01-29-2020, 06:50 PM
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77
01-29-2020, 06:56 PM
"As far as I know all hashes in the new .22000 format are 100% crackable, is that right?"
->No! That depend on the quality of your device (bit error on plcp layer) and the tool to dump the traffic!
->Yes, all received M2 from AP-LESS attack vector are valid and recoverable - if you run hcxdumptool!
->Yes, all received PMKID (M1) from CLIENT-LESS attack vector are valid and recoverable - if you run hcxdumptool!
Running crappy tools on crappy hardware will(!) lead to unrecoverable hashes:
https://forum.hashkiller.io/index.php?th...kid.33981/
->No! That depend on the quality of your device (bit error on plcp layer) and the tool to dump the traffic!
->Yes, all received M2 from AP-LESS attack vector are valid and recoverable - if you run hcxdumptool!
->Yes, all received PMKID (M1) from CLIENT-LESS attack vector are valid and recoverable - if you run hcxdumptool!
Running crappy tools on crappy hardware will(!) lead to unrecoverable hashes:
https://forum.hashkiller.io/index.php?th...kid.33981/
01-29-2020, 07:40 PM
Sorry for taking a long time to respond I am testing and so far all output hccaps are 0 bytes. I am sure this is my fault. (EDIT) Just editing to say latest download of hcxtools fixes this)
Would it be possible to define an output directory?
Obviously I would only ever use hcxdumptool to dump the traffic, what else is there? LOL
So if all .22000 format hashes are good what is it I need to check for with a hex viewer?
I am just thinking when I master the use of hcxhashtool it will bring new life to old GPU as we will also be able to start to take advantage of PMKID captures!
Would it be possible to define an output directory?
(01-29-2020, 06:56 PM)ZerBea Wrote: [ -> ]"As far as I know all hashes in the new .22000 format are 100% crackable, is that right?"
->No! That depend on the quality of your device (bit error on plcp layer) and the tool to dump the traffic!
->Yes, all received M2 from AP-LESS attack vector are valid and recoverable - if you run hcxdumptool!
->Yes, all received PMKID (M1) from CLIENT-LESS attack vector are valid and recoverable - if you run hcxdumptool!
Obviously I would only ever use hcxdumptool to dump the traffic, what else is there? LOL
So if all .22000 format hashes are good what is it I need to check for with a hex viewer?
I am just thinking when I master the use of hcxhashtool it will bring new life to old GPU as we will also be able to start to take advantage of PMKID captures!
01-29-2020, 08:15 PM
No, epical fail of me. Pushed a fix for that issue. Unfortunately we deleted all 392 byte hccap and leave the 0 size ones.
So if all .22000 format hashes are good what is it I need to check for with a hex viewer?
->you must check the ANONCE, because old hashcat isn't able to run nonce-error-corrections
Get the example from here:
https://hashcat.net/forum/thread-8910-po...l#pid47398
and check the anonces:
$ wlanhcxinfo -i hamza.hccapx -A
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e68
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e68 -> dupe
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e69
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e69 -> dupe
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6a
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6b
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6b -> dupe
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6c
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6c -> dupe
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6e
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e70
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e70 -> dupe
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e71
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e74
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e74 -> dupe
6 are dupes, only 4 of them are recoverable without NC. The remaining ones require NC! Minimum value is NC > 13 in this case, better more, because we don't have the cap/pcap file to determine the correct values. Also keep in mind: NC detection doesn't work on wpaclean(ed) cap files!
This will happen to your hccap, too. Unfortunately you don't have an option to set NC on your old hashcat version.
Result is an unrecoverable hash.
I am just thinking when I master the use of hcxhashtool it will bring new life to old GPU as we will also be able to start to take advantage of PMKID captures!
-> No, hcxdumptool/hcxtools are just WiFi parser for hashcat and JtR. If both cracker doesn't support your old GPU, you will not take advantage of the new features. You must find the matching ANONCE "by hand"!
BTW:
Using hashline 22000, ANONCE is field 7 of the hashline
WPA * 02 * MIC * MAC_AP * MAC_STA * ESSID * ANONCE * EAPOL * MESSAGEPAIR
You can sort by ANONCE running:
$ cat hashline.22000 | sort -t "*" -k 7
or
$ sort hashline.22000 -t "*" -k 7
Now you can identify NC values (require hcxpcangtool --all option for conversion).
If you don't do this step (conversion to new hashline), you'll see the ANONCE in your hccap file only with a hex viewer!
So if all .22000 format hashes are good what is it I need to check for with a hex viewer?
