I'm working on this feature
https://github.com/ZerBea/hcxtools/blob/...ol.c#L1664
but it has very low priority, because tshark and/or Wireshark can do it much better:
$ tshark -r test.pcapng.cap -T fields -e wps.device_name -e wps.serial_number
or (inclusive transmitter address and ESSID):
$ tshark -r test.pcapng.cap -T fields -e wlan.ta -e wlan.ssid -e wps.device_name -e wps.serial_number
reference is here:
https://www.wireshark.org/docs/dfref/w/wps.html
full reference is here:
https://www.wireshark.org/docs/dfref/
From several analysis I noticed that many VENDORs doesn't use this fields or fill it with garbage. So don't expect "amazing results":
Running the above cmd we will receive:
"XYZ AP 12345678"
Totally useless!
BTW:
Highest priority, as of today:
AKM (Authentication and Key Management) and EAP (Extensible Authentication Protocol)!
https://github.com/ZerBea/hcxtools/blob/...ol.c#L1664
but it has very low priority, because tshark and/or Wireshark can do it much better:
$ tshark -r test.pcapng.cap -T fields -e wps.device_name -e wps.serial_number
or (inclusive transmitter address and ESSID):
$ tshark -r test.pcapng.cap -T fields -e wlan.ta -e wlan.ssid -e wps.device_name -e wps.serial_number
reference is here:
https://www.wireshark.org/docs/dfref/w/wps.html
full reference is here:
https://www.wireshark.org/docs/dfref/
From several analysis I noticed that many VENDORs doesn't use this fields or fill it with garbage. So don't expect "amazing results":
Running the above cmd we will receive:
"XYZ AP 12345678"
Totally useless!
BTW:
Highest priority, as of today:
AKM (Authentication and Key Management) and EAP (Extensible Authentication Protocol)!