OK, well either I’ve gone mad and the adapter never worked as I’ve previously reported, or something has changed such that it no longer works. Trying to simply
obtain the mode even fails now:
WlanHelper.exe "Foo" mode
Error: makeOIDRequest::My_PacketOpenAdapter error (to use this function, you need to check the "Support raw 802.11 traffic" option when installing Npcap)
Failure
I can say with certainty that I definitely enabled raw 802.11 support when installing npcap, so that can’t be the problem. I tried reverting to earlier versions
of npcap, 0.996 and 0.992 for example, but it still didn’t work. I have since updated to Windows 10 1903 (10.0.18362 Build 18362) as well as the driver, which is now 20.10.10.2 released on May 12, 2019. The same error occurrs, and in case you’re wondering,
yes, I’m running the command from a command-prompt that was “Run as administrator”.
After some repeated tries, I did manage to get a “Success” from running this:
WlanHelper.exe GTKWireless mode managed
Success
… but I don’t believe it was actually successful because Wireshark (3.0.4 or master 3.1.1 (v3.1.1rc0-481-g9dc1b312726c)) doesn’t allow me to place the adapter
into Monitor Mode through its GUI. I had tried testing with npcap installed both with and without WinPcap compatibilty mode.
For now at least, it would seem that this network card doesn’t work, but I will update the list again, as well as
https://secwiki.org/w/Npcap/WiFi_adapters if the situation changes. At least I still have an AirPcap
adapter to use … although I do still need to test that to be sure *that* still works.
- Chris
From: Gordon Fyodor Lyon [mailto:gordon@xxxxxxxx]
Sent: Monday, October 7, 2019 1:04 PM
To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
Cc: Bartosz Kiziukiewicz <kiziuk@xxxxxxxxx>; Maynard, Chris <Christopher.Maynard@xxxxxxx>
Subject: Re: [Wireshark-users] Wireless toolbar in Wireshark 3.0
I'm not sure how up-to-date the
https://secwiki.org/w/Npcap/WiFi_adapters page is. For example, my Wireless network card is the "Intel Dual Band Wireless-AC 8260" card and I've been able to capture WiFi traffic in monitor mode just fine using WlanHelper.exe, despite that page indicating
that it doesn't work. Of course my driver version is slightly newer than the one listed there, being 20.70.6.1 instead of 20.70.1.1, so perhaps that's the reason. Or possibly it didn't work with older versions of npcap, so I'd recommend trying it with the
latest available version, currently 0.9983 from
https://nmap.org/npcap/.
Hi Chris. That's great news! We do try to keep that page up to date, but it depends on users letting us know what works (or doesn't) for them. The page (https://secwiki.org/w/Npcap/WiFi_adapters)
has simple instructions at the bottom for performing the necessary tests. Then to report the results, you can either create a SecWiki account (https://secwiki.org/w/Special:RequestAccount) and edit
the table directly, or just send me the answers to the 10 fields in the table and I'll enter them myself. We hope this will encourage more vendors to fix their drivers to better support raw capture and Radiotap, while also steering users toward buying adapters
which actually meet their needs.
So if anyone here has adapters not listed on that page, or if you are seeing different results with newer drivers or newer Npcap, please send a report. Thanks!
CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the addressee. If you are
not the intended recipient and have received this message in error, please delete this message from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is strictly prohibited.
