How to decrypt 802.11 for wpa2 enterprise

asked 2018-07-11 06:26:19 +0000

xiaohaozi0

updated 2018-07-11 06:33:21 +0000

I have found a document which explained how to decrypt WPA2 enterprise, but I couldn't reproduce it in my PC.

I have downloaded the capture from the link which the document showed,

and used the PMK in the document. Tried 'wpa-psk' and 'wpa-pwd', both of them were not working.

a5001e18e0b3f792278825bc3abff72d7021d7c157b600470ef730e2490835d4 79258f6ceeecedd3482b92deaabdb675f09bcb4003ef5074f5ddb10a94ebe00a 23a9ee58c7810546ae3e7509fda9f97435778d689e53a54891c56d02f18ca162

But it shown as invalid key format.

My Wireshark version is

Version 2.4.6 (v2.4.6-0-ge2f395aa12)

1 Answer

answered 2018-07-11 09:41:37 +0000

Bob Jones

Seems to work fine on all versions I have tested - decrypts up to the first rekey as I only tested the first PMK. When I paste the PMK into the field for wpa-psk (in this case, as we only have the PMK, NOT a passphrase/SSID), it says invalid but when I press enter or leave the dialog box and come back, this notice is cleared. Wireshark 2.6.1 is current; I doubt it matters, but if you did stumble across a defect, they would only fix in the latest version anyway so you might as well be using that if you can. Tested in Linux/2.4.6 and Windows/2.6.1.

image description

Thanks, I have found what my issue is. I input 3 Keys in the same line.

a5001e18e0b3f792278825bc3abff72d7021d7c157b600470ef730e2490835d479258f6ceeecedd3482b92deaabdb675f09bcb403ef5074f5ddb10a94ebe00a 23a9ee58c7810546ae3e7509fda9f97435778d689e53a54891c56d02f18ca162

Actually, they are 3 PMK keys.

xiaohaozi0 ( 2018-07-13 08:36:54 +0000 )

Asked: 2018-07-11 06:26:19 +0000

Seen: 54 times

Last updated: Jul 11