Wireshark · Wireshark-dev: Re: [Wireshark-dev] Wishlist Request: 802.11 GTK Decryption

Wireshark-dev: Re: [Wireshark-dev] Wishlist Request: 802.11 GTK Decryption

From: Jouni Malinen <jkmalinen@xxxxxxxxx>

Date: Fri, 12 Nov 2010 02:02:27 +0200

On Fri, Nov 12, 2010 at 1:49 AM, Anthony Murabito
<anthony.murabito@xxxxxxxxx> wrote:
> Thanks so much for the reply & info. Can you point me in the direction of
> the external tools than can perform the decryption?

airdecap-ng (part of aircrack-ng) would be one option. I'm working on
more generic IEEE 802.11 protocol analyzer (wlantest, in the
hostap.git tree with hostapd/wpa_supplicant) that can also do this
(though, it is still in early enough state of not having any
documentation available yet). With either program, you can feed in a
pcap file with encrypted frames and some information about the key
(e.g., passphrase for WPA2-Personal network) and get another pcap file
with decrypted frames as the output.

- Jouni

References:
- [Wireshark-dev] Wishlist Request: 802.11 GTK Decryption
  - From: Anthony Murabito
- Re: [Wireshark-dev] Wishlist Request: 802.11 GTK Decryption
  - From: Jouni Malinen
- Re: [Wireshark-dev] Wishlist Request: 802.11 GTK Decryption
  - From: Anthony Murabito

Prev by Date: [Wireshark-dev] Annotating capture files and/or pcap pre-processing
Next by Date: Re: [Wireshark-dev] Annotating capture files and/or pcap pre-processing
Previous by thread: Re: [Wireshark-dev] Wishlist Request: 802.11 GTK Decryption
Next by thread: [Wireshark-dev] Wishlist Request: 802.11 GTK Decryption
Index(es):
- Date
- Thread