->you must check the ANONCE, because old hashcat isn't able to run nonce-error-corrections
Get the example from here:
https://hashcat.net/forum/thread-8910-po...l#pid47398
and check the anonces:
$ wlanhcxinfo -i hamza.hccapx -A
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e68
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e68 -> dupe
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e69
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e69 -> dupe
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6a
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6b
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6b -> dupe
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6c
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6c -> dupe
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e6e
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e70
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e70 -> dupe
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e71
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e74
949c91f6e9732a5e036b962b6a4c8332705b8deedffbd58f8929082c410a3e74 -> dupe
6 are dupes, only 4 of them are recoverable without NC. The remaining ones require NC! Minimum value is NC > 13 in this case, better more, because we don't have the cap/pcap file to determine the correct values. Also keep in mind: NC detection doesn't work on wpaclean(ed) cap files!
This will happen to your hccap, too. Unfortunately you don't have an option to set NC on your old hashcat version.
Result is an unrecoverable hash.
I am just thinking when I master the use of hcxhashtool it will bring new life to old GPU as we will also be able to start to take advantage of PMKID captures!
-> No, hcxdumptool/hcxtools are just WiFi parser for hashcat and JtR. If both cracker doesn't support your old GPU, you will not take advantage of the new features. You must find the matching ANONCE "by hand"!
BTW:
Using hashline 22000, ANONCE is field 7 of the hashline
WPA * 02 * MIC * MAC_AP * MAC_STA * ESSID * ANONCE * EAPOL * MESSAGEPAIR
You can sort by ANONCE running:
$ cat hashline.22000 | sort -t "*" -k 7
or
$ sort hashline.22000 -t "*" -k 7
Now you can identify NC values (require hcxpcangtool --all option for conversion).
If you don't do this step (conversion to new hashline), you'll see the ANONCE in your hccap file only with a hex viewer!
01-29-2020, 08:30 PM
I noticed the update you provided and it works great for me now. I am successfully cracking all my known test networks without doing anything more than using hcxhashtool to convert my 22000 lists and then hashcat.
I will look at your ANONCE example soon, I should have set off for work 15 minutes ago but wanted to say thanks and let you know hcxhashtool is working for me now.
I understand hcxdumptool/hcxtools are WiFi parsers for hashcat but I was assuming hcxhashtool was now able to convert PMKID to hccap but I see that is not happening. Perhaps this is not possible.
On behalf of all of us with old GPU I sincerely thank you for your efforts to maintain support for us, it is very much appreciated.
I will look at your ANONCE example soon, I should have set off for work 15 minutes ago but wanted to say thanks and let you know hcxhashtool is working for me now.
I understand hcxdumptool/hcxtools are WiFi parsers for hashcat but I was assuming hcxhashtool was now able to convert PMKID to hccap but I see that is not happening. Perhaps this is not possible.
On behalf of all of us with old GPU I sincerely thank you for your efforts to maintain support for us, it is very much appreciated.
01-29-2020, 08:36 PM
I understand hcxdumptool/hcxtools are WiFi parsers for hashcat but I was assuming hcxhashtool was now able to convert PMKID to hccap but I see that is not happening. Perhaps this is not possible.
-> For sure it isn't possible -m 2500 is EAPOL hash mode while 16800 is PMKID mode and successor 22000 is PMKID+EAPOL mode. Your hashcat version is only able to run 2500 (EAPOL) mode.
I noticed the update you provided and it works great for me now. I am successfully cracking all my known test networks without doing anything more than using hcxhashtool to convert my 22000 lists and then hashcat.
-> hcxpcapngtool/hcxhashtool conversion is really good, but expect unrecoverable hashes - at least we assume the presence of hashcat's default NC (8).
hcxdumptool will tell this hcxpcapngtool via pcpang option field and hcxpcapngtool will tell it hashcat via hashline 22000 messagepair field.
As of today, only multicapconverter is able to handle this chain, too:
https://github.com/s77rt/multicapconverter
-> For sure it isn't possible -m 2500 is EAPOL hash mode while 16800 is PMKID mode and successor 22000 is PMKID+EAPOL mode. Your hashcat version is only able to run 2500 (EAPOL) mode.
I noticed the update you provided and it works great for me now. I am successfully cracking all my known test networks without doing anything more than using hcxhashtool to convert my 22000 lists and then hashcat.
-> hcxpcapngtool/hcxhashtool conversion is really good, but expect unrecoverable hashes - at least we assume the presence of hashcat's default NC (8).
hcxdumptool will tell this hcxpcapngtool via pcpang option field and hcxpcapngtool will tell it hashcat via hashline 22000 messagepair field.
