This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hello,

i am trying to capture the Wifi traffic of my home network with Wireshark.

For that, i run a Backtrack Live CD on a laptop with a DLINK AirPlus DWL g650 wifi adapter. I set my WPA key in wireshark, and running wlan interface in monitor mode enabled.

I can capture the traffic of my 3 others laptop computers connected with wifi to the AP (two Windows XP and one Vista) with no problem. (Of course, i just had to deauth then reauth the computers in order to capture the EAPOL keys with wireshark)

When i browse something on the laptops, i see the traffic clear (HTTP headers etc..) and see the local IP addresses (192.168.1.x) in wireshark.

But, when i connect my 2 phones to the AP. (iphone and huawei android) i can see the EAPOL keys coming in wireshark, but when i browse something on the phone , nothing clear showing in wireshark, not even the 192.168.1.x addresses IP. (i am not connected to the 3G but really to my local network, tried airplane mode with wifi too) and instead of clear traffic i got a bunch of: "IEEE 802 Null function (no data)" entries in wireshark.

Why wireshark can decrypt my PCs traffic but it will not decrypt traffic of android or ios device??

I tried forcing deauth several times with aireplay etc.. and manual deauth/auth got EAPOL, but it's like the traffic isn't decrypted correctly?

i tried with another phone, a Nokia n97 which is not android, and it works good i can see everything...

just not working with android and ios?

Some one does have an explaination?? :)

Thanks you to all

asked 11 Dec '14, 02:16

Tobby84's gravatar image

Tobby84
11112
accept rate: 0%


Hello,

i found the issue,

it's my router, that is 802.11 B/G/N

and my adapter (dlink dwl g650) is only B/G,

so it work as soon as the adapters of the device i want to capture are B/G too.

Unfortunately my iPhone and Android phone are B/G/N, so it's N by default and by the way i can't capture them with my dlink adapter. I had to force the B/G mode in the router settings and i can capture the ios/android with no problem.

Thanks all

permanent link

answered 12 Dec '14, 05:16

Tobby84's gravatar image

Tobby84
11112
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×139
×76
×37
×26
×10

question asked: 11 Dec '14, 02:16

question was seen: 6,089 times

last updated: 12 Dec '14, 05:16

p​o​w​e​r​e​d by O​S​Q​A