hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
MACs
Thank you for your explanation. I will experiment with "hcxpcapngtool -all" following your advice. Good idea to also filter PMKID's and authenticated handshakes as they obviously are real MAC's.

WPS
I was not asking that you incorporate a WPS attack into hcxdumptool I just wanted a test for auditing routers, not to carry out a full WPS attack, just test if the router responds to PIN attempts.

hcxdumptool could try a few PIN's to see if the router is actually responding then for hcxdumptool to move on. The user can then use reaver or bully if they wish to pursue a WPS attack.

If you are concerned about the time taken on each AP perhaps this WPS vulnerability test could be an optional switch for the user?

I was hoping for a result in the hcxhashtool --info output something like...

WPS Version: 1 (or) 2
WPS Vulnerable: Yes (or) Not responding to PINs

If you still don't like the request I promise to stop going on about it Smile

Thank you
Reply


Messages In This Thread
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by WPA_Catcher - 05-13-2020, 10:17 PM