02-27-2021, 08:38 PM
(This post was last modified: 02-28-2021, 01:52 AM by Uraniumhazee.)
(02-27-2021, 06:15 PM)ZerBea Wrote: Can you please describe your complete workflow and the command lines you use?
Please notice:
The output to a terminal depend on the default settings of the terminal.
To mak this more universal, hcxtools replace non ASCII characters by a placeholder (e.g.: "."). The hash file should not be affected.
You can use a hex editor (e.g.: GHex) to take a look at the ESSID inside the haccapx file.
For hashcat you don't need hccapx files. hashcat accept 22000 files, too:
Code:2500 | WPA-EAPOL-PBKDF2 | Network Protocols
2501 | WPA-EAPOL-PMK | Network Protocols
16800 | WPA-PMKID-PBKDF2 | Network Protocols
16801 | WPA-PMKID-PMK | Network Protocols
22000 | WPA-PBKDF2-PMKID+EAPOL | Network Protocols
22001 | WPA-PMK-PMKID+EAPOL | Network Protocols
BTW:
Exactly this is one of the reasons to move from 2500 (hccapx) to 22000.
You do not need a hex editor any longer to take a look at the hashes.
Instead you can use every bash command (tool) to show the content of the hash.
We take the example hash from here:
https://hashcat.net/wiki/doku.php?id=example_hashes
22000 WPA-PBKDF2-PMKID+EAPOL
Format is:Code:WPA*01****
PMKID type 01:
IDENTIFIER * TYPE * PMKID * MAC_AP * MAC_STA * ESSID
EAPOL type 02:
IDENTIFIER * TYPE * MIC * MAC_AP * MAC_STA * ESSID * EAPOL MESSAGE PAIR
We take the ESSID from the 22000 hash line and convert from HEX ASCII to ASCII using a perl command:
It will show you the ESSID in ASCIICode:$ echo "686173686361742d6573736964" | perl -pe 's/(..)/chr(hex($1))/ge'
hashcat-essid
There is absolutely no reason to use hccapx any longer.
I will explain what the problem is.
In the below there is a 1.cap file and its original SSID name is "Gül's home"
When i send this file to a crack service file was cracked. There is no problem. And alsa SSID seen right!
For me.
I use hashcat. For this i need hccapx file or a pmids hash or WPA 01/02 hash... i cant crack cap files in hashcat you know
I use The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) and use this command.
hcxpcaptool -z 1.pmkid -o 1.hccapx 1.cap
hcxpcapngtool -o 1.22000 --pmkid=1.16800 --hccapx=1.hccapx 1.cap
in this file i got a hccapx file and a 1.22000 file! I could not get a 16800 file pmkids!
I shared 2 file below
When i send these files to a crack service file was not cracked. SSID seen like this "GxC3xBCl's"
And algo in hashcat for example i use these commands
for hccapx
hashcat64.exe -w 3 -a 3 -m 2500 1.hccapx ?d?d?d?d?d?d?d?d
for 22000
hashcat.exe -w 3 -a 3 -m 22000 WPA*02 ?d?d?d?d?d?d?d?d
each time in hashcat olsa SSID seen "GxC3xBCl's"
I think i cant crack this because of this error.
In the cracking services i experienced this.
How can I make it look right ssid name in hccapx or in 22000 hash?
This is my problem. SSID doen not look right?
I hope i explained what the problem is.
Sorry for my bad English.
What do you think about this problem.
Thanks