Wireshark-bugs: [Wireshark-bugs] [Bug 10296] Encoded WPA-PSK key exceeds 64 byte limit blocking
Comment # 2
on bug 10296
from rob
I found a different route to capture and decrypt the packets.
Setup a Raspberry Pi with Kismet and aircrack-ng. Kismet created the capture
file and airdecap-ng decrypted it with the full 63 byte key in single quotes.
Taking the same Kismet encrypted pcap into Wireshark has the same issue.
Wireless toolbar -> Add new -> WPA-PSW
Put in the raw pass phrase and no packets appear to be decrypted. Edit the pass
phrase so that the spaces are left as spaces but the double quotes are encoded
as %22 and get the same "WPA key size out of range!" message.
I tried WPA-PSK but can not find out if the Wireshark WPA PSK tool needs any
encoding. http://www.wireshark.org/tools/wpa-psk.html
I tried without encoding, encoding all and encoding only double quotes but no
generated PSK value seemed to work.
The Wifi Toolbar and the IEEE 802.11 preferences really seem to be
disconnected. Sometimes values saved in one will appear in the other and other
times not(mostly not). The decryption will often run when using the wifi tool
bar(the status window counts through the packets) but not when using the IEEE
802.11 preferences, even when Decryption checkbox is checked.
If I enter multiple entries for WPA-PSW and WPA-PSK all for the same SSID which
one is used or does Wireshark try them all until one works?
In fact, does Wireshark know when a decryption is sucessfull?
I will look at TShark and its odd "uat" format of pass phrase input.
I am not in the position to release the pass phrase and I have not got the
resources to setup a seperate environment at this time.
You are receiving this mail because:
- You are watching all bug changes.