WireShark對於WIFI資料幀的分析
阿新 • • 發佈:2019-01-13
1 【No.】0.000000000【Time】 HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) (TA)【Source】 10:0e:0e:20:6a:f4 (10:0e:0e:20:6a:f4) (RA)【Destination】802.11【Protocal】20【Length】Request-to-send, Flags=.........【Info】 RTS幀 (Request-to-send) 固定20位元組 【2 Frame Control】 【2 Duration】【6 RA】【6 TA】【4 FCS】 b4 00 【2 Frame Control】 de 01 【2 Duration】 10 0e 0e 20 6a f4【6 RA】 18 4f 32 0f a4 ed【6 TA】 00 00 00 00【4 FCS】 Frame 1: 20 bytes on wire (160 bits), 20 bytes captured (160 bits) 802.11 radio information PHY type: 802.11n (7) Bandwidth: 20 MHz (0) Data rate: 1.0 Mb/s Channel: 1 Frequency: 2412 MHz Signal strength (percentage): 39% Signal strength (dBm): -77 dBm Noise level (percentage): 18% Noise level (dBm): -87 dBm IEEE 802.11 Request-to-send, Flags: ......... Type/Subtype: Request-to-send (0x001b) Frame Control Field: 0xb400 .... ..00 = Version: 0 .... 01.. = Type: Control frame (1) 1011 .... = Subtype: 11 Flags: 0x00 .... ..00 = DS status: Not leaving DS or network is operating in AD-HOC mode (To DS: 0 From DS: 0) (0x00) .... .0.. = More Fragments: This is the last fragment .... 0... = Retry: Frame is not being retransmitted ...0 .... = PWR MGT: STA will stay up ..0. .... = More Data: No data buffered .0.. .... = Protected flag: Data is not protected 0... .... = Order flag: Not strictly ordered .000 0001 1101 1110 = Duration: 478 microseconds Receiver address: 10:0e:0e:20:6a:f4 (10:0e:0e:20:6a:f4) //RA地址 在該網路(STA外發)下相當於AP的地址 Transmitter address: HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) //TA地址 相當於STA的地址 Frame check sequence: 0x00000000 [incorrect, should be 0xbd0ede44] // FCS 4位元組 用於檢查資料的完整性 [Good: False] [Bad: True]
2【No.】0.000309000【Time】XX【Source】HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) (RA)【Description】802.11【Protocal】14【Length】Clear-to-send, Flags=.........【Info】 CTS幀 (Clear-to-send) 固定14位元組【2 Frame Control】 【2 Duration】【6 RA】【4 FCS】 802.11MAC幀 【1.MAC Header (1.1Frame Control幀控制位#2位元組# 1.2Duration/ID時長#2位元組# 1.3 Address1地址#6位元組# 1.4 Address2地址#6位元組# 1.5 Address3地址#6位元組# 1.6 SequenceControl#2位元組# 1.7 Address4地址#6位元組# ) 】30位元組 【2.Frame Body(具體由MAC Header決定內容)】 0--2312 可變位元組 【3.FCS Frame Check Sequeue 幀校驗序列】用於保障幀資料的完整性 4位元組 【c4 00 】<span style="white-space:pre"> </span> 1.1 Frame Control域 1100 0100 0000 0000 1100 0100 0000 0000 b7 b6 b5 b4 b3 b2 b1 b0 || b15 b14 b13 b12 b11 b10 b9 b8 b0 b1 = 0 0 ; Protocol Version b0 b1代表802.11MAC幀版本號 目前值是 0 b2 b3 = 1 0 ; Type 該幀的型別描述 b2b3 =00 管理Manage幀 b2b3 = 01 資料Data幀 b2b3 =10 控制Control幀 b2b3 = 11 保留 b4 b5 b6 b7 = 0 0 1 1; SubType ,用於與 Type 一起 決定 該幀 具體屬於什麼幀 這裡的type=10 控制Control幀 subtype = 0 0 1 1 決定了該幀是CTS幀 b8 = 0 ; To DS 該位只用於資料型別為Data幀 如果為資料幀 b8b9 = 00 同一個IBSS中 一個STA 到另一個 STA b9 = 0 ; From DS 該位只用於資料型別為Data幀 b8b9 = 01 代表來自AP的資料幀 b8b9 = 10 發往AP的MAC幀 b8b9 = 11 僅Mesh BSS支援 不討論 b10 = 0; More Fragments 表示資料是否分片 該位只用於資料型別為Data幀 或者 Manage幀 b10 = 0不分片 b10 = 1分片 b11 = 0;Retry b11 = 0表示該幀不是重傳幀 b11 = 1表示該幀是重傳幀 b12 = 0;Power Managerment b12 = 0;表示傳送該幀的STA處於活躍狀態 b12 = 1;表示傳送該幀的STA處於省電狀態 b13 = 0;More Data 和b12指定的省電模式有關 b13 = 0表示 STA已經接受完資料 b13 = 1 表示 AP還快取著還未傳送給STA的資料 b14 = 0; Protected Frame 表示資料是否加密 b14 = 0不加密 b14 = 1加密 b15 = 0; Order 指明接收端必須按順序處理該幀 b15 = 0 不需要按順序接受該幀 b15 = 1 需要按順序接受該幀 【a4 00 Duration】 1.2 Duration/ID時長#2位元組# 1010 0100 0000 0000 對於在 Frame Control中 type 和 subtype 決定的 PS-POLL幀 b2 b3 b4 b5 b6 b7 = 1 0 0 1 0 1 該欄位 表示AID值 最後2位必須為1,前14位取值 1-2007 對於其他幀 該欄位 表示 離下一幀 還剩多時間 單位是 微秒 0000 0000 1010 0100 對應是 164 微秒 一百萬分之一秒 a15 ... a1 【18 4f 32 0f a4 ed Address】 1.3 Address地址#6位元組# MAC Address 6個位元組 48位組成 由兩部分組成 0--23位 是廠商程式碼 OUI組織唯一標誌 後24位 是廠商製造的網絡卡的統一編號 第48位(U|M位)比較關鍵 如果b47 =0 表示的是【單播】地址 b47 =1 表示的是【組播】的地址 如果地址全為1 FF-FF-FF-FF-FF-FF【廣播】地址 第47位(G|L位)用來表示MAC地址是全球唯一還是 本地唯一的 b46 =0代表全球唯一 b46 =1 本地唯一 MAC 頭部分共含有四個Address 五種地址定義 BSSID: AP的MAC地址 b46=1 代表全球唯一 b47 = 0 代表單播 DA: Destination Address DA 目的地址 用來描述最終MAC資料包的接受者 可以是單播也可以是組播 b47=0 b47=1 都可以 SA: Source Adddress SA 源地址 用來描述最初發出Mac資料包的STA的地址 一般只有單播 b47 =0 TA: Transmitter Address 傳送STA地址的AP的地址 一般描述 將MAC資料包傳送到 另一個AP覆蓋內的 中的STA地址 RA: Receiver Address 接收STA地址的AP的地址 描述接收MAC幀的 網路型別 Address1(接收端) Address2(傳送端) Address3(輔助) Address4 IBSS DA SA BSSID 未使用 To AP BSSID SA DA 未使用 From AP DA BSSID SA 未使用 18 4f 32 0f a4 ed 18 = 0001 1000 4f = 0100 1111 32 = 0011 0010 0f = 0000 1111 a4 = 1011 0100 ed = 1110 1101 a0=0 a08=1 a16=0 a24=0 a32=0 a40=1 a1=0 a09=1 a17=1 a25=0 a33=0 a41=0 a2=0 a10=1 a18=0 a26=0 a34=1 a42=1 a3=1 a11=1 a19=0 a27=0 a35=0 a43=1 a4=1 a12=0 a20=1 a28=1 a36=1 a44=0 a5=0 a13=0 a21=1 a29=1 a37=1 a45=1 a6=0 a14=1 a22=0 a30=1 a38=0 a46=1 a7=0 a15=0 a23=0 a31=1 a39=1 a47=1 1.6 SequenceControl#2位元組# 16位 b0 b1 b2 b3: 代表片段編號 Fragment Number 用於控制分片幀 如果MAC幀數量太大 MAC層會分片傳送 b4.b5..b15: 代表 幀順序編號Sequence Number STA每次傳送資料幀都會設定一個幀順序編號控制幀沒有編號(太短) 重傳幀不使用新的編號 【No.】0.000309000【Time】XX【Source】HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) (RA)【Description】802.11【Protocal】14【Length】Clear-to-send, Flags=.........【Info】 十六進位制 : c4 00 a4 00 18 4f 32 0f a4 ed 00 00 00 00 二進位制: 【c4 00 Frame Control】 【a4 00 Duration】 1100 0100 0000 0000 1010 0100 0000 0000 【18 4f 32 0f a4 ed RA】 0001 1000 0100 1111 0011 0010 0000 1111 1010 0100 11101101 【00 00 00 00 FCS】 0000 0000 0000 0000 0000 0000 0000 0000 Frame 2: 14 bytes on wire (112 bits), 14 bytes captured (112 bits) Encapsulation type: IEEE 802.11 Wireless LAN with radio information (22) Arrival Time: Sep 22, 2016 15:01:56.375736900 ?й??????? // 到達時間 [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1474527716.375736900 seconds // Epoch 新紀元時間 1970年1月1日00:00:00 UTC 開始所經過的秒數 [Time delta from previous captured frame: 0.000309000 seconds] //與上一幀捕獲時間間隔 [Time delta from previous displayed frame: 0.000309000 seconds]//與上一幀展示時間間隔 [Time since reference or first frame: 0.000309000 seconds] // 與第一幀時間間隔 Frame Number: 2 // 捕獲的第幾幀 Frame Length: 14 bytes (112 bits) // 幀長度 Capture Length: 14 bytes (112 bits) // 捕獲的幀長度 [Frame is marked: False] // 幀是否 [Frame is ignored: False] // 幀是否忽略 [Protocols in frame: wlan_radio:wlan] //幀使用的協議 [Coloring Rule Name: Checksum Errors] //著色規則 [Coloring Rule String [truncated]: eth.fcs_bad==1 || ip.checksum_bad==1 || tcp.checksum_bad==1 || udp.checksum_bad==1 || sctp.checksum_bad==1 || mstp.checksum_bad==1 || cdp.checksum_bad==1 || edp.checksum_bad==1 || wlan.fcs_bad==1 || stt.ch] 802.11 radio information //WIFI訊號相關資訊 PHY type: 802.11n (7) // 使用802.11n WIFI協議 Bandwidth: 20 MHz (0) //頻寬 Data rate: 1.0 Mb/s //資料傳輸速率 Channel: 1 //通道號 Frequency: 2412 MHz //通道頻率 Signal strength (percentage): 34% // 訊號強度 百分比 Signal strength (dBm): -76 dBm // 本機的訊號強度dBm的(分貝毫瓦)一般用負數表示,正常範圍是從-110dBm的(差)到-50dBm的(好)訊號的變化 Noise level (percentage): 13% // 信噪強度 百分比 Noise level (dBm): -86 dBm// 信噪強度 dBm 一般用負數表示 IEEE 802.11 Clear-to-send, Flags: ......... // CTS(14位元組 Clear To Send)允許傳送迴應幀 Type/Subtype: Clear-to-send (0x001c) Frame Control Field: 0xc400 .... ..00 = Version: 0 .... 