hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Hi.

1)
wlanhcx2ssid -e
argument actually spits out the hex ESSID, is it supposed to? If so, would it be possible for you to put
an option to ASCII stringify this?


It is possible, but I don't like it, because it will crash your filesystem, if there are unwanted characters in the ESSID
(like slashes). You can use "grep -r "searchedessid" to get the filename for the essid you're looking for.
And here is a negative example:
https://forum.hashkiller.co.uk/topic-vie...413#152413
This guy postet his collection of hccapx files (essid as filename.hccapx)
Download the zip, extract it and crash your filesystem!


2)
use host for the accesspoints and src for the clients
your BPF should look like this:
!(wlan host 00:00:00:00:00:11 || wlan host 00:00:00:00:00:22 || wlan src 00:00:00:00:33:00 || wlan src 00:00:00:00:44:00)


But keep in mind:
newer clients use a random generated mac! So it's possible that they try to connect to our random generated mac_ap using their random generated mac_sta. In that case, BPF doesn't work as expected.
Reply


Messages In This Thread
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 11-11-2017, 09:56 AM
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM