I'm currently working on a project where I need to capture 802.11 packets using the pcap library in Rust on a Windows environment. I enable Monitor Mode using wlanhelper.exe
Here is a sample of my code:
use pcap::*;
fn capture_wpa2_handshake(
interface_index:usize
) {
// List available devices and choose the one you want
let device = Device::list().unwrap()[interface_index].clone();
// Choose the device (you may need to change the index based on your setup)
// Open the selected device for capturing
let mut cap = device.open().unwrap();
let mut savefile = cap.savefile("test.pcap").unwrap();
// Keep capturing until the 4-way handshake is complete
let mut handshake_complete = false;
// Set a filter to capture only TCP packets
cap.filter("ether proto 0x888e", true).unwrap();
while !handshake_complete {
if let Ok(packet) = cap.next_packet() {
// Process the packet, check if it's part of the WPA2 4-way handshake
// You need to implement the logic to identify EAPOL-Key messages
// and keep track of the handshake state
println!("Received packet: {:?}", packet);
// Check if the WPA2 4-way handshake is complete
// You need to implement the logic to detect the completion of the handshake
handshake_complete = is_wpa2_handshake_complete(&packet);
// handshake_complete = true;
savefile.write(&packet);
}
}
println!("WPA2 4-way handshake complete!");
}
The problem I face I can't capture any packets using pcap, but Wireshark can.