01.. = Type: Control frame (1) 1100 .... = Subtype: 12 Flags: 0x00 .... ..00 = DS status: Not leaving DS or network is operating in AD-HOC mode (To DS: 0 From DS: 0) (0x00) .... .0.. = More Fragments: This is the last fragment .... 0... = Retry: Frame is not being retransmitted ...0 .... = PWR MGT: STA will stay up ..0. .... = More Data: No data buffered .0.. .... = Protected flag: Data is not protected 0... .... = Order flag: Not strictly ordered .000 0000 1010 0100 = Duration: 164 microseconds // 一百萬分之一秒 164微秒 Receiver address: HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) //該MAC地址前24位的廠商是 HonHaiPr 鴻海科技集團 Frame check sequence: 0x00000000 [incorrect, should be 0x8af051cc] [Good: False] [Bad: True]
3【No.】0.000499000【Time】10:0e:0e:20:6a:f4 (10:0e:0e:20:6a:f4) (TA)【Source】 HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) (RA)【Destination】802.11【Protocal】34【Length】802.11 Block Ack, Flags=.........【Info】 Block ACK幀 (Request-to-send) 位元組可變 【2 Frame Control】 【2 Duration】【6 RA】【6 TA】【4 FCS】 Block Ack通過將一幀一確認的普通傳輸方式修改為連續傳輸多個幀然後一次確認多個幀的方式,來提高MAC層的傳輸效率。 N個包的傳輸可節省N*DIFS的時間,在犧牲一定可靠性的基礎上達到了提高傳輸頻寬的能力 94 00 【2 Frame Control】 3e 00 【2 Duration】 18 4f 32 0f a4 ed 【6 RA】 10 0e 0e 20 6a f4 【6 TA】 05 00 【2 Block Ack Request Contro 一些屬性值】 wlan.ba.basic.tidinfo 90 96 【2 Starting Sequence Control (SSC) 】 ff ff ff ff ff ff ff ff 【8 wlan.ba.bitmap】 00 20 【2 XXX】 00 00 00 00 【4 FCS】 Frame 3: 34 bytes on wire (272 bits), 34 bytes captured (272 bits) Encapsulation type: IEEE 802.11 Wireless LAN with radio information (22) Arrival Time: Sep 22, 2016 15:01:56.375926900 ?й??????? [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1474527716.375926900 seconds [Time delta from previous captured frame: 0.000190000 seconds] [Time delta from previous displayed frame: 0.000190000 seconds] [Time since reference or first frame: 0.000499000 seconds] Frame Number: 3 Frame Length: 34 bytes (272 bits) Capture Length: 34 bytes (272 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: wlan_radio:wlan] [Coloring Rule Name: Checksum Errors] [Coloring Rule String [truncated]: eth.fcs_bad==1 || ip.checksum_bad==1 || tcp.checksum_bad==1 || udp.checksum_bad==1 || sctp.checksum_bad==1 || mstp.checksum_bad==1 || cdp.checksum_bad==1 || edp.checksum_bad==1 || wlan.fcs_bad==1 || stt.ch] 802.11 radio information PHY type: 802.11n (7) Bandwidth: 20 MHz (0) Data rate: 24.0 Mb/s Channel: 1 Frequency: 2412 MHz Signal strength (percentage): 34% Signal strength (dBm): -78 dBm Noise level (percentage): 18% Noise level (dBm): -85 dBm IEEE 802.11 802.11 Block Ack, Flags: ......... Type/Subtype: 802.11 Block Ack (0x0019) Frame Control Field: 0x9400 .... ..00 = Version: 0 .... 01.. = Type: Control frame (1) 1001 .... = Subtype: 9 // 對應該項在圖片中不存在,新加入? Flags: 0x00 .000 0000 0011 1110 = Duration: 62 microseconds Receiver address: HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) Transmitter address: 10:0e:0e:20:6a:f4 (10:0e:0e:20:6a:f4) .... .10. = Block Ack Type: Compressed Block (0x02) Block Ack Request Control: 0x0005 .... .... .... ...1 = BAR Ack Policy: Immediate Acknowledgement Required .... .... .... ..0. = Multi-TID: False .... .... .... .1.. = Compressed Bitmap: True .... 0000 0000 0... = Reserved: 0x0000 0000 .... .... .... = TID for which a Basic BlockAck frame is requested: 0x0000 Block Ack Starting Sequence Control (SSC): 0x9690 .... .... .... 0000 = Fragment: 0 1001 0110 1001 .... = Starting Sequence Number: 2409 Block Ack Bitmap: ffffffffffffffff Frame check sequence: 0x00000000 [incorrect, should be 0x80029083]
13【No.】0.025490000【Time】 【Source】 02:f8:1c:b0:fc:32 (02:f8:1c:b0:fc:32) (RA)【Destination】802.11【Protocal】20【Length】 Acknowledgement, Flags=........C【Info】
ACK幀 Acknowledgement 固定14位元組 【2 Frame Control】 【2 Duration】【6 RA】【4 FCS】
0000 d4 00 00 00 02 f8 1c b0 fc 32 00 00 00 00
d4 00 【2 Frame Control 】
00 00 【2 Duration 】
02 f8 1c b0 fc 32【6 RA 】
00 00 00 00 【4 FCS】
Frame 13: 14 bytes on wire (112 bits), 14 bytes captured (112 bits)
Encapsulation type: IEEE 802.11 Wireless LAN with radio information (22)
Arrival Time: Sep 22, 2016 15:01:56.400917900 ?й???????
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1474527716.400917900 seconds
[Time delta from previous captured frame: 0.001313000 seconds]
[Time delta from previous displayed frame: 0.001313000 seconds]
[Time since reference or first frame: 0.025490000 seconds]
Frame Number: 13
Frame Length: 14 bytes (112 bits)
Capture Length: 14 bytes (112 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: wlan_radio:wlan]
[Coloring Rule Name: Checksum Errors]
[Coloring Rule String [truncated]: eth.fcs_bad==1 || ip.checksum_bad==1 || tcp.checksum_bad==1 || udp.checksum_bad==1 || sctp.checksum_bad==1 || mstp.checksum_bad==1 || cdp.checksum_bad==1 || edp.checksum_bad==1 || wlan.fcs_bad==1 || stt.ch]
802.11 radio information
PHY type: 802.11n (7)
Bandwidth: 20 MHz (0)
Data rate: 1.0 Mb/s
Channel: 1
Frequency: 2412 MHz
Signal strength (percentage): 76%
Signal strength (dBm): -64 dBm
Noise level (percentage): 68%
Noise level (dBm): -65 dBm
IEEE 802.11 Acknowledgement, Flags: .........
Type/Subtype: Acknowledgement (0x001d)
Frame Control Field: 0xd400
.... ..00 = Version: 0
.... 01.. = Type: Control frame (1)
1101 .... = Subtype: 13
Flags: 0x00
.... ..00 = DS status: Not leaving DS or network is operating in AD-HOC mode (To DS: 0 From DS: 0) (0x00)
.... .0.. = More Fragments: This is the last fragment
.... 0... = Retry: Frame is not being retransmitted
...0 .... = PWR MGT: STA will stay up
..0. .... = More Data: No data buffered
.0.. .... = Protected flag: Data is not protected
0... .... = Order flag: Not strictly ordered
.000 0000 0000 0000 = Duration: 0 microseconds
Receiver address: 02:f8:1c:b0:fc:32 (02:f8:1c:b0:fc:32)
Frame check sequence: 0x00000000 [incorrect, should be 0xd414b32f]
[Good: False]
[Bad: True]
54.Beacon frame
54【No.】0.188058000【Time】 Tp-LinkT_d4:30:e2【Source】Broadcast【Description】802.11【Protocal】181【Length】Beacon frame, SN=3412, FN=0, Flags=........., BI=100, SSID=ceshi_BD1_cuihongwei【Info】
0000 80 00 00 00 ff ff ff ff ff ff d0 c7 c0 d4 30 e2 ..............0.
0010 d0 c7 c0 d4 30 e2 40 d5 80 e1 40 ac 00 00 00 00 [email protected]@.....
