|
Search Results
|
| Post |
Author |
Forum |
Replies
[asc]
|
Views |
Posted |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Read errors mean that the pineapple possible not shutting down correctly. We miss the final interface statistics block. It doesn't mean that the hash is uncrackable. To find out, what's going wrong, w... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
11-16-2018, 10:20 PM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| But both pcapng files are usefull for me. I noticed an issue in combination with mips and will try to fix it. Please give me a few minutes to fix it. v2.pcapng doesn't contain handshakes or PMKIDs. |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
11-17-2018, 12:28 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| No, this PMKIDs belong to this ESSIDs:
Birdy
Slow Wifi
Your target network wasn't captured.
You can run whoismac to get informations about the 16800 hashline:
whoismac -p |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
11-17-2018, 01:27 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| If you want to use hcxdumptool to caputure wlan traffic, please note that your WiFi adapter must support this. Not all drivers support this. This is a list of chipsets, known as working "out of th... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-06-2018, 07:15 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Some statistics:
Session..........: hashcat
Status...........: Quit
Hash.Type........: WPA-PMKID-PBKDF2
Hash.Target......: 16800.txt
Time.Started.....: Wed Aug 8 12:16:43 2018 (10 secs)
Time.... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-08-2018, 12:18 PM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
|
octf Wrote: (08-11-2018, 07:21 AM)
--
My testing area has lots of Netgear and TpLink routers. By using either hcxdumptool or wpa_supplicant, I was unable to capture a single PMKID. So the vulnerabi... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-12-2018, 01:34 PM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Well, it doesn't make sense to attack dynamically derived PMKs, but it's really funny.
I did a small update on hcxtools.
Download example cap from here:
https://wiki.wireshark.org/SampleCaptures... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-13-2018, 11:25 PM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Well, it is a new attack vector and a nice playground.
Take a look at the statistics of a typical hcxdumptool pcapng file. I got this one from a tester:
summary:
file name....................:... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-16-2018, 10:05 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| That are some good news.
Well, UBUNTU is recommended by hashcat team and is an easy to use distribution. I share that opinion. Designed for complete novices, UBUNTU teaches a beginner everything he n... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-16-2018, 02:19 PM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| hcxdumptool is able to run different attack vectors. And the client-less (PMKID) attack vector is only one of them:
ap-less:
Only one packet (M2) from a client required. You do not need to hunt fo... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-17-2018, 10:51 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| You're running an old version. Please pull latest git commit.
Filter lists are only used in the transmission branch. Using a filter list means, that we run active attacks against the entries (filterm... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-21-2018, 10:22 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Pushed a small update hcxdumptool. From now on we parse SAE completely:
[10:10:20 - 005] c83a35000002 -> c83a35000001 [AUTHENTICATION, SAE COMMIT, STATUS 0, SEQUENCE 304]
[10:10:20 - 005] c83a3500... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-26-2018, 10:23 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Hi sl0badob
That is correct. An access point is detected to be in our range, if he responds to our request using his ESSID. We are not able to associate to an access point without this information. A... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-26-2018, 03:59 PM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Hi dizcza.
hcapcaptool -o option will convert pcapng files to hccapx format (not to pcapng) and append the result to an existing hccapx file.
The command you're looking for (merging pcapng files... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-27-2018, 02:23 PM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Hi ssswanil.
To answer your question, we need some more informations.
1) Do you run latest commit?
If not, please update!
2) Does your driver support full (injection is working!) monitor mode?
... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
08-28-2018, 09:04 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Hi wakawaka
We can control the transmission branch, because we send only a few packets.
But we are not able to control the receiving branch. If we are in range of hundreds of access points and hundr... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
09-02-2018, 09:44 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Hi slyexe.
Do you you use the latest commit? I did a complete refactoring. The Raspberry PI A+, B+ is able to handle 4096 access points and/or 4096 clients simultaneously in a very fast way.
"This t... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
09-05-2018, 10:13 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Hi Superninja
wlan0mon is a typical logical interface type, created by airmon-ng for broadcom devices.
Do you use a broadcom interface?
read more here:
"You are using the Broadcom STA (wl) off... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
09-18-2018, 06:37 PM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Hi marcou3000.
There can be different reasons:
1) To much power consumption of an USB high gain adapter (for example AWUS036NH connected to an USP port of a Raspberry PI) - in that case reduce power... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
09-22-2018, 10:27 AM |
| |
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
| Read more here:
https://wikidevi.com/wiki/Rtl8xxxu
Supported modes
STA (Station) mode: supported
IBSS (Ad-Hoc) mode: unknown
AP (Master) mode: unknown
Mesh (802.11s) mode: unknown
P2P mode: unk... |
|
ZerBea |
User Contributions
|
187 |
1,293,331 |
09-23-2018, 11:47 AM |
