hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
small notice about hcxpcaptool option -I:
hcxdumptool is able to request identities from a client (for example the International Mobile Subscriber Identity [IMSI] Number from a mobile phone). Running --enable_status=1 will immediately show you this identities.
The IMSI is a string of not more than 15 digits.  It is composed of a three digit Mobile country Code (MCC), a two or three digit Mobile Network Code (MNC), and a Mobile Subscriber Identification Number (MSIN) of no more than 10 digits. MCC and MNC uniquely identify the GSM operator (read more in RFC4186).

If you run hcxpcaptool on this pcapng file, you will get this information:
found........................: EAP-SIM (GSM Subscriber Modules) Authentication

The file, selected by -I will show you either the user's IMSI (permanent) or his temporary identity (pseudonym).

Permanent usernames:
1123456789098765@myoperator.com might be a valid permanent identity.
1123456789098765 is the permanent username.
1 = permanent
12345 = MNC
123 = MCC

Pseudonym usernames:
3s7ah6n9q@myoperator.com might be a valid pseudonym identity.
3s7ah6n9q is the pseudonym username.

Fast re-authentication usernames.
53953754@myoperator.com might be a valid fast re-authentication identity.
53953754 is the fast re-authentication username.  Unlike permanent usernames and pseudonym usernames, fast re-authentication usernames are one-time identifiers.

In all three cases, it is possible to retrieve MNC and NCC from the suffix, too:
xxxxx...xxx@wlan.mncYYY.mccZZZ.@myoperator.com
YYY = MNC
ZZZ = MCC
Reply


Messages In This Thread
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 02-04-2019, 07:58 AM