|
Search Results
|
| Post |
Author |
Forum
[asc]
|
Replies |
Views |
Posted |
| |
|
Thread: Error when using the hashcat utility .pcap to .hccapx file
Post: RE: Error when using the hashcat utility .pcap to ...
| Hi.
Wireshark default format is pcapng. cap2hccapx doesn't support pcapng. |
|
ZerBea |
General Talk
|
4 |
5,140 |
03-21-2018, 09:00 AM |
| |
|
Thread: Error when using the hashcat utility .pcap to .hccapx file
Post: RE: Error when using the hashcat utility .pcap to ...
| OK, not a Wireshark format issue.
Did you choose DLT_IEEE802_11_RADIO to be the default link-layer type for that interface (depends on OS)?
https://www.wireshark.org/lists/wireshark-dev/200909/msg00... |
|
ZerBea |
General Talk
|
4 |
5,140 |
03-21-2018, 02:23 PM |
| |
|
Thread: hcxpcaptool - output possible WPA/WPA2 plainmasterkey list
Post: RE: hcxpcaptool - output possible WPA/WPA2 plainma...
| If you have a PMK and an ESSID, you can try to retrieve the PSK using hashmode 12000.
Read more here:
https://hashcat.net/forum/thread-6661-post-35843.html#pid35843 |
|
ZerBea |
General Talk
|
1 |
4,245 |
08-07-2018, 01:20 AM |
| |
|
Thread: i cant convert a WPA / WPA2 pcap
Post: RE: i cant convert a WPA / WPA2 pcap
| and if you really need to clean up your cap file: tshark is your friend
for output format pcap (cap2hccapx understand this):
tshark -r raw.cap -R "(wlan.fc.type_subtype == 0x00 || wlan.fc.type_sub... |
|
ZerBea |
General Talk
|
3 |
2,369 |
01-20-2019, 09:09 PM |
| |
|
Thread: WPA/WPA2 PMK mode (2501)
Post: RE: WPA/WPA2 PMK mode (2501)
| wlangenpmkocl is the choice to precalculate PMKs for hashcat:
$ wlangenpmkocl -h
wlangenpmkocl 4.0.1 (C) 2018 ZeroBeat
usage: wlangenpmkocl
options:
-e : input single essid (networkname:... |
|
ZerBea |
General Talk
|
20 |
19,668 |
03-02-2018, 02:23 PM |
| |
|
Thread: WPA/WPA2 PMK mode (2501)
Post: RE: WPA/WPA2 PMK mode (2501)
| wlangenpmkocl use only one GPU each task. If you have 2 GPUs, you can calculate 2 different(!) PMK lists at the same time (or two parts of the same list - you need to split your word list into 2 parts... |
|
ZerBea |
General Talk
|
20 |
19,668 |
03-04-2018, 07:30 PM |
| |
|
Thread: WPA/WPA2 PMK mode (2501)
Post: RE: WPA/WPA2 PMK mode (2501)
| And Again: If you think, 2501 is slow, you're doing something really, really wrong:
Session..........: hashcat
Status...........: Running
Hash.Type........: WPA/WPA2 PMK
Hash.Target......: archi... |
|
ZerBea |
General Talk
|
20 |
19,668 |
03-05-2018, 11:02 AM |
| |
|
Thread: WPA3 Dragonblood Vulnerabilities Disclosure
Post: RE: WPA3 Dragonblood Vulnerabilities Disclosure
| Yes, very good and interesting analysis of some WPA3 flaws. Unfortunately the side channel attack requires at least unprivileged access to the victim (dragonblood.pdf: 7.2 Attack Scenario). In other w... |
|
ZerBea |
General Talk
|
5 |
3,491 |
04-17-2019, 08:53 PM |
| |
|
Thread: WPA3 Dragonblood Vulnerabilities Disclosure
Post: RE: WPA3 Dragonblood Vulnerabilities Disclosure
| Yes, wpa_supplicant and hostapd are amazing open source tools. I really love them both and they are an integral part of my test environment to improve hcxdumptool. |
|
ZerBea |
General Talk
|
5 |
3,491 |
04-20-2019, 10:11 AM |
| |
|
Thread: Determine if PKMID is dynamic?
