05-12-2018, 06:41 PM
Hi RashidMalik.
wlandump-ng -l and hcxdumptool -O enable capturing of IPv4 and IPv6 traffic (for example from hotspots).
For example all non EAP based authentications like:
-TLS authentications
-CHAP authentications
-TACACS+ authentication (https://hashcat.net/forum/thread-7062.html)
It isn't enabled by default, because this cap files can grow very big (very fast).
Passwords (PSK), usernames and identities are captured by default. You can retrieve them using hcxdumptool -E -U -I options. Unfortunately we can't decide between ESSIDs and PSKs. So you find both of them in -E option file.
The more clients you receive, the more PSKs, usernames and/or identities you will get.
APs doesn't send PSKs, usernames and/or identities!
wlandump-ng and wlancap2hcx are outdated. I kept them only for backward compatibility (libpcap).
hcxdumptool and hcxpcaptool are the successors.
wlandump-ng -l and hcxdumptool -O enable capturing of IPv4 and IPv6 traffic (for example from hotspots).
For example all non EAP based authentications like:
-TLS authentications
-CHAP authentications
-TACACS+ authentication (https://hashcat.net/forum/thread-7062.html)
It isn't enabled by default, because this cap files can grow very big (very fast).
Passwords (PSK), usernames and identities are captured by default. You can retrieve them using hcxdumptool -E -U -I options. Unfortunately we can't decide between ESSIDs and PSKs. So you find both of them in -E option file.
The more clients you receive, the more PSKs, usernames and/or identities you will get.
APs doesn't send PSKs, usernames and/or identities!
wlandump-ng and wlancap2hcx are outdated. I kept them only for backward compatibility (libpcap).
hcxdumptool and hcxpcaptool are the successors.