hashcat Forum

Full Version: HC do not recognize pass
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hello. I have a some problem.
I'm testing recovering WPA/WPA2 password from handshake. I converted *.cap to *.hccapx for HC (using converter on HC site), for test I created wordlist, that contain 2 passwords, one of it is right. When i start HC, it work, but do not recognize right password, it just ending without result. But aircrack-ng with non-converted *.cap and same wordlist successfully find pass.
http://cdn1.savepice.ru/uploads/2017/7/2...2-full.png
I can't understand where is my(?) mistake, please help

OS: Windows 7 x64
HC v. latest 3.6.0
Using commands
HC: D:\words\handshakes\hashcat-3.6.0\hashcat64.exe --force -m 2500 D:\words\handshakes\hashcat-3.6.0\1836_1499014883.hccapx D:\words\handshakes\hashcat-3.6.0\1.txt
aircrack-ng: C:\Users\duck\Desktop\aircrack-ng-1.2-rc4-win\bin\64bit\aircrack-ng-avx -w D:\words\1.txt D:\words\handshakes\test_serv.cap
Using --force is always a bad idea. Please provide the original .cap file so we can reproduce locally.
https://yadi.sk/d/WRKL7I2w3KiTmv
This is original and converted cap. Also I tested it again – I got same result.
I get new handshake and tested it. HC successfully find pass! I think the problem was in last handshake, but that aircrack-ng can find pass is puzzle for me.
I've debugged this with the .cap file you've provided and found the root of the problem. The problem was the ESSID. In the .cap the ESSID changed several times from 'testserv' to 'TEST_SERVER' for the same BSSID. This is a very rare case which is the reason it didn't pop up earlier. Since the PMK changes depending on the ESSID it's important to use the correct ESSID. The bug was in cap2hccapx in selecting the correct one. I've fixed that now and pushed new versions to https://hashcat.net/cap2hccapx/ as well on github master. I've also pushed a new beta of hashcat-utils binaries on https://hashcat.net/beta/

Thanks for reporting!
Thank you too.