ubuntu wifi抓包方法_wireshark过滤命令
sudo apt-get install aircrack-ng
sudo airmon-ng start wlan0 11
sudo iwconfig mon0 channel 6
sudo airmon-ng stop mon0
eth.addr == AA:BB:CC:DD:EE:FF
wlan.addr == AA:BB:CC:DD:EE:FF
wlan.fc.type == 0 // management frame
wlan.fc.type == 1 // control frame
wlan.fc.type == 2 // data frame
wlan.fc.subtype == 4
wlan.fc.type_subtype == 0x00 // mgt assoc req
wlan.fc.type_subtype == 0x01 // mgt assoc rsp
wlan.fc.type_subtype == 0x04 // mgt probe req
wlan.fc.type_subtype == 0x05 // mgt probe rsp
wlan.fc.type_subtype == 0x08 // mgt Beacon
wlan.fc.type_subtype == 0x0A // mgt Disassoc
wlan.fc.type_subtype == 0x0B // mgt Auth
wlan.fc.type_subtype == 0x0C // mgt Deauth
wlan.fc.type_subtype == 0x0D // mgt Action
wlan.fc.type_subtype == 0x0E // mgt Action No Ack
wlan.ta == AA:BB:CC:DD:EE:FF
wlan.ra == AA:BB:CC:DD:EE:FF
wlan.da == AA:BB:CC:DD:EE:FF
wlan.addr == AA:BB:CC:DD:EE:FF
wlan.addr contains AA:BB:CC
ip.addr == 1.2.3.4
tcp.port in {80 443 8080}
tcp.port == 80 || tcp.port == 443 || tcp.port == 8080