-1

I want to see which images are being sent through the air using my wifi and foreign wifi. How do I do that without cracking WPA(2) but just filtering out the unencrypted packages using windows or kali linux in a vm on windows?

Vitalis Hommel
  • 171
  • 4
  • 2
    It's either using WPA or it's unencrypted, not a mix. Either way, sniffing data on 'foreign wifi' is illegal in most countries. – J.A.K. Jul 13 '17 at 21:06

2 Answers2

0

You can not do that. In a WPA(2) wireless network it is not possible to send something which is not protected by the WPA(2) encryption. Indeed you can for example send a image unencrypted via HTTP (OSI-Model Layer 7) but the WPA(2) encryption is on a lower level (OSI-Model Layer 2). Therefore it is not possible to just filtering out unencrypted packages.

40F4
  • 932
  • 6
  • 16
0

That is not possible, if you don't have the key of the client-AP connection, there's no way to decrypt it, let alone reassembling the (decrypted) TCP packages of the file/image.

In WPA2 all connections have their own key, not even just by knowing the "Passphrase" (The word-text you input to connect to the Wi-Fi) you can see the traffic.

In order to accomplish this, you would have to capture the four-way handshake, together with the passphrase (Which can be brute-forced with the 4WHS), and only then you would be able to decrpyt the packages.

PS: There's a technique in WEP called Chop-chop in which you can decrpyt a single packet, by exploiting a CRC-32 weakness, but even this way you would have to manually pick which packets to decrpyt and then reassemble them to "see" the file/image.

Azteca
  • 1,116
  • 7
  • 16
  • This was bumped to the homepage today so I'll add my input. Your statements about WPA only apply to WPA2-Enterprise, as you can see from the following answer, WPA2-Personal encrypts all data on the wireless network with the same key. https://security.stackexchange.com/questions/35780/why-is-wpa-enterprise-more-secure-than-wpa2 so regarding the original question, the user could see all images being transmitted on his/her wi-fi so long as they are not encrypted in the application layer... assuming the OP controls the network and can choose to use WPA2-Personal. – Owen Sep 11 '17 at 20:35
  • @Owen Nope, they key to encrypt data (The image) is generated Dynamically on all WPA/2 - Personal/Enterprise, the PSK (Generated with the passphrase by the PBKDF2) it's the same, but the PTK (Used to encrypt data - images) it's different for each client and even connection session (If you disconnect and reconnect, you will get a different PTK) – Azteca Sep 12 '17 at 18:37
  • @Owen Not sure whose answer you're talking about, but I'll guess it's [Rod MacPherson](https://security.stackexchange.com/a/35855/70301). And he means the PSK it's the same, and that's true, It's easy to "crack" the passphrase, but it doesn't mean you can see plain text traffic (the image) from another user, since this is encrypted per-user key, again, the PTK (Sometimes called PMK also). So thanks for your input, but it's not relevant to the original question/answer. – Azteca Sep 12 '17 at 18:40
  • @Owen [Here](https://security.stackexchange.com/a/158671/70301) I tried to explain it to the best of my knowledge, and also [here](https://security.stackexchange.com/a/157745/70301) I talk about it. – Azteca Sep 12 '17 at 18:46