Differences

This shows you the differences between two versions of the page.

--- airdecap-ng [2007/02/21 17:18] – cleanup and expanded darkaudax
+++ airdecap-ng [2009/08/14 17:13] – used dokuwiki internal link mister_x
@@ Line 3: / Line 3: @@
 ===== Description =====
 With airdecap-ng you can decrypt WEP/WPA/WPA2 capture files.  As well, it can be used to strip the wireless headers from an unencrypted wireless capture.
+It outputs a new file ending with "-dec.cap" which is the decrypted/stripped version of the input file.
 ===== Usage =====
@@ Line 16: / Line 18: @@
 |-w|key| target network WEP key in hexadecimal|
+Wildcards may be used on the input file name providing it only matches a single file.  In general, it is recommended that you use a single file name as input, not wildcarding.
 ===== Usage Examples =====
@@ Line 25: / Line 28: @@
   airdecap-ng -w 11A3E229084349BC25D97E2939 wep.cap
-The following decryptes a WPA/WPA2 encrypted capture using the passphrase:
+The following decrypts a WPA/WPA2 encrypted capture using the passphrase:
   airdecap-ng -e 'the ssid' -p passphrase  tkip.cap
 ===== Usage Tips =====
-For ESSIDs which contain spaces, put the ESSID in quotes: 'this contains spaces'.
+==== WPA/WPA2 Requirements ====
+The capture file must contain a valid four-way handshake.  For this purpose having (packets 2 and 3) or (packets 3 and 4) will work correctly.  You in fact don't truly need all four handshake packets.
+As well, only data packets following the handshake will be decrypted.  This is because information is required from the handshake in order to decrypt the data packets.
+==== How to use spaces, double quote and single quote in AP names? ====
+See this [[:faq#how_to_use_spaces_double_quote_and_single_quote_in_ap_names|FAQ entry]]
 ===== Usage Troubleshooting =====