Revision history  [back]

They are all there but encrypted. For each client-AP "session" you want to decrypt, you need to know the passphrase and capture the four EAPOL packets. When you give this information to Wireshark in the right way, it will automatically decrypt those radio frames for which it has the necessary information and show you the IP and above layers dissected.