Wpa-psk Or Wpa2-psk

0 views
Skip to first unread message

Adah

unread,
Aug 3, 2024, 2:47:47 PM8/3/24
to saicangastse

I'm trying to set it up using Windows as opposed to the proprietary Rosewill software -- the Rosewill software is a little over my head. It can find the network fine, but when I try to connect, I don't get the password prompt -- it moves straight to "validating identity," scans, and then says "Windows was not able to find a certificate to log you on to the wireless network Foo."

The maddening thing is that the card was working fine a week ago, in the same box, using the same OS. I pulled everything out, swapped out the motherboard, and reinstalled Windows on a freshly wiped hard drive, and now I can't get it up and running again. Suggestions?

I've taken several runs at it, including attempting to manually change the settings for the network to include WPA-PSK and AES and the password, and I'm a bit worried that I've totally boned everything.

from your screen shots what I am seeing is you chose wpa2-only for your encryption on your router and you are setting your ethernet card to wpa-psk. You need to change the routers encryption to just wpa or wpa-psk. your card does not support wpa2 if i am reading your dropdown list correctly on your card.

You can try stepping up encryption to wpa/tkip, wpa-psk/aes, wpa-psk/tkip however the settings must be the same on both your router and your card. That said you cannot have wpa set on your card and have wpa-psk set on router.

I've been using mon0 to capture network traffic for say 5-10 minutes, I've verified that the capture has all 4 packets for the EAPOL protocol so it has captured my wireless handshake completely. However when trying to decrypt this data I seem to have no luck... I've been able to successfully decrypt the sample capture file so I know I'm following the correct process. I've tried to decrypt using wpa-pwd and wpa-psk (pre shared key generated) (my network is using WPA2-PSK) and none of the data actually changes after the decrypt. I can also confirm that after logging into a website even on my local machine it doesn't capture the cookies (verified by filter http.cookie contains "datr") however I believe this is because the decrypt wasn't successful. Basically my aim is to sniff my local network for HTTP cookies.

On another note, I've confirmed that my adapter is running mon0 and it's enabled however in the Wireshark interface list it says that monitor mode is disabled on mon0? Do I have to enable this from within Wireshark as well?

So, if it does not work on Lubuntu, there is probably something missing in your Wireshark version. Please post the output of wireshark -v. Maybe your version is built without the required crypto libraries !?!

For anyone else reading this, make sure you disable and then enable wireless on a client you want to see the traffic from while the capture is running as if you don't capture the initial handshake between the client and the AP you cannot decrypt the traffic even with the psk.

But I can't use "wpa-pwd". I have to connect to the web site , recover the WPA PSK from (1)Password and (2)ESSID. Then in wireshark, just enter this WPA PSK in "wpa-psk" and as soon as u clicked on Ok, all is decrypted ;)

In this post we will see how to decrypt WPA2-PSK traffic using wireshark. This is useful when you study (my case for CWSP studies) different security protocols used in wireless.Here is the basic topology for this post.

Before start capturing you should know which channel your AP is operating. Since my AP is managed by WLC 4400, I can simply get that info from CLI. Otherwise you can simply use application like InSSIDer to see which channel given SSID is operating. I am using 5GHz & therefore get 802.11a summary here (If you want sniff 2.4GHz, then you can issue command with 802.11b)

If you enter the 256bit encrypted key then you have to select Key-type as wpa-psk.If you want to get the 256bit key (PSK) from your passphrase, you can use this page. It use the following formula to do this conversion

I have used simple plaintext password (ie wpa-pwd key type) in below. You can simply enter the plaintext password only (without SSID name).In this case wireshark try to use last seen SSID, It is always good practice to use .

Hello, firstly congratulation for this post.
I am trying to study the 802.11i.
I would like to capture and see encrypted frames, specially DHCP request frames.
Unfortunately I just can capture beacon, CTS, RTS and QoS. This post taught me that QoS is an encrypted frame.
But how can I do for capture and see others encrypted frames?

c80f0f1006
Reply all
Reply to author
Forward
0 new messages