07-30-2024, 02:50 PM
(07-30-2024, 07:42 AM)ZerBea Wrote: The cap file looks like a "wpaclean"ed dump file.
Sometimes (if a CLIENT is weak) you can get good information from it.
Try this example from here and you know what I mean:
https://github.com/evilsocket/pwnagotchi...-598597214
For best results, avoid tools that strip or modify capture files.
As of today there is absolutely no need to clean or to merge dump files.
Every state of the art conversion tool is able to get the information from raw (uncleaned) dump files, e.g os independent:
https://github.com/s77rt/multicapconverter
https://hashcat.net/cap2hashcat/
I had to clean it . the original cap file was 30mb , the hashcat converter limits conversions to 20mb max . and the hcxtools didn't want to be installed on my The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux for some reason, so I couldn't use it , so I used wireshark to clean it .