Il 22-10-2008 14:37, Marco De Vitis ha scritto:
I'll try when I get back home.
No success :(.
I'm having a hard time even sniffing my own traffic.
After some tests, it seems the only way to decrypt some data is by
setting the "Ignore the protection bit" option to "Yes - with IV". But,
even with this setting, if I sniff my own traffic (no "promiscuous
mode") I cannot even see the password of a POP3 session in the captured
data, which I see instead in a normal ethernet sniffing; I see the user,
but not the password.
Moreover, it seems that the Airport card is working normally also while
in monitor mode, my Internet activity continues as usual; isn't this
strange, according to the docs?
Also, in the wiki I read:
"WPA and WPA2 uses keys derived from an EAPOL handshake to encrypt
traffic. Unless all four handshake packets are present for the session
you're trying to decrypt, Wireshark won't be able to decrypt the
traffic. You can use the display filter eapol to locate EAPOL packets in
your capture."
But I couldn't find any EAPOL packets anywhere in my captures...
Any help is welcome.
--
Ciao,
Marco.