Wireshark mailing list archives
Re: WEP & WPA decryption
From: BigAl.NZ () gmail com
Date: Fri, 15 Jul 2011 03:38:57 +0000
I am still getting stuck on 1 aspect of decryption. After putting my card into monitor mode with:
airmon-ng start wlan1 1 (if my AP is on channel 1) I then run wireshark and enter in my WEP key as wep:1122334455Then I start to capture on mon0 - but nothing is decrypted. I have decryption on.
If I have networking running and connect wlan1 to my AP and then run wireshark on wlan1 it decrypts fine, as would be expected since wlan1 is connected to AP.
Why is decryption not working on mon0? Cheers -Al On , Gerald Combs <gerald () wireshark org> wrote:
The 802.11 WPA passphrase and SSID preferences let you encode
non-printable or otherwise troublesome characters using URI-style
percent escapes, eg %20 for a space. As a result you have to escape
the percent characters themselves using %25.
On 7/14/11 12:41 PM, kevin creason wrote:
> Just a thought- did you try escaping the % sign or enclosing with single quotes?
> So, try \&abcde1234\%, or single quotes as in '%abcde1234%'
>
> Certain specials characters are extra special. :)
>
> On windows, system variables are referenced as %NAME%.
> Other systems it can be Hash variable signifier...
> It's just a thought- I'm not sure if this is even remotely possible,
> but it's always good to check.
>
>
>
> -Kevin
> /*“ I am looking for a lot of men who have an infinite capacity to not
> know what can't be done. ” -- Henry Ford */
>
>
>
>
> On Thu, Jul 14, 2011 at 2:29 PM, Al Grant bigal.nz () gmail com> wrote:
>> HI All,
>>
>> A bit of a wireshark newbie here, but its such a powerful tool I am
>> experimenting and learning.
>>
>> So far my experiments have lead me to a few questions. With WPA decryption I
>> found that:
>>
>> With a WPA password of the format %word1234% I could not decrypt the
>> packets? I wonder if the '%' interfered with it? As soon as I changed the
>> password to abcd1234 it decrypted fine? Does anyone know what this was?
>>
>> Also with WEP decryption I assume that I do not need to capture the session
>> handshake?
>> With WEP decryption I have also had problems, I tried to enter the WEP Hex
>> value in several formats:
>>
>> wep:xx:xx:xx:xx:xx
>> xx:xx:xx:xx:xx
>> xxxxxxxxxx
>>
>> None of them worked - any ideas here?
>>
>> THanks in advance,
>>
>> -Al
>>
>>
>> --
>> Between stimulus and response there is a space. In that space is our power
>> to choose our response. In our response lies our growth and our freedom.
>> - Viktor E. Frankl
>>
>> ___________________________________________________________________________
>> Sent via: Wireshark-users mailing list wireshark-users () wireshark org>
>> Archives: http://www.wireshark.org/lists/wireshark-users
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>> mailto:wireshark-users-request () wireshark org?subject=unsubscribe
>>
> ___________________________________________________________________________
> Sent via: Wireshark-users mailing list wireshark-users () wireshark org>
> Archives: http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
> mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via: Wireshark-users mailing list wireshark-users () wireshark org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- WEP & WPA decryption Al Grant (Jul 14)
- Re: WEP & WPA decryption kevin creason (Jul 14)
- Re: WEP & WPA decryption Gerald Combs (Jul 14)
- Re: WEP & WPA decryption Al Grant (Jul 14)
- Re: WEP & WPA decryption BigAl . NZ (Jul 14)
- select multiple packets to mark vincent paul (Jul 17)
- Message not available
- Re: select multiple packets to mark Jim Aragon (Jul 17)
- Re: WEP & WPA decryption Gerald Combs (Jul 14)
- Re: WEP & WPA decryption kevin creason (Jul 14)
- <Possible follow-ups>
- Re: WEP & WPA decryption BigAl . NZ (Jul 14)