[kismac] chaosreader and kismac pcap?

  • From: "Kismac Mailing list" <kismac@xxxxxxxxx>
  • To: kismac@xxxxxxxxxxxxx
  • Date: Mon, 14 Aug 2006 21:25:12 -0400

I've been playing around with Kismac trying to teach myself some wireless
security fundamentals and ran across chaosreader (
http://users.tpg.com.au/bdgcvb/chaosreader.html) which is supposed to take a
tcpdump or snoop file and glue together web/telnet/ftp packets and report on
them with a generated html file.  I've tried capturing a bunch of packets
passively and running it through chaosreader but I get

Chaosreader ver 0.94
Opening, test.pcap
Reading file contents,
ERROR10: Input dosen't look like a tcpdump or snoop output file.
       If it is tcpdump, it may be a wrong or new version.

From what I can see, kismac can save to a pcap file which is what tcpdump
would spit out (right?) but it appears to be running into problems with the
saved file. I've tried the following:
1. both available versions of chaosreader.pl (is 2004 really the last
2. running it on both mac and linux boxes
3. filtering out all but one unencrypted BSSID (a bit tedious in the current
version of kismac but oh well :)

I still run into the problems.  I'm just assuming kismac spits out a newer
(in fact much newer) version of pcap files than chaos reader can use.  Are
there any hints on what I can do to get chaosreader working or maybe some
other scripts that would do the same thing?  I'd love to delve into writing
my own parsing script, but I'm not at that point yet.

thanks in advance...


Other related posts:

  • » [kismac] chaosreader and kismac pcap?