Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

answered 2020-01-06 15:05:12 +0000

Amato_C gravatar image

I would recommend reading the following 2 wiki pages regarding WiFi capturing using Wireshark:

https://wiki.wireshark.org/CaptureSetup/WLAN

https://wiki.wireshark.org/HowToDecrypt802.11

Questions: 1. Is the data encrypted on WiFi? If yes, you should see Data and/or QoS Data frames in your capture. 2. Are you able to decrypt the data? You will need the SSID and WiFi passphrase. You will also need to capture the 4 EAPOL keys - assuming that personal WiFi encryption is being used. 3. If after decryption, can you see any HTTP/HTTPS traffic?

If you are trying to capture traffic from a particular WiFi client, it might be better to create a capture filter to capture only frames to/from that device.

Hope that helps

click to hide/show revision 2
No.2 Revision

updated 2020-01-06 16:50:26 +0000

grahamb gravatar image

I would recommend reading the following 2 wiki pages regarding WiFi capturing using Wireshark:

https://wiki.wireshark.org/CaptureSetup/WLAN

https://wiki.wireshark.org/HowToDecrypt802.11

Questions: 1. Questions:

  1. Is the data encrypted on WiFi? If yes, you should see Data and/or QoS Data frames in your capture. 2. capture.
  2. Are you able to decrypt the data? You will need the SSID and WiFi passphrase. You will also need to capture the 4 EAPOL keys - assuming that personal WiFi encryption is being used. 3. used.
  3. If after decryption, can you see any HTTP/HTTPS traffic?

If you are trying to capture traffic from a particular WiFi client, it might be better to create a capture filter to capture only frames to/from that device.

Hope that helps

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2