Thursday, September 3, 2015

iperf for QOS



iperf has an undocumented argument -S, use as -S 0x10

Queues observed over a wireless network are
  • Background (de-prioritized) 0x10
  • Best Effort 0x00
  • Audio/Voice 0xA0
  • Video 0xE0
Posted by at No comments:

Monday, July 27, 2015

WLAN class1 class2 and class3 frames

This page describes difference between WLAN class1, class2 and class3 as per IEEE 802.11 WLAN standard. Figure-1 below depicts 802.11 state diagram. As shown allowed frame types vary with the association and authentication states. Stations are either authenticated or unauthenticated and can be associated or unassociated. These two variables can be combined into three allowed states.

802.11 state diagram
There are three states as mentioned below:

State-1. Initial state; not authenticated and not associated
State-2. Authenticated but not yet associated
State-3. Authenticated and associated

WLAN Class1 frames

a) WLAN Class 1 frames (permitted from within States 1, 2, and 3)
1) Control frames
i) Request to send (RTS)
ii) Clear to send (CTS)
iii) Acknowledgment (ACK)
iv) Contention-Free (CF)-End+ACK
v) CF-End
2) Management frames
i) Probe request/response
ii) Beacon
iii) Authentication: Successful authentication enables a STA to exchange Class 2 frames.
Unsuccessful authentication leaves the STA in State 1.
iv) Deauthentication: Deauthentication notification when in State 2 or State 3 changes the
STA's state to State 1. The STA shall become authenticated again prior to sending Class 2
frames. Deauthentication notification when in State 3 implies disassociation as well.
v) Announcement traffic indication message (ATIM)
vi) Spectrum Management Action: Within an IBSS, action frames are Class 1.
3) Data frames
i) Data: Data frames between STAs in an IBSS with frame control (FC) bits "To DS" and "From DS" both false.

Control Management Data
RTS Probe Request Any frame with ToDS and FromDS false(0)
CTS Probe Response
Acknowledgment Beacon
CF-End Authentication
CF-End+CF-Ack Deauthentication
ATIM(Announcement Traffic Indication Message)

WLAN Class2 frames

WLAN Class 2 frames (if and only if authenticated; allowed from within States 2 and 3 only)
1) Management frames
i) Association request/response: Successful association enables Class 3 frames.
Unsuccessful association leaves STA in State 2.
ii) Reassociation request/response: Successful reassociation enables Class 3 frames.
Unsuccessful reassociation leaves the STA in State 2 (with respect to the STA that was
sent the reassociation message). Reassociation frames shall only be sent if the sending
STA is already associated in the same ESS.
iii) Disassociation: Disassociation notification when in State 3 changes a STA's state to
State 2. This STA shall become associated again if it wishes to utilize the DS.
If STA A receives a Class 2 frame with a unicast address in the Address 1 field from STA B that is
not authenticated with STA A, STA A shall disallow the received Class 2 frame and send a
deauthentication frame to STA B.


Control Management Data
None Association Request/Response None
Reassociation Request/Response
Disassociation

WLAN Class3 frames

WLAN Class 3 frames (if and only if associated; allowed only from within State 3)
1) Data frames
i) Data subtypes: Data frames allowed, i.e., either the "To DS" or
"From DS" FC bits may
be set to true to utilize the DSS.
ii) QoS data subtypes allowed to/from non-AP STA(s) that are associated with AP(s).
iii) Data frames between STAs in a BSS with FC bits "To DS" and
"From DS" both false.
2) Management frames
i) QoS, DLS, and Block Ack Action
3) Control frames
i) Power save (PS)-Poll
ii) Action: Within an infrastucture BSS, action frames are Class 3.
iii) Block Ack (BlockAck)
iv) Block Ack Request (BlockAckReq)


Control Management Data
PS-Poll Deauthentication any frames including those with either the ToDS or FromDS bits set
Posted by at No comments:

Friday, July 17, 2015

Copying wireshark packet detail to plain text

You can mark packets and export the marked packets to a text file.

right-click -> Mark Packet (toggle)
Edit -> Mark Packet (toggle) multiple packets

Do a "Print" and select output to file. Then specify which packets, the filename
and Packet Format. This will create a text output.


