Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

asked 2020-01-01 09:42:26 +0000

Yedivach gravatar image

Does Wireshark supports decryption of 802.11 packets with PTK as user's input (instead of PMK/password)

When Wireshark decrypt 802.11 packets, it uses the password to generate the PMK) and then take the 4-way handshake (EAPOLS) and create the unicast keys - Pairwise transient key (PTK).

In case of not capturing the 4-way handshake the calculation of the PTK is impossible.

Does provide the PTK straight from the user is something possible on Wireshark (bypass the PTK calculation that exists today)?

Does Wireshark supports decryption of 802.11 packets with PTK as user's input (instead of PMK/password)

When Wireshark decrypt 802.11 packets, it uses the password to generate the PMK) and then take the 4-way handshake (EAPOLS) and create the unicast keys - Pairwise transient key (PTK).

In case of not capturing the 4-way handshake the calculation of the PTK is impossible.

Does provide the PTK straight from the user is something possible on Wireshark (bypass the PTK calculation that exists today)?

Does Wireshark supports decryption of 802.11 packets with PTK as user's input (instead of PMK/password)PMK/password)?

When Wireshark decrypt 802.11 packets, it uses the password to generate the PMK) and then PMK. The next step is to take the 4-way handshake (EAPOLS) and create (using the PMK and the EAPOLS) the unicast keys - Pairwise transient key (PTK).

In case of not capturing the 4-way handshake the calculation of the PTK is impossible.

Does provide the PTK straight from the user is something possible on Wireshark (bypass the PTK calculation that exists today)?