hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
#63
calculate hashcat's "--nonce-error-corrections" using hcxtools

In some special cases hashcat isn't able to do nonce-error-corrections.

If you use wlanhcxinfo option -a -A to get  the required informations and you see this:
mac_ap           anonce
-----------------------------------------------------------------------------------------------------
xxxxxxxxxxxx:4a8d0509f2a10031e819d487f95a33825cbaf6ea6d7dff3ade2c7c3071889316
xxxxxxxxxxxx:4a8d0509f2a10034e819d487f95a33825cbaf6ea6d7dff3ade2c7c3071889316
xxxxxxxxxxxx:4a8d0509f2a10037e819d487f95a33825cbaf6ea6d7dff3ade2c7c3071889316
xxxxxxxxxxxx:4a8d0509f2a1003ae819d487f95a33825cbaf6ea6d7dff3ade2c7c3071889316
xxxxxxxxxxxx:4a8d0509f2a1003ce819d487f95a33825cbaf6ea6d7dff3ade2c7c3071889316
xxxxxxxxxxxx:4a8d0509f2a1003ee819d487f95a33825cbaf6ea6d7dff3ade2c7c3071889316

Byte 7 is incremented.
There are gaps between the values (caused by packetloss of the dumper).

Now it's time for wlanhcxmnc. This tool will do the nonce-err-corrections for hashcat.
Calculate the nonce-err-corrections value as in post 61 described: 0x3e - 0x31 = 0xd
Then run:
wlanhcxmnc -i yourfile.hccapx -a xxxxxxxxxxxx -o correctedfile.hccapx -b 7 -n d

wlanhcxmnc will correct the nonce values for this ap xxxxxxxxxxxx and save them to a file.

Now you can run hashcat with --nonce-error-corrections=0 on that file.
This is possible, because the nonce-error-corrections is allready done by wlanhcxmnc!


update hcxtools 4.0.0-rc1:
Added new option -I to wlanhcxmnc:
-I          : show mac_ap and anonces

now you can use
$ wlanhcxmnc -i yourfile.hccapx -I
to get the required informations for hashcat's nonce-error-corrections

stdout is used for printing this informations. So it's possible to redirect the output to a file
$ wlanhcxmnc -i yourfile.hccapx -I > apinfos

wlanhcxinfo option -a -A no longer needed for this purpose!
Reply


Messages In This Thread
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 09-20-2017, 05:40 PM
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM