This is an old revision of the document!
With airdecap-ng you can decrypt WEP/WPA/WPA2 capture files. As well, it can be used to strip the wireless headers from an unencrypted wireless capture.
airdecap-ng [options] <pcap file>
|-l||don't remove the 802.11 header|
|-b||bssid||access point MAC address filter|
|-k||pmk||WPA/WPA2 Pairwise Master Key in hex|
|-e||essid||target network ascii identifier|
|-p||pass||target network WPA/WPA2 passphrase|
|-w||key||target network WEP key in hexadecimal|
The following removes the wireless headers from an open network (no WEP) capture:
airdecap-ng -b 00:09:5B:10:BC:5A open-network.cap
The following decrypts a WEP-encrypted capture using a hexadecimal WEP key:
airdecap-ng -w 11A3E229084349BC25D97E2939 wep.cap
The following decrypts a WPA/WPA2 encrypted capture using the passphrase:
airdecap-ng -e 'the ssid' -p passphrase tkip.cap
For ESSIDs which contain spaces, put the ESSID in quotes: 'this contains spaces'.
None at this time.