Wireshark profiles to assist Wifi packet captures
By default wireshark display's standard view. This default view is useful but is of little help for wireless analysis.
In wireless packet capture, view of additional fields makes huge difference in packet analysis. Getting to know the frametype in default view is much easier than dissecting the packet and then knowing it was a “Management frame”.
The initial task of dissecting, organizing and putting it in right view can be eliminated by using custom profiles.
Wireless config profile created by Ben is one such wireshark profile.
This new profile view sets a firm ground for wireless packet analysis. It has predefined expressions, filters for beacon frames, probe requests, Assoc/Auth.
This customization was done on kali-linux using wireshark.
Step 1 – Extract files,
Download profile from this blog post. Extract Files.
Step 2 -Path to configuration file in Wireshark
In Wireshark, Go to –> Edit- > Configuration profiles
Check where profiles are loaded.
In kali linux by default profiles are loaded from
Copy all profile files including folder to
Step 3 -Load New Profile
Go to –>Edit->Configuration profile –> locate new profile If expressions are not loaded then you can create expressions manually using “dfilter_buttons” files. These files are given in profile.
Without applying Wifi Profile
With Wifi Profile
— By Fabian Darius