Hi All!


I'm a little puzzled about the following:


I used airodump-ng with command "airodump-ng --channel 6 -w wpa2 --bssid XX:XX:XX:XX:XX wlan1"


In a separate terminal I started aireplay-ng to force deauth and had it run simultaneously with airodump-ng.


I received the WPA handshake, stopped both airodump-ng and aireplay-ng


Started aircrack-ng with the wpa2*.cap and -w dictionary option


The password was found, BUT...... it was the PW of a station connected to the wifi AP, not that of the AP itself (the WPA/WPA2 PW to connect to the AP).


I was under the impression that above actions would give the PW for the AP, not that of a station connected to that AP.


Can anybody give any clarity about this?


Thank you.