manually calculate hashcat's "--nonce-error-corrections" using hcxtools
If you use wlancap2hcx, you'll get a proposal for the --nonce-error-corrections value of hashcat.
It looks like this:
hashcat --nonce-error-corrections is working on that file (that means you can use the default value) or
you should use hashcat --nonce-error-corrections=16 (or greater) on ...
you should use hashcat --nonce-error-corrections=32 (or greater) on ...
you should use hashcat --nonce-error-corrections=64 (or greater) on ...
If, you like, you can calculate this value manually:
use wlanhcxinfo option -a -A to get the required informations:
$ wlanhcxinfo -i yourhccapxfile.hccapx -a -A
This will show you all anonces (anonce = nonce transmited by the access point).
You will get something like this:
mac_ap anonce
-----------------------------------------------------------------------------------------------------
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a1
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a1
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a5
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a6
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a8
(for little endian ap's)
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa3ae7cde0
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa3de7cde0
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa40e7cde0
(for big endian ap's)
You can see, the last byte is counting up.
Also you can see that there are gaps between the values (caused by packetloss of the dumper).
Now take the highest value and substract the lowest value (little endian: 0xa8 - 0xa1 = 7, big endian: 0x40 - 0x3a = 6).
The result is the lowest value you should use for hashcat --nonce-error-corrections!
Keep in mind: This will only work on hccpax files converted from uncleaned(!) and unreduced(!) cap files.
It doesn't work on a single handshake!!!!
Background informations:
-------------------------------
An access point uses several different EAPOL-timers like this:
EAP-Identity-Request Timeout (seconds)
EAP-Identity-Request Max Retries
EAP Key-Index for Dynamic WEP
EAP Max-Login Ignore Identity Response
EAP-Request Timeout (seconds)
EAP-Request Max Retries
EAPOL-Key Timeout (milliseconds)
EAPOL-Key Max Retries
EAP-Broadcast Key Interval
Calculating an anonce, releasing an anonce, calculation of the replaycount, releasing a replaycount, accepting an authentication, all this depends on that timers.
Knowing the "secrets" about this timers allows us to use nonce-error-corrections (and other features build-in in hashcat and hcxtools).
Disregarding this (by cleaning caps, reducing caps to only one handshake, capturing only one handshake, using to much deauthentications) possible will let you fail calculating the key!
Why will you possible fail?
wlanhcxinfo will show you this using the options -a -A -R
Well, let's take a look into the replaycount (-R):
$ wlanhcxinfo -i yourhccapxfile.hccapx -a -A -R
mac_ap anonce replaycount
-------------------------------------------------------------------------------------------------------------------------------
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a1:0000000000000000
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a1:0000000000000000
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a5:0000000000000000
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a6:0000000000000000
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a8:0000000000000000
(on the little endian ap)
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa3ae7cde0:0000000000000001
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa3de7cde0:0000000000000000
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa40e7cde0:0000000000000001
(on the big endian ap)
In both cases the ap's received to much deauthentications and didn't receive their clients packets.
So they resetted their replaycounters.
Without using nonce-error-corrections, in many cases you are not able to calculate the password because the M2 and/or M4 of the client doesn't match!
Sending more (than mutch) deauthentications causes ap's to release their complete anonce. In that case not even nonce-error-corrections will work!
update hcxtools 4.0.0-rc1:
Added new option -I to wlanhcxmnc:
-I : show mac_ap and anonces
now you can use
$ wlanhcxmnc -i yourfile.hccapx -I
to get the required informations for hashcat's nonce-error-corrections
stdout is used for printing this informations. So it's possible to redirect the output to a file
$ wlanhcxmnc -i yourfile.hccapx -I > apinfos
wlanhcxinfo option -a -A no longer needed for this purpose!
If you use wlancap2hcx, you'll get a proposal for the --nonce-error-corrections value of hashcat.
It looks like this:
hashcat --nonce-error-corrections is working on that file (that means you can use the default value) or
you should use hashcat --nonce-error-corrections=16 (or greater) on ...
you should use hashcat --nonce-error-corrections=32 (or greater) on ...
you should use hashcat --nonce-error-corrections=64 (or greater) on ...
If, you like, you can calculate this value manually:
use wlanhcxinfo option -a -A to get the required informations:
$ wlanhcxinfo -i yourhccapxfile.hccapx -a -A
This will show you all anonces (anonce = nonce transmited by the access point).
You will get something like this:
mac_ap anonce
-----------------------------------------------------------------------------------------------------
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a1
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a1
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a5
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a6
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a8
(for little endian ap's)
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa3ae7cde0
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa3de7cde0
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa40e7cde0
(for big endian ap's)
You can see, the last byte is counting up.
Also you can see that there are gaps between the values (caused by packetloss of the dumper).
Now take the highest value and substract the lowest value (little endian: 0xa8 - 0xa1 = 7, big endian: 0x40 - 0x3a = 6).
The result is the lowest value you should use for hashcat --nonce-error-corrections!
Keep in mind: This will only work on hccpax files converted from uncleaned(!) and unreduced(!) cap files.
It doesn't work on a single handshake!!!!
Background informations:
-------------------------------
An access point uses several different EAPOL-timers like this:
EAP-Identity-Request Timeout (seconds)
EAP-Identity-Request Max Retries
EAP Key-Index for Dynamic WEP
EAP Max-Login Ignore Identity Response
EAP-Request Timeout (seconds)
EAP-Request Max Retries
EAPOL-Key Timeout (milliseconds)
EAPOL-Key Max Retries
EAP-Broadcast Key Interval
Calculating an anonce, releasing an anonce, calculation of the replaycount, releasing a replaycount, accepting an authentication, all this depends on that timers.
Knowing the "secrets" about this timers allows us to use nonce-error-corrections (and other features build-in in hashcat and hcxtools).
Disregarding this (by cleaning caps, reducing caps to only one handshake, capturing only one handshake, using to much deauthentications) possible will let you fail calculating the key!
Why will you possible fail?
wlanhcxinfo will show you this using the options -a -A -R
Well, let's take a look into the replaycount (-R):
$ wlanhcxinfo -i yourhccapxfile.hccapx -a -A -R
mac_ap anonce replaycount
-------------------------------------------------------------------------------------------------------------------------------
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a1:0000000000000000
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a1:0000000000000000
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a5:0000000000000000
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a6:0000000000000000
xxxxxxxxxxxx:ffa500a5ec3f312701fe821b2628a182ca11cc91fec662b0ed41fe84145984a8:0000000000000000
(on the little endian ap)
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa3ae7cde0:0000000000000001
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa3de7cde0:0000000000000000
xxxxxxxxxxxx:daa065e1aa368b38404a517b39c23613bfce72ada13726fdb1f1aeaa40e7cde0:0000000000000001
(on the big endian ap)
In both cases the ap's received to much deauthentications and didn't receive their clients packets.
So they resetted their replaycounters.
Without using nonce-error-corrections, in many cases you are not able to calculate the password because the M2 and/or M4 of the client doesn't match!
Sending more (than mutch) deauthentications causes ap's to release their complete anonce. In that case not even nonce-error-corrections will work!
update hcxtools 4.0.0-rc1:
Added new option -I to wlanhcxmnc:
-I : show mac_ap and anonces
now you can use
$ wlanhcxmnc -i yourfile.hccapx -I
to get the required informations for hashcat's nonce-error-corrections
stdout is used for printing this informations. So it's possible to redirect the output to a file
$ wlanhcxmnc -i yourfile.hccapx -I > apinfos
wlanhcxinfo option -a -A no longer needed for this purpose!