I am trying to send probe request to Access Points.But whenever I send a probe request packet it is padded with 0's i.e I see two packets on wireshark for every packet I send : a non-padded packet and a padded packet with 0's at the end.The padding changes the meaning of the tags in the packet and wireshark declares the second packet as a malformed packet.How do I remove this padding.Also why do I see two packets even though I am sending only one.
Here is the packet function that creates the packet:
int build_beacon(char *buf, struct network_t *n) {
char *b = buf;
/* prepend a minimal radiotap header */
memset(b, 0x00, 13);
b[2] = 13;
b+=4;
b = append_to_buf(b, "\x04\x80\x02\x00", 4); /*Set flags*/
b = append_to_buf(b, "\x02", 1); /*Set bit rate*/
b+=4;
b = append_to_buf(b, "\x40\x00\x00\x00", 4); /* IEEE802.11 probe request */
b = append_to_buf(b, n->dst, sizeof(mac_t)); /* destination */
b = append_to_buf(b, n->mac, sizeof(mac_t)); /* source */
b = append_to_buf(b, n->mac, sizeof(mac_t)); /* BSSID */
/* sequence number */
*(b++) = n->seq >> 8;
*(b++) = n->seq & 0x00FF;
n->seq++;
*(b++) = 0; /* tag essid */
*(b++) = strlen(n->ssid);
b = append_str(b, n->ssid);
/*supported rates*/
b = append_to_buf(b, "\x01\x08\x02\x04\x0b\x16\x0c\x12\x18\x24", 10);
/*add channel*/
b = append_to_buf(b, "\x03\x01", 2); /* the channel we are currently on.*/
*(b++) = n->channel;
*(b++) = 10; /* tag request info element essid */
*(b++) = 3; /*size of request info*/
b = append_to_buf(b, "\x00\x07\xdd", 3);
/*HT capability*/
b = append_to_buf(b, "\x2d\x1a\x3c\x09\x17\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 28);
/*extended supported rates*/
b = append_to_buf(b, "\x32\x04\x30\x48\x60\x6c", 6);
return (b-buf);
}
Here is a snapshot of the two packets:
Here is the packet without padding:
Here is the packet with padded 0's.The colored mark is where padding starts.
