Esta página contiene las especificaciones del API de Acrylic WiFi que permite realizar lectura de paquetes WiFi en modo monitor en Windows.

Es necesario instalar Acrylic WiFi para poder hacer uso del driver de captura de tráfico a través de su librería captura. Las siguientes especificaciones, con el código fuente de la interfaz AcrylicWiFi.h , permiten su integración en software de terceros gracias a la librería “TRLNDIS_Interface.dll” instalada en la carpeta Libs de Acrylic WiFi.

[cpp]#ifndef __TLNDIS_INTERFACE_H__
#define __TLNDIS_INTERFACE_H__

#include "stdafx.h"

#include

#ifdef TLNDIS_INTERFACE_EXPORTS
#define TLEXPORT extern "C" __declspec(dllexport)
#else
#define TLEXPORT extern "C" __declspec(dllimport)
#endif

#define MAC_ADDR_LEN 6
#define MAX_PACKET_BUFFER_SIZE 8192

// Functions to interface with the driver.
// Functions that end with ByHandle need to be passed a HANDLE obtained from
// TLNDIS_GetDriverHandle()
// The handle can be closed with standard CloseHandle

TLEXPORT HANDLE TLNDIS_GetDriverHandle();

typedef struct {
TCHAR* friendlyName;
TCHAR* deviceID;
} ndisAttachedInterface;

// Use this to obtain a list of the interfaces attached, including the level in the ndis stack. Always choose the lowest level one (ends with -0000) if possible.
// The deviceID you choose is the one to include in any of the other calls as interfaceID.
// Free the list with TLNDIS_Helper_FreeNDISAttacherInterfaceList
TLEXPORT SHORT TLNDIS_GetAttachedInterfacesByHandle(HANDLE DeviceHandle, ndisAttachedInterface** outList);

TLEXPORT void TLNDIS_Helper_FreeNDISAttachedInterfaceList(ndisAttachedInterface* inList);

//////////////////////////////////////////
///////// Phys and channels //////////////
//////////////////////////////////////////

// As per msdn, "The operating system supports a maximum of 64 entries for the dot11PhyType array."
#define MAX_PHY_COUNT 64

#define INVALID_PHY_INDEX 0xff
#define INVALID_PHY_VALUE 0xffffffff
#define INVALID_CHANNEL 0xffffffff

// phy types are consistent with the enumeration on https://msdn.microsoft.com/en-us/library/windows/hardware/ff548741(v=vs.85).aspx
// For reference,

// dot11_phy_type_unknown = 0,
// dot11_phy_type_fhss = 1,
// dot11_phy_type_dsss = 2,
// dot11_phy_type_irbaseband = 3,
// dot11_phy_type_ofdm = 4, // dot11_phy_type_hrdsss = 5, // dot11_phy_type_erp = 6, // dot11_phy_type_ht = 7, // dot11_phy_type_vht = 8, rawDataBuffer) to access the data.
// Set context to the context received from TLNDIS_StartRawFilterCaptureByHandle and set radiotap to TRUE if you want radiotap header.
// If radiotap is FALSE or the context is NULL, the packet will be just a DOT11_EXTSTA_RECV_CONTEXT struct followed by a LONGLONG with the system time, then the frame data.
TLEXPORT BOOL TLNDIS_ReadRawPacketFromDriverByHandle(HANDLE DeviceHandle, TCHAR* interfaceID, PUCHAR buffer, ULONG bufferSize, PVOID context, bool radiotap);

// Not much use, but nice.
TLEXPORT BOOL TLNDIS_GetMacAddressByHandle(HANDLE DeviceHandle, TCHAR* interfaceID, UCHAR in_macbuffer[MAC_ADDR_LEN]);

// Data rates

#define MAX_DATARATE_COUNT 126

TLEXPORT LONG TLNDIS_GetDataRatesForCurrentPhyByHandle(HANDLE DeviceHandle, TCHAR* interfaceID, TLNDIS_datarateEntry dataRateList[MAX_DATARATE_COUNT]);

// Operation modes.

TLEXPORT BOOL TLNDIS_GetCurrentOperationModeByHandle(HANDLE DeviceHandle, TCHAR* interfaceID, ULONG* mode);
TLEXPORT BOOL TLNDIS_GetAutoPhyConfigEnabledByHandle(HANDLE DeviceHandle, TCHAR* interfaceID, BOOL* enabled);

TLEXPORT BOOL TLNDIS_SetOperationModeByHandle(HANDLE DeviceHandle, TCHAR* interfaceID, ULONG mode, BOOL enableAutoPhyConfig);

TLEXPORT BOOL TLNDIS_SetMonitorModeByHandle(HANDLE DeviceHandle, TCHAR* interfaceID);
TLEXPORT BOOL TLNDIS_SetExtensibleStationModeByHandle(HANDLE DeviceHandle, TCHAR* interfaceID);

TLEXPORT BOOL TLNDIS_GetFilterModeByHandle(HANDLE DeviceHandle, TCHAR* interfaceID, ULONG* mode);
TLEXPORT BOOL TLNDIS_SetFilterModeByHandle(HANDLE DeviceHandle, TCHAR* interfaceID, ULONG mode);

TLEXPORT BOOL TLNDIS_SetNullFilterModeByHandle(HANDLE DeviceHandle, TCHAR* interfaceID);
TLEXPORT BOOL TLNDIS_SetRawFilterModeByHandle(HANDLE DeviceHandle, TCHAR* interfaceID);

#endif
[/cpp]

No está permitida la distribución del driver y librerías de Acrylic WiFi de forma independiente, sin ser a través del instalador oficial de Acrylic WiFi. Está prohibido el uso de las funcionalidades de Acrylic WiFi en software comercial, salvo que se disponga de autorización previa de Tarlogic Security.