Plugins 2500/2501 and 16800/16801 are deprecated - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Plugins 2500/2501 and 16800/16801 are deprecated (/thread-10253.html) |
RE: Plugins 2500/2501 and 16800/16801 are deprecated - CUwindows00 - 09-21-2021 @ZerBea Thanks Of course, we have to admit that your algorithm is the most accurate at present. It is estimated that no one has a better algorithm than yours, at least as far as I know. Because I started from the hccap hccapx algorithm to 22000, and have been following up the test, it turns out that your algorithm is currently the most accurate RE: Plugins 2500/2501 and 16800/16801 are deprecated - ZerBea - 09-21-2021 I'm talking with Atom about the online converter and the info file. Maybe it is possible to provide both of them on https://hashcat.net/cap2hashcat/ He will check this. Detecting a valid message pair is a major challenge if doing this offline, because we don't know if we have a packet loss or if the authentication sequences are destroyed or if the timestamp is not correct. Doing this online by the attack tool, is much better, because lost packets can be requested and deauthentications can be stopped if a valid message pairs is received. RE: Plugins 2500/2501 and 16800/16801 are deprecated - CUwindows00 - 09-23-2021 @ZerBea Code: WPA...0000fac028000*00 I see that after the conversion, these are marked with some codes in the last field. At present, some of them are not understood in the last field. For example, I currently only understand the meaning of 00 and 02 The last field 00 represents: possible The last field 02 represents: valid And a0 a2 c2 don’t understand what it means ? I want to know how many final field codes you have used in total? What are the specific fields marked ? Excuse me, what does the last field code mean? Thanks.. RE: Plugins 2500/2501 and 16800/16801 are deprecated - ZerBea - 09-23-2021 The last field is the message pair field. It contain detailed information about the endianess of the router and it inform hashcat how to handle the hash (eg. NC not necessary, NC necessary, NC only on BE necessary, NC on LE necessary) Code: bitmask of message pair field: In your case: Code: WPA...0000fac028000*00 Here is a hex to binary converter: https://www.binaryhexconverter.com/hex-to-binary-converter Please notice the difference between: valid , invalid, challenge and authorized! invalid = it is impossible to recover the PSK from this message pair, because the EAPOL messages don't match, even though if you run hashcat with the correct PSK, it will exhausted Mostly you will get invalid message pairs if you run passive dumpers in combination with stupid deauthentication tools. They will not detect a packet loss or if the AP renew the authentication sequence. challenge = the CLIENT may not belong to the target network and the PSK is recoverable this message pair is valid! authorized = the CLIENT belong to the target network and the PSK is recoverable this message pair is valid! RE: Plugins 2500/2501 and 16800/16801 are deprecated - CUwindows00 - 09-23-2021 @ZerBea ok.Thanks RE: Plugins 2500/2501 and 16800/16801 are deprecated - ZerBea - 09-23-2021 If you are interested to take a look behind the scenes: The 4-way handshake is explained here: https://wlan1nde.wordpress.com/2014/10/27/4-way-handshake/ Nonce error corrections is explained here: https://hashcat.net/forum/thread-6361.html RE: Plugins 2500/2501 and 16800/16801 are deprecated - CUwindows00 - 09-24-2021 @atom @ZerBea Thanks Online converter needs to add batch file conversion function For example, some people need to batch convert 5000 files into hashes It is currently unachievable RE: Plugins 2500/2501 and 16800/16801 are deprecated - ZerBea - 09-24-2021 You mentioned > 5k files. That shouldn't be a big problem for hcxtools and hashcat: Code: $ time hcxpcapngtool -o test.22000 *.* as well as pre-processing the hashes: Code: $ hcxhashtool -i analyzed.22000 or as well as processing the hashes: Code: hashcat (v6.2.4-75-gc1fd42fe7) starting And it should work on much bigger files, too: Code: $ hcxhashtool -i analyze.22000 RE: Plugins 2500/2501 and 16800/16801 are deprecated - sharmamanik061 - 10-02-2021 I fully agree. This wiki entry is outdated. Additional it referenced rockyou.txt, which is very old word list. mobdro download RE: Plugins 2500/2501 and 16800/16801 are deprecated - ZerBea - 10-02-2021 Thanks. Just removed a few "copy and paste errors" from the wiki that referred to old hccapx format and ancient rockyou.txt list Now the wiki point to a small and daily updated list. https://hashcat.net/wiki/doku.php?id=cracking_wpawpa2 |