Determine why we (frequently) only capture the second and fourth eapol packets for some devices

[poser]

This appears to be an issue:

• from the commandline, as well as within the app;
• for "natural" re-authentication as well as forced de-deauth; and
• even when using a separate adapter for the aireplay command;

In general, we seem to capture all four handshakes, every time, for Android smartphones. For Mac, Linux and Windows laptops, however, we usually only see the second and fourth eapol packets. Occasionally (at least for the Apple laptop), all four come through, but never when expected.

[poser]

I have much better luck capturing all four packets when using my laptop's built-in (802.11abgn via iwlwifi) adapter, rather than my external USB (802.11bgn via ath9k) adapter. Maybe a driver thing? Or something to do with matching the capture device's "modulation" (eg. 802.11a vs. 802.11g vs. 802.11n) and/or transfer rate to those of the target device? (In the latter case, maybe we can find an iwconfig setting that will bridge the gap?)

My success rate does seem to be higher when capturing on an adapter that is similar (or identical) to the target adapter....

[poser]

Until we can come up with a more reliable fix, we may need to provide a second network adapter dropdown (rather than a checkbox) as the widget used to enable or disable forced re-authentication. With my current setup, for example, I have one adapter/driver that is much more reliable at capturing packets from most target devices but is unable to inject packets via aireplay.

So, in my case, if I'm targeting smartphones (or, say, a room full of people who happen to be using the same external USB WiFi adapter as me), I can choose my USB adapter for both capture and injection. But, if I'm targeting laptops, I can choose my internal adapter for capture and use the external adapter for injection.