Airdecap-ng (Decryption)
Post

Airdecap-ng (Decryption)

Airdecap-ng

Airdecap-ng is useful after we have successfully retrieved the key to a wireless network. We can use it to decrypt WEP, WPA PSK, or WPA2 PSK capture files.

1
2
3
4
5
# Keep the packets targeted to a specific <BSSID> and remove the rest from a cap file (creates a new file)
airdecap-ng -b <MAC> file.pcap

# decrypt saved traffic with a passphrase (check that the passphrase works, we may capture failed logins)
airdecap-ng -b <bssid> -e 'main_office_guest' -p 'haishie0ail6hieM' airdrop.pcap