hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Hi DKblue.
The problems aren't so big as you might think.
Penetration distros doesn't start as many unwanted services as multimedia distros. So there are only a few services to stop.
There is no real need to use airmon-ng if you have common hardware (Realtek, Ralink or Atheros chipsets that support native monitor mode).
Aircrack-ng is able to run other services on the same interface (like hostapd, airbase-ng or airtun-ng). Therefore it use virtual devices. wlandump-ng is stand alone and needs full access to the hardcoded interface.
Thats all...

And please upload your capfiles to http://wpa-sec.stanev.org/
We need the caps for analysis purposes (weakpoints, keyspace, 802.11 protocol, ...)  to improve the tools (hashcat, JtR, hcxtools).

example:
You mentioned the arg-wireless forum in your post.
The user are interested in Fibertel routers.
We did an analysis of the database to get informations about the keyspace and
added this as new option to latest wlanhcx2psk

$ wlanhcx2psk -h
wlanhcx2psk 4.0.0 (C) 2017 ZeroBeat
usage..: wlanhcx2psk <options>
example: wlanhcx2psk -i <hccapx> -W -s | hashcat -m 2500 <hccapx>

options:
-i <file> : input hccapx file
-o <file> : output plainkeys to file
-s        : output plainkeys to stdout (pipe to hashcat)
-w        : include generic weak passwords
-W        : include complete wps keys
-D        : include complete european dates
-d        : include complete american dates
-N        : include NETGEARxx weak candidates
-F        : include Fibertel weak candidates
-h        : this help
-v        : version

Keep in mind, wlanhcx2psk is no key generator based on closed source firmware. Only results of open sources intelligence are used.
Reply


Messages In This Thread
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 12-08-2017, 09:21 AM
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM