Loss Of Radio CONnectivity (LORCON) is an IEEE 802.11 packet injection library. It was originally created by Joshua Wright and Michael Kershaw (“dragorn”) – I think Johnny Cache was an early contributor as well. As of now, dragorn maintains it, however it doesn’t seem that there have been many updates in the last year or so.
One of the biggest issues in wireless tool development was that tools needed to be driver-specific, so if the author didn’t take into account a specific driver, the tool didn’t work. Additionally, many tools implemented their own functions for packet capture and injection, resulting in lots of code duplication. These issues were first brought up in a talk called “The Need for an 802.11 Wireless Toolkit” by Mike Schiffman at Blackhat in 2002. Schiffman released a proof of concept library called “libradiate” which offered a solution to these problems. Unfortunately libradiate fell off the edge of the earth and wireless hackers everywhere found themselves in a deep void surrounded by sadness. A few years later, in 2007, LORCON emerged. It eased development issues by creating standard function calls for injection and capture, and added a layer of abstraction such that tool developers wouldn’t need to worry about the wireless driver or adapter in use.
There have been two major releases: LORCON (defunct) and LORCON2 (current). We’ll use the terms LORCON and LORCON2 interchangeably throughout this post when referring to the current version. LORCON2 supports the Linux mac80211 wireless drivers. The release also includes a Ruby extension to facilitate Ruby development.
Although LORCON hasn’t been updated all to often, it still works well, is extremely powerful, and is very easy to use. For whatever reason, people seem to have forgotten about it, so this post will hopefully kick everyone in the butt and provide a quick intro into using the library.