I have a wireless card (ALFA AWUS036H) in monitor mode (with airmon-ng start wlan0
) on my Debian machine. In Wireshark, in "capture options", all my interfaces are in promiscuous mode.
The test network is a Wi-Fi network protected by WEP (I have the key).
In Wireshark, I only see information packets (Probe requests, beacon frames, etc.), but no "real" traffic, even if I'm using the network with another device connected to the network. I tried to follow the official documentation ( https://wiki.wireshark.org/HowToDecrypt802.11 ), but I can't see the "Decryption Keys…" button (part "Adding Keys: Wireless Toolbar"). And I thought that I could see the non-decrypted traffic nevertheless, which is not the case.
So how can I see the traffic and decrypt it? Ultimately, I want to use scapy, so I'm open to suggestions with scapy and/or Wireshark.