wpa2
#11
Got the hash via PM and analyzed it. There are non XDIGIT characters inside.
ANONCE data field is broken:
....75s48....
EAPOL data field is broken, too:
....614ss55d....
It should be XDIGITs only, but there is the character "s" inside.
Have you edited the file?
If not can I have the dump file to make sure the conversion tool haven't failed.
Reply
#12
No i didnt edit anything.

Idk why its broken cuz i did everything thats here https://hashcat.net/wiki/doku.php?id=cracking_wpawpa2
Reply
#13
Can I have the cap file, please?
Have you used the online service to convert it or hcxpcapngtool?
Reply
#14
im doing the whole process again like its here https://hashcat.net/wiki/doku.php?id=cracking_wpawpa2 so give me one sec
Reply
#15
Ok.
You can delete the old hash file, because it is damaged.
Reply
#16
ok i did everything like here https://hashcat.net/wiki/doku.php?id=cracking_wpawpa2 with same tools and its still same
Reply
#17
Have you used the online service (running an older version of hcxpcapngtool):
https://hashcat.net/cap2hashcat/
or hcxpcapngtool from git?

At the moment, I don't know why your hash file is damaged. Usually this could happen by editing it (search and replace function of the editor) by sed, by awk or by grep, but this is not the case, because you haven't edited it.
It also could happen during the download of the hash file from the online converter, if you use this service.

To make sure that it isn't a bug in hcxpcapngtool (that would be ugly, because I just released v 6.2.7):
Can I have the original cap file please?
Reply
#18
I used this tools from github
https://github.com/ZerBea/hcxtools

and did everything like in here
https://hashcat.net/wiki/doku.php?id=cracking_wpawpa2
Reply
#19
I would really like to help you, but this
Code:
and did everything like in here
https://hashcat.net/wiki/doku.php?id=cracking_wpawpa2
isn't very helpful for me to help you.

I know the wiki, because I initial wrote it (the beautiful style format was done by another user of this forum). It describe several ways to attack a target, to capture the traffic and to convert it to hash format 22000.
And it describe several ways to use hashcat on the hash file.

At the moment, I only know that the hash file is damaged (by whatever).
But to reproduce it, I need the dump file (cap, pcap, pcapng). Than I can walk step by step through the chain to find the issue.
Step by step means:
create an empty folder
cd into the folder
download the dump file to that folder
convert it by hcpcapngtool (hcxpcapngtool -o test.hc22000 dumpfile.pcapng)
run hashcat on that hash file (hashcat -m 22000 test.hc22000 -a 3 ?d?d?d?d?d?d?d?d)

If I run into the same issue, I have to fix hcxpcapngtool.
If not, either your installation is broken, your hardware is broken or your workflow is wrong.

BTW;
Do you know Albert Einstein and his definition of "insanity"?
https://ezinearticles.com/?Einstein---De...y&id=12047
I don't want to go this way. Instead I hunt step by step for the issue.
Reply
#20
i can tell you every command i used if it help
Reply