This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

WPA-PWD Decryption Key Format

0

Hi! Tried to put my WPA key in Wireshark -> Preferences -> Protocols -> IEEE 802.11, using the format:

Some\Pa55:Free Internet!

"Free Internet!" really is the name of my AP, and it's given me problems before with other (CLI) apps because of the whitespace and the bang, but quoting generally solves that. Also, my real password does have a backslash in it. Since it doesn't seem to be working, and I've tried it both SSID first, and password first, (Wireshark says it will ignore invalid formats), I am wondering if any of these "non-standard" characters are throwing it off. In other words, do they need to be escaped? Quoted? I'm not sure how Wireshark would parse it. Any advice on format, using my examples, would be appreciated. Thanks!

asked 14 Jan '13, 11:58

sudont's gravatar image

sudont
11112
accept rate: 0%


One Answer:

0

Can you try URI-style percent encoding, e.g.

Some%5CPa55:Free%20Internet!

?

answered 14 Jan '13, 12:09

Gerald%20Combs's gravatar image

Gerald Combs ♦♦
3.3k92258
accept rate: 24%

I'm starting to wonder if the problem is with the kind of packets I have. I need to figure out a way to generate traffic and collect packets at the same time. Maybe I'll collect the packets with KisMac so I can use an external card, and see if that's not it.

(15 Jan '13, 07:13) sudont

OK, that was the problem. The packets I was looking at simply weren't encrypted. Now that I have some proper packets, it reads, "Decrypted CCMP Data."

(15 Jan '13, 15:25) sudont