hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
I'm working on this feature
https://github.com/ZerBea/hcxtools/blob/...ol.c#L1664
but it has very low priority, because tshark and/or Wireshark can do it much better:
$ tshark -r test.pcapng.cap -T fields -e wps.device_name -e wps.serial_number
or (inclusive transmitter address and ESSID):
$ tshark -r test.pcapng.cap -T fields -e wlan.ta -e wlan.ssid -e wps.device_name -e wps.serial_number

reference is here:
https://www.wireshark.org/docs/dfref/w/wps.html
full reference is here:
https://www.wireshark.org/docs/dfref/

From several analysis I noticed that many VENDORs doesn't use this fields or fill it with garbage. So don't expect "amazing results":
Running the above cmd we will receive:
"XYZ AP 12345678"
Totally useless!

BTW:
Highest priority, as of today:
AKM (Authentication and Key Management) and EAP (Extensible Authentication Protocol)!
Reply


Messages In This Thread
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 02-05-2020, 09:02 AM