Posted by at No comments:

WEP Shared key(4 way authentication)















The following steps occur when two devices use Shared Key Authentication:
  1. The station sends an authentication request to the access point.
  2. The access point sends challenge text to the station.
  3. The station uses its configured 64-bit or 128-bit default key to encrypt the challenge text, and it sends the encrypted text to the access point.
  4. The access point decrypts the encrypted text using its configured WEP key that corresponds to the station's default key. The access point compares the decrypted text with the original challenge text. If the decrypted text matches the original challenge text, then the access point and the station share the same WEP key, and the access point authenticates the station.
  5. The station connects to the network.
 Details of each packet:
 
Shared Key authentication may be used if WEP has been selected and shall not be used otherwise.

FIRST PACKET:

DESC: Upon receipt of a Shared Key MLME-AUTHENTICATE.request primitive, the requester shall perform the following procedure:

a) If one or more request parameters are invalid, issue an MLME-AUTHENTICATE.confirm primitive with ResultCode set to INVALID_PARAMETERS; else
b) Construct a Shared Key authentication request frame and transmit it to the responder.

Frame: 94: 34 bytes on wire (272 bits), 34 bytes captured (272 bits)
802.11 radio information
IEEE 802.11 Authentication, Flags: .........
    Type/Subtype: Authentication (0x000b)
    Frame Control Field: 0xb000
    .000 0001 0011 1010 = Duration: 314 microseconds
    Receiver address: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    Destination address: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    Transmitter address: 00:02:5b:00:33:05 (00:02:5b:00:33:05)
    Source address: 00:02:5b:00:33:05 (00:02:5b:00:33:05)
    BSS Id: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    Fragment number: 0
    Sequence number: 9
    Frame check sequence: 0x00000000 [incorrect, should be 0xd5391e0a]
IEEE 802.11 wireless LAN management frame
    Fixed parameters (6 bytes)
        Authentication Algorithm: Shared key (1)
        Authentication SEQ: 0x0001
        Status code: Successful (0x0000)

SECOND PACKET:

DESC: Upon receipt of an authentication frame requesting Shared Key authentication, the responder may authenticate the requester using the procedure here and in the following two frames:
a) Issue an MLME-AUTHENTICATE.indication primitive to inform the SME of the authentication request.
b) Before sending the second frame in the Shared Key authentication sequence, the responder shall use WEP to generate a string of octets to be used as the authentication challenge text.
c) Construct and transmit to the requester an authentication response frame.

If the status code is not “successful,” this shall be the last frame of the transaction sequence; and the content of the challenge text field is unspecified.
If the status code is “successful,” the following additional information items shall have valid contents:
— Authentication algorithm dependent information = The challenge text
— This authentication result shall be of fixed length of 128 octets. The field shall be filled with octets generated by the WEP PRNG. The actual value of the challenge field is unimportant, but the value shall not be a static value

Frame: 97: 164 bytes on wire (1312 bits), 164 bytes captured (1312 bits)
802.11 radio information
IEEE 802.11 Authentication, Flags: .........
    Type/Subtype: Authentication (0x000b)
    Frame Control Field: 0xb000
    .000 0001 0100 0000 = Duration: 320 microseconds
    Receiver address: 00:02:5b:00:33:05 (00:02:5b:00:33:05)
    Destination address: 00:02:5b:00:33:05 (00:02:5b:00:33:05)
    Transmitter address: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    Source address: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    BSS Id: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    Fragment number: 0
    Sequence number: 7
    Frame check sequence: 0x00000000 [incorrect, should be 0x8e3a237d]
IEEE 802.11 wireless LAN management frame
    Fixed parameters (6 bytes)
        Authentication Algorithm: Shared key (1)
        Authentication SEQ: 0x0002
        Status code: Successful (0x0000)
    Tagged parameters (130 bytes)
        Tag: Challenge text
            Tag Number: Challenge text (16)
            Tag length: 128
            Challenge Text: af3bad3b301e6a7c30f16b0138c823ea7ea074c46284ed1c...

