User Tools

Site Tools


airdecap-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
airdecap-ng [2007/02/21 17:18] – cleanup and expanded darkaudaxairdecap-ng [2009/09/26 20:07] (current) – Fixed typos darkaudax
Line 2: Line 2:
  
 ===== Description ===== ===== Description =====
-With airdecap-ng you can decrypt WEP/WPA/WPA2 capture files.  As well, it can be used to strip the wireless headers from an unencrypted wireless capture.+With airdecap-ng you can decrypt WEP/WPA/WPA2 capture files.  As well, it can also be used to strip the wireless headers from an unencrypted wireless capture
 + 
 +It outputs a new file ending with "-dec.cap" which is the decrypted/stripped version of the input file.
  
 ===== Usage ===== ===== Usage =====
Line 16: Line 18:
 |-w|key| target network WEP key in hexadecimal| |-w|key| target network WEP key in hexadecimal|
  
 +Wildcards may be used on the input file name providing it only matches a single file.  In general, it is recommended that you use a single file name as input, not wildcarding.
  
 ===== Usage Examples ===== ===== Usage Examples =====
Line 25: Line 28:
   airdecap-ng -w 11A3E229084349BC25D97E2939 wep.cap   airdecap-ng -w 11A3E229084349BC25D97E2939 wep.cap
  
-The following decryptes a WPA/WPA2 encrypted capture using the passphrase:+The following decrypts a WPA/WPA2 encrypted capture using the passphrase:
   airdecap-ng -e 'the ssid' -p passphrase  tkip.cap   airdecap-ng -e 'the ssid' -p passphrase  tkip.cap
  
 ===== Usage Tips ===== ===== Usage Tips =====
  
-For ESSIDs which contain spacesput the ESSID in quotes: 'this contains spaces'.+==== WPA/WPA2 Requirements ==== 
 + 
 +The capture file must contain a valid four-way handshake.  For this purpose having (packets 2 and 3) or (packets 3 and 4) will work correctly.  In fact, you don't truly need all four handshake packets. 
 + 
 +As wellonly data packets following the handshake will be decrypted.  This is because information is required from the handshake in order to decrypt the data packets. 
 + 
 + 
 +==== How to use spaces, double quote and single quote in AP names? ==== 
 + 
 +See this [[:faq#how_to_use_spaces_double_quote_and_single_quote_in_ap_names|FAQ entry]]
  
 ===== Usage Troubleshooting ===== ===== Usage Troubleshooting =====
airdecap-ng.1172074703.txt.gz · Last modified: 2007/02/21 17:18 by darkaudax