+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Plugins 2500/2501 and 16800/16801 are deprecated (/thread-10253.html)
RE: Plugins 2500/2501 and 16800/16801 are deprecated - yuXfar - 12-04-2023
Thank you for the assistance.
I'm really sorry if this is a dumb question, I'm a newbie in The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) and I've just been following tutorials on YouTube, so regarding installion of libpcap, I can't figure out the installation, because it is not in github, all I know is cloning and it looks like that's not what I need to do. I'm really sorry.
RE: Plugins 2500/2501 and 16800/16801 are deprecated - ZerBea - 12-04-2023
hcxdumptool and hcxtools ar part of K A L I
and they can be installed via its package manager
If you want to install the tools outside of your package manager you must install the dependencies, too.
Unfortunately I can't insert the links here, bacause the robot will destroy them (K A L I is replaced by The-Distribution-Which-Does-Not-Handle-OpenCL-Well).
RE: Plugins 2500/2501 and 16800/16801 are deprecated - yuXfar - 12-04-2023
Thank you devs. I fortunately fixed this problem with the help of google. I unfortunately encountered another problem. regarding this command
hcxdumptool -i interface -o dumpfile.pcapng --active_beacon --enable_status=15
i fixed the issure where -o must be replaced with -w, but an error shows "unrecognized option --active_beacon"
RE: Plugins 2500/2501 and 16800/16801 are deprecated - ZerBea - 12-04-2023
You followed an outdated tutorial.
Since hcxdumptool v6.3.0 nearly everything has changed.
That include the options, too. As a result, your command line doesn't work.
To get an overview about all options, please take a look at
$ hcxdumptool -h
The expanded help will show an example you can start with
$ hcxdumptool --help
RE: Plugins 2500/2501 and 16800/16801 are deprecated - ZerBea - 12-04-2023
Before you start hcxdumptool make sure that all services that take access to the device are stopped (as mentioned in --help).
RE: Plugins 2500/2501 and 16800/16801 are deprecated - yuXfar - 12-04-2023
Thank you so much devs. I have run the commands needed and I noticed there is a line saying
BPF is unset! ...
How can I enable this? Thank you
RE: Plugins 2500/2501 and 16800/16801 are deprecated - ZerBea - 12-04-2023
hcxdumptool use the Berkeley Packet Filter (BPF) to select a target or to protect own devices. Its entire attack behavior can be controlled via this BPF.
If the filter is not applied, hcxdumptool will attack everything in range merciless.
You'll see this warning:
Code:
BPF is unset! Make sure hcxdumptool is running in a 100% controlled environment!A (very) simple BPF code is explained in -h):
Code:
--bpfc=<filter>: compile Berkeley Packet Filter (BPF) and exit
$ hcxdumptool --bpfc="wlan addr3 112233445566" > filter.bpf
see man pcap-filter
--bpf=<file> : input Berkeley Packet Filter (BPF) code (maximum 4096 instructions) in tcpdump decimal numbers format
see --help for more informationCode:
Berkeley Packet Filter:
-----------------------
tcpdump decimal numper format:
example: tcpdump high level compiler:
$ tcpdump -s 65535 -y IEEE802_11_RADIO wlan addr3 112233445566 -ddd > filter.bpf
see man pcap-filter
example: bpf_asm low level compiler
$ bpf_asm filter.asm | tr ',' '\n' > filter.bpf
see https://www.kernel.org/doc/html/latest/networking/filter.html
example: bpfc low level compiler:
$ bpfc -f tcpdump -i filter.asm > filter.bpf
see man bpfc
tcpdump C style format:
example: tcpdump high level compiler:
$ tcpdump -s 65535 -y IEEE802_11_RADIO wlan addr3 112233445566 -dd > filter.bpf
see man pcap-filter
example: bpfc low level compiler:
$ bpfc -f C -i filter.asm > filter.bpf
see man bpfcthere are several ways to build a BPF:
hcxdumptool's build in high level language compiler
tcpdump's build in high level language compiler
bpfc low level language compiler
To build a BPF, it is mandatory to understand 802.11 protocol (mac frame addr1, addr2 and addr3):
https://en.wikipedia.org/wiki/802.11_Frame_Types
RE: Plugins 2500/2501 and 16800/16801 are deprecated - yuXfar - 12-04-2023
Thanks a lot devs 🙇
RE: Plugins 2500/2501 and 16800/16801 are deprecated - ZerBea - 12-04-2023
This AP will be attacked
Code:
bpfc="wlan addr3 112233445566" > attack.bpfThis AP will be protected
Code:
bpfc="not wlan addr3 112233445566" > protect.bpfThis is only basic example.
RE: Plugins 2500/2501 and 16800/16801 are deprecated - ZerBea - 12-04-2023
The filter technique is similar (the same) to tshark, Wireshark, dumpcap or tcpdump.
That applies to the dump file format (pcapng) too.