01-09-2015, 01:39 PM
(01-09-2015, 11:52 AM)atom Wrote: Can aircrack read the extract.cap (the one output by tshark) without using the -J?
If not, I'd say tshark destroyed it, at least for using it with aircrack
No it can't:
Quote:$ tshark -r tt1.cap wlan.bssid == xx:xx:xx:xx:xx:xx -w extract.capBut when i specify -b option for aircrack it work:
$ aircrack-ng extract.cap
Opening extract.cap
Unsupported file format (not a pcap or IVs file).
Read 0 packets.
No networks found, exiting.
Quitting aircrack-ng...
$
Quote:$ aircrack-ng -w ../../hash/wlist/rockyou_sorted.txt extract.cap
Opening extract.cap
Unsupported file format (not a pcap or IVs file).
Read 0 packets.
No networks found, exiting.
Quitting aircrack-ng...
$ aircrack-ng -w ../../hash/wlist/r_sorted.txt -b xx:xx:xx:xx:xx:xx tt1.cap
Opening tt1.cap
Reading packets, please wait...
Aircrack-ng 1.2 rc1
[00:00:01] 9812 keys tested (942.14 k/s)
Current passphrase: dee4life
Master Key : xx:xx:xx:xx:xx:xxxx:xx:xx:xx:xx:xx
Transient Key : xx:xx:xx:xx:xx:xxxx:xx:xx:xx:xx:xxxx:xx:xx:xx:xx:xxxx:xx:xx:xx:xx:xx
EAPOL HMAC : xx:xx:xx:xx:xx:xxxx:xx:xx:xx:xx:xxxx:xx:xx:xx:xx:xx
^C
Quitting aircrack-ng...
$