Search Results
|
Post |
Author |
Forum |
Replies |
Views |
Posted
[asc]
|
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Hi Mem5.
Yes, hcxdumptool sends a few deauthentication messages. That's true.
But hcxdumptool also sends a disassociation after it has received an EAPOL 4/4 (M4) with reason code: WLAN_REASON_DISASS... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
08-31-2018, 12:07 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
To answer the question we need more informations:
Which tools do you use for capturing, conversation and cracking?
How is the commandline of the tools?
Which result do yo expect (exactly)?
Which r... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-31-2018, 09:59 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
It seems that hcxtools/hcxdumptool successfully ported to "Pineapple".
Read more here:
https://forums.hak5.org/topic/44213-pmkid-attack-on-wifi-pineapples/ |
|
ZerBea |
User Contributions
|
648 |
487,343 |
08-31-2018, 12:25 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Added iw functionality to hcxdumptool.
From now on hcxdumptool will set monitor mode and restore old interface settings when terminated. You do not need to run iw, ip, iwconfig, ifconfig any longer.
... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
08-30-2018, 10:53 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Please try this one:
https://github.com/kimocoder/rtl8812au |
|
ZerBea |
User Contributions
|
648 |
487,343 |
08-28-2018, 03:29 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi ssswanil.
To answer your question, we need some more informations.
1) Do you run latest commit?
If not, please update!
2) Does your driver support full (injection is working!) monitor mode?
... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-28-2018, 09:04 AM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Now, wpa-sec running full PMKID support. The success rate is very good:
https://wpa-sec.stanev.org/?stats |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-27-2018, 06:32 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi sao.
The answer of your question is here:
https://hashcat.net/forum/thread-7717-post-41675.html#pid41675 |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-27-2018, 02:24 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi dizcza.
hcapcaptool -o option will convert pcapng files to hccapx format (not to pcapng) and append the result to an existing hccapx file.
The command you're looking for (merging pcapng files... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-27-2018, 02:23 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi diegodieguex.
Nice improvement. Now we can retrieve the ESSID (in ASCII) and the VENDOR information from the hashline. |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-26-2018, 05:24 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi sl0badob
That is correct. An access point is detected to be in our range, if he responds to our request using his ESSID. We are not able to associate to an access point without this information. A... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-26-2018, 03:59 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi dizcza.
Yes, there is a way. From the README.md:
Notice
Most output files will be appended to existing files (with the exception of .cap files).
You can/should cat all outputs from hcxpcaptool ... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-26-2018, 03:30 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Pushed a small update hcxdumptool. From now on we parse SAE completely:
[10:10:20 - 005] c83a35000002 -> c83a35000001 [AUTHENTICATION, SAE COMMIT, STATUS 0, SEQUENCE 304]
[10:10:20 - 005] c83a3500... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-26-2018, 10:23 AM |
|
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
Hi soxrok2212.
Did a quick binwalk, unsquashfs and radare2 on some files and noticed that the values are retrieved from the board:
ls /sys/module/board/parameters/*.*
or by debugsys --info
squas... |
|
ZerBea |
User Contributions
|
182 |
305,386 |
08-24-2018, 01:33 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Hi faberC.
Shall we take the hashline and a wordlist as input to calculate and/or verify the PMK (CPU based only, for quick tests - Well, I promised Atom never to code a GPU cracker - and he promised... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
08-21-2018, 07:36 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
You're running an old version. Please pull latest git commit.
Filter lists are only used in the transmission branch. Using a filter list means, that we run active attacks against the entries (filterm... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-21-2018, 10:22 AM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Another driver, tested with hcxdumptool (again Realtek):
https://github.com/kimocoder/rtl8812au/
[35053.423872] usb 5-4.5: Product: Edimax AC600 USB
[35053.423874] usb 5-4.5: Manufacturer: Realte... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-20-2018, 06:54 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Usually we use panel antennas like this ones:
https://www.logilink.com/Products_LogiLink/Active_Network_Components/Wireless_LAN_Antennas/Wireless_LAN_Antenna_Yagi-directional_14_dBi-Outdoor.htm
https... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-19-2018, 06:21 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi stinky.
No, that is business as usual: WPA-EAPOL-PBKDF2. If we got only M4 of the handshake, we simply ask for the other key messages to retrieve an authorized handshake. That's all - just another... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-19-2018, 03:58 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
added rcascan (radio assignement scan):
$ hcxdumptool -h
--do_rcascan: show radio channel assignment (scan for target access points)
xxxxxxxxxxxx [CHANNEL 1]
xxxxxxxxxxxx [CHANNEL 7]
xxxxxxxx... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
08-19-2018, 01:14 PM |