Page 3 of 3 FirstFirst 123
Results 21 to 28 of 28

Thread: Wireshark capture problems

  1. #21
    imported_silvester
    Guest

    Default reply

    jaapbaas is telling u not to use airmon at all.
    or ,if u have been using ur pc for a while and used airmon before , type the following
    airmon-ng stop xx
    and then start using wireshark.

  2. #22
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default

    Quote Originally Posted by cybrsnpr View Post
    If that is the case, then it is a question of capturing the 4 way handshake.

    Start up wireshark and then try moving your capture device (laptop or whatever you are using) farther and closer to your victim and/or AP. Run your deauth in a seperate shell when you are doing this. Make sure you are filtering wireshark for only eapol packets and that you are collecting on the same interface in wireshark as you are using in airdump-ng. You should see at least 2 packets of the 4 way handshake. Keep changing distance until you get the complete 4 way handshake.

    Hope this helps.
    I did that, and in wireshark I get 6 packets.

  3. #23
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default

    At down left corner on wireshark there is 2 tabs, "Frame" and "decrypted TIKP data" So I can decrypt it using wireshark

  4. #24

    Default

    I did that, and in wireshark I get 6 packets
    Are 4 of those 6 the 4 way handshake?

    If you haven't seen it, THIS is a good tutorial on the 4 way handshake

  5. #25
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default

    Quote Originally Posted by cybrsnpr View Post
    Are 4 of those 6 the 4 way handshake?

    If you haven't seen it, THIS is a good tutorial on the 4 way handshake
    I think so, yes.

    Can I use kismet and wireshark at same time, it seems that wla0 channel is 6. I run iwconfig 10 times, and Frequency:2.437 GHz

  6. #26

    Default

    Yes, you can use kismet and wireshark at the same time. Just be sure that wireshark is using the correct interface and that that interface is locked to the channel you want.

  7. #27
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default

    Quote Originally Posted by cybrsnpr View Post
    Yes, you can use kismet and wireshark at the same time. Just be sure that wireshark is using the correct interface and that that interface is locked to the channel you want.
    In Kismet I think I use wlan0 and I use that same in Wireshark. So if I set it to channel 6 Kismet cant use channel hopping?

    Can I do it like this

    Start Kismet and lock it to channel 6, then start wireshark

  8. #28

    Default

    Quote Originally Posted by Jarmo View Post
    In Kismet I think I use wlan0 and I use that same in Wireshark. So if I set it to channel 6 Kismet cant use channel hopping?

    Can I do it like this

    Start Kismet and lock it to channel 6, then start wireshark
    That should work.

Page 3 of 3 FirstFirst 123

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •