This will open the decryption key managment window. Click on the Decryption Keys… button on the toolbar: If the toolbar isn't visible, you can show it by selecting View->Wireless Toolbar. If you are using the Windows version of Wireshark and you have an AirPcap adapter you can add decryption keys using the wireless toolbar. wpa-psk The key is parsed as a raw pre-shared WPA key.This may not work for captures taken in busy environments, since the last-seen SSID may not be correct. You can optionally omit the colon and SSID, and Wireshark will try to decrypt packets using the last-seen SSID. wpa-pwd The password and SSID are used to create a raw pre-shared WPA key.wep The key must be provided as a string of hexadecimal numbers, with or without colons, and will be parsed as a WEP key.Ī1:b2:c3:d4:e5 0102030405060708090a0b0c0d.When you click the + button to add a new key, there are three key types you can choose from: wep, wpa-pwd, and wpa-psk: You should see a window that looks like this: You should see a window that looks like this:Ĭlick on the "Edit…" button next to "Decryption Keys" to add keys. Go to Edit->Preferences->Protocols->IEEE 802.11. You can add decryption keys using Wireshark's 802.11 preferences or by using the wireless toolbar. WPA/WPA2 enterprise mode decryption works also since Wireshark 2.0, with some limitations. Wireshark can decrypt WEP and WPA/WPA2 in pre-shared (or personal) mode.
0 kommentar(er)
