Ask Your Question
0

Only receiving 802.11 Packets.

asked 2023-12-18 16:59:56 +0000

va3ham gravatar image

Hello, First, Thank you to whomever for your assistance with this issue. My issue is with getting only 802.11 & LLC packets. I have been checking other people's queries, and nobody can really solve it. I'm using Kali Linux, with a up to date Alfa adapter. I have deleted and reinstalled Wireshark, checked all possible options, (edit-->preferences-->protocols-->IEEE 802.11-->Enable decryption---->added my WPA PWD, and WPA PSK. I have also always checked, capture-->options-->enable promiscuous mode on all devices. & finally I am using the Afla adapter 802.11ac AWUS036ACH (b,g,n,AC), & I always use airmon-ng to put the Afla into Monitor Mode.

So, up to now I have used, TCP Dump, T Shark, and Wireshark, with no luck.

P.S. I have never gotten any packets other than, 802.11.

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by » oldest newest most voted
0

answered 2023-12-18 19:56:57 +0000

Bob Jones gravatar image

Assuming this is an issue with decryption, but you could have other issues since you are using an RTL chipset in monitor mode as these are known to be problematic.

Did you see the Gotchas section in the documentation?

Some wireless security mechanisms are decryptable with Wireshark directly, but not all. Assuming you are using one that is straightforward (for example, WPA2-Personal), you will need the 4-way eapol handshake as well as the other items you describe.

Suggestion: start with the wiki page that has a test trace for decryption; this is known to work. Can you decrypt that one?

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

subscribe to rss feed

Stats

Asked: 2023-12-18 16:59:56 +0000

Seen: 73 times

Last updated: Dec 18 '23

Related questions

In a WiFi capture log, why the 11ac “beamformed” bit is shown as both “true” and “false” in wireshark version 2.4.2 (v2.4.2-0-gb6c63ae086)?

No HTTP protocols in scan results

Tshark conversation view output modification

only seeing acks with tshark

Can't decrypt WPA-PSK (WPA/WPA2) even with passphrase and EAPOL Handshake

Forcing Mac OS X to reconnect in monitor mode

ios 11 802.11 frames

Disable protocol and decoded by my lua script

How to Decode Radius MS-MPPE-Recv-Key

eapol malformed packets

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2