hashcat Forum Misc User Contributions v
New attack on WPA/WPA2 using PMKID

Thread Closed 
Linear Mode
New attack on WPA/WPA2 using PMKID
cashhat Offline
Junior Member
**
Posts: 2
Threads: 0
Joined: Sep 2018
#128
09-30-2018, 04:40 PM (This post was last modified: 09-30-2018, 04:50 PM by cashhat.)
(09-27-2018, 02:10 AM)slyexe Wrote:
(09-26-2018, 09:50 PM)cashhat Wrote: Am I doing this right?

Step 0: Device is in monitor mode:


Code:
$ iw dev
    phy#0
        Interface mon0
            ifindex 9
            wdev 0x3
            addr my:v6:ip:addr
            type monitor
            txpower 0.00 dBm
    Interface wlp9s0
        ifindex 3
        wdev 0x1
        addr my:v6:ip:addr
        ssid MyWifiStation
        type managed
        channel 1 (2412 MHz), width: 20 MHz, center1: 2412 MHz
        txpower 22.00 dBm


You do not want a virtual interface (mon0). You are not doing it right. Setup your wireless interface into monitor mode: 
Code:
ifconfig wlp9s0 down
iwconfig wlp9s0 mode monitor
ifconfig wlp9s0 up


Then check that its in monitor and not managed with iwconfig wlp9s0. Once the wireless interface is in monitor mode AND SUPPORTS IT, then you can use:

Code:
hcxdumptool -i wlp9s0 -o test.pcapng --enable_status 1

Should solve your issue.


slyexe, thanks for the clarification. That does set wlp9s0 to monitor mode (verified with iw dev). Unfortunately it's still giving the same end result. I've tried on two different routers with two different computers. (Computer1 -> Router1, Comptuer1 -> Router2, Computer2 -> Router1, Computer2 -> Router2). The computer I'm running hashcat on is a bit slow so it takes the better part of a day to get a result which is the main reason it took me so long to reply.

I think I might be connecting to the network wrong. Both computers already know the wifi network's password and so they automatically complete the login process. If I just do

Code:
sudo hcxdumptool -o test.pcapng -i wlp9s0 --enable_status=1

(with the device in monitor mode ...or managed mode, btw) it will disconnect within a couple seconds. So what I do is

Code:
nmcli d connect wlp9s0

sudo hcxdumptool -o test.pcapng -i wlp9s0 --enable_status=1


which seems to work (hcxdumptool runs and it finds the PMKID) at least 25% of the time. So I just do that a few times until it works and then move on to the rest of the steps. But no where in atom's original post or any of the comments have I seen anyone talking about the need to run those commands back to back or else the interface will disconnect. So I'm guessing that is where I'm doing something wrong.

Do you know what's going on with it disconnecting, needing to connect right before running hcxdumptool, or wlp9s0 seeming to want to return to managed mode after being put into monitor mode?
Find
Thread Closed 


Messages In This Thread
New attack on WPA/WPA2 using PMKID - by atom - 08-04-2018, 06:50 PM
RE: New attack on WPA/WPA using PMKID - by hash93 - 08-04-2018, 09:18 PM
RE: New attack on WPA/WPA using PMKID - by ZerBea - 08-05-2018, 10:53 AM
RE: New attack on WPA/WPA2 using PMKID - by kcdtv - 08-05-2018, 11:41 PM
RE: New attack on WPA/WPA2 using PMKID - by lint - 08-06-2018, 06:09 PM
RE: New attack on WPA/WPA2 using PMKID - by lint - 11-07-2018, 07:05 PM
RE: New attack on WPA/WPA2 using PMKID - by atom - 08-08-2018, 11:16 AM
RE: New attack on WPA/WPA2 using PMKID - by atom - 08-08-2018, 11:55 AM
RE: New attack on WPA/WPA2 using PMKID - by kcdtv - 08-09-2018, 04:11 PM
RE: New attack on WPA/WPA2 using PMKID - by octf - 08-11-2018, 07:21 AM
RE: New attack on WPA/WPA2 using PMKID - by skan - 08-13-2018, 03:57 AM
RE: New attack on WPA/WPA2 using PMKID - by LoZio - 08-17-2018, 01:49 PM
RE: New attack on WPA/WPA2 using PMKID - by L3pus - 08-21-2018, 09:23 AM
RE: New attack on WPA/WPA2 using PMKID - by lint - 09-03-2018, 12:07 PM
RE: New attack on WPA/WPA2 using PMKID - by sao - 08-27-2018, 06:10 AM
RE: New attack on WPA/WPA2 using PMKID - by Mem5 - 08-27-2018, 07:24 PM
RE: New attack on WPA/WPA2 using PMKID - by JCas - 09-01-2018, 02:13 PM
RE: New attack on WPA/WPA2 using PMKID - by dafez - 09-03-2018, 04:40 PM
RE: New attack on WPA/WPA2 using PMKID - by dafez - 09-07-2018, 04:55 AM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-21-2018, 03:43 AM
RE: New attack on WPA/WPA2 using PMKID - by Mem5 - 09-21-2018, 09:39 AM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-21-2018, 12:51 PM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-22-2018, 01:49 AM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-22-2018, 04:50 PM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-22-2018, 10:22 PM
RE: New attack on WPA/WPA2 using PMKID - by cashhat - 09-30-2018, 04:40 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-23-2018, 11:07 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-27-2018, 06:29 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-27-2018, 06:20 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-27-2018, 06:31 PM
RE: New attack on WPA/WPA2 using PMKID - by lint - 11-07-2018, 07:10 PM