03-27-2020, 07:41 PM
hcxhashtool will do the job:
get example hash (22000) from here:
https://hashcat.net/wiki/doku.php?id=example_hashes
and run hcxhashtool to retrieve information
MAC_AP and MAC_CLIENT are marked as unknown, because example hash is synthetic
The same applies to EAPOL hash lines
Get example (2500) from here:
https://hashcat.net/wiki/doku.php?id=example_hashes
and convert it from 2500 to 22000
$ hcxmactool --hccapxin=hashcat.hccapx --pmkideapolout=example2.22000
now run hcxhastool to retrieve information about the hash
MAC_AP and MAC_CLIENT are marked as unknown, because example hash is synthetic
Addditional you you have several options to manage the records of the hasfile:
get example hash (22000) from here:
https://hashcat.net/wiki/doku.php?id=example_hashes
and run hcxhashtool to retrieve information
Code:
$ hcxhashtool -i example.22000 --info=stdout
SSID.......: hashcat-essid
MAC_AP.....: fc690c158264 (unknown)
MAC_CLIENT.: f4747f87f9f4 (unknown)
PMKID......: 4d4fe7aac3a2cecab195321ceb99a7d0
HASHLINE...: WPA*01*4d4fe7aac3a2cecab195321ceb99a7d0*fc690c158264*f4747f87f9f4*686173686361742d6573736964***
OUI information file...: /home/zerobeat/.hcxtools/oui.txt
OUI entires............: 27383
total lines read.......: 1
valid hash lines.......: 1
PMKID hash lines.......: 1
PMKID written..........: 1
The same applies to EAPOL hash lines
Get example (2500) from here:
https://hashcat.net/wiki/doku.php?id=example_hashes
and convert it from 2500 to 22000
$ hcxmactool --hccapxin=hashcat.hccapx --pmkideapolout=example2.22000
now run hcxhastool to retrieve information about the hash
Code:
$ hcxhashtool -i example2.22000 --info=stdout
SSID.......: 8381533406003807685881523
MAC_AP.....: aef50f22801c (unknown)
MAC_CLIENT.: 987bdcf9f950 (unknown)
VERSION....: 802.1X-2001 (1)
KEY VERSION: WPA1
REPLAYCOUNT: 1
RC INFO....: replycount checked
MP M1M2 E2.: not authorized
MIC........: dd380bd54bc9c316dce31562c22c87d1
HASHLINE...: WPA*02*dd380bd54bc9c316dce31562c22c87d1*aef50f22801c*987bdcf9f950*38333831353333343036303033383037363835383831353233*1e33f3eca3a1f2216a52b60c87191e7473ac54ecb023ac5989becf1e3c7e4509*01030077fe010900200000000000000001faf192b205d47b81f43f91f850c81976da019e00722f3958370692ab0562f70b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018dd160050f20101000050f20201000050f20201000050f202*00
OUI information file...: /home/zerobeat/.hcxtools/oui.txt
OUI entires............: 27383
total lines read.......: 1
valid hash lines.......: 1
EAPOL hash lines.......: 1
EAPOL written..........: 1
Addditional you you have several options to manage the records of the hasfile:
Code:
$ hcxhashtool -h
hcxhashtool 6.0.0 (C) 2020 ZeroBeat
usage:
hcxhashtool <options>
options:
-i <file> : input PMKID/EAPOL hash file
-o <file> : output PMKID/EAPOL hash file
-E <file> : output ESSID list (autohex enabled)
-d : download http://standards-oui.ieee.org/oui.txt
: and save to ~/.hcxtools/oui.txt
: internet connection required
-h : show this help
-v : show version
--essid-group : convert to ESSID groups in working directory
full advantage of reuse of PBKDF2
not on old hash formats
--oui-group : convert to OUI groups in working directory
not on old hash formats
--mac-group-ap : convert APs to MAC groups in working directory
not on old hash formats
--mac-group-client : convert CLIENTs to MAC groups in working directory
not on old hash formats
--type : filter by hash type
: default PMKID (1) and EAPOL (2)
--essid-len : filter by ESSID length
: default ESSID length: 0...32
--essid-min : filter by ESSID minimum length
: default ESSID minimum length: 0
--essid-max : filter by ESSID maximum length
: default ESSID maximum length: 32
--essid=<ESSID> : filter by ESSID
--essid-part=<part of ESSID> : filter by part of ESSID
--mac-ap=<MAC> : filter AP by MAC
: format: 001122334455, 00:11:22:33:44:55, 00-11-22-33-44-55 (hex)
--mac-client=<MAC> : filter CLIENT by MAC
: format: 001122334455, 00:11:22:33:44:55, 00-11-22-33-44-55 (hex)
--oui-ap=<OUI> : filter AP by OUI
: format: 001122, 00:11:22, 00-11-22 (hex)
--oui-client=<OUI> : filter CLIENT by OUI
: format: 001122, 00:11:22, 00-11-22 (hex)
--vendor=<VENDOR> : filter by (part of) VENDOR name
--authorized : filter EAPOL pairs by status authorized
--notauthorized : filter EAPOL pairs by status not authorized
--rc : filter EAPOL pairs by replaycount status checked
--apless : filter EAPOL pairs by status M1M2ROGUE (M2 requested from CLIENT)
--info=<file> : output detailed information about content of hash file
--info=stdout : stdout output detailed information about content of hash file
--vendorlist : stdout output VENDOR list sorted by OUI
--psk=<PSK> : pre-shared key to test
: due to PBKDF2 calculation this is a very slow process
: no nonce error corrections
--pmk=<PMK> : plain master key to test
: no nonce error corrections
--hccapx=<file> : output to deprecated hccapx file
--hccap=<file> : output to ancient hccap file
--hccap-single : output to ancient hccap single files (MAC + count)
--john=<file> : output to deprecated john file
--help : show this help
--version : show version