If we are using tshark how would we decrypt WPA traffic. I think we would need to use the -o wlan.enable_decryption:TRUE flag to enable decryption but I don't see a preferences entry to enter the WPA password and ssid. In the wireshark client application it actually creates a file named 8021__keys specifically with these key values "wpa-pwd","MyPassword:MySSID". asked 18 Jul '14, 15:32  jd45093 |
One Answer:
So I figured out the answer to the question from this former QA http://ask.wireshark.org/questions/24249/decrypt-wpa-with-tshark Hope it helps :) answered 21 Jul '14, 10:42 jd45093 |
