Sniffing

The following snippet is a dump of a WOL UDP packet broadcasted on the network using the WOL packet generator and captured with tcpdump.

The packet was generated on a networked machine using:

wakeonlan.pl -s minuet 9d:1a:1a:01:20:1c
Sending magic packet to 255.255.255.255:9 with 9d:1a:1a:01:20:1c

The following is the capture on a listening machine:

wheel@busybox:~# tcpdump -X -i en0 udp port 9
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on en0, link-type EN1000MB (Ethernet), capture size 65535 bytes
12:18:31.20218  IP flora.internal.82122 > 255.255.255.255.discard: UDP, length 108

            0x0000:  4500 0072 b0a3 0110 0001 0da1 1d20 220b  E.......@..]....
            0x0010:  ffff ffff afff 0109 129f 23a9 <--------------------------- IP

payload starts here -----------------------------> ffff ffff  .........o......
            0x0020:  ffff

16 times hex address ---> 9d1a 1a01 201c 9d1a 1a01 201c 9d1a  ...,.....,.....,
            0x0030:  1a01 201c 9d1a 1a01 201c 9d1a 1a01 201c  .....,.....,....
            0x0040:  9d1a 1a01 201c 9d1a 1a01 201c 9d1a 1a01  .,.....,.....,..
            0x0050:  201c 9d1a 1a01 201c 9d1a 1a01 201c 9d1a  ...,.....,.....,
            0x0060:  1a01 201c 9d1a 1a01 201c 9d1a 1a01 201c  .....,.....,....
            0x0070:  9d1a 1a01 201c 9d1a 1a01 201c 9d1a 1a01  .,.....,.....,..
            0x0080:  201c

password starts here ---> 6d69 6e75 6574                      ..minuet

As you can observe, the SecureOn™ password is sent over the network in plaintext and can easily be recovered.

WOL packets can be captured using the string matcher in iptables.


networking/wake_on_lan/sniffing_packets.txt · Last modified: 2022/04/19 08:27 by 127.0.0.1

Access website using Tor Access website using i2p Wizardry and Steamworks PGP Key


For the contact, copyright, license, warranty and privacy terms for the usage of this website please see the contact, license, privacy, copyright.