diff --git a/doc/app_notes/inject_80211.md b/doc/app_notes/inject_80211.md index d2aca45..aa0a637 100644 --- a/doc/app_notes/inject_80211.md +++ b/doc/app_notes/inject_80211.md @@ -28,11 +28,11 @@ To customize the packet, following piece of the inject_80211.c needs to be chang /* IEEE80211 header */ static const u8 ieee_hdr[] = { - 0x08, 0x01, 0x00, 0x00, // Frame Control, Duration/ID - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, // Address 1 - 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, // Address 2 - 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, // Address 3 - 0x10, 0x86, // Sequence Control + 0x08, 0x01, 0x00, 0x00, // FC 0x0801. 0--subtype; 8--type&version; 01--toDS1 fromDS0 (data packet to DS) + 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, // BSSID/MAC of AP + 0x66, 0x55, 0x44, 0x33, 0x22, 0x22, // Source address (STA) + 0x66, 0x55, 0x44, 0x33, 0x22, 0x33, // Destination address (another STA under the same AP) + 0x10, 0x86, // 0--fragment number; 0x861=2145--sequence number }; ``` Note: The byte/bit order might not be intuitive when comparing with the standard. diff --git a/user_space/inject_80211/inject_80211.c b/user_space/inject_80211/inject_80211.c index c37f3b0..7609e36 100644 --- a/user_space/inject_80211/inject_80211.c +++ b/user_space/inject_80211/inject_80211.c @@ -60,11 +60,11 @@ static const u8 u8aRadiotapHeader[] = /* IEEE80211 header */ static const u8 ieee_hdr[] = { - 0x08, 0x01, 0x00, 0x00, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, - 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, - 0x10, 0x86, + 0x08, 0x01, 0x00, 0x00, // FC 0x0801. 0--subtype; 8--type&version; 01--toDS1 fromDS0 (data packet to DS) + 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, // BSSID/MAC of AP + 0x66, 0x55, 0x44, 0x33, 0x22, 0x22, // Source address (STA) + 0x66, 0x55, 0x44, 0x33, 0x22, 0x33, // Destination address (another STA under the same AP) + 0x10, 0x86, // 0--fragment number; 0x861=2145--sequence number }; // Generate random string