Thank you for the information. Actually, I ended up using Microsoft Native Wifi API. The only problem is that only works from WinVista.
On Tue, Apr 12, 2011 at 1:25 AM, Guy Harris <[email protected]> wrote: > > On Apr 11, 2011, at 5:17 PM, Gianluca Varenni wrote: > > > I’m not actually sure that Cain uses WinPcap to do that. > > > > I think that Cain does that by either using AirPcap or the Microsoft > wi-fi APIs to list the access points. > > > > Have you asked the cain authors how they do that? > > They say on their Web site how they do that: > > http://www.oxid.it/ca_um/topics/wireless_scanner.htm > > "The active scanner opens the wireless network adapter using the Winpcap > protocol driver then it uses the "PacketRequest" function of the same driver > to communicate with the wireless network card. This API can be used from the > Windows User Mode to perform a query/set operation on an internal variable > of the network card driver. > > BOOL PacketRequest ( LPADAPTER AdapterObject, BOOL Set, PPACKET_OID_DATA > OidData); > > ...from Winpcap documentation > not all the network adapters implement all the query/set functions. There > is a set of mandatory OID functions that is granted to be present on all the > adapters, and a set of facultative functions, not provided by all the cards > (see the Microsoft DDKs to see which functions are mandatory). If you use a > facultative function, be careful to enclose it in an if statement to check > the result. > > Windows DDK provides a set of mandatory WLAN OIDs that should be supported > by all Miniport drivers for IEEE 802.11; they are all defined in > "ntddndis.h" file (from Windows XP SP1 DDK) and documented here. > > The scan command is sent to the wireless card using the > OID_802_11_BSSID_LIST_SCAN and the following function ..." > > which translates as "we use WinPcap, but we don't use it to capture > traffic, we use it as a userland interface to NDIS for sending OID requests > to the adapter driver". It's digging up information that Windows has > gathered about access points. > > They can also use AirPcap to scan by watching network traffic go by: > > "The passive scanner requires the AirPcap adapter from CACE Technologies > which enables the raw capture of 802.11 frames by mean of its AirPcap > drivers. The scanner recognize wireless Access Points (upper list) and > clients (lower list) decoding 802.11b/g packets that travels on the air in a > completely passive way. The "Channel Hopping" feature changes the frequency > of the adapter every second and let you discover wireless networks on > different channels." > > _______________________________________________ > Winpcap-users mailing list > [email protected] > https://www.winpcap.org/mailman/listinfo/winpcap-users >
_______________________________________________ Winpcap-users mailing list [email protected] https://www.winpcap.org/mailman/listinfo/winpcap-users
