Can you please describe your complete workflow and the command lines you use?
Please notice:
The output to a terminal depend on the default settings of the terminal.
To mak this more universal, hcxtools replace non ASCII characters by a placeholder (e.g.: "."). The hash file should not be affected.
You can use a hex editor (e.g.: GHex) to take a look at the ESSID inside the haccapx file.
For hashcat you don't need hccapx files. hashcat accept 22000 files, too:
BTW:
Exactly this is one of the reasons to move from 2500 (hccapx) to 22000.
You do not need a hex editor any longer to take a look at the hashes.
Instead you can use every bash command (tool) to show the content of the hash.
We take the example hash from here:
https://hashcat.net/wiki/doku.php?id=example_hashes
22000 WPA-PBKDF2-PMKID+EAPOL
Format is:
PMKID type 01:
IDENTIFIER * TYPE * PMKID * MAC_AP * MAC_STA * ESSID
EAPOL type 02:
IDENTIFIER * TYPE * MIC * MAC_AP * MAC_STA * ESSID * EAPOL MESSAGE PAIR
We take the ESSID from the 22000 hash line and convert from HEX ASCII to ASCII using a perl command:
It will show you the ESSID in ASCII:
hashcat-essid
There is absolutely no reason to use hccapx any longer.
Please notice:
The output to a terminal depend on the default settings of the terminal.
To mak this more universal, hcxtools replace non ASCII characters by a placeholder (e.g.: "."). The hash file should not be affected.
You can use a hex editor (e.g.: GHex) to take a look at the ESSID inside the haccapx file.
For hashcat you don't need hccapx files. hashcat accept 22000 files, too:
Code:
2500 | WPA-EAPOL-PBKDF2 | Network Protocols
2501 | WPA-EAPOL-PMK | Network Protocols
16800 | WPA-PMKID-PBKDF2 | Network Protocols
16801 | WPA-PMKID-PMK | Network Protocols
22000 | WPA-PBKDF2-PMKID+EAPOL | Network Protocols
22001 | WPA-PMK-PMKID+EAPOL | Network ProtocolsBTW:
Exactly this is one of the reasons to move from 2500 (hccapx) to 22000.
You do not need a hex editor any longer to take a look at the hashes.
Instead you can use every bash command (tool) to show the content of the hash.
We take the example hash from here:
https://hashcat.net/wiki/doku.php?id=example_hashes
22000 WPA-PBKDF2-PMKID+EAPOL
Code:
WPA*01*4d4fe7aac3a2cecab195321ceb99a7d0*fc690c158264*f4747f87f9f4*686173686361742d6573736964***PMKID type 01:
IDENTIFIER * TYPE * PMKID * MAC_AP * MAC_STA * ESSID
EAPOL type 02:
IDENTIFIER * TYPE * MIC * MAC_AP * MAC_STA * ESSID * EAPOL MESSAGE PAIR
We take the ESSID from the 22000 hash line and convert from HEX ASCII to ASCII using a perl command:
Code:
$ echo "686173686361742d6573736964" | perl -pe 's/(..)/chr(hex($1))/ge'hashcat-essid
There is absolutely no reason to use hccapx any longer.