1
1
i am trying to sniff the Wifi traffic of my home network.
for that, i run Backtrack LiveCD on a laptop with a DLINK AirPlus DWL g650 wifi adapter. i set my WPA key in wireshark, and running wlan interface in monitor mode enabled. i started the capture.
I can capture the traffic of my 3 others laptop computers connected with wifi to the AP (two Windows XP and one Vista) with no problem. (Of course, i just had to deauth then reauth the computers in order to capture the EAPOL keys with wireshark)
When i browse something on the laptops, i see the traffic clear (HTTP headers etc..) and see the local IP addresses (192.168.1.x) in wireshark.
but when i connect my 2 phones to the AP. (iphone and android) i can see the EAPOL keys coming in wireshark, but when i browse something on the phone , nothing clear showing in wireshark, not even the 192.168.1.x addresses IP. (i am not connected to the 3G but really to my local network, tried airplane mode with wifi too) and instead of clear traffic i got a bunch of: "IEEE 802 Null function (no data)" entries in wireshark.
Why wireshark can decrypt my PCs traffic but it will not decrypt traffic of android or ios device??
I tried forcing deauth several times with aireplay etc.. and manual deauth/auth got EAPOL, but it's like the traffic isn't decrypted correctly?
i tried with another phone, a Nokia n97, and it works good i can see everything...
just not working with android and ios?
...and some 802.11 adapters don't have 802.11n WiFi chipsets at all and thus don't support 802.11n, period, which turned out to be the problem here, as per the original poster's follow-up answer. – None – 2015-09-04T18:25:20.647