I have been using wireshark on ubuntu before, it was working correctly. Now I have installed Kali linux, and I cannot get wireshark to show TCP traffic. I did not set up an encryption key, I captured the eapol packages instead. All the 4 eapol packages are collected. On ubuntu wireshark could see the TCP traffic from that point. I am using the same wifi, as it is mine. In the preferences, I have enabled the encryption and played around a little with the "Ignore protection bit" option, but didn't help either. Edit: I am using my wifi with WPA2-PSK encryption What am I missing? I suspect I have set some option long ago I don't remember... asked 09 Jun '15, 13:30  Regic edited 09 Jun '15, 13:32 |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
These might be silly questions, but I have to ask: 1. Are you able to decrypt the WiFi capture on another machine that is not running Kali (i.e., save the encrypted capture and open it on a Windows, Mac, or other Linux distribution machine)?
Are you certain that your capture contains TCP traffic?
Did you enter the correct SSID and passphrase? Sounds silly, but I have lost time because of a typographical error.
Did you toggle the Wireless toolbar decryption menu from Wireshark to None and then back to Wireshark? I am not certain if Kali displays the wireless toolbars - most Linux distributions do not.