Hi recombinant.
Does stanev's wpa-sec site support the PMKID derived from the recent PMKID attack, or is it only going to show networks that have the handshake captured?
-> wpa-sec is working on that feature (PMKID). But you can do a feature request here:
https://github.com/RealEnder/dwpa/issues
Is there any possible way for me to derive a similar list of networks and which information (PMK/Handshake/PMKID) is available for retrieving the PSK from hcxdumptool's pcapng output?
-> run hcxpcaptool -o hashlist.hccapx -z hashlist.16800 test.pcapng
-> take a look into the hashlist.16800. MAC_AP, MAC_STA and ESSID are inside.
-> run wlanhcxinfo -i hashlist.hccapx -a -e
For better understanding:
hcxdumptool is the dumper. For further going analysis use hcxtools (for example wlanhcxinfo to get informations about the handshakes inside a hccapx file or wlanhcx2ssid to stip handshakes you like to work on).
Finally, does hcxdumptool truly need to scan through channels other than 1, 6, and 11? I thought every other channel had overlap with those three.
-> use the -c option (-c 1,6,11) - overlapping only works if you are close to the access point.
I'm also used to using wpaclean to slim down the file to the absolute minimum available.
-> do not clean your cap files! There is absolutely no need to clean hcxdumptool pcapng files.
and from wpa-sec (https://wpa-sec.stanev.org/?):
"Note: please do not use any additional tools to strip or modify the capture files, since they can mangle handshakes and lead to uncrackable results."
Is there a way to do that with hcxtools?
-> yes, but it isn't recommended!
$ hcxpcaptool -o hashes.hccapx test.pcapng
$ wlanhcx2cap -i hashes.hccapx -o cleaned
hcxdumptool seems to not discriminate.
-> it is not the task of hcxdumptool (but you can use a filter list) - use hcxtools for that purpose
Also, unfortunately, the WPA upload feature for multiple pcaps will put in duplicate entries to wpa-sec instead of consolidating them all into the minimum necessary information.
-> no, that is so wanted by wpa-sec (reuse PBKDF2 and PMK cracking is activated internal there, to speed up cracking process). wpa-sec will make sure that the best handshake will be used.
Perhaps that can be changed in a future version to minimize data transfer to the internet?
-> Why? hcxtools are able to handle gz compressed pcapng files. wpa-sec accepts this, because hcxtools running inside. Use gzip to compress the cap. So there is absolutely no need to clean the files.
Does stanev's wpa-sec site support the PMKID derived from the recent PMKID attack, or is it only going to show networks that have the handshake captured?
-> wpa-sec is working on that feature (PMKID). But you can do a feature request here:
https://github.com/RealEnder/dwpa/issues
Is there any possible way for me to derive a similar list of networks and which information (PMK/Handshake/PMKID) is available for retrieving the PSK from hcxdumptool's pcapng output?
-> run hcxpcaptool -o hashlist.hccapx -z hashlist.16800 test.pcapng
-> take a look into the hashlist.16800. MAC_AP, MAC_STA and ESSID are inside.
-> run wlanhcxinfo -i hashlist.hccapx -a -e
For better understanding:
hcxdumptool is the dumper. For further going analysis use hcxtools (for example wlanhcxinfo to get informations about the handshakes inside a hccapx file or wlanhcx2ssid to stip handshakes you like to work on).
Finally, does hcxdumptool truly need to scan through channels other than 1, 6, and 11? I thought every other channel had overlap with those three.
-> use the -c option (-c 1,6,11) - overlapping only works if you are close to the access point.
I'm also used to using wpaclean to slim down the file to the absolute minimum available.
-> do not clean your cap files! There is absolutely no need to clean hcxdumptool pcapng files.
and from wpa-sec (https://wpa-sec.stanev.org/?):
"Note: please do not use any additional tools to strip or modify the capture files, since they can mangle handshakes and lead to uncrackable results."
Is there a way to do that with hcxtools?
-> yes, but it isn't recommended!
$ hcxpcaptool -o hashes.hccapx test.pcapng
$ wlanhcx2cap -i hashes.hccapx -o cleaned
hcxdumptool seems to not discriminate.
-> it is not the task of hcxdumptool (but you can use a filter list) - use hcxtools for that purpose
Also, unfortunately, the WPA upload feature for multiple pcaps will put in duplicate entries to wpa-sec instead of consolidating them all into the minimum necessary information.
-> no, that is so wanted by wpa-sec (reuse PBKDF2 and PMK cracking is activated internal there, to speed up cracking process). wpa-sec will make sure that the best handshake will be used.
Perhaps that can be changed in a future version to minimize data transfer to the internet?
-> Why? hcxtools are able to handle gz compressed pcapng files. wpa-sec accepts this, because hcxtools running inside. Use gzip to compress the cap. So there is absolutely no need to clean the files.