Networking newbie here.
I am running some experiments on IoT devices for which I need to capture the handshakes of the devices on my network in order to decrypt the frames I obtain through monitor mode. So far, I have been capturing the handshakes and manually inspecting some of the packets for analysis through Wireshark / Tshark. I am trying to automate the process by doing the following:
- Deauthenticate device using
- Capture handshake using
- Start capturing packets using
I was wondering if it is possible to use the already captured handshake (step 2) to decrypt the frames instead of having to capture the handshake in Tshark itself.
Is it possible for me to deauthenticate a device and then successfully capture its handshake in Tshark?
Please keep in mind that I am attempting to automate this process, so I need to know what would make a proper pipeline. I also welcome suggestions if there’s a better way of doing this.
Thanks in advance!