{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 姐就是有狂的资本 的问题《unable to read packets captured from wifi network》','https://www.manongdao.com/q-939759.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am connected to my home wifi network using ubuntu 10.10. The protection is WPA2-auto. I want to capture packets from it.
$ sudo iwconfig wlan0 mode monitor
$ sudo wireshark
I try to capture from wlan0. Am connected to the wifi network with an android phone and browsing websites. However I am unable to see unencrypted http packets. I select Edit|Preferences|Capture|Protocols and select 802.11 and select check box to yes for 'decrypt packets'. Still nothing. Any help appreciated.
You must capture the association sequence to be able to decrypt the traffic. If you start your capture when the phone is already connected then Wireshark cannot decrypt the packets.
Solution: run airmon from the aircrack-ng project to set the wireless card into monitor mode. (this was pointed out by a Wireshark developer on the mailing lists, Guy). Apparently iwconfig does not work properly as it has issues on ubuntu.
airmon-ng start wlan0
This will set it into monitor mode and create interface mon0.
After this, I was able to capture off the mon0 interface using wireshark.