Thanks. I'm glad to hear that the tools are working as expected.
hcxhashtool is designed to show an information about the content of the hash file. Unfortunately it is not able to detect whether a PSK can be recovered by hashcat or not.
But with the shown information you should be able to determine if it is useful to start a hashcat task on that hash or not. Also you can use this information to prepare/calculate the wordlist, mask or rule for this hash.
I give you some examples based on the output of hcxhastool --info=stdout
If the default PSK is based on the MAC_AP: search if there is an algo to calculate the default PSK for this MAC.
If yes, use the tools to calculate the exact PSK
https://github.com/routerkeygen
or the complete keyspace:
hcxpsktool
If the default PSK is based on the ESSID use
hcxpsktool
or
hcxeiutool -s option in combination with a rule (e.g. year) on hcxpcapngtool -EIU output
If the default PSK is requested and captured by hcxdumptool use hcxpcapngtool -EIU option and feed hashcat with this list.
Upload your captured dump file to wpa-sec to see if the PSK is inside of one of the default wordlists.
The results of wpa-sec are continuously used to improve hcxtools, e.g.:
https://github.com/ZerBea/hcxtools/pull/175
https://github.com/ZerBea/hcxtools/pull/172
Some words about the unknown MACs (AP and CLIENT):
To prevent tracking, nearly all CLIENTS running MAC randomization and hcxhashtool will show this MACs as unknown.
To prevent counter measures against us, hcxdumptool will randomize all MACs, too and hcxhashtool will show this MACs as unknown.
Also you should know that hcxdumptool/hcxtools are analysis tools. Therefore Atom added the new hash formats WPA-PBKDF2-PMKID+EAPOL (22000) and WPA-PMK-PMKID+EAPOL (22001) to hashcat. This allow huge analyses on mass data!
https://github.com/ZerBea/hcxtools/pulls...s%3Aclosed
hcxhashtool is designed to show an information about the content of the hash file. Unfortunately it is not able to detect whether a PSK can be recovered by hashcat or not.
But with the shown information you should be able to determine if it is useful to start a hashcat task on that hash or not. Also you can use this information to prepare/calculate the wordlist, mask or rule for this hash.
I give you some examples based on the output of hcxhastool --info=stdout
If the default PSK is based on the MAC_AP: search if there is an algo to calculate the default PSK for this MAC.
If yes, use the tools to calculate the exact PSK
https://github.com/routerkeygen
or the complete keyspace:
hcxpsktool
If the default PSK is based on the ESSID use
hcxpsktool
or
hcxeiutool -s option in combination with a rule (e.g. year) on hcxpcapngtool -EIU output
If the default PSK is requested and captured by hcxdumptool use hcxpcapngtool -EIU option and feed hashcat with this list.
Upload your captured dump file to wpa-sec to see if the PSK is inside of one of the default wordlists.
The results of wpa-sec are continuously used to improve hcxtools, e.g.:
https://github.com/ZerBea/hcxtools/pull/175
https://github.com/ZerBea/hcxtools/pull/172
Some words about the unknown MACs (AP and CLIENT):
To prevent tracking, nearly all CLIENTS running MAC randomization and hcxhashtool will show this MACs as unknown.
To prevent counter measures against us, hcxdumptool will randomize all MACs, too and hcxhashtool will show this MACs as unknown.
Also you should know that hcxdumptool/hcxtools are analysis tools. Therefore Atom added the new hash formats WPA-PBKDF2-PMKID+EAPOL (22000) and WPA-PMK-PMKID+EAPOL (22001) to hashcat. This allow huge analyses on mass data!
https://github.com/ZerBea/hcxtools/pulls...s%3Aclosed