failure after 4 way handshake

Jouni Malinen jkmaline at cc.hut.fi
Sun Oct 16 11:30:21 EDT 2005


On Sun, Oct 16, 2005 at 12:45:59PM +0200, matthieu castet wrote:

> The ethereal sniffer log isn't enough ?
> It was done in monitor mode.

I would like to see a capture file showing all frames, including full
payload, in format that I can load into Ethereal.

> So there no traffic from the master after the '4 way handshake'. And 
> after a 10 seconds timeout client card start probing.

> > Have you tried swapping Michael MIC TX/RX keys? That is one of the most
> > common problems with TKIP key configuration. This can be done be
> > swapping bytes 16..23 and 24..31 in the TKIP key.
> Yes I need to swapp the key.

What happens if you do not swap the key?

> But as the master don't seem to reply, the key isn't used...

> I believe, I need first to understand why I recieve an encrypted packet 
> after the '4 way handshake'

I'm missing something here. Above you say that there is no traffic from
the AP after 4-Way Handshake and the "don't seem to reply" part sounds
similar. However, now this is talking about an encrypted packet.. That
is a frame I would like to see in the wireless sniffer log that is
captured from another host observing this handshake.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list