Aircrack-ng

Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: airdecap-ng  (Read 1922 times)

roy_m

  • Newbie
  • *
  • Offline Offline
  • Posts: 1
    • View Profile
airdecap-ng
« on: February 17, 2015, 02:42:19 AM »

Hi,

I am trying to work my way through the following network forensics contest. http://forensicscontest.com/2011/07/31/puzzle-7-anns-dark-tangent-defcon-2010

I have the packet capture file: http://forensicscontest.com/contest07/evidence-defcon2010.pcap

and I have cracked the key with aircrack-ng. I am then trying to get a decrypted packet capture with:

airdecap-ng -w 4A:7D:B5:08:CD evidence-defcon2010.pcap

but the resulting packet capture seems not quite correct. It feels like perhaps the packet disectors might be slightly offset in the resulting packet capture because the IP addresses that I can see in wireshark and NetworkMiner seem off.

I am using Ubuntu 14.04 and  Airdecap-ng 1.2 beta1

Thanks a lot for your time

Logged
 

+ Quick Reply