How to view data from wifi capture?

2
votes

I am running wireshark on my home network to learn some things. My network is wpa and I know the key, is it possible to reconstruct the ethernet packets?

I know that after you connect to wpa there is a negotiation of a new key, I assume this is ssl or something like that where it uses a public private key mechanism so I can't see it but I wanted to make sure. if it isn't a public private key mechanism and I capture the handshake can I see the rest?

If the network was an unencrypted open network would I be able to reconstruct the communications?

Also, I am running wireshark in monitor mode so that I get the raw wifi packets. Do I have to worry about channel or does it catch all wifi over the air.

Thank you

2
wifiwiresharkpacketwpa
So I could reverse the encryption if I know the key, which every user knows, is that what you are saying?user1763993
This comment would rather be on his answer ;) (or add @pikob for him to be notified)Nikana Reklawyks

2 Answers

0
votes

To do that, you would have to implement router's firmware in own software (cipher/decipher routines). Software that could interest you is CommView and aircrack-ng.

0
votes

Do I have to worry about channel or does it catch all wifi over the air.

Yes, you do have to set the channel on the adapter to the channel where you expect the traffic.