THIRD PACKET:
DESC: The requester shall copy the challenge text from the second frame into a third authentication frame. The third frame shall be transmitted to the responder after cryptographic encapsulation by WEP

Frame: 98: 172 bytes on wire (1376 bits), 172 bytes captured (1376 bits)
802.11 radio information
IEEE 802.11 Authentication, Flags: .p.......
    Type/Subtype: Authentication (0x000b)
    Frame Control Field: 0xb040
    .000 0001 0011 1010 = Duration: 314 microseconds
    Receiver address: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    Destination address: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    Transmitter address: 00:02:5b:00:33:05 (00:02:5b:00:33:05)
    Source address: 00:02:5b:00:33:05 (00:02:5b:00:33:05)
    BSS Id: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    Fragment number: 0
    Sequence number: 10
    Frame check sequence: 0x00000000 [incorrect, should be 0x9f917d1f]
    WEP parameters
        Initialization Vector: 0x0d0000
        Key Index: 1
        WEP ICV: 0xcf4de011 (not verified)

FOURTH PACKET:
The responder shall WEP-decapsulate the third frame as described in 11.2.2. If the WEP ICV check is successful, the responder shall compare the decrypted contents of the Challenge Text field with the
challenge text sent in second frame. If they are the same, then the responder shall transmit an authentication frame to the requester with a successful status code in the final frame of the sequence. If the WEP ICV check fails or challenge text comparison fails, the responder shall respond with an unsuccessful status code in final frame.
 
Frame: 100: 34 bytes on wire (272 bits), 34 bytes captured (272 bits)
802.11 radio information
IEEE 802.11 Authentication, Flags: .........
    Type/Subtype: Authentication (0x000b)
    Frame Control Field: 0xb000
    .000 0001 0100 0000 = Duration: 320 microseconds
    Receiver address: 00:02:5b:00:33:05 (00:02:5b:00:33:05)
    Destination address: 00:02:5b:00:33:05 (00:02:5b:00:33:05)
    Transmitter address: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    Source address: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    BSS Id: 90:f6:52:a1:95:d8 (90:f6:52:a1:95:d8)
    Fragment number: 0
    Sequence number: 8
    Frame check sequence: 0x00000000 [incorrect, should be 0x5fa1b3ec]
IEEE 802.11 wireless LAN management frame
    Fixed parameters (6 bytes)
        Authentication Algorithm: Shared key (1)
        Authentication SEQ: 0x0004
        Status code: Successful (0x0000)
Posted by at No comments:

Monday, June 29, 2015

How to Decrypt 802.11

How to Decrypt 802.11

Wireshark can decrypt WEP and WPA/WPA2 in pre-shared (or personal) mode. WPA/WPA2 enterprise mode decryption is not yet supported.
You can add decryption keys using Wireshark's 802.11 preferences or by using the wireless toolbar. Up to 64 keys are supported.

Adding Keys: 802.11 Preferences

Go to Edit->Preferences->IEEE 802.11. You should see a window that looks like this:
dot11-wep-wpa.png
Note that the key examples mention WPA, and that each key item is labeled "Key". If your preferences window doesn't mention WPA, like this
dot11-wep-only.png
then your version of Wireshark only supports WEP decryption. This might be the case with older versions of Wireshark, particularly the 64-bit Windows version.
In all versions WEP keys can be specified as a string of hexadecimal numbers, with or without colons: 
    a1:b2:c3:d4:e5
    0102030405060708090a0b0c0d
In versions that support WPA decryption you should use a prefix to tell Wireshark what kind of key you're using:
  • wep The key is parsed as a WEP key. 
    wep:a1:b2:c3:d4:e5
  • wpa-pwd The password and SSID are used to create a raw pre-shared key. 
    wpa-pwd:MyPassword:MySSID
  • wpa-psk The key is parsed as a raw pre-shared key. 
    wpa-psk:0102030405060708091011...6061626364
Posted by at No comments:

Tuesday, June 23, 2015

malloc returns NULL

#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>

int main()
{
    char *ptr = NULL;
    ptr = malloc(SIZE_MAX);
    if (ptr == NULL)
        printf("memory allocation failed\n");
    else
        printf("memory allocation success\n");
}

Where SIZE_MAX is defines as

/* Limit of `size_t' type.  */
# if __WORDSIZE == 64
#  define SIZE_MAX      (18446744073709551615UL)
# else
#  define SIZE_MAX      (4294967295U)
# endif
 
Posted by at No comments:

Wednesday, June 10, 2015

iperf to multicast addreses

Following is the way to iperf data to multicast addresses.



1.Add multicast addresses to all STA(AP and STA connected) as below
        route add -net 224.0.0.0/4 dev eth0
2.At server
                Iperf –s –u –B 224.0.0.13 –I 1
3.client side
                Iperf –c 224.0.0.13 –u 1 1000 –T 5 –I 1
4.To delete route for multicast addresses.
        route del -net 224.0.0.0/4 dev eth0
Posted by at No comments:
Subscribe to: Comments (Atom)