Aircrack-ng forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

Aircrack-ng 1.7 release

Sorry Guest, you are banned from posting and sending personal messages on this forum.
This ban is not set to expire.
Pages: [1]   Go Down

Author Topic: airdecap-ng  (Read 4595 times)

roy_m

  • Newbie
  • *
  • Offline Offline
  • Posts: 1
airdecap-ng
« on: February 17, 2015, 07:42:19 am »

Hi,

I am trying to work my way through the following network forensics contest. http://forensicscontest.com/2011/07/31/puzzle-7-anns-dark-tangent-defcon-2010

I have the packet capture file: http://forensicscontest.com/contest07/evidence-defcon2010.pcap

and I have cracked the key with aircrack-ng. I am then trying to get a decrypted packet capture with:

airdecap-ng -w 4A:7D:B5:08:CD evidence-defcon2010.pcap

but the resulting packet capture seems not quite correct. It feels like perhaps the packet disectors might be slightly offset in the resulting packet capture because the IP addresses that I can see in wireshark and NetworkMiner seem off.

I am using Ubuntu 14.04 and  Airdecap-ng 1.2 beta1

Thanks a lot for your time

Logged
Pages: [1]   Go Up