0020 64 00 31 04 00 14 63 65 73 68 69 5f 42 44 31 5f d.1...ceshi_BD1_
0030 63 75 69 68 6f 6e 67 77 65 69 01 08 82 84 8b 96 cuihongwei......
0040 8c 12 98 24 03 01 01 05 04 00 01 00 00 07 06 43 ...$...........C
0050 4e 20 01 0d 20 2a 01 00 30 14 01 00 00 0f ac 04 N .. *..0.......
0060 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00 32 04 ..............2.
0070 b0 48 60 6c dd 16 00 50 f2 01 01 00 00 50 f2 04 .H`l...P.....P..
0080 01 00 00 50 f2 04 01 00 00 50 f2 02 dd 18 00 50 ...P.....P.....P
0090 f2 02 01 01 03 00 03 a4 00 00 27 a4 00 00 42 43 ..........'...BC
00a0 5e 00 62 32 2f 00 dd 09 00 03 7f 01 01 00 00 ff ^.b2/...........
00b0 7f 00 00 00 00 .....
Frame 54: 181 bytes on wire (1448 bits), 181 bytes captured (1448 bits)
Encapsulation type: IEEE 802.11 Wireless LAN with radio information (22)
Arrival Time: Sep 22, 2016 15:01:56.563485900 ?й???????
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1474527716.563485900 seconds
[Time delta from previous captured frame: 0.001705000 seconds]
[Time delta from previous displayed frame: 0.001705000 seconds]
[Time since reference or first frame: 0.188058000 seconds]
Frame Number: 54
Frame Length: 181 bytes (1448 bits)
Capture Length: 181 bytes (1448 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: wlan_radio:wlan]
[Coloring Rule Name: Checksum Errors]
[Coloring Rule String [truncated]: eth.fcs_bad==1 || ip.checksum_bad==1 || tcp.checksum_bad==1 || udp.checksum_bad==1 || sctp.checksum_bad==1 || mstp.checksum_bad==1 || cdp.checksum_bad==1 || edp.checksum_bad==1 || wlan.fcs_bad==1 || stt.ch]
802.11 radio information
PHY type: 802.11n (7)
Bandwidth: 20 MHz (0)
Data rate: 1.0 Mb/s
Channel: 1
Frequency: 2412 MHz
Signal strength (percentage): 100%
Signal strength (dBm): -20 dBm
Noise level (percentage): 100%
Noise level (dBm): -20 dBm
IEEE 802.11 Beacon frame, Flags: .........
Type/Subtype: Beacon frame (0x0008)
Frame Control Field: 0x8000
.... ..00 = Version: 0
.... 00.. = Type: Management frame (0)
1000 .... = Subtype: 8
Flags: 0x00
.... ..00 = DS status: Not leaving DS or network is operating in AD-HOC mode (To DS: 0 From DS: 0) (0x00)
.... .0.. = More Fragments: This is the last fragment
.... 0... = Retry: Frame is not being retransmitted
...0 .... = PWR MGT: STA will stay up
..0. .... = More Data: No data buffered
.0.. .... = Protected flag: Data is not protected
0... .... = Order flag: Not strictly ordered
.000 0000 0000 0000 = Duration: 0 microseconds
Receiver address: Broadcast (ff:ff:ff:ff:ff:ff)
Destination address: Broadcast (ff:ff:ff:ff:ff:ff)
Transmitter address: Tp-LinkT_d4:30:e2 (d0:c7:c0:d4:30:e2)
Source address: Tp-LinkT_d4:30:e2 (d0:c7:c0:d4:30:e2)
BSS Id: Tp-LinkT_d4:30:e2 (d0:c7:c0:d4:30:e2)
.... .... .... 0000 = Fragment number: 0
1101 0101 0100 .... = Sequence number: 3412
Frame check sequence: 0x00000000 [incorrect, should be 0x54cabeba]
[Good: False]
[Bad: True]
IEEE 802.11 wireless LAN management frame
Fixed parameters (12 bytes)
Timestamp: 0x00000000ac40e180
Beacon Interval: 0.102400 [Seconds]
Capabilities Information: 0x0431
.... .... .... ...1 = ESS capabilities: Transmitter is an AP
.... .... .... ..0. = IBSS status: Transmitter belongs to a BSS
