hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
(03-02-2018, 01:44 PM)ZerBea Wrote: hcxdumptool moved to version 4.1.5
With lots of help from RealEnder, chron0 and rofl0r the tool is complete refactored:

- improved scan engine
- improved authentication engine (incl. Radio Measurement, and NULL frame detection)
- dropped timer
- use threads for LED and channel switch
- use only one file descriptor for raw socket operations
- working on Intel Corporation Centrino Ultimate-N 6300 (rev 3e) WiFi adapter (kernel >= 4.15)
- working on Alfa AWUS036NH, Alfa AWUS036NHA, AWUS036ACH
- more channels allowed (depends on installed wireless regulatory domain)
- simple usage: hcxdumptool -i <interface> -o dumpfile.pcap -t 5
 interface (real interface - no monX) must be in monitor - all services/programms with access to the interface must be stopped!
- new format of blacklist
- and more...

reported to run on Gentoo
https://github.com/ZerBea/hcxdumptool_bl...-369256915

reported to run on OpenWRT/LEDE
https://github.com/ZerBea/hcxdumptool_bl...-369756725

reported to run with AWUS036ACH (driver: https://github.com/kimocoder/rtl8812au)
https://github.com/ZerBea/hcxdumptool_bl...-369300973

reported to run with Intel Corporation Centrino Ultimate-N 6300 (rev 3e)
https://github.com/ZerBea/hcxdumptool_bl...-369259800

$ hcxdumptool -h
hcxdumptool 4.1.5 (C) 2018 ZeroBeat
usage:
hcxdumptool <options>

options:
-i <interface> : interface (monitor mode must be eanabled)
                 ip link set <interface> down
                 iw dev <interface> set type monitor
                 ip link set <interface> up
-o <dump file> : output file in pcapformat including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP)
-O <dump file> : ip based traffic output file in pcapformat including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP)
-c <digit>     : set scanlist  (1,2,3,... / default = default scanlist)
                 default scanlist: 1, 3, 5, 7, 9, 11, 13, 2, 4, 6, 8, 10, 12
                 allowed channels:
                 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14
                 34, 36, 38, 40, 42, 44, 46, 48, 52, 56, 58, 60, 62, 64
                 100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140, 144, 147, 149, 151, 153, 155, 157
                 161, 165, 167, 169, 184, 188, 192, 196, 200, 204, 208, 212, 216
-t <seconds>   : stay time on channel before hopping to the next channel
                 default: 5 seconds
-T <maxerrors> : terminate after <x> maximal errors
               : default: 1000000
-D             : do not transmit deauthentications or disassociations
-R             : do not transmit requests
-A             : do not respond to requests from clients
-B <file>      : blacklist (do not deauthenticate clients from this hosts)
                 format = mac_ap:mac_sta:ESSID
                 112233445566:aabbccddeeff:networkname (max. 32 chars)
-P             : enable poweroff
-s             : enable status messages
-I             : show suitable wlan interfaces and quit
-h             : show this help
-v             : show version



Important notice:
Also, we pushed an update of wlancap2wpasec, because wpa-sec activated TLSv1.2!

Did the -D option switch change?  I thought post 214 mentioned that -D was to send DEAUTH until M2 received.  I'm confused, does -D mean to send DEAUTH or NOT send DEAUTH?
Reply


Messages In This Thread
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by walterlacka - 03-17-2018, 04:42 PM