Hi Superninja
wlan0mon is a typical logical interface type, created by airmon-ng for broadcom devices.
Do you use a broadcom interface?
read more here:
"You are using the Broadcom STA (wl) official driver; this does not support monitor or promiscuous modes (regardless of whatever airmon-ng tells you.)"
https://askubuntu.com/questions/155528/w...eless-card
How do you set monitor mode? hcxdumptool doesn't like logical interfaces while the physical interface is leaving managed. So, do not set monitor mode by airmon-ng!
I added this to the help menu on latest commit:
do not run hcxdumptool on logical interfaces (monx, wlanxmon)
do not use hcxdumptool in combination with other 3rd party tools, which take access to the interface
Read more why I did it that way here:
https://github.com/ZerBea/hcxdumptool/co...t-30554020
Is the interface really in monitor mode?
$ sudo iw dev <your physical interface> info
Interface wlp3s0f0u2
ifindex 3
wdev 0x1
addr c8:3a:35:xx:xx:xx
type monitor
wiphy 0
channel 3 (2422 MHz), width: 20 MHz (no HT), center1: 2422 MHz
txpower 20.00 dBm
--enable_status=2 doesn't show EAPOL messages!
--enable_status=<digit> : enable status messages
bitmask:
1: EAPOL
2: PROBEREQUEST/PROBERESPONSE
4: AUTHENTICATON
8: ASSOCIATION
16: BEACON
So if you like to see EAPOL messages (this includes PMKIDs) and PROBEREQUEST/PROBERESPONSE messages use:
--enable_status=3 ( 1 + 2)
Is the target access point in transmit range?
hcxdumtool -i <physical interface> --do_rcascan -t 5
[18:26:00] xxxxxxxxxxxx networkname [CHANNEL 1, AP IN RANGE]
If you still don't get a PMKID, the access point might not be vulnerable.
wlan0mon is a typical logical interface type, created by airmon-ng for broadcom devices.
Do you use a broadcom interface?
read more here:
"You are using the Broadcom STA (wl) official driver; this does not support monitor or promiscuous modes (regardless of whatever airmon-ng tells you.)"
https://askubuntu.com/questions/155528/w...eless-card
How do you set monitor mode? hcxdumptool doesn't like logical interfaces while the physical interface is leaving managed. So, do not set monitor mode by airmon-ng!
I added this to the help menu on latest commit:
do not run hcxdumptool on logical interfaces (monx, wlanxmon)
do not use hcxdumptool in combination with other 3rd party tools, which take access to the interface
Read more why I did it that way here:
https://github.com/ZerBea/hcxdumptool/co...t-30554020
Is the interface really in monitor mode?
$ sudo iw dev <your physical interface> info
Interface wlp3s0f0u2
ifindex 3
wdev 0x1
addr c8:3a:35:xx:xx:xx
type monitor
wiphy 0
channel 3 (2422 MHz), width: 20 MHz (no HT), center1: 2422 MHz
txpower 20.00 dBm
--enable_status=2 doesn't show EAPOL messages!
--enable_status=<digit> : enable status messages
bitmask:
1: EAPOL
2: PROBEREQUEST/PROBERESPONSE
4: AUTHENTICATON
8: ASSOCIATION
16: BEACON
So if you like to see EAPOL messages (this includes PMKIDs) and PROBEREQUEST/PROBERESPONSE messages use:
--enable_status=3 ( 1 + 2)
Is the target access point in transmit range?
hcxdumtool -i <physical interface> --do_rcascan -t 5
[18:26:00] xxxxxxxxxxxx networkname [CHANNEL 1, AP IN RANGE]
If you still don't get a PMKID, the access point might not be vulnerable.