Search Results
|
Post |
Author |
Forum
[asc]
|
Replies |
Views |
Posted |
|
|
Thread: Understanding EAPOL 4-Way Handshake and PMKID cracking
Post: RE: Understanding EAPOL 4-Way Handshake and PMKID ...
Running this combination:
Code:
--
hcxdumptool -> hcxpcapngtool -> hashcat
--
nonce-error-corrections is in automatic mode. Mostly it is set to 0 by automatic on hcxdumptool captured traffic... |
|
ZerBea |
hashcat
|
11 |
2,415 |
04-01-2020, 06:11 PM |
|
|
Thread: Understanding EAPOL 4-Way Handshake and PMKID cracking
Post: RE: Understanding EAPOL 4-Way Handshake and PMKID ...
Running that combination nc=2 doesn't make sense.
Either use the automatic or run nc=0.
That depend on the quality of your captured traffic and the sensitivity of your device (PLCP errors).
You can... |
|
ZerBea |
hashcat
|
11 |
2,415 |
04-01-2020, 06:50 PM |
|
|
Thread: Understanding EAPOL 4-Way Handshake and PMKID cracking
Post: RE: Understanding EAPOL 4-Way Handshake and PMKID ...
nc is determined by the message_pair (last field in 22000 line):
Code:
--
bitmask for message pair field:
0: MP info (https://hashcat.net/wiki/doku.php?id=hccapx)
1: MP info (https://hashcat.net... |
|
ZerBea |
hashcat
|
11 |
2,415 |
04-01-2020, 08:09 PM |
|
|
Thread: hcxdumptool install problem
Post: RE: hcxdumptool install problem
$ hcxdumptool --help will show you the correct syntax
add target AP_MC to filterlist.txt (format 112233445566)
replace --filterlist with --filterlist_ap
replace --enable_status with --enable_status... |
|
ZerBea |
hashcat
|
3 |
1,509 |
04-06-2020, 05:50 PM |
|
|
Thread: hcxdumptool install problem
Post: RE: hcxdumptool install problem
Do not(!) run airmon-ng! The script (1540 lines to do such a simple thing as setting monitor mode) is designed to be used by aircrack-ng suite and not by hcxdumptool. It will create a virtual monitor ... |
|
ZerBea |
hashcat
|
3 |
1,509 |
04-07-2020, 08:47 AM |
|
|
Thread: please help me i am a newbie
Post: RE: please help me i am a newbie
According to the help menu, you have to use either
--filtermode=2 in combination with --filterlist_ap=yourtargetmaclist
or create a Berkeley Packet Filter (attack MAC)
Code:
--
--filterlist_ap=... |
|
ZerBea |
hashcat
|
4 |
876 |
07-20-2020, 09:17 AM |
|
|
Thread: please help me i am a newbie
Post: RE: please help me i am a newbie
One of the major advantages of the new hash format (-m 22000) is, that it is not binary (hccapx) and every bash tool will work in it.
To get the ESSID in ASCII you can use hcxtools (whoismac):
Code... |
|
ZerBea |
hashcat
|
4 |
876 |
07-22-2020, 11:41 AM |
|
|
Thread: WPA2 crackstation
Post: RE: WPA2 crackstation
I'm running this:
amd ryzen 1700
msi x370 krait
msi gtx 1080 ti aero oc
16 gb g.skill ripjaws v ddr4-3200
Samsung SSD PM961 NVMe 128GB M.2 (arch system)
500 gb samsung evo 850 (data)
bequiet ... |
|
ZerBea |
Hardware
|
6 |
8,594 |
08-01-2017, 01:16 PM |
|
|
Thread: WPA2 crackstation
Post: RE: WPA2 crackstation
$ hashcat -m 2500 --benchmark
hashcat (v3.6.0-305-g1b835c8f) starting in benchmark mode...
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 10... |
|
ZerBea |
Hardware
|
6 |
8,594 |
08-04-2017, 08:37 AM |
|
|
Thread: Fritzbox and PMKID is possible?
Post: RE: Fritzbox and PMKID is possible?
