Test Cases

What ?

The test sequences that i did. For now, i only tried to emit frames. No characteristics of these frames has be determined.

What's next

Try to determine some field meanings in the tx'd frames and in the set tx/rx packets by active testing. See DataSent for what needs be tested.

How to

talking to the device

In order to send this data / carry out experiments you'll need to use a private ioctl in the non-madwifi version of the driver. From emacs, using the .el found in the prism54-project distribution, this is really easy.

making sense out of what happens

You'll need at least one monitoring 802.11 device (monitor mode + ethereal is the right combo). Two devices are sufficient when dealing with some packets ; to carry out experiments with data transmission / association, you'll need an AP to be associated to, and a device to monitor the 802.11 traffic. This means three devices : the usb dongle, a working AP/IBSS node, a monitoring node.

Data

Sending probes

// beacon alloc

    00000000: 6c 06 02 00 6c 00 00 00 00 00 00 00 00 00 00 00
    00000010: 00 40 30 00 08 40 2f 81 00 00 01 01 00 00 00 00
    00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000030: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00
    00000040: 00 00 00 00 00 00 00 00 04 c7 09 38 40 00 00 00
    00000050: ff ff ff ff ff ff 00 0c 41 de 30 96 ff ff ff ff
    00000060: ff ff 00 00 00 06 63 6f 75 63 6f 75 01 04 02 04
    00000070: 0b 16 32 08 0c 12 18 24 30 48 60 6d

// send it. Replace with the frequency change packet of your device,
// the important thing is the 06 00 28 field

    00000000: 00 02 02 00 78 00 00 00 00 00 00 00 00 00 00 00
    00000010: 01 80 6c 00 00 00 00 00 01 00 00 00 06 00 28 00
    00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000030: 00 00 00 00 9e 09 01 00 02 00 fa 03 01 01 08 48
    00000040: 3c 3a 2e 2b 4e 72 71 7f 8b 97 a3 00 46 35 53 61
    00000050: 6d 79 85 00 3e 09 3a 48 54 60 6c 00 32 dc 1a 28
    00000060: 34 40 4c 00 26 bf 00 0c 18 24 30 00 1a ad 00 00
    00000070: 00 0a 16 00 0e a2 00 00 00 00 00 00 00 9a 00 00
    00000080: 00 00 00 00 00 00 00 00

// alloc second one

    00000000: 6c 07 02 00 6c 00 00 00 00 00 00 00 00 00 00 00
    00000010: 00 40 30 00 08 40 2f 81 00 00 01 01 00 00 00 00
    00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000030: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00
    00000040: 00 00 00 00 00 00 00 00 04 00 00 00 40 00 00 00
    00000050: ff ff ff ff ff ff 00 0c 41 de 30 96 ff ff ff ff
    00000060: ff ff 00 00 00 06 63 6f 75 63 6f 75 01 04 02 04
    00000070: 0b 16 32 08 0c 12 18 24 30 48 60 6c

// loop again.

Sending beacons


// change frequency for emission

    00000000: 00 02 02 00 78 00 00 00 00 00 00 00 00 00 00 00
    00000010: 01 80 6c 00 00 00 00 00 01 00 00 00 01 00 00 00
    00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000030: 00 00 00 00 9e 09 01 00 02 00 fa 03 01 01 08 48
    00000040: 3c 3a 2e 2b 4e 72 71 7f 8b 97 a3 00 46 35 53 61
    00000050: 6d 79 85 00 3e 09 3a 48 54 60 6c 00 32 dc 1a 28
    00000060: 34 40 4c 00 26 bf 00 0c 18 24 30 00 1a ad 00 00
    00000070: 00 0a 16 00 0e a2 00 00 00 00 00 00 00 9a 00 00
    00000080: 00 00 00 00 00 00 00 00

// what's important is the 02 at the beginning : indicates the mode,
// here IBSS

00000000: 00 02 02 00 34 00 00 00 00 00 00 00 00 00 00 00
00000010: 01 80 28 00 00 00 00 00 00 00 00 00 02 00 00 0c
00000020: 41 de 30 96 ff ff ff ff ff ff 02 bd 00 00 00 00
00000030: 08 06 04 01 00 00 00 00 0c 48 02 00 10 06 03 00
00000040: 00 00 00 00


// The only difference is on 02 40 + the fact that it gets 0 as number.
// also see the fact that it is put with a different setup (see above)

 00000000: 6C 06 02 00 87 00 00 00 00 00 00 00 00 00 00 00
 00000010: 02 40 4B 00 00 30 67 CC 00 00 01 01 00 00 00 00
 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 00000040: 00 00 00 00 00 00 00 00 04 80 9C 8E 80 00 00 00
 00000050: FF FF FF FF FF FF 00 0C 41 DA 29 4C 06 92 2B 31
 00000060: 2A 3E 00 00 46 72 65 65 2E 4E 65 74 64 00 32 00
 00000070: 00 10 78 43 5A 46 72 65 65 2E 4E 65 74 2E 46 65
 00000080: 79 64 01 04 82 84 8B 96 03 01 0C 06 02 00 00 07
 00000090: 06 41 54 20 01 0D 14 E2

Beacon is then emitted.

Sending Mgmt frames (association request)


// change freq for emission

    00000000: 00 02 02 00 78 00 00 00 00 00 00 00 00 00 00 00
    00000010: 01 80 6c 00 00 00 00 00 01 00 00 00 01 00 00 00
    00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000030: 00 00 00 00 9e 09 01 00 02 00 fa 03 01 01 08 48
    00000040: 3c 3a 2e 2b 4e 72 71 7f 8b 97 a3 00 46 35 53 61
    00000050: 6d 79 85 00 3e 09 3a 48 54 60 6c 00 32 dc 1a 28
    00000060: 34 40 4c 00 26 bf 00 0c 18 24 30 00 1a ad 00 00
    00000070: 00 0a 16 00 0e a2 00 00 00 00 00 00 00 9a 00 00
    00000080: 00 00 00 00 00 00 00 00

// rx/tx control frame

00000000: 00 02 02 00 34 00 00 00 00 00 00 00 00 00 00 00
00000010: 01 80 28 00 00 00 00 00 00 00 00 00 01 00 00 0c
00000020: 41 de 30 96 00 09 5b 73 28 46 02 bd 00 00 00 00
00000030: 08 06 04 01 00 00 00 00 0c 48 02 00 10 06 03 00
00000040: 00 00 00 00

// send the data

    00000000: 6c 07 02 00 5a 00 00 00 00 00 00 00 00 00 00 00
    00000010: 00 40 1e 00 08 70 34 81 01 00 07 07 00 00 00 00
    00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000030: 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00
    00000040: 00 00 02 7f 23 00 00 00 04 73 28 46 b0 00 00 00
    00000050: 00 09 5b 73 28 46 00 0c 41 de 30 96 00 09 5b c7
    00000060: 09 38 00 00 00 00 01 00 00 00 30 00

sending data frames


// first kind of packet
00000000: 6c 07 02 00 5a 00 00 00 00 00 00 00 00 00 00 00
00000010: 00 40 1e 00 08 70 34 81 01 00 07 07 00 00 00 00
00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00000030: 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00
00000040: 00 00 02 7f 23 00 00 00 04 73 28 46 08 01 00 00
00000050: 00 09 5b 73 28 46 00 0c 41 de 30 96 00 09 5b c7
00000060: 09 38 00 00 00 00 01 00 00 00 30 00

// second kind of packet
    00000000: 6c 07 02 00 a2 01 00 00 00 00 00 00 00 00 00 00
    00000010: 10 40 68 01 08 e0 28 81 01 00 07 07 08 07 06 04
    00000020: 11 11 10 10 00 00 00 00 00 00 00 00 00 00 00 00
    00000030: 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00
    00000040: 00 00 02 7f 33 00 00 00 02 46 08 01 00 00 00 09
    00000050: 5b c7 09 38 00 0c 41 de 30 96 ff ff ff ff ff ff
    00000060: 00 00 aa aa 03 00 00 00 08 00 45 00 01 48 15 df
    00000070: 00 00 80 11 23 c7 00 00 00 00 ff ff ff ff 00 44
    00000080: 00 43 01 34 71 0b 01 01 06 00 22 4e 55 15 00 00
    00000090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    000000a0: 00 00 00 0c 41 de 30 96 00 00 00 00 00 00 00 00
    000000b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    000000c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    000000d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    000000e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    000000f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00000170: 00 00 63 82 53 63 35 01 01 fb 01 01 3d 07 01 00
    00000180: 0c 41 de 30 96 0c 0f 6a 65 61 6e 2d 33 36 32 30
    00000190: 38 31 66 31 32 37 3c 08 4d 53 46 54 20 35 2e 30
    000001a0: 37 0a 01 0f 03 06 2c 2e 2f 1f 21 2b ff 00 00 00
    000001b0: 00 00 00 00