€•BTŒsphinx.addnodes”Œdocument”“”)”}”(Œ rawsource”Œ”Œchildren”]”(Œ translations”Œ LanguagesNode”“”)”}”(hhh]”(hŒ pending_xref”“”)”}”(hhh]”Œdocutils.nodes”ŒText”“”ŒChinese (Simplified)”…””}”Œparent”hsbaŒ attributes”}”(Œids”]”Œclasses”]”Œnames”]”Œdupnames”]”Œbackrefs”]”Œ refdomain”Œstd”Œreftype”Œdoc”Œ reftarget”Œ1/translations/zh_CN/networking/mac80211-injection”Œmodname”NŒ classname”NŒ refexplicit”ˆuŒtagname”hhh ubh)”}”(hhh]”hŒChinese (Traditional)”…””}”hh2sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ1/translations/zh_TW/networking/mac80211-injection”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒItalian”…””}”hhFsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ1/translations/it_IT/networking/mac80211-injection”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒJapanese”…””}”hhZsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ1/translations/ja_JP/networking/mac80211-injection”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒKorean”…””}”hhnsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ1/translations/ko_KR/networking/mac80211-injection”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒPortuguese (Brazilian)”…””}”hh‚sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ1/translations/pt_BR/networking/mac80211-injection”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒSpanish”…””}”hh–sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ1/translations/sp_SP/networking/mac80211-injection”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubeh}”(h]”h ]”h"]”h$]”h&]”Œcurrent_language”ŒEnglish”uh1h hhŒ _document”hŒsource”NŒline”NubhŒcomment”“”)”}”(hŒ SPDX-License-Identifier: GPL-2.0”h]”hŒ SPDX-License-Identifier: GPL-2.0”…””}”hh·sbah}”(h]”h ]”h"]”h$]”h&]”Œ xml:space”Œpreserve”uh1hµhhh²hh³ŒK/var/lib/git/docbuild/linux/Documentation/networking/mac80211-injection.rst”h´KubhŒsection”“”)”}”(hhh]”(hŒtitle”“”)”}”(hŒ)How to use packet injection with mac80211”h]”hŒ)How to use packet injection with mac80211”…””}”(hhÏh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhhÊh²hh³hÇh´KubhŒ paragraph”“”)”}”(hŒ©mac80211 now allows arbitrary packets to be injected down any Monitor Mode interface from userland. The packet you inject needs to be composed in the following format::”h]”hŒ¨mac80211 now allows arbitrary packets to be injected down any Monitor Mode interface from userland. The packet you inject needs to be composed in the following format:”…””}”(hhßh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KhhÊh²hubhŒ literal_block”“”)”}”(hŒ5[ radiotap header ] [ ieee80211 header ] [ payload ]”h]”hŒ5[ radiotap header ] [ ieee80211 header ] [ payload ]”…””}”hhïsbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1híh³hÇh´K hhÊh²hubhÞ)”}”(hŒTThe radiotap format is discussed in ./Documentation/networking/radiotap-headers.rst.”h]”hŒTThe radiotap format is discussed in ./Documentation/networking/radiotap-headers.rst.”…””}”(hhýh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KhhÊh²hubhÞ)”}”(hŒËDespite many radiotap parameters being currently defined, most only make sense to appear on received packets. The following information is parsed from the radiotap headers and used to control injection:”h]”hŒËDespite many radiotap parameters being currently defined, most only make sense to appear on received packets. The following information is parsed from the radiotap headers and used to control injection:”…””}”(hj h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KhhÊh²hubhŒ block_quote”“”)”}”(hXÕ* IEEE80211_RADIOTAP_FLAGS ========================= =========================================== IEEE80211_RADIOTAP_F_FCS FCS will be removed and recalculated IEEE80211_RADIOTAP_F_WEP frame will be encrypted if key available IEEE80211_RADIOTAP_F_FRAG frame will be fragmented if longer than the current fragmentation threshold. ========================= =========================================== * IEEE80211_RADIOTAP_TX_FLAGS ============================= ======================================== IEEE80211_RADIOTAP_F_TX_NOACK frame should be sent without waiting for an ACK even if it is a unicast frame ============================= ======================================== * IEEE80211_RADIOTAP_RATE legacy rate for the transmission (only for devices without own rate control) * IEEE80211_RADIOTAP_MCS HT rate for the transmission (only for devices without own rate control). Also some flags are parsed ============================ ======================== IEEE80211_RADIOTAP_MCS_SGI use short guard interval IEEE80211_RADIOTAP_MCS_BW_40 send in HT40 mode ============================ ======================== * IEEE80211_RADIOTAP_DATA_RETRIES number of retries when either IEEE80211_RADIOTAP_RATE or IEEE80211_RADIOTAP_MCS was used * IEEE80211_RADIOTAP_VHT VHT mcs and number of streams used in the transmission (only for devices without own rate control). Also other fields are parsed flags field IEEE80211_RADIOTAP_VHT_FLAG_SGI: use short guard interval bandwidth field * 1: send using 40MHz channel width * 4: send using 80MHz channel width * 11: send using 160MHz channel width ”h]”hŒ bullet_list”“”)”}”(hhh]”(hŒ list_item”“”)”}”(hX¯IEEE80211_RADIOTAP_FLAGS ========================= =========================================== IEEE80211_RADIOTAP_F_FCS FCS will be removed and recalculated IEEE80211_RADIOTAP_F_WEP frame will be encrypted if key available IEEE80211_RADIOTAP_F_FRAG frame will be fragmented if longer than the current fragmentation threshold. ========================= =========================================== ”h]”(hÞ)”}”(hŒIEEE80211_RADIOTAP_FLAGS”h]”hŒIEEE80211_RADIOTAP_FLAGS”…””}”(hj*h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´Khj&ubhŒtable”“”)”}”(hhh]”hŒtgroup”“”)”}”(hhh]”(hŒcolspec”“”)”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”Kuh1jBhj?ubjC)”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”K+uh1jBhj?ubhŒtbody”“”)”}”(hhh]”(hŒrow”“”)”}”(hhh]”(hŒentry”“”)”}”(hhh]”hÞ)”}”(hŒIEEE80211_RADIOTAP_F_FCS”h]”hŒIEEE80211_RADIOTAP_F_FCS”…””}”(hjgh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´Khjdubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhj_ubjc)”}”(hhh]”hÞ)”}”(hŒ$FCS will be removed and recalculated”h]”hŒ$FCS will be removed and recalculated”…””}”(hj~h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´Khj{ubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhj_ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j]hjZubj^)”}”(hhh]”(jc)”}”(hhh]”hÞ)”}”(hŒIEEE80211_RADIOTAP_F_WEP”h]”hŒIEEE80211_RADIOTAP_F_WEP”…””}”(hjžh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´Khj›ubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhj˜ubjc)”}”(hhh]”hÞ)”}”(hŒ(frame will be encrypted if key available”h]”hŒ(frame will be encrypted if key available”…””}”(hjµh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´Khj²ubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhj˜ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j]hjZubj^)”}”(hhh]”(jc)”}”(hhh]”hÞ)”}”(hŒIEEE80211_RADIOTAP_F_FRAG”h]”hŒIEEE80211_RADIOTAP_F_FRAG”…””}”(hjÕh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KhjÒubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhjÏubjc)”}”(hhh]”hÞ)”}”(hŒLframe will be fragmented if longer than the current fragmentation threshold.”h]”hŒLframe will be fragmented if longer than the current fragmentation threshold.”…””}”(hjìh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´Khjéubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhjÏubeh}”(h]”h ]”h"]”h$]”h&]”uh1j]hjZubeh}”(h]”h ]”h"]”h$]”h&]”uh1jXhj?ubeh}”(h]”h ]”h"]”h$]”h&]”Œcols”Kuh1j=hj:ubah}”(h]”h ]”h"]”h$]”h&]”uh1j8hj&ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j$hj!ubj%)”}”(hX9IEEE80211_RADIOTAP_TX_FLAGS ============================= ======================================== IEEE80211_RADIOTAP_F_TX_NOACK frame should be sent without waiting for an ACK even if it is a unicast frame ============================= ======================================== ”h]”(hÞ)”}”(hŒIEEE80211_RADIOTAP_TX_FLAGS”h]”hŒIEEE80211_RADIOTAP_TX_FLAGS”…””}”(hj#h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´Khjubj9)”}”(hhh]”j>)”}”(hhh]”(jC)”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”Kuh1jBhj4ubjC)”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”K(uh1jBhj4ubjY)”}”(hhh]”j^)”}”(hhh]”(jc)”}”(hhh]”hÞ)”}”(hŒIEEE80211_RADIOTAP_F_TX_NOACK”h]”hŒIEEE80211_RADIOTAP_F_TX_NOACK”…””}”(hjTh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K"hjQubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhjNubjc)”}”(hhh]”hÞ)”}”(hŒMframe should be sent without waiting for an ACK even if it is a unicast frame”h]”hŒMframe should be sent without waiting for an ACK even if it is a unicast frame”…””}”(hjkh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K"hjhubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhjNubeh}”(h]”h ]”h"]”h$]”h&]”uh1j]hjKubah}”(h]”h ]”h"]”h$]”h&]”uh1jXhj4ubeh}”(h]”h ]”h"]”h$]”h&]”Œcols”Kuh1j=hj1ubah}”(h]”h ]”h"]”h$]”h&]”uh1j8hjubeh}”(h]”h ]”h"]”h$]”h&]”uh1j$hj!ubj%)”}”(hŒfIEEE80211_RADIOTAP_RATE legacy rate for the transmission (only for devices without own rate control) ”h]”(hÞ)”}”(hŒIEEE80211_RADIOTAP_RATE”h]”hŒIEEE80211_RADIOTAP_RATE”…””}”(hj¢h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K&hjžubhÞ)”}”(hŒLlegacy rate for the transmission (only for devices without own rate control)”h]”hŒLlegacy rate for the transmission (only for devices without own rate control)”…””}”(hj°h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K(hjžubeh}”(h]”h ]”h"]”h$]”h&]”uh1j$hj!ubj%)”}”(hXSIEEE80211_RADIOTAP_MCS HT rate for the transmission (only for devices without own rate control). Also some flags are parsed ============================ ======================== IEEE80211_RADIOTAP_MCS_SGI use short guard interval IEEE80211_RADIOTAP_MCS_BW_40 send in HT40 mode ============================ ======================== ”h]”(hÞ)”}”(hŒIEEE80211_RADIOTAP_MCS”h]”hŒIEEE80211_RADIOTAP_MCS”…””}”(hjÈh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K*hjÄubhÞ)”}”(hŒdHT rate for the transmission (only for devices without own rate control). Also some flags are parsed”h]”hŒdHT rate for the transmission (only for