hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Before you start with Wireshark, take a look at the basics of 802.11
here:
https://en.wikipedia.org/wiki/802.11_Frame_Types
Than dive into the study guide here:
https://mrncciew.com/tag/802-11-overview/
Start with a simple frame here:
https://mrncciew.com/2014/10/08/802-11-m...con-frame/
Find it in your sample cap, using Wireshark.
Understand the information elements (IE) inside the frame and how a CLIENT acts, if he received this frame.
Do this on all frames of an authentication process:
Beacon
Proberequest
Proberesponse
Authentication
Association request
Association response
M1
M2
M3
M4
Investigate, why some APs transmitting/requesting additional frames (e.g.: action frames during an authentication)

Read about EAPOL TIMER here:
https://www.researchgate.net/publication...entication
What is their purpose, what will happen if a timer expire - and you will know why some of your converted handshakes are not recoverable.

If we include the radio part (HF) some knowledge about radio basics isn't so bad, too:
radio transmission power
antenna types
wave propagation
radio phase shift
radio modulation types
Reply


Messages In This Thread
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 01-14-2020, 10:02 PM