08-07-2018, 05:55 PM
(This post was last modified: 08-07-2018, 09:11 PM by MadMeow.
Edit Reason: Update
)
Good day, Zerbea.
First of all, i want to thank you for extremely useful set of utilities. Excellent work! I use your utilities from the very beginning of development and i always happy with results.
I had several questions now related to new version of hcxdumptool.
1. I faced that the utility ceases to work after a while. I am connected to Raspberry (3 with Raspbian 9 kernel 4.14) through ssh and i watch that how many packets it was received by the radio interface. After a while works of the program i notice that when switching to the following channel the number of collected packets (rx) increases by only one packet and at the same time transfer of packets stops. I can start the program again, but it does not help. Also the stop and start monitor mode (i use Atheros in TP-Link 722N) does not help. After reboot for some time everything becomes normal, but then the situation repeats again. I was updated about 8 hours ago. Can you tell me what I can check to localize this problem?
2. I tried the new attack mode and it really works great! I would just like to clarify some details about the output format of a file that contains PMKID. When using Hashcat (16800), I noticed that several APs with different MACs, but the same ESSID and pass were restored (of course it could be CAPsMAN or similar, for example) and i had some doubts as to whether i correctly understood the format of the pot file. Correctly I understand that the second position in the pot file after "*" is exactly the MAC address of the AP, which was successfully attacked?
Forgive me for my bad English and Thanks in advance!
Update:
The second question is removed from the agenda, i managed to repeat the situation in the lab.
Now i have updated to the latest version of the utility (4.2.1) and after building a new system image for Raspberry, it seems that i do not observe what i described earlier. Is it possible that there were some performance issues? In any case, i will try to reproduce this problem.
First of all, i want to thank you for extremely useful set of utilities. Excellent work! I use your utilities from the very beginning of development and i always happy with results.
I had several questions now related to new version of hcxdumptool.
1. I faced that the utility ceases to work after a while. I am connected to Raspberry (3 with Raspbian 9 kernel 4.14) through ssh and i watch that how many packets it was received by the radio interface. After a while works of the program i notice that when switching to the following channel the number of collected packets (rx) increases by only one packet and at the same time transfer of packets stops. I can start the program again, but it does not help. Also the stop and start monitor mode (i use Atheros in TP-Link 722N) does not help. After reboot for some time everything becomes normal, but then the situation repeats again. I was updated about 8 hours ago. Can you tell me what I can check to localize this problem?
2. I tried the new attack mode and it really works great! I would just like to clarify some details about the output format of a file that contains PMKID. When using Hashcat (16800), I noticed that several APs with different MACs, but the same ESSID and pass were restored (of course it could be CAPsMAN or similar, for example) and i had some doubts as to whether i correctly understood the format of the pot file. Correctly I understand that the second position in the pot file after "*" is exactly the MAC address of the AP, which was successfully attacked?
Forgive me for my bad English and Thanks in advance!
Update:
The second question is removed from the agenda, i managed to repeat the situation in the lab.
Now i have updated to the latest version of the utility (4.2.1) and after building a new system image for Raspberry, it seems that i do not observe what i described earlier. Is it possible that there were some performance issues? In any case, i will try to reproduce this problem.