Wireshark mailing list archives
Re: Saving 802.11 WPA/WPA2 decrypted packets
From: "j.snelders" <j.snelders () telfort nl>
Date: Sun, 1 May 2011 11:02:20 +0200
On Sun, 1 May 2011 08:10:18 +0000 Sreenivasulu Yellamaraju wrote:
- even if the input file can be split into smaller files using the File
Save
As and Range feature,not all of the output files can be decrypted with the known passphrase as only one of the split files will have the EAPOL 4-way key handshake captured and the rest will have only data traffic without EAPOL 4-way handshake captured
in
them.
Hi Sreenivasulu, You can save the EAPOL packets to a separate file and merge this file with the other smaller files: - mark the 4 EAPOL packets - save the marked packets: File | Save As... | Packet Range: select Marked packets The next step is to merge the EAPOL packets with the other files. Wireshark: - open the file, with the EAPOL packets - got to File | Merge... - select file2.pcap and click Open - save the new file mergecap $ mergecap -w outfile.pcap EAPOL.pcap file2.pcap Hope this helps Joke ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Saving 802.11 WPA/WPA2 decrypted packets Sreenivasulu Yellamaraju (May 01)
- Re: Saving 802.11 WPA/WPA2 decrypted packets j.snelders (May 01)
- Re: Saving 802.11 WPA/WPA2 decrypted packets Alexis La Goutte (May 01)
- Re: [Wireshark-dev] Saving 802.11 WPA/WPA2 decrypted packets Sreenivasulu Yellamaraju (May 11)
- Re: Saving 802.11 WPA/WPA2 decrypted packets Max Dmitrichenko (May 11)
- Re: Saving 802.11 WPA/WPA2 decrypted packets Jakub Zawadzki (May 11)
- Re: [Wireshark-dev] Saving 802.11 WPA/WPA2 decrypted packets Sreenivasulu Yellamaraju (May 11)