.... ..0. .... 00.. = CFP participation capabilities: No point coordinator at AP (0x0000)
.... .... ...1 .... = Privacy: AP/STA can support WEP
.... .... ..1. .... = Short Preamble: Allowed
.... .... .0.. .... = PBCC: Not Allowed
.... .... 0... .... = Channel Agility: Not in use
.... ...0 .... .... = Spectrum Management: Not Implemented
.... .1.. .... .... = Short Slot Time: In use
.... 0... .... .... = Automatic Power Save Delivery: Not Implemented
...0 .... .... .... = Radio Measurement: Not Implemented
..0. .... .... .... = DSSS-OFDM: Not Allowed
.0.. .... .... .... = Delayed Block Ack: Not Implemented
0... .... .... .... = Immediate Block Ack: Not Implemented
Tagged parameters (141 bytes)
Tag: SSID parameter set: ceshi_BD1_cuihongwei
Tag Number: SSID parameter set (0)
Tag length: 20
SSID: ceshi_BD1_cuihongwei
Tag: Supported Rates 1(B), 2(B), 5.5(B), 11(B), 6(B), 9, 12(B), 18, [Mbit/sec]
Tag Number: Supported Rates (1)
Tag length: 8
Supported Rates: 1(B) (0x82)
Supported Rates: 2(B) (0x84)
Supported Rates: 5.5(B) (0x8b)
Supported Rates: 11(B) (0x96)
Supported Rates: 6(B) (0x8c)
Supported Rates: 9 (0x12)
Supported Rates: 12(B) (0x98)
Supported Rates: 18 (0x24)
Tag: DS Parameter set: Current Channel: 1
Tag Number: DS Parameter set (3)
Tag length: 1
Current Channel: 1
Tag: Traffic Indication Map (TIM): DTIM 0 of 0 bitmap
Tag Number: Traffic Indication Map (TIM) (5)
Tag length: 4
DTIM count: 0
DTIM period: 1
Bitmap control: 0x00
.... ...0 = Multicast: False
0000 000. = Bitmap Offset: 0x00
Partial Virtual Bitmap: 00
Tag: Country Information: Country Code CN, Environment Any
Tag Number: Country Information (7)
Tag length: 6
Code: CN
Environment: Any (0x20)
Country Info: First Channel Number: 1, Number of Channels: 13, Maximum Transmit Power Level: 32 dBm
First Channel Number: 1
Number of Channels: 13
Maximum Transmit Power Level (in dBm): 32
Tag: ERP Information
Tag Number: ERP Information (42)
Tag length: 1
ERP Information: 0x00
.... ...0 = Non ERP Present: Not set
.... ..0. = Use Protection: Not set
.... .0.. = Barker Preamble Mode: Not set
0000 0... = Reserved: 0x00
Tag: RSN Information
Tag Number: RSN Information (48)
Tag length: 20
RSN Version: 1
Group Cipher Suite: 00-0f-ac AES (CCM)
Group Cipher Suite OUI: 00-0f-ac
Group Cipher Suite type: AES (CCM) (4)
Pairwise Cipher Suite Count: 1
Pairwise Cipher Suite List 00-0f-ac AES (CCM)
Pairwise Cipher Suite: 00-0f-ac AES (CCM)
Pairwise Cipher Suite OUI: 00-0f-ac
Pairwise Cipher Suite type: AES (CCM) (4)
Auth Key Management (AKM) Suite Count: 1
Auth Key Management (AKM) List 00-0f-ac PSK
Auth Key Management (AKM) Suite: 00-0f-ac PSK
Auth Key Management (AKM) OUI: 00-0f-ac
Auth Key Management (AKM) type: PSK (2)
RSN Capabilities: 0x0000
.... .... .... ...0 = RSN Pre-Auth capabilities: Transmitter does not support pre-authentication
.... .... .... ..0. = RSN No Pairwise capabilities: Transmitter can support WEP default key 0 simultaneously with Pairwise key
.... .... .... 00.. = RSN PTKSA Replay Counter capabilities: 1 replay counter per PTKSA/GTKSA/STAKeySA (0x0000)
.... .... ..00 .... = RSN GTKSA Replay Counter capabilities: 1 replay counter per PTKSA/GTKSA/STAKeySA (0x0000)