As of today, only multicapconverter is able to handle this chain, too:
https://github.com/s77rt/multicapconverter
01-30-2020, 06:28 PM
zerbea
Would you please consider adding a “-p” option (as provided in wlanhcx2ssid) to hcxhashtool to allow the user to specify an output directory when using –hccap-single?
An ideal use would be: hcxhashtool -i my22000hashlist –hccap-single -p mydirectoryofchoice
The above would be useful for bash scripts, which I am trying to get into using
From my little knowledge on this subject I think if I want more certainty when using –hccap-single I should aim to only convert the hashes which are displayed as “AP-LESS attack / nc not required” when using hcxhashtool –info=stdout. Is this a better method for me until I learn more about manual selection?
I have to say the more I learn and use hcx-anything the more impressed I am. I even like how aesthetically pleasing you set the information out in hcxhashtool –info=stdout. LOL
I notice you keep dropping very useful commands and info whilst talking with me which might get lost in this long thread for others reading at a later date. I think you should have a separate place to put these hidden gems of information. What might seem simple or common knowledge to you are actually useful to beginners even things like your cat and sort commands.
Today I am working on your post 574. I now understand how to find and sort anonce. I have also found out what NC actually is, it is a nasty problem but fortunately only applies after the PBKDF2 calculations. I would have thought the wifi standard would have put a few checks in there to prevent mixed groups of M messages however as it does not affect genuine clients I suppose they do not see a need and in a strange way it has added a small amount of protection. Another lucky part of this problem is the lack of randomness and the fact we only need to count upwards. Had the standard insisted on truly random ANONCE each time we would never know if a capture was crackable.
The more automated checks hcx-anything can do to validate a capture the better!
I am still unsure how I manually determine ANONCEs which do not require NC for use with –hccap-single without knowing the password first.
Thanks for your help, I wouldn't have got this far so quickly without it.
Would you please consider adding a “-p” option (as provided in wlanhcx2ssid) to hcxhashtool to allow the user to specify an output directory when using –hccap-single?
An ideal use would be: hcxhashtool -i my22000hashlist –hccap-single -p mydirectoryofchoice
The above would be useful for bash scripts, which I am trying to get into using
From my little knowledge on this subject I think if I want more certainty when using –hccap-single I should aim to only convert the hashes which are displayed as “AP-LESS attack / nc not required” when using hcxhashtool –info=stdout. Is this a better method for me until I learn more about manual selection?
I have to say the more I learn and use hcx-anything the more impressed I am. I even like how aesthetically pleasing you set the information out in hcxhashtool –info=stdout. LOL
I notice you keep dropping very useful commands and info whilst talking with me which might get lost in this long thread for others reading at a later date. I think you should have a separate place to put these hidden gems of information. What might seem simple or common knowledge to you are actually useful to beginners even things like your cat and sort commands.
Today I am working on your post 574. I now understand how to find and sort anonce. I have also found out what NC actually is, it is a nasty problem but fortunately only applies after the PBKDF2 calculations. I would have thought the wifi standard would have put a few checks in there to prevent mixed groups of M messages however as it does not affect genuine clients I suppose they do not see a need and in a strange way it has added a small amount of protection. Another lucky part of this problem is the lack of randomness and the fact we only need to count upwards. Had the standard insisted on truly random ANONCE each time we would never know if a capture was crackable.
The more automated checks hcx-anything can do to validate a capture the better!
I am still unsure how I manually determine ANONCEs which do not require NC for use with –hccap-single without knowing the password first.
Thanks for your help, I wouldn't have got this far so quickly without it.
01-30-2020, 07:21 PM
An ideal use would be: hcxhashtool -i my22000hashlist –hccap-single -p mydirectoryofchoice
-> No, ideal within a bash script is
$ cd $HOME/.../mydirectoryofchoice
$ hcxhashtool -i $HOME/.../my22000hashlist –hccap-single
Another lucky part of this problem is the lack of randomness and the fact we only need to count upwards
-> No, because you don't know what frame exactly you're missing. The list is sorted by ANONCE.
... it does not affect genuine clients
-> If the CLIENT doesn't receive the requested frame, he will request it again. The same applies to hcxdumptool - it simply request a missing frame, too. A passive dumper doesn't request frames - result can/will be a packet loss!
