 – association request
wlan.fc.type_subtype==0x1 – association response
wlan.fc.type_subtype==0x2 – reassocation request
wlan.fc.type_subtype==0x3 – reassocation response
wlan.fc.type_subtype==0x1b – RTS Frame
wlan.fc.type_subtype==0x1c – CTS Frame
wlan.fc.type_subtype==0x1d — ACK frame
wlan.fc.type_subtype==0x24 – Null data
wlan.fc.type_subtype==0x1a WMM PS Poll frame
Finding the source or DST of a wireless packet:
wlan.sa == dc:53:60:76:1d:21
wlan.da == dc:53:60:76:1d:21
Recent Comments