hello friends
I am new here and very happy to be.
I have a little question.
why hashcat dont stop the cracking work after finding the password ?
I searched for answers on the web but not finding anything.
I have a handshake for my ancien wifi router with 8 numbers password (28449430) and I liked to guessit with hashcat, so, I started to crack the handshake. it was successful BUT after hashcat found the password he continued the process of cracking. And finally, he displayed EXHAUSTED !!!!
very strange !! any explanation or solution please ..
[
attachment=764][
attachment=765]
It's because of the "Recovered" line, only 2 of 3 are found
Code:
Recovered........: 2/3 (66.67%) Digests
This could mean several things, but most likely that your file oor.hccapx doesn't contain only one network, but multiple.
In theory there could also be the case that you recorded a handshake that only deals with one specific network (and access point AP, if we oversimplify it a little bit) but the recorded handshake was recorded when somebody (or a device) used the wrong password or something like this.... so there are multiple scenarios. I'm pretty sure if you use the recommend way of capturing the network traffic with hcxdumptool / hcxtools a lot of incomplete and wrong handshakes are already identified and only the correct/meaninful ones are within the hccapx output. So you should probably use that way of capturing.
Of course you would need to analyze the .hccapx file (also see
https://hashcat.net/wiki/doku.php?id=hccapx and you could use hcxtools also here) to find out which (different ?!) networks are listed in the oor.hccapx file.
So hashcat has found 2 of 3 correct matches and therefore it's correct that it reports that NOT ALL of them are cracked and therefore it's exhausted with 2/3 cracked hashes.
(10-24-2020, 03:45 PM)philsmd Wrote: [ -> ]It's because of the "Recovered" line, only 2 of 3 are found
Code:
Recovered........: 2/3 (66.67%) Digests
This could mean several things, but most likely that your file oor.hccapx doesn't contain only one network, but multiple.
In theory there could also be the case that you recorded a handshake that only deals with one specific network (and access point AP, if we oversimplify it a little bit) but the recorded handshake was recorded when somebody (or a device) used the wrong password or something like this.... so there are multiple scenarios. I'm pretty sure if you use the recommend way of capturing the network traffic with hcxdumptool / hcxtools a lot of incomplete and wrong handshakes are already identified and only the correct/meaninful ones are within the hccapx output. So you should probably use that way of capturing.
Of course you would need to analyze the .hccapx file (also see https://hashcat.net/wiki/doku.php?id=hccapx and you could use hcxtools also here) to find out which (different ?!) networks are listed in the oor.hccapx file.
So hashcat has found 2 of 3 correct matches and therefore it's correct that it reports that NOT ALL of them are cracked and therefore it's exhausted with 2/3 cracked hashes.
thank you very much PHIL
you explain me a lot of the things
I will execute your advice and try the methods that you recommended to me
.
the way I use to capture handshake is The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux airodump-ng + aireplay-ng. is that a bad thing ??
is hcxdumptool better than airodump-ng ??
thank you again
Ok ZerBea ! thankyou for your answer.
I will read those articles and then decide which tool is good.
thank you again
Please share your experiences with with us and tell me, how you decided. I'm very interested in that, because it helps a lot to improve hcxdumptool/hcxtools as WiFi pre-processor to be used by hashcat and JtR.
(10-27-2020, 08:38 AM)ZerBea Wrote: [ -> ]Please share your experiences with with us and tell me, how you decided. I'm very interested in that, because it helps a lot to improve hcxdumptool/hcxtools as WiFi pre-processor to be used by hashcat and JtR.
Ok my friend !!!!
this 2 months I am busy at work
; but after that I will return to wifi & The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) and will post and share every experience and result here.
You are my hero