On Sun, 1 May 2011 08:10:18 +0000 Sreenivasulu Yellamaraju wrote:
>- even if the input file can be split into smaller files using the File
Save
>As and Range feature,not all of the output files can be decrypted with the
>known passphrase as only one of
> the split files will have the EAPOL 4-way key handshake captured and the
>rest will have only data traffic without EAPOL 4-way handshake captured
in
>them.
Hi Sreenivasulu,
You can save the EAPOL packets to a separate file and merge this file with
the other smaller files:
- mark the 4 EAPOL packets
- save the marked packets: File | Save As... | Packet Range: select Marked
packets
The next step is to merge the EAPOL packets with the other files.
Wireshark:
- open the file, with the EAPOL packets
- got to File | Merge...
- select file2.pcap and click Open
- save the new file
mergecap
$ mergecap -w outfile.pcap EAPOL.pcap file2.pcap
Hope this helps
Joke