Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Wireless toolbar in Wireshark 3.0

From: "Maynard, Chris via Wireshark-users" <wireshark-users () wireshark org>
Date: Fri, 11 Oct 2019 20:17:22 +0000
OK, well either I’ve gone mad and the adapter never worked as I’ve previously reported, or something has changed such 
that it no longer works.  Trying to simply obtain the mode even fails now:

WlanHelper.exe "Foo" mode
Error: makeOIDRequest::My_PacketOpenAdapter error (to use this function, you need to check the "Support raw 802.11 
traffic" option when installing Npcap)
Failure

I can say with certainty that I definitely enabled raw 802.11 support when installing npcap, so that can’t be the 
problem.  I tried reverting to earlier versions of npcap, 0.996 and 0.992 for example, but it still didn’t work.  I 
have since updated to Windows 10 1903 (10.0.18362 Build 18362) as well as the driver, which is now 20.10.10.2 released 
on May 12, 2019.  The same error occurrs, and in case you’re wondering, yes, I’m running the command from a 
command-prompt that was “Run as administrator”.

After some repeated tries, I did manage to get a “Success” from running this:

WlanHelper.exe GTKWireless mode managed
Success

… but I don’t believe it was actually successful because Wireshark (3.0.4 or master 3.1.1 
(v3.1.1rc0-481-g9dc1b312726c)) doesn’t allow me to place the adapter into Monitor Mode through its GUI.  I had tried 
testing with npcap installed both with and without WinPcap compatibilty mode.

For now at least, it would seem that this network card doesn’t work, but I will update the list again, as well as 
https://secwiki.org/w/Npcap/WiFi_adapters if the situation changes.  At least I still have an AirPcap adapter to use … 
although I do still need to test that to be sure *that* still works.

- Chris


From: Gordon Fyodor Lyon [mailto:gordon () nmap org]
Sent: Monday, October 7, 2019 1:04 PM
To: Community support list for Wireshark <wireshark-users () wireshark org>
Cc: Bartosz Kiziukiewicz <kiziuk () gmail com>; Maynard, Chris <Christopher.Maynard () IGT com>
Subject: Re: [Wireshark-users] Wireless toolbar in Wireshark 3.0

On Fri, Sep 20, 2019 at 8:58 AM Maynard, Chris via Wireshark-users <wireshark-users () wireshark 
org<mailto:wireshark-users () wireshark org>> wrote:

I'm not sure how up-to-date the https://secwiki.org/w/Npcap/WiFi_adapters page is.  For example, my Wireless network 
card is the "Intel Dual Band Wireless-AC 8260" card and I've been able to capture WiFi traffic in monitor mode just 
fine using WlanHelper.exe, despite that page indicating that it doesn't work.  Of course my driver version is slightly 
newer than the one listed there, being 20.70.6.1 instead of 20.70.1.1, so perhaps that's the reason.  Or possibly it 
didn't work with older versions of npcap, so I'd recommend trying it with the latest available version, currently 
0.9983 from https://nmap.org/npcap/.

Hi Chris.  That's great news!  We do try to keep that page up to date, but it depends on users letting us know what 
works (or doesn't) for them.  The page (https://secwiki.org/w/Npcap/WiFi_adapters) has simple instructions at the 
bottom for performing the necessary tests.  Then to report the results, you can either create a SecWiki account 
(https://secwiki.org/w/Special:RequestAccount) and edit the table directly, or just send me the answers to the 10 
fields in the table and I'll enter them myself.  We hope this will encourage more vendors to fix their drivers to 
better support raw capture and Radiotap, while also steering users toward buying adapters which actually meet their 
needs.

So if anyone here has adapters not listed on that page, or if you are seeing different results with newer drivers or 
newer Npcap, please send a report.  Thanks!

Cheers,
Fyodor

CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and 
may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the 
addressee. If you are not the intended recipient and have received this message in error, please delete this message 
from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is 
strictly prohibited.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: