09-29-2018, 02:48 PM
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77
09-29-2018, 03:22 PM
(09-29-2018, 02:48 PM)freeroute Wrote: [ -> ]Hi kiara,
Your question has been answered: https://forum.hashkiller.co.uk/topic-vie...214#189214
sweet.
09-29-2018, 06:27 PM
With the latest update of hcxtools, hcxpcaptool is able to detect a GPS track from hcxpdumptool and convert this track to GPX format (for example accepted by Viking and GPSBabel):
$ hcxpcaptool -h
-g <file> : output GPS file
format = GPX (accepted for example by Viking and GPSBabel)
We store a track point for every single frame in the comment field of the frame.
-g will convert this to GPX format.
I (hcxdumptool) did it that way, because every filter option of Wireshark tools will work on the pcapng file.
That means you can use a wireshark filter to write
- all beacons and/or
- all EAPOL frames and/or
- all proberequests and/or
- all src addresses and/or
- all host addresses and/or
- what ever you want....
to a new pcapng file.
Then run hcxpcaptool -g option on that file to retrieve a GPS track (in GPX format).
@freeroute
Good answer, I could not answer it better.
$ hcxpcaptool -h
-g <file> : output GPS file
format = GPX (accepted for example by Viking and GPSBabel)
We store a track point for every single frame in the comment field of the frame.
-g will convert this to GPX format.
I (hcxdumptool) did it that way, because every filter option of Wireshark tools will work on the pcapng file.
That means you can use a wireshark filter to write
- all beacons and/or
- all EAPOL frames and/or
- all proberequests and/or
- all src addresses and/or
- all host addresses and/or
- what ever you want....
to a new pcapng file.
Then run hcxpcaptool -g option on that file to retrieve a GPS track (in GPX format).
@freeroute
Good answer, I could not answer it better.
10-02-2018, 07:36 PM
(09-29-2018, 06:27 PM)ZerBea Wrote: [ -> ]With the latest update of hcxtools, hcxpcaptool is able to detect a GPS track from hcxpcaptool and convert this track to GPX format (for example accepted by Viking and GPSBabel):
$ hcxpcaptool -h
-g <file> : output GPS file
format = GPX (accepted for example by Viking and GPSBabel)
We store a track point for every single frame in the comment field of the frame.
-g will convert this to GPS format.
I (hcxdumptool) did it that way, because every filter option of Wireshark tools will work on the pcapng file.
That means you can use a wireshark filter to write
- all beacons and/or
- all EAPOL frames and/or
- all proberequests and/or
- all src addresses and/or
- all host addresses and/or
- what ever you want....
to a new pcapng file.
Then run hcxpcaptool -g option on that file to retrieve a gps track (in GPX format).
@freeroute
Good answer, I could not answer it better.
ZerBea your tools are awesome! For this new GPS capability is there a specific hardware dongle or Pi Hat you are using for GPS tagging?
10-02-2018, 08:13 PM
hcxdumptool retrieve the GPS data from GPSD in json format. So every device mentioned here as working, should work:
http://www.catb.org/gpsd/hardware.html
For my tests I run an "AktivePilot JENTRO BT-GPS-8".
More informations about Viking here:
https://wiki.openstreetmap.org/wiki/Viking
https://sourceforge.net/projects/viking/
https://www.archlinux.org/packages/commu...64/viking/
More informations about GPSBabel here:
https://www.gpsbabel.org/
https://www.archlinux.org/packages/commu.../gpsbabel/
http://www.catb.org/gpsd/hardware.html
For my tests I run an "AktivePilot JENTRO BT-GPS-8".
More informations about Viking here:
https://wiki.openstreetmap.org/wiki/Viking
https://sourceforge.net/projects/viking/
https://www.archlinux.org/packages/commu...64/viking/
More informations about GPSBabel here:
https://www.gpsbabel.org/
https://www.archlinux.org/packages/commu.../gpsbabel/
10-03-2018, 11:01 PM
(10-02-2018, 08:13 PM)ZerBea Wrote: [ -> ]hcxdumptool retrieve the GPS data from GPSD in json format. So every device mentioned here as working, should work:
http://www.catb.org/gpsd/hardware.html
For my tests I run an "AktivePilot JENTRO BT-GPS-8".
More informations about Viking here:
https://wiki.openstreetmap.org/wiki/Viking
https://sourceforge.net/projects/viking/
https://www.archlinux.org/packages/commu...64/viking/
More informations about GPSBabel here:
https://www.gpsbabel.org/
https://www.archlinux.org/packages/commu.../gpsbabel/
Excellent! I learn something new from you every time you post. Thank You!
