hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
#69
If you like to test this new feature do the following steps:

1) Download example cap from wireshark examples (https://wiki.wireshark.org/SampleCaptures)
File: wpa-eap-tls.pcap.gz
https://wiki.wireshark.org/SampleCapture...ls.pcap.gz

2) gunzip the cap
$ gunzip wpa-eap-tls.pcap.gz

3) get the demo plainmasterkeys from (https://wiki.wireshark.org/SampleCaptures)
Wifi / Wireless LAN captures / 802.11
File: wpa-eap-tls.pcap.gz
Description: 802.11 capture with WPA-EAP. PSK's to decode:
a500........
7925........
23a9........
and copy them to your pmklist

4) use wlancap2hcx to convert the cap file:
$ wlancap2hcx -O test.hccapx wpa-eap-tls.pcap
start reading from wpa-eap-tls.pcap
86 packets processed (86 wlan, 0 lan, 0 loopback)
total 2 usefull wpa handshakes
found 2 handshakes without ESSIDs (use hashcat -m 2501)
found 2 WPA2 AES Cipher, HMAC-SHA1
found EAP-TLS Authentication
found WPA encrypted data packets

5) run hashcat:
$ hashcat -m 2501 --logfile-disable --potfile-path=hashcat.2501.pot --outfile-format=2 -o foundhashcat.2501 test.hccapx pmklist
hashcat (4.0.0-rc2) starting...
Session..........: hashcat
Status...........: Cracked
Hash.Type........: WPA/WPA2 PMK
Hash.Target......:  (AP:10:6f:3f:0e:33:3c STA:24:77:03:d2:5e:a8)
Time.Started.....: Mon Oct  2 16:38:18 2017 (0 secs)
Time.Estimated...: Mon Oct  2 16:38:18 2017 (0 secs)
Guess.Base.......: File (pw)
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....:        0 H/s (0.00ms)
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 3/3 (100.00%)
Rejected.........: 0/3 (0.00%)
Restore.Point....: 0/3 (0.00%)
Candidates.#1....: a500.... -> 23a9....
HWMon.Dev.#1.....: Temp: 41c Fan: 29% Util:  4% Core:1835MHz Mem:5005MHz Bus:16
Reply


Messages In This Thread
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 10-02-2017, 04:47 PM
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM