03-17-2018, 04:42 PM
(03-02-2018, 01:44 PM)ZerBea Wrote: hcxdumptool moved to version 4.1.5
With lots of help from RealEnder, chron0 and rofl0r the tool is complete refactored:
- improved scan engine
- improved authentication engine (incl. Radio Measurement, and NULL frame detection)
- dropped timer
- use threads for LED and channel switch
- use only one file descriptor for raw socket operations
- working on Intel Corporation Centrino Ultimate-N 6300 (rev 3e) WiFi adapter (kernel >= 4.15)
- working on Alfa AWUS036NH, Alfa AWUS036NHA, AWUS036ACH
- more channels allowed (depends on installed wireless regulatory domain)
- simple usage: hcxdumptool -i <interface> -o dumpfile.pcap -t 5
interface (real interface - no monX) must be in monitor - all services/programms with access to the interface must be stopped!
- new format of blacklist
- and more...
reported to run on Gentoo
https://github.com/ZerBea/hcxdumptool_bl...-369256915
reported to run on OpenWRT/LEDE
https://github.com/ZerBea/hcxdumptool_bl...-369756725
reported to run with AWUS036ACH (driver: https://github.com/kimocoder/rtl8812au)
https://github.com/ZerBea/hcxdumptool_bl...-369300973
reported to run with Intel Corporation Centrino Ultimate-N 6300 (rev 3e)
https://github.com/ZerBea/hcxdumptool_bl...-369259800
$ hcxdumptool -h
hcxdumptool 4.1.5 (C) 2018 ZeroBeat
usage:
hcxdumptool <options>
options:
-i <interface> : interface (monitor mode must be eanabled)
ip link set <interface> down
iw dev <interface> set type monitor
ip link set <interface> up
-o <dump file> : output file in pcapformat including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP)
-O <dump file> : ip based traffic output file in pcapformat including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP)
-c <digit> : set scanlist (1,2,3,... / default = default scanlist)
default scanlist: 1, 3, 5, 7, 9, 11, 13, 2, 4, 6, 8, 10, 12
allowed channels:
1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14
34, 36, 38, 40, 42, 44, 46, 48, 52, 56, 58, 60, 62, 64
100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140, 144, 147, 149, 151, 153, 155, 157
161, 165, 167, 169, 184, 188, 192, 196, 200, 204, 208, 212, 216
-t <seconds> : stay time on channel before hopping to the next channel
default: 5 seconds
-T <maxerrors> : terminate after <x> maximal errors
: default: 1000000
-D : do not transmit deauthentications or disassociations
-R : do not transmit requests
-A : do not respond to requests from clients
-B <file> : blacklist (do not deauthenticate clients from this hosts)
format = mac_ap:mac_sta:ESSID
112233445566:aabbccddeeff:networkname (max. 32 chars)
-P : enable poweroff
-s : enable status messages
-I : show suitable wlan interfaces and quit
-h : show this help
-v : show version
Important notice:
Also, we pushed an update of wlancap2wpasec, because wpa-sec activated TLSv1.2!
Did the -D option switch change? I thought post 214 mentioned that -D was to send DEAUTH until M2 received. I'm confused, does -D mean to send DEAUTH or NOT send DEAUTH?