Wireshark-users: Re: [Wireshark-users] WEP & WPA decryption
From: BigAl.NZ@xxxxxxxxx
Date: Thu, 14 Jul 2011 20:00:29 +0000
Hi Kevin,
Good point. I am running on a Linux based system so with try escaping it.
I think my WEP capture was to do with not have the monitoring mode locked to a specific channel. I have done some experimenting @ home and successfully decrypted a WEP capture.
-Al
On , kevin creason <ckevinj@xxxxxxxxx> wrote:
> Just a thought- did you try escaping the % sign or enclosing with single quotes?
>
> So, try \&abcde1234\%, or single quotes as in '%abcde1234%'
>
>
>
> Certain specials characters are extra special. :)
>
>
>
> On windows, system variables are referenced as %NAME%.
>
> Other systems it can be Hash variable signifier...
>
> It's just a thought- I'm not sure if this is even remotely possible,
>
> but it's always good to check.
>
>
>
>
>
>
>
> -Kevin
>
> /*“ I am looking for a lot of men who have an infinite capacity to not
>
> know what can't be done. ” -- Henry Ford */
>
>
>
>
>
>
>
>
>
> On Thu, Jul 14, 2011 at 2:29 PM, Al Grant bigal.nz@xxxxxxxxx> wrote:
>
> > HI All,
>
> >
>
> > A bit of a wireshark newbie here, but its such a powerful tool I am
>
> > experimenting and learning.
>
> >
>
> > So far my experiments have lead me to a few questions. With WPA decryption I
>
> > found that:
>
> >
>
> > With a WPA password of the format %word1234% I could not decrypt the
>
> > packets? I wonder if the '%' interfered with it? As soon as I changed the
>
> > password to abcd1234 it decrypted fine? Does anyone know what this was?
>
> >
>
> > Also with WEP decryption I assume that I do not need to capture the session
>
> > handshake?
>
> > With WEP decryption I have also had problems, I tried to enter the WEP Hex
>
> > value in several formats:
>
> >
>
> > wep:xx:xx:xx:xx:xx
>
> > xx:xx:xx:xx:xx
>
> > xxxxxxxxxx
>
> >
>
> > None of them worked - any ideas here?
>
> >
>
> > THanks in advance,
>
> >
>
> > -Al
>
> >
>
> >
>
> > --
>
> > Between stimulus and response there is a space. In that space is our power
>
> > to choose our response. In our response lies our growth and our freedom.
>
> > - Viktor E. Frankl
>
> >
>
> > ___________________________________________________________________________
>
> > Sent via: Wireshark-users mailing list wireshark-users@xxxxxxxxxxxxx>
>
> > Archives: http://www.wireshark.org/lists/wireshark-users
>
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>
> > mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
> >
>
> ___________________________________________________________________________
>
> Sent via: Wireshark-users mailing list wireshark-users@xxxxxxxxxxxxx>
>
> Archives: http://www.wireshark.org/lists/wireshark-users
>
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
Good point. I am running on a Linux based system so with try escaping it.
I think my WEP capture was to do with not have the monitoring mode locked to a specific channel. I have done some experimenting @ home and successfully decrypted a WEP capture.
-Al
On , kevin creason <ckevinj@xxxxxxxxx> wrote:
> Just a thought- did you try escaping the % sign or enclosing with single quotes?
>
> So, try \&abcde1234\%, or single quotes as in '%abcde1234%'
>
>
>
> Certain specials characters are extra special. :)
>
>
>
> On windows, system variables are referenced as %NAME%.
>
> Other systems it can be Hash variable signifier...
>
> It's just a thought- I'm not sure if this is even remotely possible,
>
> but it's always good to check.
>
>
>
>
>
>
>
> -Kevin
>
> /*“ I am looking for a lot of men who have an infinite capacity to not
>
> know what can't be done. ” -- Henry Ford */
>
>
>
>
>
>
>
>
>
> On Thu, Jul 14, 2011 at 2:29 PM, Al Grant bigal.nz@xxxxxxxxx> wrote:
>
> > HI All,
>
> >
>
> > A bit of a wireshark newbie here, but its such a powerful tool I am
>
> > experimenting and learning.
>
> >
>
> > So far my experiments have lead me to a few questions. With WPA decryption I
>
> > found that:
>
> >
>
> > With a WPA password of the format %word1234% I could not decrypt the
>
> > packets? I wonder if the '%' interfered with it? As soon as I changed the
>
> > password to abcd1234 it decrypted fine? Does anyone know what this was?
>
> >
>
> > Also with WEP decryption I assume that I do not need to capture the session
>
> > handshake?
>
> > With WEP decryption I have also had problems, I tried to enter the WEP Hex
>
> > value in several formats:
>
> >
>
> > wep:xx:xx:xx:xx:xx
>
> > xx:xx:xx:xx:xx
>
> > xxxxxxxxxx
>
> >
>
> > None of them worked - any ideas here?
>
> >
>
> > THanks in advance,
>
> >
>
> > -Al
>
> >
>
> >
>
> > --
>
> > Between stimulus and response there is a space. In that space is our power
>
> > to choose our response. In our response lies our growth and our freedom.
>
> > - Viktor E. Frankl
>
> >
>
> > ___________________________________________________________________________
>
> > Sent via: Wireshark-users mailing list wireshark-users@xxxxxxxxxxxxx>
>
> > Archives: http://www.wireshark.org/lists/wireshark-users
>
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>
> > mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
> >
>
> ___________________________________________________________________________
>
> Sent via: Wireshark-users mailing list wireshark-users@xxxxxxxxxxxxx>
>
> Archives: http://www.wireshark.org/lists/wireshark-users
>
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
- Prev by Date: Re: [Wireshark-users] WEP & WPA decryption
- Next by Date: Re: [Wireshark-users] WEP & WPA decryption
- Previous by thread: Re: [Wireshark-users] select multiple packets to mark
- Next by thread: [Wireshark-users] finding the smoking gun for traffic spikes
- Index(es):