How can I get EAPOL packet's number?

Question

I need to work with EAPOL packets, and I have to distinguish between first, second, third and fourth...

If I'm using WPA2 I can use the first 2 bytes of Key Information field, and I can use Key MIC, Secure, Encrypted Kedy Data... But if I'm using WPA I can't use them because are always settled as zero...

So, have you any suggestion to me??

At risk of sounding facetious - don't use WPA. – Rory Alsop May 02 '15 at 22:13 — Rory Alsop, May 02 '15 at 22:13

score 2 · Accepted Answer · answered May 05 '15 at 07:38

I solve it for both WPA and WPA2 using MIC_SET, ACK and NONCE fields.

MIC_SET   |   ACK   |   NONCE   |   Packet Number
   0      |    1    |     x     |        1
   1      |    0    |     x     |        2
   1      |    1    |     x     |        3
   1      |    0    |     0     |        4

Where with x I indicate that the NONCE has a value different of 0000000...

How can I get EAPOL packet's number?

1 Answers1