This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Can’t sniff http traffic of other clients under the same wifi network

0

Hello! This is my setup

A.

  • VMWare with Kali Linux under a Win10 pc
  • Wireshark
  • Alfa Wireless
  • USB Adapter

B.

  • My Win 10 connects to our home wifi
  • My VMWare receives traffic through the Win10 connection(this means that its wired connected)
  • Alfa USB is on monitor mode(wlan0mon)
  • Wireshark runs with default option for wlan0mon(Monitor mode unchecked and Promiscuous checked)
  • Wireshark filter: http

C.

  • My mobile phone is connected to the same wifi network

No matter what I do I can't seem to capture the http traffic from my mobile phone. I'd appreciate any help or advice.

asked 29 Apr '17, 10:30

parevale's gravatar image

parevale
11114
accept rate: 0%


One Answer:

0

It's likely encrypted, but we have no idea what traffic you do get to see to know if the issue might be something else, such as modulation issues.

Some places to start - to decrypt:

https://wiki.wireshark.org/HowToDecrypt802.11

Not seeing all the traffic you expect:

https://ask.wireshark.org/questions/53260/cannot-capture-frames-other-than-broadcast-or-multicast-over-wlan

...and search on this site as this type of issues comes up routinely.

If none of this works, post a link to a short capture and we can have a look and check to be sure you are observing data frames for the devices in question and go from there.

answered 29 Apr '17, 22:02

Bob%20Jones's gravatar image

Bob Jones
1.0k2515
accept rate: 21%

Thanks a lot for your reply :)

I will check the links you provided later on, in the meantime I have create a .cap file with airodump-ng where I have used my other pc(which is on the same network) to log into an ftp account(using Win7 cmd). Then I used Wireshark to view the .cap file where I noticed that it only showed 802.11 protocol requests.

(30 Apr '17, 15:56) parevale

Thank you Bob. Your answer helped to me to find my way to the solution of this issue. I didn't know I had to de-crypt wireshark monitoring while I also didnt know that I would have to wait until the client pc reconnects to the network while wireshark was running.

(06 May '17, 16:10) parevale