hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
hi zerbea, last commit, i cannot make it work, the strange thing is that hcxdumptool cannot see all my channels, but it can see until channel 175, but it wont work on this channel too. and on 2.4 it cannot see -1 and -2.
because i read about last commit i just compiled hcxdumptool with no modification.
Reply
There are no negative channel numbers.
According to the driver patch the expanded 2.4GHz channels start at channel 14 and end at channel 33
Code:
+    CHAN2G(2312, 33), /* Channel -19 */
+    CHAN2G(2317, 32), /* Channel -18 */
+    CHAN2G(2322, 31), /* Channel -17 */
+    CHAN2G(2327, 30), /* Channel -16 */
+    CHAN2G(2332, 29), /* Channel -15 */
+    CHAN2G(2337, 28), /* Channel -14 */
+    CHAN2G(2342, 27), /* Channel -13 */
+    CHAN2G(2347, 26), /* Channel -12 */
+    CHAN2G(2352, 25), /* Channel -11 */
+    CHAN2G(2357, 24), /* Channel -10 */
+    CHAN2G(2362, 23), /* Channel -9 */
+    CHAN2G(2367, 22), /* Channel -8 */
+    CHAN2G(2372, 21), /* Channel -7 */
+    CHAN2G(2377, 20), /* Channel -6 */
+    CHAN2G(2382, 19), /* Channel -5 */
+    CHAN2G(2387, 18), /* Channel -4 */
+    CHAN2G(2392, 17), /* Channel -3 */
+    CHAN2G(2397, 16), /* Channel -2 */
+    CHAN2G(2402, 15), /* Channel -1 */
+    CHAN2G(2407, 14), /* Channel 0 */
    CHAN2G(2412, 0), /* Channel 1 */
    CHAN2G(2417, 1), /* Channel 2 */
    CHAN2G(2422, 2), /* Channel 3 */

Running
$ sudo hcxdumptool -i interface -C
will give you an information of all available channels (hcxdumptool is able to set the channel and to get channel information via ioctl() system call)

Also you should be able to set the channel
$ sudo hcxdumptool -i interface -c channel

Tested this with channel 14, which seems to be a bug within the patch:
patch: CHAN2G(2407, 14), /* Channel 0 */
but 802.11 regular channel 14 frequency is 2484MHz

Code:
$ sudo hcxdumptool -i  wlp39s0f3u1u1u2 -C
initialization...
available channels:
  1 / 2412MHz (20 dBm)
...
14 / 2484MHz (20 dBm)

Now we try to set channel 14:
Code:
$ sudo hcxdumptool -i  wlp39s0f3u1u1u2 -c 14
initialization...

start capturing (stop with ctrl+c)
NMEA 0183 SENTENCE........: N/A
INTERFACE NAME............: wlp39s0f3u1u1u2
INTERFACE HARDWARE MAC....: f81a67077d0e
DRIVER....................: ath9k_htc
DRIVER VERSION............: 5.8.14-arch1-1
DRIVER FIRMWARE VERSION...: 1.4
...
working as expected - no error.

example 2:
Code:
$ sudo hcxdumptool -i  wlp39s0f3u1u1u2 -C
initialization...
available channels:
  1 / 2412MHz (14 dBm)
...
165 / 5825MHz (17 dBm)

$ sudo hcxdumptool -i  wlp39s0f3u1u1u2 -c 165
initialization...

start capturing (stop with ctrl+c)
NMEA 0183 SENTENCE........: N/A
INTERFACE NAME............: wlp39s0f3u1u1u2
INTERFACE HARDWARE MAC....: 503eaa92e326
DRIVER....................: mt76x0u
DRIVER VERSION............: 5.8.14-arch1-1
DRIVER FIRMWARE VERSION...: N/A

Now we try to set a channel that the device doesn't support:
Code:
$ sudo hcxdumptool -i  wlp39s0f3u1u1u2 -c 166
initialization...
channel 166 is not available

terminating...
Reply
terminating...
# hcxdumptool -i wlan0 -c xxx
unknown channel selected
Reply
Please output of
$ hcxdumptool -v
because this error message "unknown channel selected" was removed
Code:
$ hcxdumptool -v
hcxdumptool 6.1.3-15-g88622c5 (C) 2020 ZeroBeat
Reply
you right i made a mess with all this version
Reply
No problem - and welcome to the world of a rolling release.
Reply
yeahh it's working now, let me try on 2.4 ghz, but i think i need redo the patch for 2.4, we will see
Reply
You're welcome. Thanks for the tests. Using expanded channels is a huge improvement.
Please double check the 2.4GHz patch due to channel 14 frequency mismatch (expanded frequency vs 802.11 standard frequency). Also you have to increase size of ATH9K_NUM_CHANNELS
Reply
hi zerbea, i'm rigth that the The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) patch does not go up to 2732 MHz, looks like it just go down to 2312?

this is not easy to make work on my device until now. lol
Reply
Yes, you're right. Also the patch doesn't work on latest kernels.
You have to modify the source by your own (e.g. on kernel 5.9.1):
https://git.kernel.org/pub/scm/linux/ker...k?h=v5.9.1
Reply