Since last week I’ve been trying to capture the 4-way-handshake of my own router without success. I tried on different PCs, on different distances to the router, even on different routers, and I even ordered an additional wifi-card that was recommended for use with backtrack. The result is always the same. In Wireshark:
In the top section it always shows that exactly 1 or 4, 2 of 4 and 4 of 4 are malformed and always exactly on 3 of 4 it does not show this message. But when I click on 3 of 4 in the top section, on the bottom of the middle section it also ends up telling, that the packet is malformed. This is always the case, whatever I do:
2385, 19.882257, D-Link_18:af:68, AskeyCom_f4:ee:36, EAPOL, 131, Key (Message 1 of 4)[Malformed Packet] 2387, 19.883838, AskeyCom_f4:ee:36, D-Link_18:af:68, EAPOL, 155, Key (Message 2 of 4)[Malformed Packet] 7033, 34.142877, D-Link_18:af:68, AsustekC_2f:93:df, EAPOL, 235, Key (Message 3 of 4)* 2771, 21.117310, AskeyCom_f4:ee:36, D-Link_18:af:68, EAPOL, 133, Key (Message 4 of 4)[Malformed Packet]
I hope anybody can help!
asked 27 Mar '13, 12:54