12-05-2018, 11:42 AM
According to hashcat, hcxdumptool and hcxtools moved to v5.1.0
hcxdumptool:
several on big endian fixes (reported to run on OpenWRT)
improved channel sitching (detect driver capabilities and skip unsuported channels)
new options:
-C : show available channels and quit
--poweroff : once hcxdumptool finished, power off system
$ hcxdumptool -I
wlan interfaces:
74da380645e7 wlp39s0f3u4u4 (8812au)
7cdd908c166a wlp3s0f0u1 (rt2800usb)
f81a67077d0e wlp39s0f3u4u3 (ath9k_htc)
00e62d05131a wlp39s0f3u4u2 (mt7601u)
$ hcxdumptool -i wlp39s0f3u4u4 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14,34,36,38,40,42,44,46,48,52,56,58,60,62,64,100,104,108,112,116,120,124,128,132,136,140,144,149,153,157,161,165,169
$ hcxdumptool -i wlp3s0f0u1 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14
$ hcxdumptool -i wlp39s0f3u4u3 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14
hcxdumptool -i wlp39s0f3u4u2 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14
$ hcxdumptool -i wlp3s0f0u1 -c 1,6,11,34,38,9
warning: unable to set channel 34 (removed this channel from scan list)
warning: unable to set channel 38 (removed this channel from scan list)
start capturing (stop with ctrl+c)
INTERFACE:...............: wlp3s0f0u1
FILTERLIST...............: 0 entries
MAC CLIENT...............: b0febd63eba2
MAC ACCESS POINT.........: 000e22b53189 (incremented on every new client)
EAPOL TIMEOUT............: 150000
REPLAYCOUNT..............: 61585
ANONCE...................: 6c0167ce558316fa3b30bb11b36871a775d7f6c62d6876d6cbf64b5c0f076d7b
...
hcxpcaptool:
detect EAPOL RC4 KEYs
detect MESH-IDs (stored by option -I)
fixed bug in FCS on BE systems
$ hcxpcaptool -V test.pcapng
reading from test.pcapng
summary:
file name....................: test.pcapng
file type....................: pcapng 1.0
file hardware information....: mips
file os information..........: Linux 4.14.82
file application information.: hcxdumptool 5.1.0
network type.................: DLT_IEEE802_11_RADIO (127)
endianess....................: big endian
read errors..................: flawless
packets inside...............: 24591
skipped packets..............: 0
packets with GPS data........: 0
packets with FCS.............: 2
WDS packets..................: 11
beacons (with ESSID inside)..: 3137
beacons (with MESH-ID inside): 17
probe requests...............: 1627
probe responses..............: 2974
association requests.........: 284
association responses........: 671
reassociation requests.......: 104
reassociation responses......: 213
authentications (OPEN SYSTEM): 8329
authentications (BROADCOM)...: 2449
authentications (SONOS)......: 65
authentications (APPLE)......: 65
authentications (NETGEAR)....: 8
authentications (CISCO)......: 1
EAPOL packets................: 3686
EAPOL PMKIDs.................: 371
EAPOL RC4 KEYs...............: 14
EAP packets..................: 2310
EAP START packets............: 1
found........................: EAP type ID
found........................: Legacy Nak
found........................: EAP-TLS Authentication
found........................: EAP-Cisco Wireless Authentication
found........................: EAP-TTLS Authentication
found........................: PEAP Authentication
best handshakes..............: 178 (ap-less: 97)
hcxdumptool:
several on big endian fixes (reported to run on OpenWRT)
improved channel sitching (detect driver capabilities and skip unsuported channels)
new options:
-C : show available channels and quit
--poweroff : once hcxdumptool finished, power off system
$ hcxdumptool -I
wlan interfaces:
74da380645e7 wlp39s0f3u4u4 (8812au)
7cdd908c166a wlp3s0f0u1 (rt2800usb)
f81a67077d0e wlp39s0f3u4u3 (ath9k_htc)
00e62d05131a wlp39s0f3u4u2 (mt7601u)
$ hcxdumptool -i wlp39s0f3u4u4 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14,34,36,38,40,42,44,46,48,52,56,58,60,62,64,100,104,108,112,116,120,124,128,132,136,140,144,149,153,157,161,165,169
$ hcxdumptool -i wlp3s0f0u1 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14
$ hcxdumptool -i wlp39s0f3u4u3 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14
hcxdumptool -i wlp39s0f3u4u2 -C
available channels:
1,2,3,4,5,6,7,8,9,10,11,12,13,14
$ hcxdumptool -i wlp3s0f0u1 -c 1,6,11,34,38,9
warning: unable to set channel 34 (removed this channel from scan list)
warning: unable to set channel 38 (removed this channel from scan list)
start capturing (stop with ctrl+c)
INTERFACE:...............: wlp3s0f0u1
FILTERLIST...............: 0 entries
MAC CLIENT...............: b0febd63eba2
MAC ACCESS POINT.........: 000e22b53189 (incremented on every new client)
EAPOL TIMEOUT............: 150000
REPLAYCOUNT..............: 61585
ANONCE...................: 6c0167ce558316fa3b30bb11b36871a775d7f6c62d6876d6cbf64b5c0f076d7b
...
