Data source

Questions about the operation or expectations of the NetStumbler software

Postby blackwave » Fri May 31, 2002 8:17 pm

Originally posted by lincomatic
looks like someone else has already cracked the NS1 format:
http://www.blackhelo.com/ns/
tried their app but it times out every time, though.


BlackHelo Site
Data files must be native NetStumbler, © Marius Milner 2001, files


NetStumbler Site
Network Stumbler
Description: The latest version for Windows 2000, XP, 95, 98, Me. Includes lots of GUI enhancements, Tripmate GPS, and you can choose from multiple cards.
Version: 0.3.23 Filesize: 65.54 Kb
Added on: 14-Feb-2002 Downloads: 70172 Rating: 9.3 (45 Votes)


Perhaps Black Helo hasn't been keeping up?... it appears that since the latest version of NS has a 2002 timestamp, this may invalidate BH's data format... and therefore not support the latest and greatest... would be nice if they posted their info, especially if they are going to let it rot.

Perhaps someone should email chris@diffusionnetworks.com and ask him what's up?
-=BW=-
User avatar
blackwave
 
Posts: 4507
Joined: Mon Apr 15, 2002 3:00 am
Location: SoCal, OC

Re: Access Database

Postby acidrayne » Fri May 31, 2002 8:27 pm

Originally posted by pmn929
I posted this a while back, and because of the damn old posts not showing up, I will post it again.

I wrote this so I could easly manage my files.

http://66.206.4.16/SummaryImport/SummaryImport.zip

In the DB, there is a module with the code necessary for importing the summary files.


I haven't looked over my data completely but I believe this is exactly what I need.

One other thing ... Was there no way to get the actual channel from the data in the summary file ... I know I didn't see anything but I didn't know if maybe the channel bits had anything to do with it??

Thanks for the file!!
Rayne
User avatar
acidrayne
 
Posts: 476
Joined: Wed May 01, 2002 7:04 am
Location: Kansas

Re: Re: Access Database

Postby lincomatic » Fri May 31, 2002 9:25 pm

Originally posted by acidrayne


One other thing ... Was there no way to get the actual channel from the data in the summary file ... I know I didn't see anything but I didn't know if maybe the channel bits had anything to do with it??


they have everything to do with it...from my post earlier in this thread:


you're right about the channel bits. here is what i got when i switched channels:

channel 1 -> 02 00 00 00
channel 2 -> 04 00 00 00
channel 3 -> 08 00 00 00
channel 3,6>48 00 00 00
channel 1,6>42 00 00 00

so bit1=1, bit2=2, etc.
~lincomatic
User avatar
lincomatic
Mini Stumbler
 
Posts: 1682
Joined: Tue Apr 16, 2002 12:53 am
Location: Tinsel Town

Postby 138 » Sat Jun 01, 2002 4:17 pm

Originally posted by lincomatic


so you've seen values other than 06 00 00 00 for the DWORD after NetS? hmm. my files all have the 06. i guess that just adds more the the mystery.



I think you misunderstood me. I have only seen values of 06 00 00 00. I was playing with it to see what happened if I changed the value. I don't like not knowing what it is used for.
138
Mini Stumbler
 
Posts: 17
Joined: Thu May 30, 2002 5:53 am

Re: Re: Re: Access Database

Postby acidrayne » Sun Jun 02, 2002 5:42 am

Originally posted by lincomatic


they have everything to do with it...from my post earlier in this thread:

[b]
you're right about the channel bits. here is what i got when i switched channels:

channel 1 -> 02 00 00 00
channel 2 -> 04 00 00 00
channel 3 -> 08 00 00 00
channel 3,6>48 00 00 00
channel 1,6>42 00 00 00

so bit1=1, bit2=2, etc.
[/B]


Thanks for this info ... I started comparing the ChannelBits to the actual channels and it is actually quite simple if I were paying attention in the first place.

I modified the vbscript slightly to correct a spelling error in the BeaconInterval column as well as change the names of some of the columns to suit my personal needs.

There was also an error with the WEP enabled column ... It was set to display wep enabled only if the 3 characted in the flags field was a 1 ... ie 0011 ... this is not always correct because if the 3rd character is a 3 then it is wep as well (0031) ... this is corrected ...

I also did a really slack-ass job of converting the ChannelBits to actual channels by hard coding them with a nested If/ElseIf statement, but it works so whatever.
Rayne
User avatar
acidrayne
 
Posts: 476
Joined: Wed May 01, 2002 7:04 am
Location: Kansas

Postby pmn929 » Sun Jun 02, 2002 8:45 am

I had so many different versions of that Access DB on so many different computers, that I didn't post the newest version.... I was thinking after reading all the stuff about channels that I had done that before, and after searching, I found the newest db. I had made a look up table to match the channel bits to the correct channel.

And I guess I did misspell Beacon didn't I... I must have been tired.
pmn929
Mini Stumbler
 
Posts: 12
Joined: Sat Apr 13, 2002 11:49 am

Postby acidrayne » Sun Jun 02, 2002 8:52 am

Originally posted by pmn929
I had so many different versions of that Access DB on so many different computers, that I didn't post the newest version.... I was thinking after reading all the stuff about channels that I had done that before, and after searching, I found the newest db. I had made a look up table to match the channel bits to the correct channel.

And I guess I did misspell Beacon didn't I... I must have been tired.


Dont worry about it ... I knew I was going to have to do some tweaking anyway, but after about 4 hours of trying to make a DB on my own with just the info that I could import from the summary file and not thinking about running a VBScript on the data your file was just what I needed.

