Wireshark · Wireshark-dev: [Wireshark-dev] Wishlist Request: 802.11 GTK Decryption

Wireshark-dev: [Wireshark-dev] Wishlist Request: 802.11 GTK Decryption

From: Anthony Murabito <anthony.murabito@xxxxxxxxx>

Date: Tue, 09 Nov 2010 08:11:37 -0800

Hi Devs,

I was advised via the wiki to send my request here.

Anyhow, here goes:

Wireshark's current stable release (1.4.1 at this time) does not have the ability to decrypt broadcast/multicast 802.11 frames encrypted with the Group Transient Key (GTK). I'd love to see this feature added. The GTK is distributed in Message 3 of the EAPoL 4-Way Handshake for WPAv2 style authentication, and is a separate 2-Way Handshake in WPAv1 style authentication. For the record, PTK (unicast) decryption works great.

If this feature is currently available in a development branch feel free to tell me I am silly, and please point me in the right direction.

Best Regards,

Anthony

Prev by Date: Re: [Wireshark-dev] Dissectors Calling Libraries/Making Network Requests
Next by Date: Re: [Wireshark-dev] usbmon: size of different fields?
Previous by thread: Re: [Wireshark-dev] Wishlist Request: 802.11 GTK Decryption
Next by thread: Re: [Wireshark-dev] nmake problem (cl.exe)
Index(es):
- Date
- Thread