|
Search Results
|
| Post |
Author |
Forum |
Replies
[desc]
|
Views |
Posted |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| If anyone is interested in SAE example (sae4way.pcapng) (https://hashcat.net/forum/attachment.php?aid=619)from here:
https://hashcat.net/forum/thread-7717-post-42759.html#pid42759
This are the SA... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
11-15-2018, 11:15 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| No, the pcapng doesn't contain IP addresses. But it contain MAC addresses of access points and clients and network names.
If you run hcapcaptool you will get four PMKIDs (two networks with one client... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
11-16-2018, 11:42 PM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| If you mean, that we have two steps, you got it:
step1 = derivation of Plainmasterkey (PMK), for example by PBKFD2
step2 = derivation of Pairwise Transient Key (PTK) to get access to the network (EA... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
11-10-2018, 12:03 PM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| v2.pcapng doesn't contain PMKIDs or handshakes and it is flawless:
$ hcxpcaptool -o test.hccapx -z test.16800 v2.pcapng
reading from v2.pcapng
summary: ... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
11-17-2018, 12:01 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Ok, fixed that ugly big endian issue when we are doing an option walk through the pcapng options:
https://github.com/ZerBea/hcxtools/commit/4babccca3789efd0a8aa7d70fdff7a8548768110
Thanks for report... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
11-17-2018, 12:50 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Latest link is expired, so I can't download the file.
hcxdumptool attack and dump modes depend on filter list and filter mode option. Running without this options, hcxdumptool will attack all and cap... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
11-17-2018, 09:44 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| v4.pcapng looking good:
$ hcxpcaptool -o test.hccapx -z test.16800 v4.pcapng
reading from v4.pcapng
summary:
file name................... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
11-17-2018, 11:22 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| I don't think it's a driver issue and I don't think it's a pineapple issue, because use received a PMKID from the access point!
1) check your environment
identify your access point (ESSID and mac)... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
11-18-2018, 08:26 PM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Due to several big endian fixes, hcxdumptool and hcxtools moved to v 5.0.1.
I received a notice that they are running on OpenWRT.
But keep in mind:
Both, PMKID attack vector and AP-LESS attack vect... |
|
ZerBea |
User Contributions
|
187 |
1,293,337 |
11-27-2018, 08:48 AM |
| |
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: hcxtools - solution for capturing wlan traffic and...
| Small set of tools to capture and convert packets from wlan devices designed for the use with latest hashcat:
wlandump-ng (Small, fast and powerfull deauthentication/authentication/response tool)
... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
06-23-2017, 04:24 PM |
| |
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
| Well, that's allready implemented in wlandump-ng
wlandump-ng -i -o test.cap -c 1 -t 60 -d 100 -D 10 -m 512 -b -r -s 20
and wlanresponse
wlanresponse -i -o test.cap -b -t 3
and much more... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
06-23-2017, 11:15 PM |
| |
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
| added iSCSI CHAP authentication, MD5(CHAP)
and option to save usernames/identities to a file |
|
ZerBea |
User Contributions
|
648 |
487,343 |
06-24-2017, 09:58 AM |
| |
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
| refactored scan engine
now full 5GHz support
for fixed channel operation use high value (-t 86400 for a day)
see wlandump-ng -h
device must support this! |
|
ZerBea |
User Contributions
|
648 |
487,343 |
06-24-2017, 08:47 PM |
| |
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
| example of a typical output: wlancap2hcx *.cap
start reading from example.cap
27278 packets processed (27278 wlan, 0 lan, 0 loopback)
found 24 usefull wpa handshakes
hashcat --nonce-error-correcti... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
06-25-2017, 03:32 PM |
| |
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
| Did an update on hcxtools:
added detection of PPP CHAP Authentication in IPv4 packets (high experimental !)
to implement this function also on IPv6 packets - I need some of this caps (ethernet or wl... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
06-26-2017, 09:43 PM |
| |
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
| To test if your captured networks are vulnerable using common wordlists, upload your caps to https://wpa-sec.stanev.org/?nets
step 1:
wlancap2wpasec *.cap (internet connection required)
step 2:
... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
06-28-2017, 05:28 AM |
| |
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
| New update https://github.com/ZerBea/hcxtools
added PPP-CHAP Authentication
use wlandump-ng / wlanresponse option lima (-l) to capture IPv4 and IPv6 from WLAN
use wlancap2hcx -n to strip hashes ... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
06-28-2017, 09:42 PM |
| |
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
| New update https://github.com/ZerBea/hcxtools
added new tool wlancow2hcxpmk
convert cowpatty (pre-computed) hashfiles to hashcat pmklist for hash-mode 2501
Just run wlancow2hcxpmk -i cowhashfile ... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
07-04-2017, 08:15 PM |
| |
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
| example of a typical status: sudo wlandump-ng -i wlp0s26u1u2 -o test.cap -c 1 -t 3 -d 100 -D 10 -m 512 -b -r -s 20
interface.....................................................: wlp0s26u1u2
interna... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
06-25-2017, 04:29 PM |
| |
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
| capture:
sudo wlandump-ng -i wlp0s26u1u2 -o test.cap -c 1 -t 3 -d 100 -D 10 -m 512 -b -r -s 20
Options:
-i -> is the name of your wlan device - do not use virtual devices like mon0, mon1, monx
-o ... |
|
ZerBea |
User Contributions
|
648 |
487,343 |
06-26-2017, 09:40 PM |
