-
Notifications
You must be signed in to change notification settings - Fork 183
09. WPA WPA2 Personal (PSK) Traffic Decryption
Koutto edited this page Nov 1, 2020
·
2 revisions
- With Wireshark:
- 4-way handshake must be in the capture (required to generate PTK for the targeted client; PTK is used to encrypt data and is unique for each client).
- Specify a key (Passphrase PSK or PMK) via: Edit > Preferences > Select IEEE 802.11 from the Protocol list, check "Enable Decryption". Click "Edit" button next to "Decryption Keys"
Ref: https://wiki.wireshark.org/HowToDecrypt802.11
- With airdecap-ng:
airdecap-ng -e <ESSID> -p <passphrase> <capture_pcap> # pcap must contain handshake
- 01. WiFi Basics
- 02. 802.11 Specifications
- 03. WPS (WiFi Protected Setup)
- 04. WPA Protocol Overview
- 05. WPA/WPA2 Personal (PSK) Authentication
- 06. WPA/WPA2 PSK Traffic Decryption
- 07. WPA/WPA2 Enterprise (MGT)
- 08. Evil Twin Attacks
- 09. 802.11 Network Selection Algorithms
- 01. WiFi Interfaces Management
- 02. WiFi Connection
- 03. WiFi Monitoring (Passive Scanning)
- 04. Hotspot Captive Portal Bypass
- 05. WiFi Denial of Service
- 06. WEP Authentication Cracking
- 07. WPA/WPA2 Personal (PSK) Authentication Cracking
- 08. WPA/WPA2 Enterprise (MGT) Authentication Cracking
- 09. WPA/WPA2 Personal (PSK) Traffic Decryption
- 10. Basic AP (Manual Configuration)
- 11. Open Network (no passphrase) Rogue AP / Evil Twin
- 12. WPA/WPA2 Personal (PSK) Rogue AP / Evil Twin
- 13. WPA/WPA2 Enterprise (MGT) Rogue AP / Evil Twin