The Fritzbox isn't vulnerable. You will not receive a PMKID. |
|
ZerBea |
Hardware
|
1 |
1,242 |
09-22-2019, 07:12 PM |
|
|
Thread: Archer dual band t4u v1 monitor mode
Post: RE: Archer dual band t4u v1 monitor mode
The Fritzbox isn't vulnerable. You will not receive a PMKID. |
|
ZerBea |
Hardware
|
5 |
3,391 |
09-22-2019, 07:13 PM |
|
|
Thread: Archer dual band t4u v1 monitor mode
Post: RE: Archer dual band t4u v1 monitor mode
If the access point is hardened, search for weak clients.
Here is an example, of a weak client:
https://github.com/ZerBea/hcxtools/issues/112#issuecomment-532537154 |
|
ZerBea |
Hardware
|
5 |
3,391 |
09-23-2019, 11:40 PM |
|
|
Thread: Archer dual band t4u v1 monitor mode
Post: RE: Archer dual band t4u v1 monitor mode
According to wikidevi it is not possible, running Linux "out of the box":
https://wikidevi.com/wiki/TP-LINK_Archer_T4U
You must compile a driver that support monitor mode and packet injection. For... |
|
ZerBea |
Hardware
|
5 |
3,391 |
09-21-2019, 10:56 AM |
|
|
Thread: Worldlist Clean up
Post: RE: Worldlist Clean up
awk is your friend:
awk 'BEGIN { FS = ":" } ; { print $NF }' potfile
or
cat potfile | awk 'BEGIN { FS = ":" } ; { print $NF }'
should do this job depending on the delimiter (":", " ", ....)
... |
|
ZerBea |
General Talk
|
5 |
4,337 |
09-05-2017, 12:14 PM |
|
|
Thread: convert a WPA / WPA2 pcap
Post: RE: convert a WPA / WPA2 pcap
the file name looks like you use a stupid script to capture and prepare wifi traffic!
please read this:
https://hashcat.net/forum/thread-6666-post-35540.html#pid35540 |
|
ZerBea |
General Talk
|
9 |
15,382 |
10-11-2017, 07:41 AM |
|
|
Thread: WPA/WPA2 PMK mode (2501)
Post: RE: WPA/WPA2 PMK mode (2501)
here:
https://github.com/ZerBea/hcxkeys |
|
ZerBea |
General Talk
|
20 |
19,682 |
03-02-2018, 06:33 PM |
|
|
Thread: WPA/WPA2 PMK mode (2501)
Post: RE: WPA/WPA2 PMK mode (2501)
Maybe you're doing something wrong:
$ time wlangenpmkocl -e networkname -i rockyou -A pmklist
using: GeForce GTX 1080 Ti
9612471 plainmasterkeys generated, 4734589 password(s) skipped
real 0m4... |
|
ZerBea |
General Talk
|
20 |
19,682 |
03-03-2018, 07:07 PM |
|
|
Thread: WPA/WPA2 PMK mode (2501)
Post: RE: WPA/WPA2 PMK mode (2501)
Well, that's easy to explain:
Both modes 2501 and 12000 designed are for analysts who work on large hashfiles.
You captured a network with the same ESSID.
Time for calculation of the PMK list ... |
|
ZerBea |
General Talk
|
20 |
19,682 |
03-05-2018, 10:46 AM |
|
|
Thread: WPA/WPA2 PMK mode (2501)
Post: RE: WPA/WPA2 PMK mode (2501)
No problem, you're welcome.
If you are an analyst (coding-, crypto-, weak point analysis), or a penetration tester, or if you use a huge database (wpa-sec) 2501 /12000 is your mode.
If not, there is... |
|
ZerBea |
General Talk
|
20 |
19,682 |
03-05-2018, 11:26 AM |
|
|
Thread: WPA/WPA2 PMK mode (2501)
Post: RE: WPA/WPA2 PMK mode (2501)
The simplest way:
hashcat -m 2501 test.hccapx pmklist
But it doesn't make sense for you, if you are not an analyst! |
|
ZerBea |
General Talk
|
20 |
19,682 |
03-17-2018, 04:00 PM |