Post: RE: Determine if PKMID is dynamic?
| To determine if PKMID is dynamic (EAP Authentication Key Management [AKM] defined) just check the RSN-IE field in beacon, (re)associationrequest or EAPOL M2 or the Key Descriptor Version field in EAPO... |
|
ZerBea |
General Talk
|
5 |
2,376 |
08-15-2019, 10:08 AM |
| |
|
Thread: PMKID
Post: RE: PMKID
| It is mandatory to request the PMKID from an access point (EAPOL M1) or to retrieve it from a client (reassociation request). |
|
ZerBea |
General Talk
|
2 |
1,508 |
10-04-2019, 05:14 PM |
| |
|
Thread: Handshake timestamps do not match packets no.
Post: RE: Handshake timestamps do not match packets no.
| You're missing nothing. Aircrack is running into several issues:
https://github.com/aircrack-ng/aircrack-ng/issues/2067
https://github.com/aircrack-ng/aircrack-ng/issues/1958
and the complete hands... |
|
ZerBea |
General Talk
|
3 |
1,479 |
12-15-2019, 06:18 PM |
| |
|
Thread: Cannot capture WPA handshake on macOS by any means
Post: RE: Cannot capture WPA handshake on macOS by any m...
| This function is extremely limited on proprietary operating systems.
Read more here:
https://wiki.wireshark.org/CaptureSetup/WLAN
Recommendation:
Linux and a WiFi adapter whose driver support mo... |
|
ZerBea |
General Talk
|
1 |
1,136 |
01-25-2020, 09:57 AM |
| |
|
Thread: no ssh in pwnagotchi
Post: RE: no ssh in pwnagotchi
| "... also ssh file without extension in root dir of sd"
is not the correct way.
recommended way:
https://pwnagotchi.ai/configuration/#about-your-ssh-connection
or the raspbian way (if we assume pw... |
|
ZerBea |
General Talk
|
3 |
1,314 |
03-26-2020, 09:55 AM |
| |
|
Thread: no ssh in pwnagotchi
Post: RE: no ssh in pwnagotchi
| Maybe that is not enough and you're missing some information.
Please read more here:
https://www.raspberrypi.org/forums/viewtopic.php?t=203716
Code:
--
country=xx
ctrl_interface=DIR=/var/run/... |
|
ZerBea |
General Talk
|
3 |
1,314 |
03-27-2020, 09:19 PM |
| |
|
Thread: Indirect signs of PSK being changed
Post: RE: Indirect signs of PSK being changed
| If the old PSK is known, hcxdumptool --weakcandidate will do that. No alert == PSK changed.
If the old PSK is known, you can use hcxpcapngtool --all option to identify PSK changes.
If ESSID and PSK ... |
|
ZerBea |
General Talk
|
2 |
807 |
04-04-2020, 08:18 AM |
| |
|
Thread: Integer overflow detected in keyspace of mask
Post: RE: Integer overflow detected in keyspace of mask
| 2501 and 16801 hash modes are designed to verify (pre-)calculated PMKs. Latest hashcat use this modes to detect already recovered passwords, by testing the hash against the PMK (take a look at new has... |
|
ZerBea |
General Talk
|
7 |
6,479 |
04-28-2019, 11:37 AM |
| |
|
Thread: Handshake timestamps do not match packets no.
Post: RE: Handshake timestamps do not match packets no.
| cap2hccapx, hcxpcaptool and hcxpcapng tool calculating EAPOL time values (count time between EAPOL messages), because you can't trust the RC in case of a packet loss (therefore we have nonce-error-cor... |
|
ZerBea |
General Talk
|
3 |
1,479 |
12-17-2019, 09:24 AM |
| |
|
Thread: WPA3 Dragonblood Vulnerabilities Disclosure
Post: RE: WPA3 Dragonblood Vulnerabilities Disclosure
| How does hcxdumptool work with WPA3?
It only detect the AUTHENTICATION.
Do you reuse tools from Dragloblood?
No, this tools are useless, because they require at least unprivileged access to the v... |
|
ZerBea |
General Talk
|
5 |
3,491 |
05-15-2020, 10:34 PM |
| |
|
Thread: CUDA Installation not detected
Post: RE: CUDA Installation not detected
| I can confirm this issue also on Linux, running latest driver 430.40 in combination with a MSI 1050 TI AERO:
5.2.7-arch1-1-ARCH
cuda 10.1.168
nvidia 430.40-2
nvidia-settings 430.40-3
nvidia-utils... |
|
ZerBea |
Beta Tester
|
7 |
12,889 |
08-10-2019, 01:51 PM |
