(09-01-2011, 09:22 AM)atom Wrote: [ -> ]hello hash-it,
thanks for these words. well i thought again about it. but i am still sure its better not to touch .cap parsing code. coding a simple .cap parser wouldnt be a problem. if the .cap is perfect, its easy. but what if there were retransmissions or corrupted packets? that happens often, especially at WLAN.
what i want to say is: the devil is in the detail. from my opinion its better to leave handling of these packets to the people who work on a daily basis with it.
one thing i can do is to setup a converter-page here on hashcat.net. so that not so experienced users do not need to deal with aircrack-ng. and for those who do not want to upload their .cap to a strange place, well they can do locally with my aircrack-ng patch.
Hi atom
Thank you very much for taking the time to reply and especially for coming up with a good plan for the future.
I think I understand the problems you are taking about as I have found out the hard way, that not all WPA captures are usable !
Personally I always use Pyrit and Cowpatty to “verify†that I have a good capture file before attempting a key recovery with EWSA. Maybe this will provide you with some ideas ?
Code I use to do this…
pyrit -r capfile.cap analyze
cowpatty -r capfile.cap analyze
Your idea of a web page is great ! Can I be a bit cheeky and make some suggestions for it ? Please just ignore me if I am asking too much.
Could you please think about……
Make it available via SSL. Even a homemade certificate would be better than none at all.
Allow users to upload fairly large cap files, maybe up to 2 – 3 MB.
Perhaps automatically strip the junk using something like the code in wireshark. I use this filter in wireshark…
eapol || wlan.fc.type_subtype == 0x08
Then "save as" and select "All packets" and "Displayed"
Save as a .cap file
This leaves just the handshake and a beacon frame.
Allow users to use your page to strip and check .cap files and download them as normal .cap files (for use with other programs) and also the new hcap format.
Perhaps running some sort of code in java on the local machine may save on bandwidth and user privacy ? Apologies for my ignorance on this if that won’t help.
I also wonder if someone from the aircrack team would help make a standalone .cap file stripper and checker ? This would be awesome just a simple exe that users could clean, strip and check their .cap files with before trying to recover them.
Anyway I will leave my suggestions here as I could go on all day with ideas for this but it wouldn’t be fair to take up anymore of your time.
Thanks again.