.... .... .0.. .... = Management Frame Protection Required: False
.... .... 0... .... = Management Frame Protection Capable: False
.... ...0 .... .... = Joint Multi-band RSNA: False
.... ..0. .... .... = PeerKey Enabled: False
Tag: Extended Supported Rates 24(B), 36, 48, 54, [Mbit/sec]
Tag Number: Extended Supported Rates (50)
Tag length: 4
Extended Supported Rates: 24(B) (0xb0)
Extended Supported Rates: 36 (0x48)
Extended Supported Rates: 48 (0x60)
Extended Supported Rates: 54 (0x6c)
Tag: Vendor Specific: Microsof: WPA Information Element
Tag Number: Vendor Specific (221)
Tag length: 22
OUI: 00-50-f2
Vendor Specific OUI Type: 1
Type: WPA Information Element (0x01)
WPA Version: 1
Multicast Cipher Suite: 00-50-f2 AES (CCM)
Multicast Cipher Suite OUI: 00-50-f2
Multicast Cipher Suite type: AES (CCM) (4)
Unicast Cipher Suite Count: 1
Unicast Cipher Suite List 00-50-f2 AES (CCM)
Unicast Cipher Suite: 00-50-f2 AES (CCM)
Unicast Cipher Suite OUI: 00-50-f2
Unicast Cipher Suite type: AES (CCM) (4)
Auth Key Management (AKM) Suite Count: 1
Auth Key Management (AKM) List 00-50-f2 PSK
Auth Key Management (AKM) Suite: 00-50-f2 PSK
Auth Key Management (AKM) OUI: 00-50-f2
Auth Key Management (AKM) type: PSK (2)
Tag: Vendor Specific: Microsof: WMM/WME: Parameter Element
Tag Number: Vendor Specific (221)
Tag length: 24
OUI: 00-50-f2
Vendor Specific OUI Type: 2
Type: WMM/WME (0x02)
WME Subtype: Parameter Element (1)
WME Version: 1
WME QoS Info: 0x03
0... .... = U-APSD: Disabled
.... 0011 = Parameter Set Count: 0x03
.000 .... = Reserved: 0x00
Reserved: 00
Ac Parameters ACI 0 (Best Effort), ACM no, AIFSN 3, ECWmin 4, ECWmax 10, TXOP 0
ACI / AIFSN Field: 0x03
.00. .... = ACI: Best Effort (0)
...0 .... = Admission Control Mandatory: No
.... 0011 = AIFSN: 3
0... .... = Reserved: 0
ECW: 0xa4
1010 .... = ECW Max: 10
.... 0100 = ECW Min: 4
TXOP Limit: 0
Ac Parameters ACI 1 (Background), ACM no, AIFSN 7, ECWmin 4, ECWmax 10, TXOP 0
ACI / AIFSN Field: 0x27
.01. .... = ACI: Background (1)
...0 .... = Admission Control Mandatory: No
.... 0111 = AIFSN: 7
0... .... = Reserved: 0
ECW: 0xa4
1010 .... = ECW Max: 10
.... 0100 = ECW Min: 4
TXOP Limit: 0
Ac Parameters ACI 2 (Video), ACM no, AIFSN 2, ECWmin 3, ECWmax 4, TXOP 94
ACI / AIFSN Field: 0x42
.10. .... = ACI: Video (2)
...0 .... = Admission Control Mandatory: No
.... 0010 = AIFSN: 2
0... .... = Reserved: 0
ECW: 0x43
0100 .... = ECW Max: 4
.... 0011 = ECW Min: 3
TXOP Limit: 94
Ac Parameters ACI 3 (Voice), ACM no, AIFSN 2, ECWmin 2, ECWmax 3, TXOP 47
ACI / AIFSN Field: 0x62
.11. .... = ACI: Voice (3)
...0 .... = Admission Control Mandatory: No
.... 0010 = AIFSN: 2
0... .... = Reserved: 0
ECW: 0x32
0011 .... = ECW Max: 3
.... 0010 = ECW Min: 2
TXOP Limit: 47
Tag: Vendor Specific: AtherosC: Advanced Capability
Tag Number: Vendor Specific (221)
Tag length: 9
OUI: 00-03-7f
Vendor Specific OUI Type: 1
Type: Advanced Capability (0x01)
Subtype: 0x01
Version: 0x00
Capabilities: 0x00
.... ...0 = Turbo Prime: False
.... ..0. = Compression: False
.... .0.. = Fast Frames: False
.... 0... = eXtended Range: False
...0 .... = Advanced Radar: False
..0. .... = Burst: False
.0.. .... = CWMin tuning: False
