Skip to main content
Super User

All Questions

Ask Question
Tagged with
21 questions
Newest Active Bountied Unanswered
0 votes
0 answers
190 views

Wpa PTK and GTK in detail

I have been checking Pairwise and Group Transient keys in a network for security. I understand PTK is derived from = PMK, AP nonce (ANonce), STA nonce (SNonce), AP MAC address, and STA MAC address ...
C.Unbay's user avatar
C.Unbay
  • 105
0 votes
2 answers
3k views

Wireshark filtering, wpa2 handshake type value and other types

I am capturing a wpa2 handshake with wireshark, and there is the type value of 03 which is a key I wonder if this type is constant for wpa2 handshakes, also the value of other types, if there were to ...
C.Unbay's user avatar
C.Unbay
  • 105
1 vote
0 answers
1k views

Decrypting TLSv1.3 data using SSLKEYLOGFILE from native app

I am trying to decrypt TLSv1.3 packets using Wireshark. I have succeeded in doing so using this tutorial: https://blog.didierstevens.com/2020/12/28/decrypting-tls-streams-with-wireshark-part-2/ This ...
tomvis1984's user avatar
tomvis1984
  • 11
12 votes
1 answer
1k views

Is my connection really encrypted through VPN?

I am checking that my VPN is really encrypting connection, using wireshark. When I capture from the WiFi interface the data is encrypted by openvpn protocol, but when I capture Local Area Connection (...
Fros Vonex's user avatar
Fros Vonex
  • 125
1 vote
0 answers
2k views

Is it possible to decrypt SSL/TLS traffic with wireshark? [duplicate]

I'm trying to analyze the outgoing requests of an application on my windows 10 computer, but I'm not aware of any way to capture the secret key needed to decrypt the traffic. I have used Teleriks ...
WanderingCoder's user avatar
WanderingCoder
  • 55
0 votes
1 answer
958 views

When connecting via SSH, does the Diffie-Hellman key exchange take place over an unencrypted TCP session or does encryption occur before the exchange?

I'm a cybersecurity student and I'm eager to understand the basic processes of an SSH session. I wrote down the stages to the best of my ability, but need help understanding what happens right after ...
Dequavis's user avatar
Dequavis
  • 7
1 vote
1 answer
409 views

Seeking explanation of occurences during Wireshark SSL/TLS decryption

Currently using: OS: Official Kali Linux 2019.4 Browser: Chromium Version 76.0.3809.100 (Developer Build) built on Debian bullseye/sid, running on Debian kali-rolling (64-bit) Wireshark 2.6.10 (Git ...
D. Anderson's user avatar
D. Anderson
  • 11
0 votes
1 answer
1k views

Since wireshark can decrypt the WPA2-PSK with known SSID and PSK, how to protect it for personal usage

Referring the introduce of HowToDecrypt802.11 WPA2-PSK can be Decrypted when knowing the SSID and PSK. While a Wi-Fi sniffer can monitor it easily (e.g : macbook sniffer tool) How can we protect it ...
fangxiao Cao's user avatar
fangxiao Cao
  • 13
0 votes
1 answer
2k views

Capturing mail traffic with Wireshark

i've been trying to use Wireshark to capture an email i am sending from my smartphone on the same wifi network. I'm using Kali Linux (not a virtual machine), i am in monitor mode, i have set up the ...
Snuffduff's user avatar
Snuffduff
  • 3
-4 votes
2 answers
2k views

Decrypting WiFi packets on a public hotspot [closed]

To decrypt 802.11 header in Wireshark, you must know the WPA password. Now, for example, there is a network which when clicked takes you to a login page where every user on the network has a username ...
john's user avatar
john
  • 5
0 votes
0 answers
5k views

Hidden messages in the pcap file

I tried various ways of decoding or analyzing data using wirehark and tshark with cli, also suggested that the pcap data was intentionally damaged by someone and I used pcapfix to fix the sectors of ...
f0xtr0d's user avatar
f0xtr0d
  • 1
0 votes
1 answer
989 views

How could i determine the encryption and cipher of Wireless Network with Wireshark?

I am trying to understand the 802.11 Management and Data frames. I've get through many frames using wireshark and a captured .cap file but not able to find any suitable packet that could show me the ...
Shameer Kashif's user avatar
Shameer Kashif
  • 217
0 votes
2 answers
3k views

Can't Capture Traffic using Wireshark (only 802.11)

I have the following settings: MacBook Pro 2012 macOS 10.12.4 In Wire Shark Under Capture>Options>Wifi En1 Link-layer Header is set to 802.11; Moniter and promiscuous mode are enabled Under ...
user7886229's user avatar
user7886229
  • 113
1 vote
1 answer
2k views

Locate unencrypted HTTP data with Wireshark

Part of an assignment for university is analysing packets from HTTP and HTTPS traffic, however Wireshark doesn't seem to be displaying the HTTP data as I would expecting - just to clarify, I am ...
ryansin's user avatar
ryansin
  • 222
0 votes
1 answer
119 views

Human readable SSL/TLS packets

If I have a protocol-analyzer/packet-sniffer, such as wireshark installed on a particular device.. (or in this case; tcpdump & tshark etc. on my smartphone..) ..should I be able to read ...
voices's user avatar
voices
  • 2,751

15 30 50 per page
1
2