Mac OS X WiFi 802.11 Sniffing / Sniffer

Mac OS X WiFi 802.11 Sniffing / Sniffer

Instructions below on using using Mac OS X with Wireshark as a sniffer.

  1. In a terminal window type below.

    sudo chmod 666 /dev/bpf*

    (your sudo password is your account password)

  2. Select channel to sniff. In command below the -c follow by a # selects the channel and -z disassociates the card.

    sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -z -c 1

    (your sudo password is your account password)

    Typing the above command path can be avoided by creating a symbolic link to the command in /user/sbin/ by copying and pasting below into a terminal window.

    sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport

    This will allow you to simply type “airport” in the terminal window to execute the command.

    Airport utility can also be used as a WiFi Scanner.

  3. Download Wireshark from http://www.wireshark.org/download.html
  4. Install and launch Wireshark
  5. Go to Capture -> Interfaces -> Options in Wireshark. For wireless interface select en1 (in MacBook Air it is en0). In Link-layer Header type, select the ‘802.11 plus radiotap header’.

  6. Click ‘Start’ to capture.
  7. Confirm that Airport is in monitor mode.

If you liked this post, subscribe using below

WLAN Book RSS Feed

RSS Email WLAN Book by Email


Filed under: WLAN Tools, WLAN Troubleshooting

Comments are closed.