0... .... = Boost: False
Default key index: 0x7fff
相關推薦
WireShark對於WIFI資料幀的分析
1 【No.】0.000000000【Time】 HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) (TA)【Source】 10:0e:0e:20:6a:f4 (10:0e:0e:20:6a:f4) (RA)【Destination】802.1
SparkStreaming--小案例2對於爬蟲來的資料進行分析
請注意本部落格中程式碼頭和尾是固定模式,而lines是需要根據你的資料特點進行切分和整理的,我會附上我的一部分資料供參考,附在文件末尾。 1.統計某一時間段輸入資料出現次數(時間不斷更新)這不是爬蟲資料分析是一個熱身 package Test1226 import org.apache.s
wireshark 資料包分析技巧總結
轉載 http://shayi1983.blog.51cto.com/4681835/1558161 wireshark 過濾表示式的比較運算子一覽 (類 C 形式和對應的英語形式) enighish C-like
wireshark網路抓取資料包分析
第一次總結的文件不知到被我放到哪裡去了,找了很久沒有總結出來,於是只能再總結一次,之前也是一直在學習協議。資料包的分析對於瞭解網路,尤其是理解協議來說很重要。我只是分析了TCP/IP協議族的部分常見協議,自己記上一筆,防止放在電腦上又被我給弄沒了。。。 IP資料報格式
《WireShark資料包分析實戰》二、讓網路不再卡
TCP的錯誤恢復我是我們定位、診斷、並最終修復網路高延遲的最好工具。1.TCP重傳 重傳資料包是TCP最基本的錯誤恢復特性之一,它被設計用來對付資料包丟失。 資料包丟失可能有很多原因,包括出故障的應用程式、流量負載沉重的路由器,或者臨時性的服務中斷。資料包層
Wireshark-UDP資料報分析&&廣播
UDP協議:使用者資料報協議 UDP協議是一個簡單的面向資料報的傳輸層協議:程序的每個輸出操作都正好產生一個 U D P資料報,並組裝成一份待發送的 I P資料報。 UDP協議的特點: - UDP是一個無連線的協議 - UDP使用最大努力交
乙太網資料幀協議分析
目的 (1)掌握乙太網幀的構成,瞭解各個欄位的含義。 (2)掌握網路協議分析軟體的基本使用方法。 (3)掌握常用網路管理命令的使用方法。 工具 (1)軟體工具:抓包分析工具(wireshark) (2)作業系統:Windows7 Dos (3)區域網環境。 原理
使用Wireshark捕獲資料幀和IP資料包教程
About Wireshark Wireshark is one of the world's foremost network protocol analyzers, and is the standard in many parts of the in
關於wireshark抓包獲取的Frame:物理層的資料幀概況筆記
Frame:物理層的資料幀概況。 Ethernet II:資料鏈路層乙太網幀頭部資訊。 Internet Protocol Version 4:網際網路層IP包頭部資訊。 Transmission Control Protocol:傳輸層的資料段頭部資訊,此處是TC
Wireshark抓包之詳細分析
wireshark抓包之詳細分析數據鏈路層以太網幀頭部信息Destination 目標macSource 此數據包的源mac物理層,為設備之間的數據通信提供傳輸媒體及互連設備,總結來說就是“信號和介質” Frame 4: 66 bytes on wire (528 bits), 66 bytes cap
Wireshark安裝使用及報文分析(圖文詳解)
p s 技術 cap cut .net 信息 display 過程 數據 Wireshark是世界上最流行的網絡分析工具。這個強大的工具可以捕捉網絡中的數據,並為用戶提供關於網絡和上層協議的各種信息。與很多其他網絡工具一樣,Wireshark也使用pcapnetwork l
tcpdump,wireshark及數據包分析
.cn log server csdn 詳細 htm 端口號 read 數據包 TCPDUMP 常用參數 ! or not 非 && or and 且 || or or 或 -i <網絡接口> port <
Wireshark安裝使用及報文分析
clas aid ati wire wireshark ID shark static str 先看鏈接!!! Wireshark使用教程:https://jingyan.baidu.com/article/93f9803fe902f7e0e56f5553.html Wir
仁潤雲丨網路小貸風控資料介面分析(多頭借貸,芝麻信用)
對於網路小貸平臺而言,徵信和風控是業務發展過程中的重要環節。網路小貸業務主要防範的是欺詐風險和信用風險,諸如借款人通過套現、偽造、冒領冒用、惡意透支等手段進行騙貸。此外,平臺與平臺之間資訊不透明,使用者同時在多個平臺重複借貸等不良現象時常出現,市場資料共享機制有待完善。 關於網路小貸風控,常
大資料線上分析處理和常用工具
大資料線上分析處理的特點 . 資料來源源不斷的到來; 資料需要儘快的得到處理,不能產生積壓; 處理之後的資料量依然巨大,仍然後TB級甚至PB級的資料量; 處理的結果能夠儘快的展現; 以上四個特點可以總結為資料的收集->資料的傳輸->資料的處理-&g
STM32開發小結--使用STM32F4串列埠的空閒中斷模式+DMA接收不定長資料幀
開發平臺:Keil 5 庫函式版本:V3.5 晶片:STM32F407VET6 1 STM32的串列埠接收資料的方式 STM32的串列埠接收資料有三種方式可以選擇: 1.1 輪詢接收 在主迴圈中一直判斷串列埠接收完成標誌位是否置位,如果置位則讀取收到的資料。該種模式
Fiddler4抓取資料並分析(完整的配置教程)
個人分類: 【軟體】 一、Fiddler 現在的移動應用程式幾乎都會和網路打交道,所以在
live555從RTSP伺服器讀取資料到使用接收到的資料流程分析
本文在linux環境下編譯live555工程,並用cgdb除錯工具對live555工程中的testProgs目錄下的openRTSP的執行過程進行了跟蹤分析,直到將從socket端讀取視訊資料並儲存為對應的視訊和音訊資料為止。 進入testProgs目錄,執行./openRTSP rtsp://
大資料文字分析的應用場景有哪些?
https://www.pmcaff.com/discuss/index/480966354177088?from=related&pmc_param%5Bentry_id%5D=1000000000167873 自問自答一發。之前寫過2篇相關的文章: 【資料運營】在運營中,為什麼文字分析遠比數值
[Android]高效能MMKV資料互動分析-MMKV初始化
大家好,我係蒼王。 以下是我這個系列的相關文章,有興趣可以參考一下,可以給個喜歡或者關注我的文章。 [Android]如何做一個崩潰率少於千分之三噶應用app--章節列表 元件化群1已經滿員,進來的可以加群2 763094035 MMKV框架初始化 MMKV.initiali