hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
hcxdumptool will capture all the required informations and
hcxdumptool is able to detect all kinds of EAP authentications. If hashcat has a correspondending hashmode to recover the password, you can convert the required data easyly, using this switches (hcxpcaptool):
--netntlm-out=<file> : output netNTLMv1 file (hashcat -m 5500, john netntlm)
--md5-out=<file> : output MD5 challenge file (hashcat -m 4800)
--md5-john-out=<file> : output MD5 challenge file (john chap)
--tacacsplus-out=<file> : output TACACS+ authentication file (hashcat -m 16100, john tacacs-plus)

hcxdumptool and hcxtools will follow the crackers (hashcat and JtR). If a hash cracker will be able to crack something, hcxtools will parse it to the hash cracker.

BTW:
This is a nice wireshark filter to take a look inside the pcapng:
wlan.fc.type_subtype == 0x00 || wlan.fc.type_subtype == 0x01 || wlan.fc.type_subtype == 0x02 || wlan.fc.type_subtype == 0x03 || eapol || wlan.fc.type_subtype == 0x04 || wlan.fc.type_subtype == 0x05 || wlan.fc.type_subtype == 0x0b || eapol
We do not need a beacon!
Reply


Messages In This Thread
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 08-05-2018, 02:45 PM