Search Results
|
Post |
Author
[desc]
|
Forum |
Replies |
Views |
Posted |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Hi RashidMalik.
Q1:
I analyzed several handshakes and found out that the anonce (nonce of an AP) isn't random.
If we captured more than on M1 and/or M3 we are able to calculate a complete anonce ... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
05-22-2018, 10:27 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Let me also explain "AP-less" in that content:
AP-less means that a client responds to an anonce from us. That will happen if a client tries to connect to us.
Either
if there is no AP in range of... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
05-22-2018, 12:00 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Oh, I'm so stupid, please forgive me. I didn't explain why I'm doing this:
Well, usually APs are in the middle of a flat, an apartment or a house.
Let's say we have a hot summer day and our targe... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
05-22-2018, 01:34 PM |
|
|
Thread: No handshakes when trying to convert to hccapx
Post: RE: No handshakes when trying to convert to hccapx
Hi kexec.
I see that you successfully converted it to hccapx using hcxpcaptool, so it is a bug in hashcat's cap2hccapx?
hcxpcaptool is completely different to other tools, so it will convert your... |
|
ZerBea |
hashcat-utils, maskprocessor, statsprocessor, md5stress, wikistrip
|
10 |
14,098 |
05-23-2018, 08:14 PM |
|
|
Thread: No handshakes when trying to convert to hccapx
Post: RE: No handshakes when trying to convert to hccapx
So the problem is that if cap contains a lot of garbage packets, cap2hccapx cant convert it? How to determine which packets are not needed and I can delete them from .cap file?
You can do a cleaning ... |
|
ZerBea |
hashcat-utils, maskprocessor, statsprocessor, md5stress, wikistrip
|
10 |
14,098 |
05-23-2018, 10:27 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
By the latest hashcat improvement hcxtools are able to control hashcats nonce-error-corrections (nonce-error-corrections on/off):
hcxdumptool -> hcxpcaptool -> hashcat
https://github.com/hashcat/h... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
06-15-2018, 05:53 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Added full support (TZSP_ENCAP_IEEE_802_11) for TaZmen Sniffer Protocol (TZSP)
$ hcxpcaptool -V tzsp.pcap
start reading from tzsp.pcap
... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
06-22-2018, 03:02 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
hcxpcaptool: Added full support for AVS header (DLT_IEEE802_11_RADIO_AVS)
Read more about the common capture formats here:
https://www.lancom-systems.com/docs/LCOS/reference-manual/#Referenzhandbu... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
06-24-2018, 08:31 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
hcxdumptool / hcxpcaptool: added detection of SAE authentication.
$ hcxpcaptool -V sae_simple_psk.pcapng
start reading from sae_simple_psk.pcapng
summary: �... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
06-27-2018, 03:52 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Hi rk3y.
How to analyze specific stations?
That depends on the depth of you analysis. For a simple analysis run:
hcxdumptool -> hcxpcaptool -T trafficlist *.cap
Result is a list, containig simple ... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
07-01-2018, 11:36 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
hcxpcaptool: added detection of FILS authentication.
$ hcxpcaptool -V -I identitylist *.pcapng
start reading from fils-handshake.pcapng
summary:
file name... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
07-01-2018, 08:26 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
hcxpcaptool: added detection of BROADCOM specific authentication.
BROADCOM adds a special vendor tag to the authentication sequence:
Tagged parameters (11 bytes)
Tag: Vendor Specific: Broadco... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
07-07-2018, 10:46 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
hcxpcaptool: added detection of SONOS and APPLE specific authentication.
SONOS adds a special vendor tag to the authentication sequence, too:
Tagged parameters (8 bytes)
Tag: Vendor Specific: Son... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
07-10-2018, 10:57 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
We have some bad issues in radioptap and/or wireshark.
read more about the issue here:
https://github.com/secdev/scapy/issues/1465
hcxpcaptool and hcxdumptool will ignore this issues.
Get exam... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
07-15-2018, 11:50 AM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Latest link is expired, so I can't download the file.
hcxdumptool attack and dump modes depend on filter list and filter mode option. Running without this options, hcxdumptool will attack all and cap... |
|
ZerBea |
User Contributions
|
187 |
1,293,324 |
11-17-2018, 09:44 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
hcxdumptool default capture format will be pcapng. That means upcomming hcxdumptool 4.2.0 will save the data in pcapng format. wlandump-ng and wlancap2hcx will be removed in version 4.2.0!
I decided ... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
07-23-2018, 12:21 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Hi strike1953.
Well, I hope so. I didn't see any chance to save during runtime calculated values in a better way. The option field of pcapng seems to be a good way to do that.
Wireshark is an absolu... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
07-23-2018, 09:45 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
BTW:
Parsing pre-hashes or nonces isn't really witchcraft. We are doing this allready:
hcxpcaptool -h
--netntlm-out=
In that case a SHA1 pre-hash, based on an EAP authentication frame, is parsed t... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
07-23-2018, 11:37 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Small update on hcxdumptool and hcxtools: moved to v 4.2.0 rc1:
Added complete new WPA attackmode according to new hashcat hashmodes 16800 and 16801. The attack is performed on the RSN IE (Robust Sec... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
07-25-2018, 08:44 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
please use latest git updates!
hashcat:
https://github.com/hashcat/hashcat/commit/88ebca40b8a52c16fd0d9d24f7a2f63d8d7f4400
hcxtools:
https://github.com/ZerBea/hcxtools
hcxdumptool:
https://githu... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
07-26-2018, 09:54 AM |