hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Misc (https://hashcat.net/forum/forum-15.html) +--- Forum: User Contributions (https://hashcat.net/forum/forum-25.html) +--- Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats (/thread-6661.html) |
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - freeroute - 09-29-2018 Hi kiara, Your question has been answered: https://forum.hashkiller.co.uk/topic-view.aspx?t=21036&m=189214#189214 RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - kiara - 09-29-2018 (09-29-2018, 02:48 PM)freeroute Wrote: Hi kiara, sweet. RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 09-29-2018 With the latest update of hcxtools, hcxpcaptool is able to detect a GPS track from hcxpdumptool and convert this track to GPX format (for example accepted by Viking and GPSBabel): $ hcxpcaptool -h -g <file> : output GPS file format = GPX (accepted for example by Viking and GPSBabel) We store a track point for every single frame in the comment field of the frame. -g will convert this to GPX format. I (hcxdumptool) did it that way, because every filter option of Wireshark tools will work on the pcapng file. That means you can use a wireshark filter to write - all beacons and/or - all EAPOL frames and/or - all proberequests and/or - all src addresses and/or - all host addresses and/or - what ever you want.... to a new pcapng file. Then run hcxpcaptool -g option on that file to retrieve a GPS track (in GPX format). @freeroute Good answer, I could not answer it better. RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - BenSisko - 10-02-2018 (09-29-2018, 06:27 PM)ZerBea Wrote: With the latest update of hcxtools, hcxpcaptool is able to detect a GPS track from hcxpcaptool and convert this track to GPX format (for example accepted by Viking and GPSBabel): ZerBea your tools are awesome! For this new GPS capability is there a specific hardware dongle or Pi Hat you are using for GPS tagging? RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 10-02-2018 hcxdumptool retrieve the GPS data from GPSD in json format. So every device mentioned here as working, should work: http://www.catb.org/gpsd/hardware.html For my tests I run an "AktivePilot JENTRO BT-GPS-8". More informations about Viking here: https://wiki.openstreetmap.org/wiki/Viking https://sourceforge.net/projects/viking/ https://www.archlinux.org/packages/community/x86_64/viking/ More informations about GPSBabel here: https://www.gpsbabel.org/ https://www.archlinux.org/packages/community/x86_64/gpsbabel/ RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - BenSisko - 10-03-2018 (10-02-2018, 08:13 PM)ZerBea Wrote: hcxdumptool retrieve the GPS data from GPSD in json format. So every device mentioned here as working, should work: Excellent! I learn something new from you every time you post. Thank You! RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 12-05-2018 According to hashcat, hcxdumptool and hcxtools moved to v5.1.0 hcxdumptool: several on big endian fixes (reported to run on OpenWRT) improved channel sitching (detect driver capabilities and skip unsuported channels) new options: -C : show available channels and quit --poweroff : once hcxdumptool finished, power off system $ hcxdumptool -I wlan interfaces: 74da380645e7 wlp39s0f3u4u4 (8812au) 7cdd908c166a wlp3s0f0u1 (rt2800usb) f81a67077d0e wlp39s0f3u4u3 (ath9k_htc) 00e62d05131a wlp39s0f3u4u2 (mt7601u) $ hcxdumptool -i wlp39s0f3u4u4 -C available channels: 1,2,3,4,5,6,7,8,9,10,11,12,13,14,34,36,38,40,42,44,46,48,52,56,58,60,62,64,100,104,108,112,116,120,124,128,132,136,140,144,149,153,157,161,165,169 $ hcxdumptool -i wlp3s0f0u1 -C available channels: 1,2,3,4,5,6,7,8,9,10,11,12,13,14 $ hcxdumptool -i wlp39s0f3u4u3 -C available channels: 1,2,3,4,5,6,7,8,9,10,11,12,13,14 hcxdumptool -i wlp39s0f3u4u2 -C available channels: 1,2,3,4,5,6,7,8,9,10,11,12,13,14 $ hcxdumptool -i wlp3s0f0u1 -c 1,6,11,34,38,9 warning: unable to set channel 34 (removed this channel from scan list) warning: unable to set channel 38 (removed this channel from scan list) start capturing (stop with ctrl+c) INTERFACE:...............: wlp3s0f0u1 FILTERLIST...............: 0 entries MAC CLIENT...............: b0febd63eba2 MAC ACCESS POINT.........: 000e22b53189 (incremented on every new client) EAPOL TIMEOUT............: 150000 REPLAYCOUNT..............: 61585 ANONCE...................: 6c0167ce558316fa3b30bb11b36871a775d7f6c62d6876d6cbf64b5c0f076d7b ... hcxpcaptool: detect EAPOL RC4 KEYs detect MESH-IDs (stored by option -I) fixed bug in FCS on BE systems $ hcxpcaptool -V test.pcapng reading from test.pcapng summary: file name....................: test.pcapng file type....................: pcapng 1.0 file hardware information....: mips file os information..........: Linux 4.14.82 file application information.: hcxdumptool 5.1.0 network type.................: DLT_IEEE802_11_RADIO (127) endianess....................: big endian read errors..................: flawless packets inside...............: 24591 skipped packets..............: 0 packets with GPS data........: 0 packets with FCS.............: 2 WDS packets..................: 11 beacons (with ESSID inside)..: 3137 beacons (with MESH-ID inside): 17 probe requests...............: 1627 probe responses..............: 2974 association requests.........: 284 association responses........: 671 reassociation requests.......: 104 reassociation responses......: 213 authentications (OPEN SYSTEM): 8329 authentications (BROADCOM)...: 2449 authentications (SONOS)......: 65 authentications (APPLE)......: 65 authentications (NETGEAR)....: 8 authentications (CISCO)......: 1 EAPOL packets................: 3686 EAPOL PMKIDs.................: 371 EAPOL RC4 KEYs...............: 14 EAP packets..................: 2310 EAP START packets............: 1 found........................: EAP type ID found........................: Legacy Nak found........................: EAP-TLS Authentication found........................: EAP-Cisco Wireless Authentication found........................: EAP-TTLS Authentication found........................: PEAP Authentication best handshakes..............: 178 (ap-less: 97) RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - br0kenNoon - 12-06-2018 So, while everything works fine, when it comes time to run hcxpcaptool etc.. I'm repeatedly getting: "bash: hcxpcaptool: command not found". (running kali2) Thank you in advance and thanks for the the great tools! RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 12-06-2018 Looks like hcxdumptool, hcxtools (and hcxkeys) are not installed. Do a git clone and satisfy dependencies (see README.md). Then run "make install". Read more here: https://github.com/ZerBea/hcxtools/issues/35 Or ask kali2 developer to add the tools to the distribution. After that you can install them in an easy way, using the packet manager of the distribution. Read more here: https://github.com/ZerBea/hcxtools/issues/73 RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 02-03-2019 Due to several bug fixes and changes hcxdumptool and hcxtools moved to v5.1.1. Important changes: removed....: wlanhcx2psk replaced by: hcxpsktool removed....: wlanhcx2cap replaced by: hcxhash2cap so, no more libcap dependency! see changelogs for full details. Arch Linux users will receive the update, soon, via Arch packaging system (pacman). https://www.archlinux.org/packages/?sort=&q=hcx&maintainer=&flagged= The same applies to Arch Linux Arm users (search for hcx): https://archlinuxarm.org/packages |