Thanks. I thought that bug had already been filed, but perhaps this had only been mentioned on this listserv before.
Frank -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Soh Kam Yung Sent: Thursday, April 12, 2007 8:37 PM To: Community support list for Wireshark Subject: Re: [Wireshark-users] Viewing TKIP-encrypted data On 4/12/07, Frank Bulk <[EMAIL PROTECTED]> wrote: > David: > > Did you get a chance to review this page? > http://wiki.wireshark.org/HowToDecrypt802.11?highlight=%28CategoryHowTo%29 > > Frank Interesting. I didn't know that page existed. The sample capture provided on the page highlights that Wireshark does not decrypt the WPA group keys properly, either for WPA or WPA2. (The method for delivering the WPA group keys differ between the two specs.) In that sample capture, Packet No. 92 is the packet delivering the group key but is mis-interpreted by Wireshark as a malformed EAPOL packet. Packet No. 249 is an example of a broadcast packet that is not decrypted by Wireshark. I have filed a bug on this (http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1420). Hopefully, this can be resolved in a future version of Wireshark. Regards, Kam-Yung -- Soh Kam Yung my delicious links: (http://del.icio.us/SohKamYung) my simpy links: (http://www.simpy.com/user/kysoh/links) _______________________________________________ Wireshark-users mailing list [EMAIL PROTECTED] http://www.wireshark.org/mailman/listinfo/wireshark-users _______________________________________________ Wireshark-users mailing list [EMAIL PROTECTED] http://www.wireshark.org/mailman/listinfo/wireshark-users
