pythonscapy

How to begin EAP communication with Python/Scapy


I'm programming an application in Python/Scapy that behaves like wireless 802.1X supplicant. I want my application to be able to connect to RADIUS server via EAP protocol. If you look at the EAP messages flowchart here:

http://upload.wikimedia.org/wikipedia/commons/8/8a/EAP_message_flow.png

You can see, that the first message (Request Identity) goes from the Authenticator to the Supplicant. But how does Authenticator know that Supplicant wants to authenticate itself? There must be some previous message from Supplicant to Authenticator letting Authenticator know that you want to authenticate.

I thought, that this message was EAPOL START packet. I tried to forge EAPOL START packet in scapy and sent it to my AP that is configured to support 801.1X + PEAP, but I had no answer from AP. No Request Identity packet was send back to me.

So my question is: Can anybody show me example of packet I have to send to AP (Authenticator) to begin EAP communication (starting with Request Identity packet)?


Solution

  • Ok, I will answer myself:) I have to first authenticate and associate. After successful association, AP finally sends me EAP Request Identity packet.