Search Results
|
Post |
Author |
Forum
[asc]
|
Replies |
Views |
Posted |
|
|
Thread: hccapx file not cracking
Post: RE: hccapx file not cracking
Yes. Your driver is broken.
hashcat (v5.1.0-1397-g7f4df9eb) starting...
Session..........: hashcat
Status...........: Cracked
Hash.Name........: WPA-EAPOL-PBKDF2
Hash.Target......: 838153340600... |
|
ZerBea |
hashcat
|
18 |
6,021 |
08-27-2019, 06:13 PM |
|
|
Thread: skipping file: (null) (invalid eapol size)
Post: RE: skipping file: (null) (invalid eapol size)
That are good news. Thanks for the feedback.
Now start to capture (over a long time) and collect hcxpcaptool -E -I -U lists and -o -k hashfiles. At regular intervals run your hashes against this lis... |
|
ZerBea |
hashcat
|
9 |
3,037 |
08-31-2019, 11:14 PM |
|
|
Thread: skipping file: (null) (invalid eapol size)
Post: RE: skipping file: (null) (invalid eapol size)
On the first run, you need some steps to identify a suitable interface, to check driver and to check that packet injection is working. Also you must identify processes that interferes with hcxdumptool... |
|
ZerBea |
hashcat
|
9 |
3,037 |
08-31-2019, 07:48 AM |
|
|
Thread: PMKID question
Post: RE: PMKID question
We can take the PMKID from this frames (PBKDF2 hashcat hashmode 16800):
EAPOL M1 from access point (in this case we need one additional frame to get the ESSID: ASSOCIATIONREQUEST, REASSOCIATIONREQUES... |
|
ZerBea |
hashcat
|
4 |
1,698 |
09-25-2019, 07:50 AM |
|
|
Thread: Speed comparison WPA/WPA2 (2500) vs WPA/WPA2 PMK (2501)
Post: RE: Speed comparison WPA/WPA2 (2500) vs WPA/WPA2 P...
You can't compare 2500 to 2501 and 16800 to 16801.
2500 and 16800 are hash modes to get a PSK, while 2501 and 16801 hash modes are used to verify a given(!) PMK.
BTW:
Both modes 250x and 1680x ar... |
|
ZerBea |
hashcat
|
9 |
4,600 |
01-06-2020, 02:34 PM |
|
|
Thread: How to view SSID of cracked PMKID (16800) PCAP?
Post: RE: How to view SSID of cracked PMKID (16800) PCAP...
Are you running an older version of hashcat?
$ hashcat -V
v5.1.0-1569-g74c1bf81+
potfile: PMK * ESSID : PSK
Code:
--
5b13d4babb3714ccc62c9f71864bc984efd6a55f237c7a87fc2151e1ca658a9d*ed4871624... |
|
ZerBea |
hashcat
|
6 |
2,255 |
01-12-2020, 12:07 PM |
|
|
Thread: Mode 22000 Bad file descriptor
Post: RE: Mode 22000 Bad file descriptor
Mem5 Wrote: (01-18-2020, 12:51 AM)
--
Using hashcat-5.1.0 beta 1610 :
Code:
--
hashcat.exe -m 22000 hash dic
--
works OK with sample hash WPA*01*9d42bfc4ab79cf3a3a85761efd2a0cf0*e8e61d2bfe07*e2... |
|
ZerBea |
hashcat
|
10 |
3,156 |
01-18-2020, 02:05 PM |
|
|
Thread: Mode 22000 Bad file descriptor
Post: RE: Mode 22000 Bad file descriptor
We decided not to use ASCII characters, because:
Wireless network stacks must still be prepared to handle arbitrary values in the SSID field!
Using HEX instead of ASCII makes it easier to use com... |
|
ZerBea |
hashcat
|
10 |
3,156 |
01-19-2020, 02:19 PM |
|
|
Thread: ALFA AWUS036NHR V2 handshake
Post: RE: ALFA AWUS036NHR V2 handshake
hubi2000 Wrote: (01-21-2020, 08:42 PM)
--
what I can do can you help me :(
ZerBea
--
Unfortunately I can't help you. If you're doing a google search, you'll see many comments like this:
Avoid ..., N... |
|
ZerBea |
hashcat
|
3 |
1,480 |
01-21-2020, 09:15 PM |
|
|
Thread: need batch stop after pass found hccapx
Post: RE: need batch stop after pass found hccapx
Does it work with the example hash from here if the PSK is in passlist1.txt?
