hashcat Forum
hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Misc (https://hashcat.net/forum/forum-15.html)
+--- Forum: User Contributions (https://hashcat.net/forum/forum-25.html)
+--- Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats (/thread-6661.html)



RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - freeroute - 09-29-2018

Hi kiara,
Your question has been answered: https://forum.hashkiller.co.uk/topic-view.aspx?t=21036&m=189214#189214


RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - kiara - 09-29-2018

(09-29-2018, 02:48 PM)freeroute Wrote: Hi kiara,
Your question has been answered: https://forum.hashkiller.co.uk/topic-view.aspx?t=21036&m=189214#189214

sweet.


RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 09-29-2018

With the latest update of hcxtools, hcxpcaptool is able to detect a GPS track from hcxpdumptool and convert this track to GPX format (for example accepted by Viking and GPSBabel):
$ hcxpcaptool -h
-g <file> : output GPS file
           format = GPX (accepted for example by Viking and GPSBabel)

We store a track point for every single frame in the comment field of the frame.
-g will convert this to GPX format.

I (hcxdumptool) did it that way, because every filter option of Wireshark tools will work on the pcapng file.
That means you can use a wireshark filter to write
- all beacons and/or
- all EAPOL frames and/or
- all proberequests and/or
- all src addresses and/or
- all host addresses and/or
- what ever you want....
to a new pcapng file.

Then run hcxpcaptool -g option on that file to retrieve a GPS track (in GPX format).


@freeroute
Good answer,  ‎I could not answer it better.


RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - BenSisko - 10-02-2018

(09-29-2018, 06:27 PM)ZerBea Wrote: With the latest update of hcxtools, hcxpcaptool is able to detect a GPS track from hcxpcaptool and convert this track to GPX format (for example accepted by Viking and GPSBabel):
$ hcxpcaptool -h
-g <file> : output GPS file
           format = GPX (accepted for example by Viking and GPSBabel)

We store a track point for every single frame in the comment field of the frame.
-g will convert this to GPS format.

I (hcxdumptool) did it that way, because every filter option of Wireshark tools will work on the pcapng file.
That means you can use a wireshark filter to write
- all beacons and/or
- all EAPOL frames and/or
- all proberequests and/or
- all src addresses and/or
- all host addresses and/or
- what ever you want....
to a new pcapng file.

Then run hcxpcaptool -g option on that file to retrieve a gps track (in GPX format).


@freeroute
Good answer,  ‎I could not answer it better.

ZerBea your tools are awesome! For this new GPS capability is there a specific hardware dongle or Pi Hat you are using for GPS tagging?


RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 10-02-2018

hcxdumptool retrieve the GPS data from GPSD in json format. So every device mentioned here as working, should work:
http://www.catb.org/gpsd/hardware.html
For my tests I run an "AktivePilot JENTRO BT-GPS-8".

More informations about Viking here:
https://wiki.openstreetmap.org/wiki/Viking
https://sourceforge.net/projects/viking/
https://www.archlinux.org/packages/community/x86_64/viking/

More informations about GPSBabel here:
https://www.gpsbabel.org/
https://www.archlinux.org/packages/community/x86_64/gpsbabel/


RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - BenSisko - 10-03-2018

(10-02-2018, 08:13 PM)ZerBea Wrote: hcxdumptool retrieve the GPS data from GPSD in json format. So every device mentioned here as working, should work:
http://www.catb.org/gpsd/hardware.html
For my tests I run an "AktivePilot JENTRO BT-GPS-8".

More informations about Viking here:
https://wiki.openstreetmap.org/wiki/Viking
https://sourceforge.net/projects/viking/
https://www.archlinux.org/packages/community/x86_64/viking/

More informations about GPSBabel here:
https://www.gpsbabel.org/
https://www.archlinux.org/packages/community/x86_64/gpsbabel/

Excellent! I learn something new from you every time you post. Thank You!


RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 12-05-2018

According to hashcat, hcxdumptool and hcxtools moved to v5.1.0

hcxdumptool:
several on big endian fixes (reported to run on OpenWRT)
improved channel sitching (detect driver capabilities and skip unsuported channels)
new options:
-C : show available channels and quit
--poweroff : once hcxdumptool finished, power off system

$ hcxdumptool -I
wlan interfaces:
74da380645e7 wlp39s0f3u4u4 (8812au)
7cdd908c166a wlp3s0f0u1 (rt2800usb)
f81a67077d0e wlp39s0f3u4u3 (ath9k_htc)
00e62d05131a wlp39s0f3u4u2 (mt7601u)


$ hcxdumptool -i wlp39s0f3u4u4 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14,34,36,38,40,42,44,46,48,52,56,58,60,62,64,100,104,108,112,116,120,124,128,132,136,140,144,149,153,157,161,165,169

$ hcxdumptool -i wlp3s0f0u1 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14

$ hcxdumptool -i wlp39s0f3u4u3 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14

hcxdumptool -i wlp39s0f3u4u2 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14



$ hcxdumptool -i wlp3s0f0u1 -c 1,6,11,34,38,9
warning: unable to set channel 34 (removed this channel from scan list)
warning: unable to set channel 38 (removed this channel from scan list)

start capturing (stop with ctrl+c)
INTERFACE:...............: wlp3s0f0u1
FILTERLIST...............: 0 entries
MAC CLIENT...............: b0febd63eba2
MAC ACCESS POINT.........: 000e22b53189 (incremented on every new client)
EAPOL TIMEOUT............: 150000
REPLAYCOUNT..............: 61585
ANONCE...................: 6c0167ce558316fa3b30bb11b36871a775d7f6c62d6876d6cbf64b5c0f076d7b
...


hcxpcaptool:
detect EAPOL RC4 KEYs
detect MESH-IDs (stored by option -I)
fixed bug in FCS on BE systems

$ hcxpcaptool -V test.pcapng
reading from test.pcapng
summary:                                        
file name....................: test.pcapng
file type....................: pcapng 1.0
file hardware information....: mips
file os information..........: Linux 4.14.82
file application information.: hcxdumptool 5.1.0
network type.................: DLT_IEEE802_11_RADIO (127)
endianess....................: big endian
read errors..................: flawless
packets inside...............: 24591
skipped packets..............: 0
packets with GPS data........: 0
packets with FCS.............: 2
WDS packets..................: 11
beacons (with ESSID inside)..: 3137
beacons (with MESH-ID inside): 17
probe requests...............: 1627
probe responses..............: 2974
association requests.........: 284
association responses........: 671
reassociation requests.......: 104
reassociation responses......: 213
authentications (OPEN SYSTEM): 8329
authentications (BROADCOM)...: 2449
authentications (SONOS)......: 65
authentications (APPLE)......: 65
authentications (NETGEAR)....: 8
authentications (CISCO)......: 1
EAPOL packets................: 3686
EAPOL PMKIDs.................: 371
EAPOL RC4 KEYs...............: 14
EAP packets..................: 2310
EAP START packets............: 1
found........................: EAP type ID
found........................: Legacy Nak
found........................: EAP-TLS Authentication
found........................: EAP-Cisco Wireless Authentication
found........................: EAP-TTLS Authentication
found........................: PEAP Authentication
best handshakes..............: 178 (ap-less: 97)


RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - br0kenNoon - 12-06-2018

So, while everything works fine, when it comes time to run hcxpcaptool etc.. I'm repeatedly getting: "bash: hcxpcaptool: command not found". (running kali2)

Thank you in advance and thanks for the the great tools!


RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 12-06-2018

Looks like hcxdumptool, hcxtools (and hcxkeys) are not installed.
Do a git clone and satisfy dependencies (see README.md). Then run "make install".
Read more here:
https://github.com/ZerBea/hcxtools/issues/35

Or ask kali2 developer to add the tools to the distribution. After that you can install them in an easy way, using the packet manager of the distribution.
Read more here:
https://github.com/ZerBea/hcxtools/issues/73


RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 02-03-2019

Due to several bug fixes and changes hcxdumptool and hcxtools moved to v5.1.1.

Important changes:
removed....: wlanhcx2psk
replaced by: hcxpsktool

removed....: wlanhcx2cap
replaced by: hcxhash2cap
so, no more libcap dependency!

see changelogs for full details.

Arch Linux users will receive the update, soon, via Arch packaging system (pacman).
https://www.archlinux.org/packages/?sort=&q=hcx&maintainer=&flagged=
The same applies to Arch Linux Arm users (search for hcx):
https://archlinuxarm.org/packages