The Wireless Communication Library WI-FI FRAMEWORK includes the wclWiFiSniffer - the class that allows your application to capture Raw Wi-Fi Frames.

How it works

The Wi-Fi Sniffer switches your Wi-Fi adapter to the Monitor Mode that enables to "listen" the air for all Wi-Fi data trasferred betwing Wi-Fi enabled devices.

The Monitor mode allows a computer with a wireless network interface controller to monitor all traffic received from the wireless network. It allows packets to be captured without having to associate with an access point or ad hoc network first.

The wireless adapter is unable to transmit while in monitor mode and is restricted to a single wireless channel. But the WI-FI FRAMEWORK allows to change the current RF channel so application can switch channels to capture traffic from all available channels. Also, in monitor mode the adapter does not check to see if the CRC values are correct for packets captured, so some captured packets may be corrupted.

Pre-requirements

To capture Wi-Fi Frames in Monitor Mode the WI-FI FRAMEWORK requires that the Microsoft Network Monitor is installed on your system. It is required that the application that captures Wi-Fi frames is compiled for the same processor architecture (x86 or x64) as the Microsoft Network Monitor installded. By the other words: if you run Windows 64 bit you must install Network Monitor 64 bit and your application must also be 64 bit.

Wi-Fi Sniffer Requires

Current version does not include any Wi-Fi parsers. However you can find very good description of the Wi-Fi packet format by this link.

Wi-Fi Sniffer Demo Application

The WI-FI FRAMEOWRK package includes the WiFiSniffer sample application that shows how to use the wclWiFiSniffer class to capture raw Wi-Fi frames.