airdecap-ng
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionLast revisionBoth sides next revision | ||
airdecap-ng [2006/11/19 16:12] – darkaudax | airdecap-ng [2009/08/14 17:13] – used dokuwiki internal link mister_x | ||
---|---|---|---|
Line 2: | Line 2: | ||
===== Description ===== | ===== Description ===== | ||
- | With airdecap you can decrypt WEP/WPA capture files. | + | With airdecap-ng you can decrypt WEP/WPA/WPA2 capture files. As well, it can be used to strip the wireless headers from an unencrypted wireless capture. |
- | ===== Usage ===== | + | It outputs a new file ending with " |
+ | |||
+ | ===== Usage ===== | ||
airdecap-ng [options] <pcap file> | airdecap-ng [options] <pcap file> | ||
Line 11: | Line 13: | ||
|-l| |don't remove the 802.11 header| | |-l| |don't remove the 802.11 header| | ||
|-b|bssid|access point MAC address filter| | |-b|bssid|access point MAC address filter| | ||
- | |-k|pmk|WPA Pairwise Master Key in hex| | + | |-k|pmk|WPA/WPA2 Pairwise Master Key in hex| |
|-e|essid|target network ascii identifier| | |-e|essid|target network ascii identifier| | ||
- | |-p|pass|target network WPA passphrase| | + | |-p|pass|target network WPA/WPA2 passphrase| |
- | |-w|key| target network WEP key in hex| | + | |-w|key| target network WEP key in hexadecimal| |
+ | Wildcards may be used on the input file name providing it only matches a single file. In general, it is recommended that you use a single file name as input, not wildcarding. | ||
- | ===== Examples | + | ===== Usage Examples ===== |
+ | The following removes the wireless headers from an open network (no WEP) capture: | ||
airdecap-ng -b 00: | airdecap-ng -b 00: | ||
+ | |||
+ | The following decrypts a WEP-encrypted capture using a hexadecimal WEP key: | ||
airdecap-ng -w 11A3E229084349BC25D97E2939 wep.cap | airdecap-ng -w 11A3E229084349BC25D97E2939 wep.cap | ||
+ | |||
+ | The following decrypts a WPA/WPA2 encrypted capture using the passphrase: | ||
airdecap-ng -e 'the ssid' -p passphrase | airdecap-ng -e 'the ssid' -p passphrase | ||
+ | |||
+ | ===== Usage Tips ===== | ||
+ | |||
+ | ==== WPA/WPA2 Requirements ==== | ||
+ | |||
+ | The capture file must contain a valid four-way handshake. | ||
+ | |||
+ | As well, only data packets following the handshake will be decrypted. | ||
+ | |||
+ | |||
+ | ==== How to use spaces, double quote and single quote in AP names? ==== | ||
+ | |||
+ | See this [[: | ||
+ | |||
+ | ===== Usage Troubleshooting ===== | ||
+ | |||
+ | None at this time. | ||
+ |
airdecap-ng.txt · Last modified: 2009/09/26 20:07 by darkaudax