hcxpcaptool:
detect EAPOL RC4 KEYs
detect MESH-IDs (stored by option -I)
fixed bug in FCS on BE systems
$ hcxpcaptool -V test.pcapng
reading from test.pcapng
summary:
file name....................: test.pcapng
file type....................: pcapng 1.0
file hardware information....: mips
file os information..........: Linux 4.14.82
file application information.: hcxdumptool 5.1.0
network type.................: DLT_IEEE802_11_RADIO (127)
endianess....................: big endian
read errors..................: flawless
packets inside...............: 24591
skipped packets..............: 0
packets with GPS data........: 0
packets with FCS.............: 2
WDS packets..................: 11
beacons (with ESSID inside)..: 3137
beacons (with MESH-ID inside): 17
probe requests...............: 1627
probe responses..............: 2974
association requests.........: 284
association responses........: 671
reassociation requests.......: 104
reassociation responses......: 213
authentications (OPEN SYSTEM): 8329
authentications (BROADCOM)...: 2449
authentications (SONOS)......: 65
authentications (APPLE)......: 65
authentications (NETGEAR)....: 8
authentications (CISCO)......: 1
EAPOL packets................: 3686
EAPOL PMKIDs.................: 371
EAPOL RC4 KEYs...............: 14
EAP packets..................: 2310
EAP START packets............: 1
found........................: EAP type ID
found........................: Legacy Nak
found........................: EAP-TLS Authentication
found........................: EAP-Cisco Wireless Authentication
found........................: EAP-TTLS Authentication
found........................: PEAP Authentication
best handshakes..............: 178 (ap-less: 97)
12-06-2018, 08:22 AM
So, while everything works fine, when it comes time to run hcxpcaptool etc.. I'm repeatedly getting: "bash: hcxpcaptool: command not found". (running kali2)
Thank you in advance and thanks for the the great tools!
Thank you in advance and thanks for the the great tools!
12-06-2018, 09:04 AM
Looks like hcxdumptool, hcxtools (and hcxkeys) are not installed.
Do a git clone and satisfy dependencies (see README.md). Then run "make install".
Read more here:
https://github.com/ZerBea/hcxtools/issues/35
Or ask kali2 developer to add the tools to the distribution. After that you can install them in an easy way, using the packet manager of the distribution.
Read more here:
https://github.com/ZerBea/hcxtools/issues/73
Do a git clone and satisfy dependencies (see README.md). Then run "make install".
Read more here:
https://github.com/ZerBea/hcxtools/issues/35
Or ask kali2 developer to add the tools to the distribution. After that you can install them in an easy way, using the packet manager of the distribution.
Read more here:
https://github.com/ZerBea/hcxtools/issues/73
02-03-2019, 06:33 PM
Due to several bug fixes and changes hcxdumptool and hcxtools moved to v5.1.1.
Important changes:
removed....: wlanhcx2psk
replaced by: hcxpsktool
removed....: wlanhcx2cap
replaced by: hcxhash2cap
so, no more libcap dependency!
see changelogs for full details.
Arch Linux users will receive the update, soon, via Arch packaging system (pacman).
https://www.archlinux.org/packages/?sort...r=&flagged=
The same applies to Arch Linux Arm users (search for hcx):
https://archlinuxarm.org/packages
Important changes:
removed....: wlanhcx2psk
replaced by: hcxpsktool
removed....: wlanhcx2cap
replaced by: hcxhash2cap
so, no more libcap dependency!
see changelogs for full details.
Arch Linux users will receive the update, soon, via Arch packaging system (pacman).
https://www.archlinux.org/packages/?sort...r=&flagged=
The same applies to Arch Linux Arm users (search for hcx):
https://archlinuxarm.org/packages