https://hashcat.net/misc/example_hashes/hashcat.hccapx
64 -m 2500 -t 25 --remove -o cracked.txt 1.hccapx pass/passlist1... |
|
ZerBea |
hashcat
|
15 |
3,946 |
01-27-2020, 06:05 PM |
|
|
Thread: need batch stop after pass found hccapx
Post: RE: need batch stop after pass found hccapx
msalman Wrote: (01-28-2020, 03:58 PM)
--
the pass is in my first wordlist
11223344
--
The attached hccapx file is a multi hash file. It contain 15 hashes (6 of them are dupes). If one of them is n... |
|
ZerBea |
hashcat
|
15 |
3,946 |
01-28-2020, 04:44 PM |
|
|
Thread: need batch stop after pass found hccapx
Post: RE: need batch stop after pass found hccapx
One last question: Which options have you used to capture the dumpfile?
I noticed that all(!) undirected proberequest frames are not present (filtered out).
This frames may contain information abo... |
|
ZerBea |
hashcat
|
15 |
3,946 |
02-06-2020, 11:52 AM |
|
|
Thread: cap to hccapx problem [Zero value timestamps detected]
Post: RE: cap to hccapx problem [Zero value timestamps d...
That isn't a cap2hccapx issue.
The timestamps are zeroed in your cap file. Additional you're missing some important frames (authentication, association, undirected proberequest frames).
Code:
--
... |
|
ZerBea |
hashcat
|
3 |
1,532 |
02-11-2020, 02:15 PM |
|
|
Thread: cap to hccapx problem [Zero value timestamps detected]
Post: RE: cap to hccapx problem [Zero value timestamps d...
The PMKID attack is described here:
https://hashcat.net/forum/thread-7717.html
hashmode 22000 is available by git head of hashcat, here:
https://github.com/hashcat/hashcat
How can i get hashes... |
|
ZerBea |
hashcat
|
3 |
1,532 |
02-11-2020, 11:13 PM |
|
|
Thread: Cap file convert to hccapx HELP
Post: RE: Cap file convert to hccapx HELP
@Uraniumhazee
Here you told us, that you're using wifislax:
https://hashcat.net/forum/thread-8959-post-47563.html#pid47563
This is the forum of wifislax:
https://foro.seguridadwireless.net/
Maybe... |
|
ZerBea |
hashcat
|
4 |
1,543 |
02-12-2020, 07:09 PM |
|
|
Thread: How can i get hash from a cap file?
Post: RE: How can i get hash from a cap file?
1)
depending on your hashcat version and hash mode it is either a PMKID or a MIC or a MD5_64 (ancient versions of hashcat).
The posted line is not the raw hash. Instead it is the result of hashcat.
... |
|
ZerBea |
hashcat
|
1 |
872 |
03-23-2020, 07:14 PM |
|
|
Thread: Speed comparison WPA/WPA2 (2500) vs WPA/WPA2 PMK (2501)
Post: RE: Speed comparison WPA/WPA2 (2500) vs WPA/WPA2 P...
Speed depend on count of hashes inside the hash file and/or nonce-error-correction value. How have you measured the 20%?
I can't reproduce such a big difference running an example hash from here:
... |
|
ZerBea |
hashcat
|
9 |
4,600 |
03-23-2020, 09:36 AM |
|
|
Thread: Speed comparison WPA/WPA2 (2500) vs WPA/WPA2 PMK (2501)
Post: RE: Speed comparison WPA/WPA2 (2500) vs WPA/WPA2 P...
Great, thanks for posting your result. Some words about nonce error corrections (NC):
NC values have a deep impact on hashcat speed. Within hccapx and 22000 hash records the message pair field is use... |
|
ZerBea |
hashcat
|
9 |
4,600 |
03-23-2020, 03:22 PM |
|
|
Thread: Understanding EAPOL 4-Way Handshake and PMKID cracking
Post: RE: Understanding EAPOL 4-Way Handshake and PMKID ...
1.
faster
you don't need a CLIENT
works if MFP is activated
not susceptible for packet loss
2.
No. hascat is working on the captured hash and the result is the PMK and the PSK.
Yes. Searching... |
|
ZerBea |
hashcat
|
11 |
2,415 |
03-31-2020, 09:00 AM |
|
|
Thread: Understanding EAPOL 4-Way Handshake and PMKID cracking
Post: RE: Understanding EAPOL 4-Way Handshake and PMKID ...
Correct: reuse PBKDF2
That means that a PMK is calculated only once for an ESSID-PSK combination and compared against all hashes using the same ESSID.
This line will give you information about it:... |
|
ZerBea |
hashcat
|
11 |
2,415 |
04-01-2020, 05:35 PM |