Search Results
|
Post |
Author |
Forum |
Replies |
Views |
Posted
[asc]
|
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
The TP-LINK Archer T2UH is working out of the box running kernel >= 4.19 and there are no additional driver necessary.
$ lsusb
ID 148f:761a Ralink Technology, Corp. MT7610U ("Archer T2U" 2.4G+5G W... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
02-08-2020, 12:56 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Correct: 22000 is 16800 + 2500
So we have to pay the price (PBKDF2) only once. Additional we're leaving binary hccapx format.
apt-get update && upgrade sounds Debian based. I don't know anything a... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
02-06-2020, 09:55 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Now, I'm a little bit confused:
Hello ZerBea, how to convert potfile 16800 and hccapx to 22000 mode.
Do you want to convert your 5.1.0 potfile format to new potfile format?
$ hcxhashcattool -p ol... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
02-06-2020, 03:28 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Ok, my fault. Didn't noticed that you mean the potfile.
That depend on your hascat version. The new potfile format is the result of PBKDF2:
Code:
--
PMK*ESSID(in HEX)*PSK
--
So you have to reca... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
02-06-2020, 02:56 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
That is another amazing feature.
$ hcxpcapngtool -o test.22000 -E wordlist test.pcap
$ hashcat -m 22000 test.22000 wordlist
hcxdumptool attack vector against weak client, converted to pcap by ts... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
02-06-2020, 01:57 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Hi strike1953.
This is another amazing feature of the new hashline: you can use simple bash commands to work on it.
e.g. the awk way:
Code:
--
$ cat test.16800 | awk 'BEGIN { FS = ":" } ; { pr... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
02-06-2020, 01:44 PM |
|
|
Thread: need batch stop after pass found hccapx
Post: RE: need batch stop after pass found hccapx
One last question: Which options have you used to capture the dumpfile?
I noticed that all(!) undirected proberequest frames are not present (filtered out).
This frames may contain information abo... |
|
ZerBea |
hashcat
|
15 |
3,929 |
02-06-2020, 11:52 AM |
|
|
Thread: Need help with hashcat
Post: RE: Need help with hashcat
Download latest CUDA (10.2) from here:
https://developer.nvidia.com/cuda-downloads
or use Arch Linux:
$ uname -r
5.5.2-arch1-1
$ pacman -Q | grep nvidia
nvidia 440.59-3
nvidia-settings 440.... |
|
ZerBea |
hashcat
|
2 |
1,049 |
02-06-2020, 11:11 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
If you got more information on how many VENDORs still using this fields, please keep us in the loop, here.
BTW:
tshark is a powerfull tool to perform several kinds of analysis and to receive the r... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
02-05-2020, 09:10 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
I'm working on this feature
https://github.com/ZerBea/hcxtools/blob/master/hcxpcapngtool.c#L1664
but it has very low priority, because tshark and/or Wireshark can do it much better:
$ tshark -r te... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
02-05-2020, 09:02 AM |
|
|
Thread: need batch stop after pass found hccapx
Post: RE: need batch stop after pass found hccapx
No, you have to code it by yourself. It is very simple:
https://github.com/ZerBea/hcxtools/issues/121#issuecomment-581013958 |
|
ZerBea |
hashcat
|
15 |
3,929 |
02-04-2020, 04:34 PM |
|
|
Thread: need batch stop after pass found hccapx
Post: RE: need batch stop after pass found hccapx
hashcat online converter run cap2hccapx from hashcat-utils.
You should know that cap2hccapx will convert more than one hash to the hccapx file. Therefore it takes every good message pair and convert ... |
|
ZerBea |
hashcat
|
15 |
3,929 |
02-01-2020, 09:38 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Please keep in mind: hcxdumptool/hcxtools are designed as analysis tools. They are not designed to attack a single network!
Example:
For a penetration tester, it is important to be able to estimate ... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
02-01-2020, 11:32 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
An ideal use would be: hcxhashtool -i my22000hashlist –hccap-single -p mydirectoryofchoice
-> No, ideal within a bash script is
$ cd $HOME/.../mydirectoryofchoice
$ hcxhashtool -i $HOME/.../my220... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
01-30-2020, 07:21 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
I understand hcxdumptool/hcxtools are WiFi parsers for hashcat but I was assuming hcxhashtool was now able to convert PMKID to hccap but I see that is not happening. Perhaps this is not possible.
-> ... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
01-29-2020, 08:36 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
No, epical fail of me. Pushed a fix for that issue. Unfortunately we deleted all 392 byte hccap and leave the 0 size ones.
So if all .22000 format hashes are good what is it I need to check for wit... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
01-29-2020, 08:15 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
"As far as I know all hashes in the new .22000 format are 100% crackable, is that right?"
->No! That depend on the quality of your device (bit error on plcp layer) and the tool to dump the traffic!
... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
01-29-2020, 06:56 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Done by latest commit:
https://github.com/ZerBea/hcxtools/commit/a5070f53b82260186ca524949d34cc08fbde51ee
$ hcxhastool -h
--hccap-single : output to ancient hccap single files (MAC ... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
01-29-2020, 06:12 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Good idea, and this will help old hccap users a lot.
Your hashcat version doesn't support nonce-error-corrections (NC). That exactly is the reason why some of your hashes are not recoverable. NC is a... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
01-29-2020, 04:32 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Latest git head is able to detect EAP-TLS (tunneled TLSv1.2)- WAP3/SAE - SAE SHA384 SUITE B frames with 24 byte MIC (WPA3 ENTERPRISE).
example pcapng in Wireshark default capture format (gzip compres... |
|
ZerBea |
User Contributions
|
648 |
486,439 |
01-28-2020, 06:43 PM |