Good investigation. Thanks for sharing the results.
Now we exactly know that the PMKID calculated by Windows 7 and Windows 8 is garbage.
BTW:
No need to run hashcat to confirm a PSK or a PMK because hcxhashtool can do it
by PSK:
or by PMK:
hcxdumptool is able to confirm a PSK on-the-fly.
Just add --weakcandidate=test_psk (default: 12345678)
Now we exactly know that the PMKID calculated by Windows 7 and Windows 8 is garbage.
BTW:
No need to run hashcat to confirm a PSK or a PMK because hcxhashtool can do it
by PSK:
Code:
$ time hcxhashtool -i test.hc22000 --psk=12345678
020000000020:020000000001:ap01:5577866bc5e9778a3ca3d8730e97f258e2a9ae2afd95bbd63c4f383275c8ba93:12345678
OUI information file..........: /home/zerobeat/.hcxtools/oui.txt
OUI entires...................: 30753
total lines read..............: 1
valid hash lines..............: 1
PMKID hash lines..............: 1
real 0m0,152s
user 0m0,149s
sys 0m0,003sor by PMK:
Code:
$ time hcxhashtool -i test.hc22000 --pmk=5577866bc5e9778a3ca3d8730e97f258e2a9ae2afd95bbd63c4f383275c8ba93
020000000020:020000000001:ap01:5577866bc5e9778a3ca3d8730e97f258e2a9ae2afd95bbd63c4f383275c8ba93
OUI information file..........: /home/zerobeat/.hcxtools/oui.txt
OUI entires...................: 30753
total lines read..............: 1
valid hash lines..............: 1
PMKID hash lines..............: 1
real 0m0,157s
user 0m0,150s
sys 0m0,007shcxdumptool is able to confirm a PSK on-the-fly.
Just add --weakcandidate=test_psk (default: 12345678)