hcxdumptool 4.2.0 released read more about some of the new features here:
https://hashcat.net/forum/thread-7717-po...l#pid41427
complete refactored:
-various new options
-measurement of EAPOL timeout
-full support for hashcat hashmodes -m 16800 and 16801
-now default format is pcapng
$ hcxdumptool --help
hcxdumptool 4.2.0 (C) 2018 ZeroBeat
usage : hcxdumptool <options>
example: hcxdumptool -o output.pcapng -i wlp39s0f3u4u5 -t 5 --enable_status
options:
-i <interface> : interface (monitor mode must be enabled)
ip link set <interface> down
iw dev <interface> set type monitor
ip link set <interface> up
-o <dump file> : output file in pcapngformat
management frames and EAP/EAPOL frames
including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP)
-O <dump file> : output file in pcapngformat
unencrypted IPv4 and IPv6 frames
including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP)
-W <dump file> : output file in pcapngformat
encrypted WEP frames
including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP)
-c <digit> : set scanlist (1,2,3,...)
default scanlist: 1, 3, 5, 7, 9, 11, 13, 2, 4, 6, 8, 10, 12
maximum entries: 127
allowed channels:
1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14
34, 36, 38, 40, 42, 44, 46, 48, 52, 56, 58, 60, 62, 64
100, 104, 108, 112, 116, 120, 124, 128, 132,
136, 140, 144, 147, 149, 151, 153, 155, 157
161, 165, 167, 169, 184, 188, 192, 196, 200, 204, 208, 212, 216
-t <seconds> : stay time on channel before hopping to the next channel
default: 5 seconds
-E <digit> : EAPOL timeout
default: 100000 = 1 second
value depends on channel assignment
-D <digit> : deauthentication intervall
default: 20 (every 20 beacons)
the target beacon intervall is used as trigger
-A <digit> : ap attack intervall
default: 20 (every 20 beacons)
the target beacon intervall is used as trigger
-I : show suitable wlan interfaces and quit
-h : show this help
-v : show version
--filterlist=<file> : mac filter list
format: 112233445566 + comment
maximum line lenght 128, maximum entries 32
--filtermode=<digit> : mode for filter list
1: use filter list as protection list (default)
2: use filter list as target list
--disable_deauthentications: disable transmitting deauthentications
affected: connections between client an access point
deauthentication attacks will not work against protected management frames
--give_up_deauthentications=<digit>: disable transmitting deauthentications after n tries
default: 10 tries (minimum: 4)
affected: connections between client an access point
deauthentication attacks will not work against protected management frames
--disable_disassociations : disable transmitting disassociations
affected: retry (EAPOL 4/4 - M4) attack
--disable_ap_attacks : disable attacks on single access points
affected: client-less (PMKID) attack
--give_up_ap_attacks=<digit> : disable transmitting directed proberequests after n tries
default: 10 tries (minimum: 4)
affected: client-less attack
deauthentication attacks will not work against protected management frames
--disable_client_attacks : disable attacks on single clients points
affected: ap-less (EAPOL 2/4 - M2) attack
--enable_status : enable status messages
--help : show this help
--version : show version
https://hashcat.net/forum/thread-7717-po...l#pid41427
complete refactored:
-various new options
-measurement of EAPOL timeout
-full support for hashcat hashmodes -m 16800 and 16801
-now default format is pcapng
$ hcxdumptool --help
hcxdumptool 4.2.0 (C) 2018 ZeroBeat
usage : hcxdumptool <options>
example: hcxdumptool -o output.pcapng -i wlp39s0f3u4u5 -t 5 --enable_status
options:
-i <interface> : interface (monitor mode must be enabled)
ip link set <interface> down
iw dev <interface> set type monitor
ip link set <interface> up
-o <dump file> : output file in pcapngformat
management frames and EAP/EAPOL frames
including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP)
-O <dump file> : output file in pcapngformat
unencrypted IPv4 and IPv6 frames
including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP)
-W <dump file> : output file in pcapngformat
encrypted WEP frames
including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP)
-c <digit> : set scanlist (1,2,3,...)
default scanlist: 1, 3, 5, 7, 9, 11, 13, 2, 4, 6, 8, 10, 12
maximum entries: 127
allowed channels:
1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14
34, 36, 38, 40, 42, 44, 46, 48, 52, 56, 58, 60, 62, 64
100, 104, 108, 112, 116, 120, 124, 128, 132,
136, 140, 144, 147, 149, 151, 153, 155, 157
161, 165, 167, 169, 184, 188, 192, 196, 200, 204, 208, 212, 216
-t <seconds> : stay time on channel before hopping to the next channel
default: 5 seconds
-E <digit> : EAPOL timeout
default: 100000 = 1 second
value depends on channel assignment
-D <digit> : deauthentication intervall
default: 20 (every 20 beacons)
the target beacon intervall is used as trigger
-A <digit> : ap attack intervall
default: 20 (every 20 beacons)
the target beacon intervall is used as trigger
-I : show suitable wlan interfaces and quit
-h : show this help
-v : show version
--filterlist=<file> : mac filter list
format: 112233445566 + comment
maximum line lenght 128, maximum entries 32
--filtermode=<digit> : mode for filter list
1: use filter list as protection list (default)
2: use filter list as target list
--disable_deauthentications: disable transmitting deauthentications
affected: connections between client an access point
deauthentication attacks will not work against protected management frames
--give_up_deauthentications=<digit>: disable transmitting deauthentications after n tries
default: 10 tries (minimum: 4)
affected: connections between client an access point
deauthentication attacks will not work against protected management frames
--disable_disassociations : disable transmitting disassociations
affected: retry (EAPOL 4/4 - M4) attack
--disable_ap_attacks : disable attacks on single access points
affected: client-less (PMKID) attack
--give_up_ap_attacks=<digit> : disable transmitting directed proberequests after n tries
default: 10 tries (minimum: 4)
affected: client-less attack
deauthentication attacks will not work against protected management frames
--disable_client_attacks : disable attacks on single clients points
affected: ap-less (EAPOL 2/4 - M2) attack
--enable_status : enable status messages
--help : show this help
--version : show version