hashcat Forum Support hashcat v
Hashcat command bruteforce

Linear Mode
Hashcat command bruteforce
Levy Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Jun 2021
#5
06-19-2021, 06:08 PM
(06-07-2021, 03:06 PM)ZerBea Wrote: The simplest hashcat commands are:
by wordlist:
$ hashcat -m 22000 hashfile.22000 wordlist

by pattern (e.g. 8 digit PSK)
$ hashcat -m 22000 hashfile.22000 -a 3 ?d?d?d?d?d?d?d?d

by pattern, if you know a part (e.g.: name and date) of the PSK
$ hashcat -m 22000 hashfile.22000 -a 3 Agneta?d?d?d?d

by wordlist (e.g. prenames) + rule (e.g. dates)
$ hashcat -m 22000 hashfile.22000 prenamelist -r date.rule

I recommend to do some investigations about the ROUTER (default PSK, default PSK keyspace, possbile default PSK pattern), about the CLIENTs which belong to the NETWORK (does a CLIENT transmit the PSK in the clear).
Are you able to confuse a CLIENT, so that you can retrieve the PSK from him?
Does the administrator use the default ESSID or does he use an user defined one?

Is wpa-sec able to recover the PSK, by testing some common wordlists?
https://wpa-sec.stanev.org/?nets

Please also read this comment:
https://hashcat.net/forum/thread-10151-p...l#pid52834

BTW:
hashcat is a tool to recover a password from a hash file.
It is not a tool to attack a NETWORK directly.
The attack vector and the conversion to a hash file (e.g. 22000) is an important part. If one of them or both failed, hashcat will not be able to recover the PSK.

I'm interested how you performed the attack on the air interface.
Which tool have you used to attack the NETWORK?
Which tool have you used to convert the EAPOL MESSAGE PAIR to hccapx?
Which WiFi adapter have you used?
Have you attacked the AP or the CLIENTs or both?
Does the AP transmit a PMKID?

I asked, because I talked with Atom about hash modes 250x and 1680x. We both wonder why so many users still run this deprecated  modes.

Hi

Thank you for your reply

I used a alpha nic adapter with The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) and Wifite (not sure if this answers your question?)
Is it possible to aquire the router/accesspoint information using it's MAC or BSSID adress?

Is there a command if I want to try variations containing numbers, smal letters, large letters and special carracters on all places instead of only ?d?d?d?d?d?d?d?d which only tries numbers when trying to crack the password (?)
Find
Reply


Messages In This Thread
Hashcat command bruteforce - by Levy - 06-07-2021, 02:44 PM
RE: Hashcat command bruteforce - by ZerBea - 06-07-2021, 03:06 PM
RE: Hashcat command bruteforce - by Levy - 06-19-2021, 06:08 PM
RE: Hashcat command bruteforce - by skypickle - 06-18-2021, 06:32 AM
RE: Hashcat command bruteforce - by ZerBea - 06-19-2021, 08:32 AM
RE: Hashcat command bruteforce - by ZerBea - 06-20-2021, 03:32 PM