First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Decrypting SAE packets in Wireshark

  • retag add tags

Is it possible to decrypt Simultaneous Authentication of Equals (SAE) using Wireshark? SAE is part of WPA-3 personal authentication.

I have a capture that I can share, but I wanted to know if it is technically possible.

Amato_C's avatar
1.2k
Amato_C
asked 2019-10-23 15:50:20 +0000
grahamb's avatar
23.8k
grahamb
updated 2019-10-24 10:13:31 +0000
edit flag offensive 0 remove flag close merge delete

Comments

Wildshark? Presumably a typo.

grahamb's avatar grahamb (2019-10-23 16:48:14 +0000) edit
more
  • delete

Yes, it was a typo. I corrected it. Sorry for the confusion

Amato_C's avatar Amato_C (2019-10-23 17:42:30 +0000) edit
more
  • delete
1

https://www.wireshark.org/lists/wireshark-dev/201903/msg00067.html

At least some work in the area from the great people working on Wireshark.

Bob Jones's avatar Bob Jones (2019-10-24 13:28:52 +0000) edit
more
  • delete

Thank you Mr. Bob Jones!

Amato_C's avatar Amato_C (2019-10-24 17:11:46 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

Hi Amato,

funny to see you again in a Wireshark forum after all those years. We used to work together, remember? I am one of the Bochum guys...

To answer your question: You need to retrieve not only the air traffic, but also the key from either hostapd or wpa_supplicant by using the -d -K flags. You'll find it explained in more detail here: https://wiki.wireshark.org/HowToDecry...

Hope this helps (although it may be way too late),

Sascha

Sascha's avatar
1
Sascha
answered 2023-05-03 13:47:39 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer