[quote="ZerBea" pid='51796' dateline='1614528445']
Some IoT devices transmit the PSK in the clear.
If a user made a type (PSK instead ESSID), the device transmit the PSK in the clear.
A misconfigured device can cause that the PSK is transmitted in the clear.
-E will store them to a list
-I will store received identities (that include IMEIs) to a list
-U will store received usernames to a list
All this lists can be used to create new wordlists.
Ok here's an example I found it in the test.pcapng. Haven't run into any passwords yet, but if I did how would I know what they're associated to ?
In the raw.list it shows up as:
MUHwPerOT
When opening up the test.pcapng in Atom, it is located in this area:
JDoe_8MUHwPerOT7yLh1WrbgRZQNEvHG (This entire string is the SSID name, changed the beginning to JDoe)
Also how did it extract the name from that string ? (SSID is the entire string fyi, name_blahblahblah) Shouldn't it extract the whole string ?
EDIT: meanwhile with hcxpmktool and pasting the wpa* string you can get the ESSID. Liking these tools more and more. Itching to get to the PMK part.
Some IoT devices transmit the PSK in the clear.
If a user made a type (PSK instead ESSID), the device transmit the PSK in the clear.
A misconfigured device can cause that the PSK is transmitted in the clear.
-E will store them to a list
-I will store received identities (that include IMEIs) to a list
-U will store received usernames to a list
All this lists can be used to create new wordlists.
Ok here's an example I found it in the test.pcapng. Haven't run into any passwords yet, but if I did how would I know what they're associated to ?
In the raw.list it shows up as:
MUHwPerOT
When opening up the test.pcapng in Atom, it is located in this area:
JDoe_8MUHwPerOT7yLh1WrbgRZQNEvHG (This entire string is the SSID name, changed the beginning to JDoe)
Also how did it extract the name from that string ? (SSID is the entire string fyi, name_blahblahblah) Shouldn't it extract the whole string ?
EDIT: meanwhile with hcxpmktool and pasting the wpa* string you can get the ESSID. Liking these tools more and more. Itching to get to the PMK part.