On Tue, Dec 14, 2004 at 09:07:25AM -0800, Giles Scott wrote:
> I've had permission from snax (snax@xxxxxxxxx) to promote this code
> change.
Do you have some additional information what we can add to the AUTHORS
file?
> I've copied the WEP weak IV detection code from AirSnort. crack.c
> function classify().
>
> New display filter wlan.wep.weakiv
There is one change that I don't understand:
*** 2244,2250 ****
* Also, just pass the data *following* the WEP parameters as the
* buffer to decrypt.
*/
! iv = tvb_get_letoh24(tvb, hdr_len);
if (tree) {
proto_item *wep_fields;
--- 2248,2254 ----
* Also, just pass the data *following* the WEP parameters as the
* buffer to decrypt.
*/
! iv = tvb_get_ntoh24(tvb, hdr_len);
if (tree) {
proto_item *wep_fields;
IEEE 802.11-1999 section 7.1.1 has the following to say on bit ordering:
In figures, all bits within fields are numbered, from 0 to k , where the
length of the field is k + 1 bit. The octet boundaries within a field can
be obtained by taking the bit numbers of the field modulo 8. Octets within
numeric fields that are longer than a single octet are depicted in increasing
order of significance, from lowest numbered bit to highest numbered bit.
The octets in fields longer than a single octet are sent to the PLCP in
order from the octet containing the lowest numbered bits to the octet
containing the highest numbered bits.
To it seems that the value is in le format, or am I misunderstanding something?
Ciao
Joerg
--
Joerg Mayer <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.