09-15-2020, 07:23 AM
(This post was last modified: 09-15-2020, 07:29 AM by qaksmmnvkpjv.
Edit Reason: hashcat versions that this applies to
)
hashcat versions: 5.1.0 and 6.1.1
I've been looking at hccapx to better understand wpa/wpa2, but there's one thing that befuddles me. I cannot figure out how hashcat creates a 128 bit prefix for found passwords.
hashcat will output something like
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:<ap_mac>:<sta_mac>:<ssid>:<password>
Where the X's are a hex encoding of something. How is this derived?
I've been looking through the source code where -m 2500 (wpa/wpa2) is defined, but I can't see how it's done. https://github.com/hashcat/hashcat/blob/...00-pure.cl
In the rules I'm not supposed to post the actual hash, but I see no problem with that because it's published on hashcat.net as an example for explanation purposes. Once someone gives me the ok I'll post the actual hash. I think it'll be easier to work with a specific example.
I've been looking at hccapx to better understand wpa/wpa2, but there's one thing that befuddles me. I cannot figure out how hashcat creates a 128 bit prefix for found passwords.
hashcat will output something like
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:<ap_mac>:<sta_mac>:<ssid>:<password>
Where the X's are a hex encoding of something. How is this derived?
I've been looking through the source code where -m 2500 (wpa/wpa2) is defined, but I can't see how it's done. https://github.com/hashcat/hashcat/blob/...00-pure.cl
In the rules I'm not supposed to post the actual hash, but I see no problem with that because it's published on hashcat.net as an example for explanation purposes. Once someone gives me the ok I'll post the actual hash. I think it'll be easier to work with a specific example.