Decrypt and view WEP pcap from terminal - jhu-information-security-institute/NwSec GitHub Wiki

  1. Decrypt the WEP pcap using airdecap-ng 
    $ sudo airdecap-ng -w <WEPKEY> <FILENAME>
    • Default decrypted output will be <FILENAME>-dec.pcap
    • WEP key should be 10-digit hex (e.g., 0123456789)
  2. View the decrypted pcap with tshark 
    $ sudo tshark -r <FILENAME>-dec.pcap
⚠️ **GitHub.com Fallback** ⚠️