Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless How To

Finding the Four-way Handshake

To make sure we captured a authentication handshake, we can use the network protocol analyzer Wireshark (formerly Ethereal). Wireshark allows us to view packet contents and sort by type of packet captured to pull out the WPA handshake.

Open up Wireshark (Backtrack > Privilege Escalation > Sniffers) and open the Kismet capture "dump" file (Kismet-<date>.dump) to view all the captured packets. The WPA four-way handshake uses the Extensible Authentication Protocol over LAN (EAPoL).

Using Wireshark, we can filter the captured packets to display only EAPoL packets by entering "eapol" in the filter field (Figure 7).

EAPoL filter applied to captured packets

Figure 7: EAPoL filter applied to captured packets

Here, we're basically looking for four packets that alternate source, client-AP-client-AP (I've highlighted them in red in Figure 7).

Now that we've confirmed that we've captured a four-way handshake it's time to perform the crack.

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Interesting topic: https://www.reddit.com/r/pihole/comments/f65sge/place_to_test_ad_block/I don't see Diversion on the list of favorite blockers! We s...
We've got an AC3200 as the primary router with an AC68U as an access point on the 2nd floor. They're connected over ethernet. About 1800sf on each flo...
Hi,until I find a better way to do, I have debian and asteriskinstalled in my ac56u following https://hqt.ro/asterisk-voip-server-running-on-asuswrt-r...
Hi!I have an ASUS RT-AC86U with Merlin Firmware 384.13_0. I couldn't receive IPTV until I enabled IGMP Proxy. Now I can play the content, but after 2 ...
Hey,I've installed Diversion today on my ax88u and I started running some tests on popular services the family uses. I noticed on my Macbook Pro I was...

Don't Miss These

  • 1
  • 2
  • 3