Wireshark is hard to learn when you try to start on the most advanced form of captures as a first project.
Your key problem is the capture of the wireless packets not the wireshark.
Start the easy way and capture the packets directly on the notebook you are surfing facebook from. This will let you see what the capture is suppose to look like.
Most people start by capturing wired ports but you need a special switch/router for that. You can buy just about any old cisco/hp/3com commercial switch for less than $20 and they have features called mirror or monitor ports on them.
Capture of wireless is a huge challenge. Problem number 1 is you need a wireless card that has the ability to be put in promiscuous mode. Problem number 2 is you cannot run on windows other than 1 card, microsoft has disabled the ability to set the promiscuous option. Problem number 3 is you need special software to set all the parameters in the card like channel numbers and bands etc.
Since you already have ubuntu you could load all these tools but it is a pain. The easy way is to load the prebuilt system call BACKTRAK. This has all the common device drivers already installed. It has every tool you could ever want but the key ones are AIRMON-NG and of course wireshark.
I will leave it to you to read all the details.
I am testing wireshark for learning purposes. I wanted to try out a tutorial that hacks a facebook account stealing cookie information. I couldn't manage to hack my facebook account because wireshark is sending me truncated packets that I can't get cookie info out of.
**This topography of the network**: my desktop PC is connected to the Internet to a hub (D-LINK router) via LAN (ethernet cable). I have a notebook connected to Internet via Wi-Fi to the same hub (D-LINK router). I access facebook on my notebook on WIN XP OS. I monitor the packets with wireshark on my desktop PC on Ubuntu 12.04 OS. I only get worthless truncated cookie information. Why is that?
My capture interfaces are:
- Pseudo device that captures on all interfaces
- USB 2
I tried to capture on all interfaces (except usb 1, 2) but the same thing. I **can't get cookie information from my notebook**. I only get NBNS, DNS, Browser, IGMP, SSDP protocol type of packets. I get some HTTP but not facebook cookie with 'datr' line.
It is just anoying. It seems so easy in the tutorial.
Anyone could help me with this?