PMKID cracked but which AP?
#1
So I captured 22 PMKIDs, exported with hcxtpcapool, cracked one of the PMKIDs but the result shows what looks like a hash string and then the plaintext password.


Results below:

 "9d155eb5bfe7f2371840c702e21f7a6e7af2d60d5c2c0b4fbace2ed71cf62fa9:amazinf"

How do i find the AP it belongs to?
Reply
#2
As you can see here https://hashcat.net/wiki/doku.php?id=example_hashes the hash format is designed in a way that it has the MAC addresses etc in it to easily recognize the network.

Which versions of hashcat/hcxtools do you use ?
Reply
#3
Thanks for the fast reply Phil. I'm using Hashcat 5.1.0 and ZerBea's most recent release of hcxtools.
My Hashcat output did not come separated by an asterisk like the examples on the link. Would the last twelve characters of the hash string be the AP's MAC?
Reply
#4
try https://hashcat.net/beta/ . a lot of things changed already since last release of latest hashcat version
Reply