Wake-on-LAN Packet sniffer

Image Description
Alex Bav May 23, 2016

Wake-on-LAN Packet sniffer is designed to troubleshoot and setup Wake-on-LAN in the Network. It allows to check whether the target machine receive the packet or not. Program will display all incoming "Magic Packets".

About Wake-on-LAN magic packets

Wake-on-LAN (WOL) technology is used for remote waking up machines from sleep state through special network packets (Magic Packet). The Magic Packet is a UDP broadcast message, that contains the Media Access Control (MAC) address of the network card of the target computer. This packet should contain a synchronization stream of 6 bytes of FFh and 16 times the repetition of the MAC address.

There are three different ways to send Wake-on-LAN packets:

  • Limited broadcast: the Magic Packet sent to the limited broadcast address (255.255.255.255) it is received by all machines on the same subnet but not forwarded to machines on other subnets.
  • Subnet-directed broadcast: the Packet sent to the target machine subnet. The router or switch will forward the packet to all the machines on the subnet.
  • Unicast: the Packet sent directly to the machine IP address. If the router or switch still has cached what port that computer is attached to, packet gets access to the machine.
Last two ways requires configuration of the routers for each subnet.

Using the tool.

  1. Start Wake-on-LAN Packet sniffer on the target (tested) machine;
  2. Start your Wake-On-Lan tool which be used to send out magic packets.;
  3. Send packet to the tested machine;

Wake-On-LAN test picture

The example below shows the packet sent from IP 192.168.1.4 to subnet-directed broadcast address 192.168.1.255 and destination port 7.
The received WOL Packet contains MAC Address 00E04C3103AC and empty password.

----------------Wake-On-LAN Magic Packet--------------

Time received:
01/28/15	 03:01:11
UDP Header:
|-Source IP	        :	192.168.1.4
|-Destination IP    :	192.168.1.255
|-Source Port	    :	49464
|-Destination Port  :	7
|-UDP Length	    :	116
|-UDP Checksum	    :	34009
MAC Address:
00 E0 4C 31 03 AC
Password:
00 00 00 00 00 00
Raw Data (108 bytes):
FF FF FF FF FF FF 00 E0 4C 31 03 AC 00 E0 4C 31
03 AC 00 E0 4C 31 03 AC 00 E0 4C 31 03 AC 00 E0
4C 31 03 AC 00 E0 4C 31 03 AC 00 E0 4C 31 03 AC
00 E0 4C 31 03 AC 00 E0 4C 31 03 AC 00 E0 4C 31
03 AC 00 E0 4C 31 03 AC 00 E0 4C 31 03 AC 00 E0
4C 31 03 AC 00 E0 4C 31 03 AC 00 E0 4C 31 03 AC
00 E0 4C 31 03 AC 00 00 00 00 00 00

Wake-on-LAN Packet sniffer download link: wolsniffer.zip

Related products & articles