Context Navigation

← Previous Ticket
Next Ticket →

Ticket #158 (closed defect: fixed)

Opened 3 years ago

Last modified 6 months ago

airdecap-ng fails to properly decrypt wpa traffic

Reported by:	darkAudax	Owned by:
Priority:	minor	Milestone:	0.9
Component:	airdecap-ng	Version:	0.7
Keywords:	airdecap-ng wpa	Cc:

Description (last modified by misterx) (diff)

Thread message: http://tinyshell.be/aircrackng/forum/index.php?topic=365.msg7720#msg7720

Hi.

I have a question for IEEE802.11 header in capture. I tried to airdecap-ng but it do not work, using: 1) Atheros chip wireless MiniPCI card
2) madwifi-ng driver from svn with patch
3) aircrack-0.7 or svn version

results:

# (captured wireless packet from STA association using airodump-ng)
# airdecap-ng -p passphrase -b 00:03:2f:77:73:14 -e 'E02SA-WPA' tkip_micerr-03.cap
Total number of packets read          2512
Total number of WEP data packets         0
Total number of WPA data packets        20
Number of plaintext data packets         0
Number of decrypted WEP  packets         0
Number of decrypted WPA  packets        16

I checked output file, only group key exchange has decrypted successfull, and 'Total number of WPA data packets 20' tells airdecap does not detect WPA packets from capture file.

So I modified IEEE802.11 header offset to airdecap getting bssid from each frame.

It worked well, is that something wrong for capture or decrypt?

diff -cr aircrack-ng-0.7/src/airdecap-ng.c aircrack-ng-0.7-00/src/airdecap-ng.c
*** aircrack-ng-0.7/src/airdecap-ng.c   2007-01-04 06:50:40.000000000 +0900
--- aircrack-ng-0.7-00/src/airdecap-ng.c        2007-04-02 01:19:04.000000000 +0900
***************
*** 941,947 ****

          /* check the BSSID */

!         switch( h80211[0] & 3 )
          {
              case  0: memcpy( bssid, h80211 + 16, 6 ); break;
              case  1: memcpy( bssid, h80211 +  4, 6 ); break;
--- 941,947 ----

          /* check the BSSID */

!         switch( h80211[1] & 3 )
          {
              case  0: memcpy( bssid, h80211 + 16, 6 ); break;
              case  1: memcpy( bssid, h80211 +  4, 6 ); break;

results:

# airdecap-ng -p passphrase -b 00:03:2f:77:73:14 -e 'E02SA-WPA' tkip_micerr-03.cap
Total number of packets read          2512
Total number of WEP data packets         0
Total number of WPA data packets       799
Number of plaintext data packets         0
Number of decrypted WEP  packets         0
Number of decrypted WPA  packets       494

Attachments

tkip_micerr-03.zip (194.7 KB) - added by S.Shiota 3 years ago.: here is capture and pre-shared key.

Change History

Add/Change #158 (airdecap-ng fails to properly decrypt wpa traffic)

Author

Your email or username:

E-mail address and user name can be saved in the Preferences.

Comment (you may use WikiFormatting here):

Action

leave as closed

reopen Next status will be 'reopened'

Note: See TracTickets for help on using tickets.

Download in other formats:

Context Navigation

Ticket #158 (closed defect: fixed)

airdecap-ng fails to properly decrypt wpa traffic

Description (last modified by misterx) (diff)

Attachments

Change History

Changed 3 years ago by hirte

Changed 3 years ago by hirte

Changed 3 years ago by S.Shiota

Changed 3 years ago by darkAudax

Changed 3 years ago by misterx

Changed 3 years ago by misterx

Changed 3 years ago by misterx

Add/Change #158 (airdecap-ng fails to properly decrypt wpa traffic)

Download in other formats: