Attacking Wifi with Wireshark

For a thing , I want to dump the wlan traffic between an Android app and a wifi camera. It isn't hard to grab network traffic from Android, if you have a rooted device you can just run tcpdump . tcpdump on Android is annoying, you have to manage the pcap files and it isn't clear what you are capturing.

Thankfully, wireshark can be fed WPA and WEP keys , making snooping as a third party an absolute breeze. The key options are in the protocol preferences for IEEE 802.11 , they look something like this:

wep:a1:b2:c3:d4:e5
wpa-pwd:MyPassword:MySSID
wpa-psk:0102030405060708091011...6061626364

The protocol preferences dialog doesn't seem to do any validation of the keys, instead I had to restart wireshark to get the super unhelpful error message.

The wireshark guide mentions the wireless toolbar, but this wasn't available on my platform and I didn't need it. With just the key, WEP traffic can be decrypted. WPA traffic requires that you capture an EAPOL handshake first. The easiest way to do that is observe the device keying, for testing I just had my phone join the network.


Reading: Nemesis Games, All Tomorrows Parties