hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
By latest commit, I added several new attack modes to hcxdumptool:
--disable_internal_beacons        : do not transmit beacons using received ESSIDs
                                    default: transmit this kind of beacon once on channel change or every five seconds
                                    affected: ap-less and reactive_beacon, flood_beacon
--use_external_beaconlist=<file>  : transmit beacons from this list
                                    maximum ESSID length 32, maximum entries 4095
                                    default: transmit this kind of beacon once on channel change or every five seconds
                                    affected: ap-less and reactive_beacon, flood_beacon
--reactive_beacon                  : transmit internal/external beacon on every received proberequest
                                    affected: ap-less
--flood_beacon=<digit>            : transmit internal/external beacon after n received management packet
                                    warning: this will spam a channel
                                    affected: ap-less and whole traffic on a channel

and a weak candidate detection:
-weak_candidate=<password>        : use this password (8...63 characters) for weak candidate alert
                                    default: 12345678

--enable-status=1 will inform you when a weak candidate (access point running password 12345678) is in range.

hcxtools got several improvemts, too:
hcxpcaptool received better detection of damaged frames
wlanhcx2essid replaced by hcxessidtool

hcxessidtool 5.2.2 (C) 2019 ZeroBeat
usage:
hcxessidtool <options>

options:
-e <essid>  : filter by ESSID
-E <essid>  : filter by part of ESSID
-l <essid>  : filter by ESSID length
-h          : show this help
-v          : show version

--pmkid1=<file>        : input PMKID file 1
--pmkid2=<file>        : input PMKID file 2
--pmkidout12=<file>    : output only lines present in both PMKID file 1 and PMKID file 2
--pmkidout1=<file>    : output only lines present in PMKID file 1
--pmkidout2=<file>    : output only lines present in PMKID file 2
--pmkidout=<file>      : output only ESSID filtered lines present in PMKID file 1
--hccapx1=<file>      : input HCCAPX file 1
--hccapx2=<file>      : input HCCAPX file 2
--hccapxout12=<file>  : output only lines present in both HCCAPX file 1 and HCCAPX file 2
--hccapxout1=<file>    : output only lines present in HCCAPX file1
--hccapxout2=<file>    : output only lines present in HCCAPX file 2
--hccapxout=<file>    : output only ESSID filtered lines present in HCCAPX file 1
--essidout=<file>      : output ESSID list
--essidmacapout=<file> : output MAC_AP:ESSID list
--help                : show this help
--version              : show version

Main purpose is to get full advantage of reuse of PBKDF2
while merging (only) the same ESSIDs from different hash files
examples:
hcxessidtool --pmkid1=file1.16800 --pmkid2=file2.16800 --pmkidout12=joint.16800
hcxessidtool --pmkid1=file1.16800 -l 10 --pmkidout=filtered.16800
Reply


Messages In This Thread
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 09-18-2019, 02:04 PM