hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
hcxtools 4.2.0 released (https://github.com/ZerBea/hcxtools)

-added full support for hashcat hashmodes 16800/16801
-many bug fixes
-default cap format now pcapng
-moved WiFi dump stuff to hcxdumptool (https://github.com/ZerBea/hcxdumptool)

$ hcxpcaptool -z test.16800 test.pcapng
start reading from test.pcapng
summary:
file name....................: test.pcapng
file type....................: pcapng 1.0
file hardware information....: x86_64
file os information..........: Linux 4.17.11-arch1
file application information.: hcxdumptool 4.2.0
network type.................: DLT_IEEE802_11_RADIO (127)
endianess....................: little endian
read errors..................: flawless
packets inside...............: 66
skipped packets..............: 0
packets with FCS.............: 0
beacons (with ESSID inside)..: 17
probe requests...............: 1
probe responses..............: 11
association requests.........: 5
association responses........: 5
authentications (OPEN SYSTEM): 13
authentications (BROADCOM)...: 1
EAPOL packets................: 14
EAPOL PMKIDs.................: 1

1 PMKID(s) written to test.16800




Todo:
hcxdumptool 4.2.0 will randomize ap-less attacks.
hcxpcaptool converts this handshakes correctly, but will not detect them as ap-less attack.
This feature will be added in hcxtools 4.2.1

Stay tuned for release of hcxdumptool 4.2.0 and client-less attack (hashmode -m16800/16801) on 802.11i
Reply


Messages In This Thread
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 08-03-2018, 02:35 PM