04-24-2014, 03:49 PM
I've already read that page, but it's still not clear to me. The example cap file on that page contains the following EAPOL messages: 1/4 - 4/4 - 3/4 - 4/4 so the message 2/4 is missing, but the cap is actually valid. In a cap I've used to test oclhashcat, the only messages are the 1/4 - 2/4 (after using the WPA clean script) and I can actually retrieve the password. So what is the message 2/4?
From what I've understand the messages 1/4 and the message 4/4 with the same replay counter number are the only two neccessary, and they are considered valid if they are followed by a message 3/4 (and 4/4) with a replay counter increased by one. Is it right?
From what I've understand the messages 1/4 and the message 4/4 with the same replay counter number are the only two neccessary, and they are considered valid if they are followed by a message 3/4 (and 4/4) with a replay counter increased by one. Is it right?