04-06-2020, 07:01 PM
(04-06-2020, 05:50 PM)ZerBea Wrote: $ hcxdumptool --help will show you the correct syntax
add target AP_MC to filterlist.txt (format 112233445566)
replace --filterlist with --filterlist_ap
replace --enable_status with --enable_status=31
replace -o hash with -o dump.pcapng
Do not(!) use hcxdumptool in combination with airmon-ng. You should have received many warnings during start up of hcxdumptool that it isn't a good idea.
hcxdumptool uses an own monitor mode and will show you the services that take access to the interface. You have to stop them by hand!
The complete command line should look like this:
Code:$ hcxdumptool -i <interface> -o dump.pcapng --filterlist_ap=filter.txt --filtermode=2 --enable_status=31
To convert the traffic to hashcat format, run hcxpcapngtool (latest git head):
Code:$ hcxpcapngtool -o test.22000 *.pcapng
Get a good wordlist:
https://3wifi.stascorp.com/3wifi-dic-2020-03-02.7z
To recover the PSK run hashcat (latest git head):
Code:$ hashcat -m 22000 test.22000 3WiFi_WiFiKey.txt
Alternative (some CLIENTs transmit PSK in plain/clear):
run hcxdumptool 24/7
convert to hashcat format:
Code:$ hcxpcapngtool -o test.22000 -E wordlist *.pcapng
run hashcat
Code:$ hashcat -m 22000 test.22000 wordlist
To get driver type and to test that your interface/driver is suitable, run:
Code:$ hcxdumptool -I
$ hcxdumptool -i <interface> --check_driver
$ hcxdumptool -i <interface> --check_injection
BTW:
If you understand Spanish (WiFislax forum: search for hcx):
https://foro.seguridadwireless.net/
If you understand Russian (something about wordlists):
https://antichat.com/threads/281655/page-179
thanks for your replies
i successed but i tried one more time
i got this error
Code:
root@The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali):~# hcxdumptool -o test.pcapng -i wlan0mon --enable_status 3
initialization...
warning: NetworkManager is running with pid 533
(possible interfering hcxdumptool)
warning: wpa_supplicant is running with pid 845
(possible interfering hcxdumptool)
warning: wlan0mon is probably a virtual monitor interface
interface is already in monitor mode
warning: interface is not up
warning: failed to init socket
try to use iw to set monitor mode
try to use ip link to bring interface up
terminating...
how can i fix this