Hi all, PROLOGUE: please kindly have a look at http://wiki.wireshark.org/HowToDecrypt802.11 coupled with http://www.wireshark.org/tools/wpa-psk.html MY ISSUE: Wireshark is known to be able to decrypt a WPA-encrypted traffic once you provide the PSK (which is built from the SSID and WPA network key). In other words you have to first know the WPA key of an encrypted network so as to monitor its WPA-encrypted traffic. HENCE...where is the utility of Wireshark in such a scenario? I would like to be able to get the WPA password of a network and this seems not to be possible with Wireshark. I'm doing my experiments AFTER handshaking occurred (i.e. beyond the very first connection between the router and PC) and it is impossible (as it is correctly stated by Wireshark manuals) to get the EAPOL strings. Since this is the common scenario...how would it ever be possible to get the WPA password with Wireshark? Hem...do I terribly miss anything? Three hot kisses for any useful answer. asked 23 Apr '14, 08:20  Reginaldo Oc... |
One Answer:
To troubleshoot connection issues within encrypted wifi/wlan communication, like a mobile device being unable to access a web page via an encrypted wifi connection. How would you troubleshoot that, without decrypting the wifi traffic? That's what the wifi decryption feature of Wireshark is typically used for. And for that purpose you need to know the WPA passphrase.
You can't get the secret key just by listening to wifi traffic with Wireshark. Thare are tools that are able to brute force/crack the key by listening to the EAPOL frames, but that's a totally different story. Please google: 'WEP cracking' or 'WPA cracking'
You won't!
Yes. See my explanation above. Regards answered 23 Apr '14, 11:34  Kurt Knochner ♦ edited 23 Apr '14, 15:54 |
