Please note, this is a STATIC archive of website hashcat.net from October 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

Search Results
Post Author Forum Replies [asc] Views Posted
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

From this commit on: https://github.com/ZerBea/hcxdumptool/commit/6b006e022291562b9706f408e01ba2904297846f hcxdumptool will set the interface to monitor mode. That means iw, ip, iwconfig and ifconf...
ZerBea User Contributions 187 1,293,324 09-30-2018, 05:03 PM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

No need to run rockyou against your hash. This list is included in the dictionaries of: https://wpa-sec.stanev.org/?dicts You can upload your cap (using wlancap2wpasec or web interface). If the passw...
ZerBea User Contributions 187 1,293,324 10-01-2018, 01:12 PM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

For sure this attack must fail on a RADIUS server. The authentication is done by the RADIUS authentication server (not by the router). This provides additional security. Various kinds of the Extensibl...
ZerBea User Contributions 187 1,293,324 11-07-2018, 06:42 PM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

I don't see any chances to crack PKI credentials or GSM/UMTS subsciber modules or certificates (TLS). That's one of the reasons, why I don't parse them. TACACS+ was the last authentication algorithm...
ZerBea User Contributions 187 1,293,324 11-07-2018, 07:58 PM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

No, the PMKID is not encrypted garbage and can be usefull (in some cases). Running WPA2, the PMKID is calculated by this function: PMKID = HMAC-SHA1-128(PMK, "PMK Name" | MAC_AP | MAC_STA) The PM...
ZerBea User Contributions 187 1,293,324 11-08-2018, 06:22 PM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

All informations are stored in the hashline: PMKID*MAC_AP*MAC_STA*ESSID If we use the hashline from this thread: https://hashcat.net/forum/thread-7717-post-42759.html#pid42759 ea5aad4e27b22c46f8837...
ZerBea User Contributions 187 1,293,324 11-11-2018, 02:55 PM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

If anyone is interested in SAE example (sae4way.pcapng) (https://hashcat.net/forum/attachment.php?aid=619)from here: https://hashcat.net/forum/thread-7717-post-42759.html#pid42759 This are the SA...
ZerBea User Contributions 187 1,293,324 11-15-2018, 11:15 AM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

No, the pcapng doesn't contain IP addresses. But it contain MAC addresses of access points and clients and network names. If you run hcapcaptool you will get four PMKIDs (two networks with one client...
ZerBea User Contributions 187 1,293,324 11-16-2018, 11:42 PM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

If you mean, that we have two steps, you got it: step1 = derivation of Plainmasterkey (PMK), for example by PBKFD2 step2 = derivation of Pairwise Transient Key (PTK) to get access to the network (EA...
ZerBea User Contributions 187 1,293,324 11-10-2018, 12:03 PM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

v2.pcapng doesn't contain PMKIDs or handshakes and it is flawless: $ hcxpcaptool -o test.hccapx -z test.16800 v2.pcapng reading from v2.pcapng summary:                       ...
ZerBea User Contributions 187 1,293,324 11-17-2018, 12:01 AM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

Ok, fixed that ugly big endian issue when we are doing an option walk through the pcapng options: https://github.com/ZerBea/hcxtools/commit/4babccca3789efd0a8aa7d70fdff7a8548768110 Thanks for report...
ZerBea User Contributions 187 1,293,324 11-17-2018, 12:50 AM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

Latest link is expired, so I can't download the file. hcxdumptool attack and dump modes depend on filter list and filter mode option. Running without this options, hcxdumptool will attack all and cap...
ZerBea User Contributions 187 1,293,324 11-17-2018, 09:44 AM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

v4.pcapng looking good: $ hcxpcaptool -o test.hccapx -z test.16800 v4.pcapng reading from v4.pcapng summary:                                         file name...................
ZerBea User Contributions 187 1,293,324 11-17-2018, 11:22 AM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

I don't think it's a driver issue and I don't think it's a pineapple issue, because use received a PMKID from the access point! 1) check your environment identify your access point (ESSID and mac)...
ZerBea User Contributions 187 1,293,324 11-18-2018, 08:26 PM
    Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID

Due to several big endian fixes, hcxdumptool and hcxtools moved to v 5.0.1. I received a notice that they are running on OpenWRT. But keep in mind: Both, PMKID attack vector and AP-LESS attack vect...
ZerBea User Contributions 187 1,293,324 11-27-2018, 08:48 AM
    Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers

Hi soxrok2212. Did a quick binwalk, unsquashfs and radare2 on some files and noticed that the values are retrieved from the board: ls /sys/module/board/parameters/*.* or by debugsys --info squas...
ZerBea User Contributions 182 305,383 08-24-2018, 01:33 PM
    Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers

...and if you don't have the default ESSID (with the 4 xdigits, required by the WIFI keygen), $ hcxpsktool --digit10 will calculate the whole key space , based on wpa-sec analyses (known SEEDs): $ hc...
ZerBea User Contributions 182 305,383 05-16-2020, 10:04 AM
    Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers

Maybe you're interested in this (not only ATT): https://boxnet.servehttp.com/cap/pix/DUMP/ BTW: You can reduce the key space, if you assume "N0" within every serial number: dddddN0ddddd That mak...
ZerBea User Contributions 182 305,383 05-20-2020, 09:25 AM
    Thread: ATTENTION! OpenCL kernel self-test failed.
Post: RE: ATTENTION! OpenCL kernel self-test failed.

@ philsmd latest tests of 22000 - WPA-PBKDF2-PMKID+EAPOL are very impressive. 2200x offers many advantages.
ZerBea hashcat 31 12,818 12-22-2019, 12:44 PM
    Thread: Cracking a CHAP from Freeradius
Post: RE: Cracking a CHAP from Freeradius

Also a good idea is to read the RFC docs , even if they are not easy to understand. They are our basic docs if we add new functions to our tools: https://tools.ietf.org/html/rfcXXXX where XXXX is t...
ZerBea hashcat 21 17,277 02-13-2018, 03:49 PM