WLAN Analyzer and Decoder - CommView for WiFi

Prev Page Next Page
About CommView for WiFi
What's New
Using the Program
Driver Installation
Main Menu
AP and Station Details Window
Latest IP Connections
Viewing Logs
Advanced Rules
Reconstructing TCP Sessions
Reconstructing UDP Streams
Searching Packets
Statistics and Reports
Using Aliases
Packet Generator
Visual Packet Builder
NIC Vendor Identifier
Node Reassociation
Using Remote Agent for WiFi
Using Aruba Remote Capture
Port Reference
Setting Options
Frequently Asked Questions
VoIP Analysis
Working with VoIP Analyzer
SIP and H.323 Sessions
RTP Streams
Registrations, Endpoints, and Errors
Call Logging and Reports
Call Playback
Viewing VoIP Logs
Working with Lists in VoIP Analyzer
NVF Files
Advanced Topics
Monitoring 802.11n, 802.11ac, and 802.11ax Networks
Understanding CRC and ICV Errors
Understanding WPA Decryption
Understanding Signal Strength
Capturing A-MPDU and A-MSDU Packets
Using CommView for WiFi in a Virtual Machine
Multi-Channel Capturing
Spectrum Analysis
Capturing High Volume Traffic
Running CommView for WiFi in Invisible Mode
Command Line Parameters
Exchanging Data with Your Application
Custom Decoding
CommView Log Files Format
How to Purchase CommView for WiFi


The WEP/WPA Keys window allows WEP, WPA, or WPA2 keys to be entered for the decryption of captured packets. Without these keys, the program will not be able to decrypt data packets being transmitted on your WLAN. Since some WLANs use mixed mode encryption, where both WEP- and WPA-enabled clients can authenticate, you can use a WEP key and WPA passphrase simultaneously.


The standard allows you to use up to four WEP keys, so you can specify one, two, three, or four keys. The key length drop-down list allows you to select the key length. Supported lengths are 64, 128, 152, and 256 bits, and you should enter a hexadecimal string that is 10, 26, 32, or 58 characters long correspondingly.


The Wi-Fi Protected Access (WPA) standard defines a number of authentication and encryption modes. Not all of them are supported by CommView for WiFi due to the restrictions of the underlying security model. CommView for WiFi supports decryption of WPA or WPA2  in Pre-Shared Key (PSK) mode using Temporal Key Integrity Protocol (TKIP) or Advanced Encryption Standard/Counter CBC-MAC Protocol (AES/CCMP) data encryption. You can enter either a passphrase or a hexadecimal key that is 64 characters long.

IMPORTANT: Please note that packet traffic encrypted with WPA3 cannot be decrypted. WPA3 uses the passphrase only for authentication; decryption is impossible.


IMPORTANT: Please refer to the Understanding WPA Decryption chapter for detailed information about the way CommView for WiFi processes WPA-encrypted traffic. You may also want to use the Node Reassociation tool once you have entered a new WPA passphrase.



To save the current key set, click Save …. To load a previously saved key set, click Load ….

The key set that you can enter or load using this dialog will be applied to packets captured in real-time, as well as to any NCFX capture files that might have been saved previously. When captured packets are saved to a NCFX capture file, those packets that were decrypted successfully will be saved in decrypted form, while those packets that could not be decrypted will be saved in the original, unmodified form.