What's new

Wireless packet capture on Asuswrt-merlin

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

vpittman

New Around Here
Hi all,
New to the forum and learning wireshark and packet sniffing...

I've got a network 'lab' set up as follows :
Lenovo laptop running Kali linux with 2 wireless cards, one on my home network and the other for packet capture (in monitor mode)
and an old Linksys WRT54GS router (stock firmware) ssid WirelessLab (2.4 GHz) wpa2 security

With this setup I use airodump-ng to target that ssid/channel and connect a client to that ssid. I then confirm that I get the 4 handshake packets. Then in wireshark I open the airodump-ng file and by adding the password:ssid to the decrypt portion of the IEEE 802.11 protocol I can see all of the decrypted traffic.

But,
When I use this same process on my home network (an ASUS RT-AC86U running asuswrt-merlin) all I get is broadcast packets (I do have the password:ssid and I did get the handshake)

Is this due to the firewall rules (iptables) on the ASUS router ?
How can I see the decrypted wireless traffic on the ASUS router ?

Thanks for all the help,
Victor
 
Thanks, that makes sense...

and upon further inspection it is decrypting some, just not what I'm expecting. I must have something set up wrong in my testing

Thanks again for the reply !
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top