Wireshark mailing list archives
Re: Decrypte 802.11 frames with user-provided PTK and GTK
From: Joerg Mayer <jmayer () loplof de>
Date: Wed, 22 Jun 2016 12:17:44 +0200
On Tue, Jun 07, 2016 at 05:58:18PM -0700, HONGWANG wrote:
If user provides "wpa-psk", Wireshark will calculate PTK and GTK using PSK (user-provided) and 4-Way handshake information. However, Wireshark does not allow user to provide PTK and GTK directly. This is the problem I am concerning. Actually in many cases in my work I cannot get "wpa-pwd" or "wpa-psk", instead I can get PTK and GTK. So I am wondering can we add this feature to Wireashark? It should be easy to implement because when user provides PTK and GTK, Wireshark will not need 4-way hanshakr frames any more to decrypte data frames.
Did you open a bug and attach a sample capture + key information yet? thanks Jörg -- Joerg Mayer <jmayer () loplof de> We are stuck with technology when what we really want is just stuff that works. Some say that should read Microsoft instead of technology. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Decrypte 802.11 frames with user-provided PTK and GTK HONGWANG (Jun 08)
- Re: Decrypte 802.11 frames with user-provided PTK and GTK Alexis La Goutte (Jun 08)
- Re: Decrypte 802.11 frames with user-provided PTK and GTK Joerg Mayer (Jun 22)