With some work, we could begin capturing eapol packets sooner

schloss / insecurity-demos

A packaged, graphical user interface for demonstrating various digital security threats and mitigations in a training room context.

4 stars 2 forks source link

With some work, we could begin capturing eapol packets sooner #48

Open poser opened 10 years ago

poser commented 10 years ago

Log eapol packets and prepend them somehow to subsequent tshark captures (where we include WPA password data)?
Pass WPA password information to a tshark capture that is already running?

poser commented 10 years ago

Or, since tshark will take multiple key:essid pairs, for decryption, we could persist wpa key assignment in the UI, and then include the decryption arguments from the beginning. (In this case, the transition from monitoring encrypted meta-data on all networks to sniffing decrypted data on a specific network would really just mean locking the channel appropriately.)