devices without own rate control). Also some flags are parsed”…””}”(hjÖh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K,hjÄubj9)”}”(hhh]”j>)”}”(hhh]”(jC)”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”Kuh1jBhjçubjC)”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”Kuh1jBhjçubjY)”}”(hhh]”(j^)”}”(hhh]”(jc)”}”(hhh]”hÞ)”}”(hŒIEEE80211_RADIOTAP_MCS_SGI”h]”hŒIEEE80211_RADIOTAP_MCS_SGI”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K0hjubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhjubjc)”}”(hhh]”hÞ)”}”(hŒuse short guard interval”h]”hŒuse short guard interval”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K0hjubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhjubeh}”(h]”h ]”h"]”h$]”h&]”uh1j]hjþubj^)”}”(hhh]”(jc)”}”(hhh]”hÞ)”}”(hŒIEEE80211_RADIOTAP_MCS_BW_40”h]”hŒIEEE80211_RADIOTAP_MCS_BW_40”…””}”(hj>h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K1hj;ubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhj8ubjc)”}”(hhh]”hÞ)”}”(hŒsend in HT40 mode”h]”hŒsend in HT40 mode”…””}”(hjUh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K1hjRubah}”(h]”h ]”h"]”h$]”h&]”uh1jbhj8ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j]hjþubeh}”(h]”h ]”h"]”h$]”h&]”uh1jXhjçubeh}”(h]”h ]”h"]”h$]”h&]”Œcols”Kuh1j=hjäubah}”(h]”h ]”h"]”h$]”h&]”uh1j8hjÄubeh}”(h]”h ]”h"]”h$]”h&]”uh1j$hj!ubj%)”}”(hŒzIEEE80211_RADIOTAP_DATA_RETRIES number of retries when either IEEE80211_RADIOTAP_RATE or IEEE80211_RADIOTAP_MCS was used ”h]”(hÞ)”}”(hŒIEEE80211_RADIOTAP_DATA_RETRIES”h]”hŒIEEE80211_RADIOTAP_DATA_RETRIES”…””}”(hjŒh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K4hjˆubhÞ)”}”(hŒXnumber of retries when either IEEE80211_RADIOTAP_RATE or IEEE80211_RADIOTAP_MCS was used”h]”hŒXnumber of retries when either IEEE80211_RADIOTAP_RATE or IEEE80211_RADIOTAP_MCS was used”…””}”(hjšh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K6hjˆubeh}”(h]”h ]”h"]”h$]”h&]”uh1j$hj!ubj%)”}”(hXsIEEE80211_RADIOTAP_VHT VHT mcs and number of streams used in the transmission (only for devices without own rate control). Also other fields are parsed flags field IEEE80211_RADIOTAP_VHT_FLAG_SGI: use short guard interval bandwidth field * 1: send using 40MHz channel width * 4: send using 80MHz channel width * 11: send using 160MHz channel width ”h]”(hÞ)”}”(hŒIEEE80211_RADIOTAP_VHT”h]”hŒIEEE80211_RADIOTAP_VHT”…””}”(hj²h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K9hj®ubhÞ)”}”(hŒ€VHT mcs and number of streams used in the transmission (only for devices without own rate control). Also other fields are parsed”h]”hŒ€VHT mcs and number of streams used in the transmission (only for devices without own rate control). Also other fields are parsed”…””}”(hjÀh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K;hj®ubhŒdefinition_list”“”)”}”(hhh]”(hŒdefinition_list_item”“”)”}”(hŒFflags field IEEE80211_RADIOTAP_VHT_FLAG_SGI: use short guard interval ”h]”(hŒterm”“”)”}”(hŒ flags field”h]”hŒ flags field”…””}”(hjÛh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jÙh³hÇh´K?hjÕubhŒ definition”“”)”}”(hhh]”hÞ)”}”(hŒ9IEEE80211_RADIOTAP_VHT_FLAG_SGI: use short guard interval”h]”hŒ9IEEE80211_RADIOTAP_VHT_FLAG_SGI: use short guard interval”…””}”(hjîh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K?hjëubah}”(h]”h ]”h"]”h$]”h&]”uh1jéhjÕubeh}”(h]”h ]”h"]”h$]”h&]”uh1jÓh³hÇh´K?hjÐubjÔ)”}”(hŒ~bandwidth field * 1: send using 40MHz channel width * 4: send using 80MHz channel width * 11: send using 160MHz channel width ”h]”(jÚ)”}”(hŒbandwidth field”h]”hŒbandwidth field”…””}”(hj h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jÙh³hÇh´KDhjubjê)”}”(hhh]”j )”}”(hhh]”(j%)”}”(hŒ!1: send using 40MHz channel width”h]”hÞ)”}”(hj"h]”hŒ!1: send using 40MHz channel width”…””}”(hj$h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KBhj ubah}”(h]”h ]”h"]”h$]”h&]”uh1j$hjubj%)”}”(hŒ!4: send using 80MHz channel width”h]”hÞ)”}”(hj9h]”hŒ!4: send using 80MHz channel width”…””}”(hj;h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KChj7ubah}”(h]”h ]”h"]”h$]”h&]”uh1j$hjubj%)”}”(hŒ$11: send using 160MHz channel width ”h]”hÞ)”}”(hŒ#11: send using 160MHz channel width”h]”hŒ#11: send using 160MHz channel width”…””}”(hjRh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KDhjNubah}”(h]”h ]”h"]”h$]”h&]”uh1j$hjubeh}”(h]”h ]”h"]”h$]”h&]”Œbullet”Œ*”uh1jh³hÇh´KBhjubah}”(h]”h ]”h"]”h$]”h&]”uh1jéhjubeh}”(h]”h ]”h"]”h$]”h&]”uh1jÓh³hÇh´KDhjÐubeh}”(h]”h ]”h"]”h$]”h&]”uh1jÎhj®ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j$hj!ubeh}”(h]”h ]”h"]”h$]”h&]”jljmuh1jh³hÇh´Khjubah}”(h]”h ]”h"]”h$]”h&]”uh1jh³hÇh´KhhÊh²hubhÞ)”}”(hŒ‡The injection code can also skip all other currently defined radiotap fields facilitating replay of captured radiotap headers directly.”h]”hŒ‡The injection code can also skip all other currently defined radiotap fields facilitating replay of captured radiotap headers directly.”…””}”(hj’h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KFhhÊh²hubhÞ)”}”(hŒCHere is an example valid radiotap header defining some parameters::”h]”hŒBHere is an example valid radiotap header defining some parameters:”…””}”(hj h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KIhhÊh²hubhî)”}”(hŒ¬0x00, 0x00, // <-- radiotap version 0x0b, 0x00, // <- radiotap header length 0x04, 0x0c, 0x00, 0x00, // <-- bitmap 0x6c, // <-- rate 0x0c, //<-- tx power 0x01 //<-- antenna”h]”hŒ¬0x00, 0x00, // <-- radiotap version 0x0b, 0x00, // <- radiotap header length 0x04, 0x0c, 0x00, 0x00, // <-- bitmap 0x6c, // <-- rate 0x0c, //<-- tx power 0x01 //<-- antenna”…””}”hj®sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1híh³hÇh´KKhhÊh²hubhÞ)”}”(hŒTThe ieee80211 header follows immediately afterwards, looking for example like this::”h]”hŒSThe ieee80211 header follows immediately afterwards, looking for example like this:”…””}”(hj¼h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KRhhÊh²hubhî)”}”(hŒŽ0x08, 0x01, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x13, 0x22, 0x33, 0x44, 0x55, 0x66, 0x13, 0x22, 0x33, 0x44, 0x55, 0x66, 0x10, 0x86”h]”hŒŽ0x08, 0x01, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x13, 0x22, 0x33, 0x44, 0x55, 0x66, 0x13, 0x22, 0x33, 0x44, 0x55, 0x66, 0x10, 0x86”…””}”hjÊsbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1híh³hÇh´KUhhÊh²hubhÞ)”}”(hŒ!Then lastly there is the payload.”h]”hŒ!Then lastly there is the payload.”