11-15-2022, 08:07 PM
Hello, sorry for the newbie question but im looking to buy a laptop with a RTL8723BE 802.11 bgn wifi adapter. How can i know if hcxdumptool will work with its drivers?
# Kill NetworkMangler / wpa_supplicant
blah
Iface0 & Iface1 & Iface2 & Iface3
tail -f -q ${LOGDIR}/Iface0.log ${LOGDIR}/Iface1.log ${LOGDIR}/Iface2.log (...)| tee -a $LOGDIR/hcxrun.log
# used to ssh from different mobiles tail -f-ed to see whats going on
==========================================
Iface0 () {
chann="-s 1"
opts="--enable_status=233 --stop_ap_attacks=6000 --resume_ap_attacks=12000 --ip=127.0.0.1"
timeout 30 hcxdumptool --do_rcascan -i $iface0 --bpfc=/root/hcx/protect.bpf
hcxdumptool -i $iface0 $opts $chann -o ${CAPDIR}/$iface0.pcapng | tee -a ${LOGDIR}/$iface0.log
}
==========================================
Iface1 () {
chann="-s 3"
opts="--enable_status=351 --stop_ap_attacks=6000 --resume_ap_attacks=12000 --ip=127.0.0.1"
timeout 30 hcxdumptool --do_rcascan -i $iface0 --bpfc=/root/hcx/protect.bpf
hcxdumptool -i $iface0 $opts $chann -o ${CAPDIR}/$iface0.pcapng | tee -a ${LOGDIR}/$iface0.log
}
==========================================
Iface2 () {
(...)
}
Terminal one -> hcxdumdptool in servermode
$ sudo hcxdumptool -i wlp39s0f3u1u6 --enable_status=128
initialization of hcxdumptool 6.2.7-16-g29c1743 (depending on the capabilities of the device, this may take some time)...
Terminal two -> hcxdumptool in client mode (start CLIENT first)
$ hcxdumptool --enable_status=287
initialization of hcxdumptool 6.2.7-16-g29c1743 (depending on the capabilities of the device, this may take some time)...
waiting for hcxdumptool server...
hello hcxdumptool client...
start capturing (stop with ctrl+c)
NMEA 0183 PROTOCOL........: N/A
PHYSICAL INTERFACE........: phy0
INTERFACE NAME............: wlp39s0f3u1u6
INTERFACE PROTOCOL........: IEEE 802.11
INTERFACE TX POWER........: 20 dBm (lowest value reported by the device)
INTERFACE HARDWARE MAC....: 74da38f2038e (not used for the attack)
INTERFACE VIRTUAL MAC.....: 74da38f2038e (not used for the attack)
DRIVER....................: mt7601u
DRIVER VERSION............: 6.0.8-arch1-1
DRIVER FIRMWARE VERSION...: N/A
openSSL version...........: 1.0
ERRORMAX..................: 100 errors
BPF code blocks...........: 0
FILTERLIST ACCESS POINT...: 0 entries
FILTERLIST CLIENT.........: 0 entries
FILTERMODE................: unused
WEAK CANDIDATE............: 12345678
ESSID list................: 0 entries
ACCESS POINT (ROGUE)......: 000da7661a5f (BROADCAST WILDCARD used for the attack)
ACCESS POINT (ROGUE)......: 000da7661a60 (BROADCAST OPEN used for the attack)
ACCESS POINT (ROGUE)......: 000da7661a61 (used for the attack and incremented on every new client)
CLIENT (ROGUE)............: fcc233734714
EAPOLTIMEOUT..............: 20000 usec
EAPOLEAPTIMEOUT...........: 2500000 usec
REPLAYCOUNT...............: 62806
ANONCE....................: 53cef37b4adde1872c4d156fc17515d5892da3a4d77623f3818249d0df24fa5d
SNONCE....................: 54457ea7af879fb903b208ba6d99b5e7a57da8ed82ba7d4f4116718ac574f984
TIME FREQ/CH MAC_DEST MAC_SOURCE ESSID [FRAME TYPE]
--essid-part=<part of ESSID> : filter by part of ESSID (case sensitive)
--essid-partx=<part of ESSID>: filter by part of ESSID (case insensitive)