I am still unsure how I manually determine ANONCEs which do not require NC
-> M2 frames, requested by hcxdumptool doesn't require NC. In this case NC == 0! On all other frames you can't be sure. If you send too many deauthentication frames, the AP will renew EAPOLCOUNTER, EAPOLTIMER and calculate a new ANONCE. In that case NC isn't working.
I notice you keep dropping very useful commands and info whilst talking with me which might get lost in this long thread for others reading at a later date.
-> 802.11 is a standard. All the basics can be found in www or in the PMKID thread or in this thread.
The more automated checks hcx-anything can do to validate a capture the better!
-> No, hcxtools are designed to be analysis tools. You must take a look at the results and improve your TTP's (Techniques Tactics Procedures) based on this results.
-> No, ideal within a bash script is
$ cd $HOME/.../mydirectoryofchoice
$ hcxhashtool -i $HOME/.../my22000hashlist –hccap-single
Another lucky part of this problem is the lack of randomness and the fact we only need to count upwards
-> No, because you don't know what frame exactly you're missing. The list is sorted by ANONCE.
... it does not affect genuine clients
-> If the CLIENT doesn't receive the requested frame, he will request it again. The same applies to hcxdumptool - it simply request a missing frame, too. A passive dumper doesn't request frames - result can/will be a packet loss!
I am still unsure how I manually determine ANONCEs which do not require NC
-> M2 frames, requested by hcxdumptool doesn't require NC. In this case NC == 0! On all other frames you can't be sure. If you send too many deauthentication frames, the AP will renew EAPOLCOUNTER, EAPOLTIMER and calculate a new ANONCE. In that case NC isn't working.
I notice you keep dropping very useful commands and info whilst talking with me which might get lost in this long thread for others reading at a later date.
-> 802.11 is a standard. All the basics can be found in www or in the PMKID thread or in this thread.
The more automated checks hcx-anything can do to validate a capture the better!
-> No, hcxtools are designed to be analysis tools. You must take a look at the results and improve your TTP's (Techniques Tactics Procedures) based on this results.
01-31-2020, 06:17 PM
Hi ZerBea
Finally LOL I managed to get my bash script working. The reason for my request for a -p option was that I was trying to input from one folder and output to another. Through a few additional lines I have managed a workaround so it now works as I intended.
As I am learning more I have experienced a couple of those (oh now I get it) moments and I feel embarrassed at some of my previous questions. I also notice just how far ahead you are and that you have already addressed most potential problems or requests.
I watch your progress on hcx-anything most days and today I have noticed the amount of work you do to highlight wifi driver issues on other sites. I am amazed at how you seem to be involved in EVERYTHING wifi related!
As for your new hccap-single output every known network hccap so far has been crackable! These old GPU cards may have been retired by hashcat, but like yourself, they remain dangerous to WPA networks in their retirement!
Thank you for all the work you do.
Finally LOL I managed to get my bash script working. The reason for my request for a -p option was that I was trying to input from one folder and output to another. Through a few additional lines I have managed a workaround so it now works as I intended.
As I am learning more I have experienced a couple of those (oh now I get it) moments and I feel embarrassed at some of my previous questions. I also notice just how far ahead you are and that you have already addressed most potential problems or requests.
I watch your progress on hcx-anything most days and today I have noticed the amount of work you do to highlight wifi driver issues on other sites. I am amazed at how you seem to be involved in EVERYTHING wifi related!
As for your new hccap-single output every known network hccap so far has been crackable! These old GPU cards may have been retired by hashcat, but like yourself, they remain dangerous to WPA networks in their retirement!
Thank you for all the work you do.
02-01-2020, 11:32 AM
Please keep in mind: hcxdumptool/hcxtools are designed as analysis tools. They are not designed to attack a single network!
Example:
For a penetration tester, it is important to be able to estimate the success rate of a rogue CLIENT!
If a CLIENT tries to connect to a network (network_name), we are able to (will) discover all his attempts:
MIC:MAC_AP:rogue_MAC_STA:network_name:password
MIC:MAC_AP:rogue_MAC_STA:network_name:12345678
MIC:MAC_AP:rogue_MAC_STA:network_name:123456789
MIC:MAC_AP:rogue_MAC_STA:network_name:password123
MIC:MAC_AP:rogue_MAC_STA:network_name:trialpassword_x
MIC:MAC_AP:rogue_MAC_STA:network_name:trialpassword_n
Another example:
A CLIENT tries to connect to a network using an outdated PSK. We captured a PMKID and his M2 (not authorized):
MIC:MAC_AP:MAC_STA:network_name:password_outdated
PMKID:MAC_AP:MAC_STA:network_name:password_new
For a penetration tester, this information is very useful, too. He is able to identify this CLIENT, who has left the company and tries to get access to the NETWORK running an old PSK or has stolen an old PSK.
