Continuing on the quest to decrypt WiFi traffic, I've written code to validate the WPA PTK. This wasn't strictly necessary, and I tried to avoid doing so if only to get to the end goal faster, but when I started implementing the CCMP decryption and it wasn't working, I needed more visibility into what was going on. As before, I arrived at this code by studying various online resources and the Aircrack-ng source code.

Continuing with the quest to decrypt wifi traffic, I needed to be able to calculate the PTK (Pairwise Transient Key).

One of the features I've wanted to implement for Packet Gremlin is the ability to decrypt encrypted WiFi traffic. I only know of two tools capable of this... Airdecap-ng, which can't do it on a live capture, and Wireshark, which can't capture wireless traffic on Windows due to a limitation of WinPCap. One of the things needed for implementing this feature is to calculate the Pairwise Master Key. By studying the source code of airdecap-ng and various online resources, I found that this is actually trivial.