hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Misc (https://hashcat.net/forum/forum-15.html) +--- Forum: User Contributions (https://hashcat.net/forum/forum-25.html) +--- Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats (/thread-6661.html) |
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - Mem5 - 01-12-2020 Wondering if message pairs are still included, and easy to find/decode, in the new format? M2M3 or M3M4 are good evidence that the password was correct. RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - WPA_Catcher - 01-12-2020 Quote:But anyway, you're right, we are missing some options in hcxhashtool, compared to wlanhcx2ssid. I'm going to add them, step by step. This are the first ones: I am extremely grateful! I am sure many people will appreciate this. Thank you very much! RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 01-12-2020 We are still running several tests, to get in shape for hashcat's new hashline. That included a complete rewrite (refactoring) from scratch. Nearly everything is new and improved. Also we are missing still some old features (e.g. the IPv4 and IPv6 part inclusive TACACS+, MD5 challenge, netNTLMv1). Also I received a feature request to detect device model, serial number and device ID. I'm going to add this, too (hcxpcangtool). All features make it necessary to analyze tons of 802.11 frames (inclusive reverse engineering of proprietary parts inside the frames) - and that will take a lot of time. RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - WPA_Catcher - 01-12-2020 This is all brilliant news! I can't wait. I hope there has been a change in hashcat filtering out passwords of less than length 8 for WPA, or at least make it optional. The length test was applied to the password BEFORE the users rules were applied which meant many potential passwords were not tested. Say user has password "pass" in their lists, hashcat would just ignore it when testing WPA even if the user has a rule $1$2$3$4 so "pass1234" would never be tested. Anyway thank you for adding the output features to hcxhashtool, all your tools are a wifi enthusiasts dream! RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 01-12-2020 In that case, just pipe it: https://en.wikipedia.org/wiki/Pipeline_(Unix) $ hashcat --stdout -r rule wordlist passwor1 passwor2 passwor3 passwor4 wordlist: passwor rule $1 $2 $3 $4 complete cmd: $ hashcat --stdout -r rule wordlist | hashcat -m 22000 test.hash RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - philsmd - 01-12-2020 it should also work with just adding -S to the command line RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - PURE - 01-12-2020 Recently added a USB GPS receiver my raspberry pi to get locations of the access points. Used " hcxdumptool -i wlan1mon -o real.pcapng --enable_status=1 --use_gpsd " capture and the following line to output to get the results " hcxpcaptool -E opt_E -T opt_T -g opt_g --nmea=opt_nmea -o opt_o -z opt_z.16800 real.pcapng " The issue I have is that it says it's "3017 track points written" to the -g output file but when I open it, there is no track. What am I doing wrong? I have checked the gps receiver is working. Code: root@The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali):~# hcxpcaptool -E opt_E -T opt_T -g opt_g --nmea=opt_nmea -o opt_o -z opt_z.16800 real.pcapng Code: <?xml version="1.0"?> RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 01-12-2020 That depends on the version of the tools: hcxdumptool >= v 6 require hcxpcapngtool --nmea to convert the NMEA sentences or hcxpcaptool --nmea. I dropped that xml conversion (and gpsd), because GPSBabel can do this much better. hcxpcaptool -g uses old format from old hcxdumptool hcxpcaptool ----nmea=<file> uses new format from latest hcxdumptool format: NMEA 0183 $GPGGA, $GPRMC, $GPWPL hcxpcapngtool --nmea=<file> uses new format from latest hcxdumptool output GPS data in NMEA format format: NMEA 0183 $GPGGA, $GPRMC, $GPWPL BTW: I pushed a fix for (old) hcxpcaptool. Now we have two internal counters: one for GPSD old JSON format and one for NME sentences. JSON format produce too much overhead and that is the reason for me, to drop it. If you run case 1: $ hcxdumptool --use_gps_device=your_device NMEA sentences should be written directly to the pcpang file (custom comment field) additional you can use --nmea=your_nmea_file to save them separate to a file (on the fly) case 2: To retrieve the NMEA data from the pcapng file (case 2), run: $ hcxpcapngtool --nmea=converted_nmea_sentences_from_pcapng_file Then use GPSbabel to convert them for use with Viking (case 2): $ gpsbabel -i converted_nmea_sentences_from_pcapng_file -f hcxdumptool.nmea -o gpx -F file.gpx or (case 1) $ gpsbabel -i your_nmea_file -f hcxdumptool.nmea -o gpx -F file.gpx gpsbabel offers hundreds of options to convert the NMEA sentences to whatever you want. See gpsbabel -h A GUI is available, too: https://www.gpsbabel.org/screenshots.html RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - ZerBea - 01-12-2020 (01-12-2020, 12:43 AM)Mem5 Wrote: Wondering if message pairs are still included, and easy to find/decode, in the new format? For sure. Last 2 characters in the hashline (MP): https://github.com/ZerBea/hcxtools/blob/master/hcxpcapngtool.c#L710 Code: WPA*TYPE*PMKID-OR-MIC*MAC_AP*MAC_STA*ESSID_HEX*ANONCE*EAPOL*MP $ cat test.22000 | grep "\*02$" will give you all M2M3E2 for example. The new hashline in combination with the new potfile and outfile format will make life much easier. Let's take the 2500 and the 16800 example hashes from here: https://hashcat.net/wiki/doku.php?id=example_hashes To demonstrate hashcat's latest improvements, convert (hcxmactool) them to the new hash format 22000 WPA-PBKDF2-PMKID+EAPOL Code: WPA*01*2582a8281bf9d4308d6f5731d0e61c61*4604ba734d4e*89acf0e761f4*ed487162465a774bfba60eb603a39f3a*** verify the hashline (is the conversion ok?): Code: $ hcxhashtool -i test.22000 --psk='hashcat!' and try to recover the PSKs, running hashcat: Code: $ hashcat -m 22000 test.22000 wordlist BTW: Please do not wonder about the low speed. I'm running a very, very, very small wordlist (only a single word). We do not need big word lists, if we now what we are doing. Additional hcxhashtool will show detailed information about the hashes: Code: $ hcxhashtool -i test.22000 --info=stdout RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - strike1953 - 01-13-2020 Hello ZerBea, I am having problems with hcxdumptool. Using GPS and making a tour, 5 minutes after the trip, hcdumptool freezes. It doesn't work anymore. It hangs. What can happen? The last Hcxdumptool Sorry my English |