Good job and thanks again.
Rayne
User avatar
acidrayne
 
Posts: 476
Joined: Wed May 01, 2002 7:04 am
Location: Kansas

Postby lincomatic » Sun Jun 02, 2002 10:41 am

guys, thanks for the effort. can one of you post the latest/corrected code somewhere? i haven't touched BASIC in about 20yrs and don't want to figure out how to do bit twiddling w/ it :rolleyes:

btw, looked at the flag bits a little more earlier today. this is my conjecture about what they mean:

#define FLAG_BIT_AP 0x0001
#define FLAG_BIT_PEER 0x0002
#define FLAG_BIT_WEP 0x0010

i've seen several other bits set as well but can't figure out what they mean have u guys cracked all the flag bits?
~lincomatic
User avatar
lincomatic
Mini Stumbler
 
Posts: 1682
Joined: Tue Apr 16, 2002 12:53 am
Location: Tinsel Town

Postby acidrayne » Sun Jun 02, 2002 11:07 am

Originally posted by lincomatic
guys, thanks for the effort. can one of you post the latest/corrected code somewhere? i haven't touched BASIC in about 20yrs and don't want to figure out how to do bit twiddling w/ it :rolleyes:

btw, looked at the flag bits a little more earlier today. this is my conjecture about what they mean:

#define FLAG_BIT_AP 0x0001
#define FLAG_BIT_PEER 0x0002
#define FLAG_BIT_WEP 0x0010

i've seen several other bits set as well but can't figure out what they mean have u guys cracked all the flag bits?


I can post my updated version once I get home which will be about 3 hours from now.

As far as the Flag Bits ... All I know is that the numbers are comprised of several numbers put together.

1 = AP
2 = Peer
4 = ??
10 = WEP
20 = ??

This would give you some examples such as 11 = AP with WEP ... other combinations can create other numbers such as the listed possibilities

1, 2, 5, 6, 11, 12, 15, 16, 21, 22, 25, 26, 31, 32, 35, 36 ... I am not sure on all of these but would assume from the pattern that all of these would be valid.
Rayne
User avatar
acidrayne
 
Posts: 476
Joined: Wed May 01, 2002 7:04 am
Location: Kansas

Flags

Postby Thorn » Sun Jun 02, 2002 12:22 pm

Rayne,

I can't standing to see you guys suffer any longer! :) So here you go:

The flag field contains the 802.11 capability information in hexadecimal. It's documented in section 7.3.1.4 of the 802.11b spec. To save you having to go and look, the bits are:

0001 ESS ("Infrastructure")
0002 IBSS ("Ad-Hoc")
0004 CF-Pollable
0008 CF-Poll Request
0010 Privacy ("WEP")
0020 Short Preamble
0040 PBCC
0080 Channel Agility
FF00 Reserved

It's in the FAQ on http://www.netstumbler.com, and Marius listed this forum on here a long time ago. (about mid-Oct 2001)

BTW, the way to deal with additive amounts (like 0020 and 0010 and 0001 adding up to 0031) is to XOR the bit(s) you are looking for. (Programming in C - 101)

You may now make the Homer Simpson "Doit!" sound. :D

Cheers,
Thorn
Stop the TSA now! Boycott the airlines.
Thorn
 
Posts: 10340
Joined: Sat Apr 13, 2002 3:00 am
Location: Villa Straylight

Re: Flags

Postby blackwave » Sun Jun 02, 2002 12:51 pm

Originally posted by Thorn
It's documented in section 7.3.1.4 of the 802.11b spec.


Damn, Thorn just played the ultimate RTFM smackdown... ;)
I have the damn spec laying at my desk, and never once thought to look through it. Thank You Thorn. :)
-=BW=-
User avatar
blackwave
 
Posts: 4507
Joined: Mon Apr 15, 2002 3:00 am
Location: SoCal, OC

Postby Thorn » Sun Jun 02, 2002 12:57 pm

Your're welcome.

Well, I was going to say "RTFM!" but I couldn't do it to you guys. :)
Thorn
Stop the TSA now! Boycott the airlines.
Thorn
 
Posts: 10340
Joined: Sat Apr 13, 2002 3:00 am
Location: Villa Straylight

Postby lincomatic » Sun Jun 02, 2002 8:29 pm

hard to RTFM when you don't have a copy of the FM to begin with.

i lost the link to the spec could someone pls post it.

thanks for the tip, thorn.
~lincomatic
User avatar
lincomatic
Mini Stumbler
 
Posts: 1682
Joined: Tue Apr 16, 2002 12:53 am
Location: Tinsel Town

Postby blackwave » Sun Jun 02, 2002 8:32 pm

Originally posted by lincomatic
hard to RTFM when you don't have a copy of the FM to begin with.

i lost the link to the spec could someone pls post it.

thanks for the tip, thorn.


http://standards.ieee.org/getieee802/download/802.11b-1999.pdf
-=BW=-
User avatar
blackwave
 
Posts: 4507
Joined: Mon Apr 15, 2002 3:00 am
Location: SoCal, OC

Export and Read NS1 Files

Postby farbase » Fri Mar 14, 2003 7:38 am

Very new to this so i apologize if this is a stupid question, but....
I to read a MiniStumbler NS1 file and produce a simple listing of APs found and related information. The NS1 file looks binary but really cant tell. Anyone have a layout or file information on how to do this or where to start?

Thanks, Farbase:confused:
farbase
Mini Stumbler
 
Posts: 3
Joined: Fri Mar 14, 2003 7:16 am

PreviousNext

Return to Help

Who is online

Users browsing this forum: No registered users and 1 guest

cron