…””}”(hjØh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K[hhÊh²hubhÞ)”}”(hXAfter composing the packet contents, it is sent by send()-ing it to a logical mac80211 interface that is in Monitor mode. Libpcap can also be used, (which is easier than doing the work to bind the socket to the right interface), along the following lines:::”h]”hXAfter composing the packet contents, it is sent by send()-ing it to a logical mac80211 interface that is in Monitor mode. Libpcap can also be used, (which is easier than doing the work to bind the socket to the right interface), along the following lines::”…””}”(hjæh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K]hhÊh²hubhî)”}”(hŒrppcap = pcap_open_live(szInterfaceName, 800, 1, 20, szErrbuf); ... r = pcap_inject(ppcap, u8aSendBuffer, nLength);”h]”hŒrppcap = pcap_open_live(szInterfaceName, 800, 1, 20, szErrbuf); ... r = pcap_inject(ppcap, u8aSendBuffer, nLength);”…””}”hjôsbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1híh³hÇh´KbhhÊh²hubhÞ)”}”(hŒ?You can also find a link to a complete inject application here:”h]”hŒ?You can also find a link to a complete inject application here:”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KfhhÊh²hubhÞ)”}”(hŒEhttps://wireless.wiki.kernel.org/en/users/Documentation/packetspammer”h]”hŒ reference”“”)”}”(hjh]”hŒEhttps://wireless.wiki.kernel.org/en/users/Documentation/packetspammer”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”juh1jhjubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KhhhÊh²hubhÞ)”}”(hŒAndy Green ”h]”(hŒ Andy Green <”…””}”(hj*h²hh³Nh´Nubj)”}”(hŒandy@warmcat.com”h]”hŒandy@warmcat.com”…””}”(hj2h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”Œmailto:andy@warmcat.com”uh1jhj*ubhŒ>”…””}”(hj*h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KjhhÊh²hubeh}”(h]”Œ)how-to-use-packet-injection-with-mac80211”ah ]”h"]”Œ)how to use packet injection with mac80211”ah$]”h&]”uh1hÈhhh²hh³hÇh´Kubeh}”(h]”h ]”h"]”h$]”h&]”Œsource”hÇuh1hŒcurrent_source”NŒ current_line”NŒsettings”Œdocutils.frontend”ŒValues”“”)”}”(hÍNŒ generator”NŒ datestamp”NŒ source_link”NŒ source_url”NŒ toc_backlinks”jbŒfootnote_backlinks”KŒ sectnum_xform”KŒstrip_comments”NŒstrip_elements_with_classes”NŒ strip_classes”NŒ report_level”KŒ halt_level”KŒexit_status_level”KŒdebug”NŒwarning_stream”NŒ traceback”ˆŒinput_encoding”Œ utf-8-sig”Œinput_encoding_error_handler”Œstrict”Œoutput_encoding”Œutf-8”Œoutput_encoding_error_handler”jvŒerror_encoding”Œutf-8”Œerror_encoding_error_handler”Œbackslashreplace”Œ language_code”Œen”Œrecord_dependencies”NŒconfig”NŒ id_prefix”hŒauto_id_prefix”Œid”Œ dump_settings”NŒdump_internals”NŒdump_transforms”NŒdump_pseudo_xml”NŒexpose_internals”NŒstrict_visitor”NŒ_disable_config”NŒ_source”hÇŒ _destination”NŒ _config_files”]”Œ7/var/lib/git/docbuild/linux/Documentation/docutils.conf”aŒfile_insertion_enabled”ˆŒ raw_enabled”KŒline_length_limit”M'Œpep_references”NŒ pep_base_url”Œhttps://peps.python.org/”Œpep_file_url_template”Œpep-%04d”Œrfc_references”NŒ rfc_base_url”Œ&https://datatracker.ietf.org/doc/html/”Œ tab_width”KŒtrim_footnote_reference_space”‰Œsyntax_highlight”Œlong”Œ smart_quotes”ˆŒsmartquotes_locales”]”Œcharacter_level_inline_markup”‰Œdoctitle_xform”‰Œ docinfo_xform”KŒsectsubtitle_xform”‰Œ image_loading”Œlink”Œembed_stylesheet”‰Œcloak_email_addresses”ˆŒsection_self_link”‰Œenv”NubŒreporter”NŒindirect_targets”]”Œsubstitution_defs”}”Œsubstitution_names”}”Œrefnames”}”Œrefids”}”Œnameids”}”jQjNsŒ nametypes”}”jQ‰sh}”jNhÊsŒ footnote_refs”}”Œ citation_refs”}”Œ autofootnotes”]”Œautofootnote_refs”]”Œsymbol_footnotes”]”Œsymbol_footnote_refs”]”Œ footnotes”]”Œ citations”]”Œautofootnote_start”KŒsymbol_footnote_start”KŒ id_counter”Œ collections”ŒCounter”“”}”…”R”Œparse_messages”]”Œtransform_messages”]”Œ transformer”NŒ include_log”]”Œ decoration”Nh²hub.