Wireshark - only broadcast packets captured - run out of ideas!

**Jack2012** · 2014-10-20

Hi,

Im trying to capture the http traffic from my second laptop on my wifi network.

My setup:

Kali VM on OS X with TP LINK WN822N external adapter - packet injection test successful. also captures WPA handshakes fine.

"Victim" - my Win 7 laptop, placed right next to me.

Both machines connected to test wifi network, SSID TestWifi on channel 4, WPA encrypted

Current process:

run airmon-ng wlan0 4 to get mon0 fixed to channel 4

run wireshark. capture on mon0, both promiscuous and monitor mode enabled on capture options.

Result: Only broadcast packets received.

Test: Capturing on wlan0, i see my traffic from Iceweasal browsing on Kali, see nothing of victim browsing.

Ive also tried:

ifconfig wlan0 down, makes no difference
being connected/disconnected from TestWifi

Questions:

I assume wlan0 has to stay connected to TestWifi? Isnt the http traffic still encrypted between the AP and client? So im assuming one of my adapters has to be connected to the network, otherwise how else will i see it?

Grateful for any pointers
Thanks

Thread: Wireshark - only broadcast packets captured - run out of ideas!

Thread Tools

Search Thread

Display

Threaded View

Wireshark - only broadcast packets captured - run out of ideas!

Similar Threads

Finding WPA Keys Broadcast In Clear

Arpspoof broadcast

Non-Wifi packets in Wireshark?

Posting Permissions