And my favorite example:
The CLIENT maked a typo (hit ENTER too early)
MIC:MAC_AP:MAC_STA:network_name:password12
PMKID:MAC_AP:MAC_STA:network_name:password1234
Incomplete PSK found via wordlist - random hit.
Real PSK found after thinking about the random hit and running hashcat -i -a 3 password12?d?d?d?d
That is, what I call, the magic of an unauthorized M2.
Maybe this examples help to understand the goal of hcxtools a little bit better.
BTW:
Latest hcxpcapngtool check the absence of such informative frames and inform you:
$ hcxpcapngtool test.cap
reading from test.cap...
summary capture file
file name................................: test.cap
version (pcap/cap).......................: 2.4 (very basic format without any additional information)
timestamp minimum (GMT)..................: 01.02.2020 09:11:32
timestamp maximum (GMT)..................: 01.02.2020 09:11:32
link layer header type...................: DLT_IEEE802_11 (105)
endianess (capture system)...............: little endian
packets inside...........................: 3
BEACON (total)...........................: 1
PMK (zeroed).............................: 1
EAPOL messages (total)...................: 2
EAPOL RSN messages.......................: 2
ESSID (total unique).....................: 1
EAPOLTIME gap (measured maximum usec)....: 1006
EAPOL M1 messages........................: 1
EAPOL M2 messages........................: 1
EAPOL pairs (total)......................: 1
EAPOL pairs (best).......................: 1
EAPOL M12E2..............................: 1
PMKID (total)............................: 1
Warning:
This dump file contains no important frames like
proberequest, authentication, association or reassociation.
That makes it hard to recover the PSK!
Example:
For a penetration tester, it is important to be able to estimate the success rate of a rogue CLIENT!
If a CLIENT tries to connect to a network (network_name), we are able to (will) discover all his attempts:
MIC:MAC_AP:rogue_MAC_STA:network_name:password
MIC:MAC_AP:rogue_MAC_STA:network_name:12345678
MIC:MAC_AP:rogue_MAC_STA:network_name:123456789
MIC:MAC_AP:rogue_MAC_STA:network_name:password123
MIC:MAC_AP:rogue_MAC_STA:network_name:trialpassword_x
MIC:MAC_AP:rogue_MAC_STA:network_name:trialpassword_n
Another example:
A CLIENT tries to connect to a network using an outdated PSK. We captured a PMKID and his M2 (not authorized):
MIC:MAC_AP:MAC_STA:network_name:password_outdated
PMKID:MAC_AP:MAC_STA:network_name:password_new
For a penetration tester, this information is very useful, too. He is able to identify this CLIENT, who has left the company and tries to get access to the NETWORK running an old PSK or has stolen an old PSK.
And my favorite example:
The CLIENT maked a typo (hit ENTER too early)
MIC:MAC_AP:MAC_STA:network_name:password12
PMKID:MAC_AP:MAC_STA:network_name:password1234
Incomplete PSK found via wordlist - random hit.
Real PSK found after thinking about the random hit and running hashcat -i -a 3 password12?d?d?d?d
That is, what I call, the magic of an unauthorized M2.
Maybe this examples help to understand the goal of hcxtools a little bit better.
BTW:
Latest hcxpcapngtool check the absence of such informative frames and inform you:
$ hcxpcapngtool test.cap
reading from test.cap...
summary capture file
file name................................: test.cap
version (pcap/cap).......................: 2.4 (very basic format without any additional information)
timestamp minimum (GMT)..................: 01.02.2020 09:11:32
timestamp maximum (GMT)..................: 01.02.2020 09:11:32
link layer header type...................: DLT_IEEE802_11 (105)
endianess (capture system)...............: little endian
packets inside...........................: 3
BEACON (total)...........................: 1
PMK (zeroed).............................: 1
EAPOL messages (total)...................: 2
EAPOL RSN messages.......................: 2
ESSID (total unique).....................: 1
EAPOLTIME gap (measured maximum usec)....: 1006
EAPOL M1 messages........................: 1
EAPOL M2 messages........................: 1
EAPOL pairs (total)......................: 1
EAPOL pairs (best).......................: 1
EAPOL M12E2..............................: 1
PMKID (total)............................: 1
Warning:
This dump file contains no important frames like
proberequest, authentication, association or reassociation.
That makes it hard to recover the PSK!