Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

If it's open, there is no encryption so there is no need to decrypt to see the actual data payloads sent between hosts. What you are likely seeing are management and control frames; these do not require decryption but also do not contain payload data that you might want to see.

To see just data, try a filter such as

wlan.fc.type_subtype in {0x20 0x28}

If you have a capture from a monitor mode device, then this filter should hide the management and control frames and just show data/QoS data frames. For a network that is open, the payloads here will be visible (for example, might be http, dns, whatever).