I'm new to Wireshark and would like to know how to decrypt WPA3 using it. Especially how to retrieve PMK or any other keys required to decrypt it using hostapd. I have access to an android AP (via terminal or any kind of debugging is possible)..
Some info here: https://wiki.wireshark.org/HowToDecrypt802.11
Namely the flags for running hostapd, -d and -K which will dump the keys.
At least for wpa_supplicant, the PMK is shown in the debug output as something like this:
WPA: PMK - hexdump(len=32): d1 f8 aa 86 77 92 8f 81 75 92 d0 01 f9 3b b3 59 fe 73 70 20 90 99 09 ea e6 59 6b 1b aa 0c 39 a2
Of course, your key would be different. I would assume since hostapd and wpa_supplicant are developed together, hostapd would have same/similar debug output with keys. No idea if this debug works on an Android device.
Asked: 2023-09-06 12:21:15 +0000
Seen: 819 times
Last updated: Sep 07 '23
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
