This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I have read and followed Wireshark's guide, and successfully decrypted the example file, but when it comes to my file it doesn't work. I have made sure that both the SSID and the password are correctly spelled in the settings. The entire EAPOL handshake is present, so I don't understand what I'm doing wrong.

Here is a screenshot of the handshake:

enter image description here

Maybe the problem is that there more than 4 packets?

Here is the pcap file, in case it helps. The password for the AP is "privacyblibwifi".

Does anyone know how to solve this problem? Thanks.

asked 21 Apr '17, 07:55

workin221's gravatar image

workin221
11224
accept rate: 0%


It has worked for me with your trace: But I had to toggle the marked combo from "Wireshark" to "None" and back to "Wireshark". alt text

alt text

permanent link

answered 21 Apr '17, 13:29

Christian_R's gravatar image

Christian_R
1.8k2625
accept rate: 16%

Sounds like a bug to me, is it?

(22 Apr '17, 03:41) Jaap ♦

Not sure, for me it has always been a works as designed feature.

(22 Apr '17, 04:30) Christian_R
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×165
×134
×38
×34
×23

question asked: 21 Apr '17, 07:55

question was seen: 1,760 times

last updated: 22 Apr '17, 04:30

p​o​w​e​r​e​d by O​S​Q​A