Wireshark-users: Re: [Wireshark-users] Wireshark 802.11 WPA Decryption unable to get Group Keys
From: Fernando <[email protected]>
Date: Wed, 28 Feb 2007 11:44:31 -0300
Hi Kam,   

how do you capture data with WinXp and Wireshark? 
I have wireshark in my laptop but I not capture data with my card (Intel Pro/Wireless 2915ABG).  My laptop is Centrino technology.   

Thank's for tour help.  

See you.

On 2/28/07, Soh Kam Yung <[email protected]> wrote:
I am using Wireshark Version 0.99.5 on Windows XP (SP2) to examine
captured 802.11 packets on a network that is using either WPA or WPA-2
PSK security.

I entered my PSK in the "Decryption Keys Management" as a 'wpa-pmd' type.

When I view the captured data, I can see that Wireshark is
successfully extracting the pairwise keys from the WPA EAPOL packets
and can decode data encrypted with the pairwise keys.

However, Wireshark does not appear to be extracting the groupwise keys
from the EAPOL packet successfully.  It appears to believe the EAPOL
packets that contain the groupwise keys to be malformed packets.

As a result, broadcast data (like ARP and DHCP packets) do not get decoded.

Has anybody else encountered this problem?

Soh Kam Yung
my delicious links: ( http://del.icio.us/SohKamYung)
my simpy links: ( http://www.simpy.com/user/kysoh/links)
Wireshark-users mailing list
[email protected]