New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WPA2 (IPv4) packets not decrypted #216
Comments
Can you attach a pcap file having a full handshake and some data packets
that fail to be decrypted?
Also, are you using libtins version 3.5? I recently fixed an issue related
to QoS Do 11 packets and that might be what's affecting you
…On May 28, 2017 05:35, "Joey Dreijer" ***@***.***> wrote:
Hiya,
I successfully compiled libtins and wanted to use the example to decrypt
WPA2 packets. I successfully receive/see the handshakes on my console
output, but IPv4 traffic is not decrypted. There is a strange issue that it
seems to be working (ie. successfully decrypting) on Intel-based Wireless
cards, but not on my Realtek (PCI-E based on barebone) and Atheros (USB
Wifi dongles from Alpha/TP-Link). Is there any way to debug what's going
wrong or did you experience the same issue before?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#216>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AA7Jgp03iv1EA5CmirmmB3XDWpEFIVLTks5r-WobgaJpZM4Noora>
.
|
Thanks! I cloned the repo, but didn't see you published a newer release. I'll try it out when I get home and upload a PCAP if it doesn't work. |
Seems that my Intel card together with the new release of libtins is working properly, thank you! :) However, it doesn't seem to decrypt one of my laptop's traffic, while it does decrypt other devices (it does have the handshake btw). Is there any way I can securely share the PCAP with you? Maybe you have a clue what might be going on. Thanks again ^^ |
Sure, you can send me a pcap at matias.fontanini@gmail.com. Do note that I'd need the access point's passphrase to be able to see if I can make it work. |
This is pretty old, but I'm seeing similar behavior trying to decrypt kismet captures. If I catch these exceptions, I end up writing no packets. FWIW the airodump (from aircrack-ng) pcaps decrypt. A quick look shows the pcaps do contain a fair amount of QoS Data and Data frames. Could this be related to datalink headers? I'd have to check, but I think Kismet writes out PRISM headers which aren't currently supported. It also looks like we don't have a default warn case for when we drop a packet in that area of libtins. |
Looks like kismet writes out DLT 105
Which we appear to handle here: Line 60 in 3659d89
FWIW, I tried |
Hiya,
I successfully compiled libtins and wanted to use the example to decrypt WPA2 packets. I successfully receive/see the handshakes on my console output, but IPv4 traffic is not decrypted. There is a strange issue that it seems to be working (ie. successfully decrypting) on Intel-based Wireless cards, but not on my Realtek (PCI-E based on barebone) and Atheros (USB Wifi dongles from Alpha/TP-Link). Is there any way to debug what's going wrong or did you experience the same issue before?
The text was updated successfully, but these errors were encountered: