11-17-2022, 01:43 PM
I suggest to do some tests running two terminals (attached screenshot).
It is important to start the CLIENT first
Now play around with the status options until everything is shown as expected.
Please notice:
If the server - clients session is slow or timed out you run into a pselect() error which result in a heavy packet loss on the server. I do not recommend to use WiFi (overlapped channels) or bluetooth.
It is important to start the CLIENT first
Code:
Terminal one -> hcxdumdptool in servermode
$ sudo hcxdumptool -i wlp39s0f3u1u6 --enable_status=128
initialization of hcxdumptool 6.2.7-16-g29c1743 (depending on the capabilities of the device, this may take some time)...
Terminal two -> hcxdumptool in client mode (start CLIENT first)
$ hcxdumptool --enable_status=287
initialization of hcxdumptool 6.2.7-16-g29c1743 (depending on the capabilities of the device, this may take some time)...
waiting for hcxdumptool server...
hello hcxdumptool client...
start capturing (stop with ctrl+c)
NMEA 0183 PROTOCOL........: N/A
PHYSICAL INTERFACE........: phy0
INTERFACE NAME............: wlp39s0f3u1u6
INTERFACE PROTOCOL........: IEEE 802.11
INTERFACE TX POWER........: 20 dBm (lowest value reported by the device)
INTERFACE HARDWARE MAC....: 74da38f2038e (not used for the attack)
INTERFACE VIRTUAL MAC.....: 74da38f2038e (not used for the attack)
DRIVER....................: mt7601u
DRIVER VERSION............: 6.0.8-arch1-1
DRIVER FIRMWARE VERSION...: N/A
openSSL version...........: 1.0
ERRORMAX..................: 100 errors
BPF code blocks...........: 0
FILTERLIST ACCESS POINT...: 0 entries
FILTERLIST CLIENT.........: 0 entries
FILTERMODE................: unused
WEAK CANDIDATE............: 12345678
ESSID list................: 0 entries
ACCESS POINT (ROGUE)......: 000da7661a5f (BROADCAST WILDCARD used for the attack)
ACCESS POINT (ROGUE)......: 000da7661a60 (BROADCAST OPEN used for the attack)
ACCESS POINT (ROGUE)......: 000da7661a61 (used for the attack and incremented on every new client)
CLIENT (ROGUE)............: fcc233734714
EAPOLTIMEOUT..............: 20000 usec
EAPOLEAPTIMEOUT...........: 2500000 usec
REPLAYCOUNT...............: 62806
ANONCE....................: 53cef37b4adde1872c4d156fc17515d5892da3a4d77623f3818249d0df24fa5d
SNONCE....................: 54457ea7af879fb903b208ba6d99b5e7a57da8ed82ba7d4f4116718ac574f984
TIME FREQ/CH MAC_DEST MAC_SOURCE ESSID [FRAME TYPE]Now play around with the status options until everything is shown as expected.
Please notice:
If the server - clients session is slow or timed out you run into a pselect() error which result in a heavy packet loss on the server. I do not recommend to use WiFi (overlapped channels) or bluetooth.