Results 1 to 3 of 3

Thread: Is using driftnet possible on wpa2?

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    6

    Default Is using driftnet possible on wpa2?

    Hello. I do not use backtrack for my operating system, but I thought this would be a good place to ask this question.

    Right now I am trying to figure out a way to use driftnet in real time on my WPA2 protected network. I know I can use the air suite to capture the packets decrypt them and run them through tcpreplay, but this is not in real time.

    Currently the only way I have to watch the packets in real time is with wireshark and use aireplay to deauth a client for the handshake packets so wireshark will decrypt the packets. Is there any methods to let driftnet use this data?

    Or is there another program or set of programs I should be using to accomplish this? Or is it not possible at all with the currently available toolset.

  2. #2
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Quote Originally Posted by methanol View Post
    Currently the only way I have to watch the packets in real time is with wireshark and use aireplay to deauth a client for the handshake packets so wireshark will decrypt the packets. Is there any methods to let driftnet use this data?
    That reads like you're not doing it on your own network to me.

    If you are on your own network: there is no reason for driftnet to operate any differently to if you are wired or not - you may need to route traffic through your device (or make it act as a WAP), but the basic principles are the same. Make sure you've actually connected to the network rather than just sitting there sniffing it.

    It works just fine on my WPA2 network.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  3. #3
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    6

    Default

    I don't quite understand how it doesn't sound like I am not on my own network, wireshark is not going to decrypt it without the phrase or key and it is also not going to decrypt them without the handshake packets.

    Anyway after further reading I found that it is not possible with the current tool set, without actively trying to get the traffic. Maybe eventually airtun-ng will support WPA.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •