hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
There is no option to set the frequency, but there are several options to work on channels and scan lists:

Channel options to set one or more channels:
Code:
-c <digit>     : set channel (1,2,3, ...)
                 default channels: 1...13
                 maximum entries: 127
                 allowed channels (depends on the device):
                 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14
                 32, 34, 36, 38, 40, 42, 44, 46, 48, 50, 52, 54, 56, 58, 60, 62, 64, 68, 96
                 100, 102, 104, 106, 108, 110, 112, 114, 116, 118, 120, 122, 124, 126, 128
                 132, 134, 136, 138, 140, 142, 144, 149, 151, 153, 155, 157, 159
                 161, 165, 169, 173

Scan list options to set a scan list:
Code:
-s <digit>     : set predefined scanlist
                 0 = 1,6,11,3,5,1,6,11,2,4,1,6,11,7,9,1,6,11,8,10,1,6,11,12,13 (default)
                 1 = 1,2,3,4,5,6,7,8,9,10,11,12,13
                 2 = 36,40,44,48,52,56,60,64,100,104,108,112,116,120,124,128,132,136,140,149,153,157,161,165
                 3 = 1,2,3,4,5,6,7,8,9,10,11,12,13,36,40,44,48,52,56,60,64,100,104,108,112,116,120,124,128,132,136,140,149,153,157,161,165
Both of this options will replace the default (and optimized) scan list.

There is also an option (-C) to retrieve by the interface supported channels (inclusive frequency and tx power):

First we retrieve the names of available interfaces:
Code:
$ hcxdumptool -I
wlan interfaces:
503eaa92e326 wlp39s0f3u1u1u2 (mt76x0u)
00e06148645e wlp39s0f3u1u1u4 (mt7601u)

The ones are detected by hcxdumptool:
Code:
$ lsusb
Bus 005 Device 008: ID 148f:7601 Ralink Technology, Corp. MT7601U Wireless Adapter
Bus 005 Device 007: ID 148f:761a Ralink Technology, Corp. MT7610U ("Archer T2U" 2.4G+5G WLAN Adapter

Now we can retrieve the channel list, supported by each interface:
Code:
$ sudo hcxdumptool -i wlp39s0f3u1u1u2 -C
initialization...
available channels:
  1 / 2412MHz (14 dBm)
  2 / 2417MHz (14 dBm)
  3 / 2422MHz (14 dBm)
  4 / 2427MHz (14 dBm)
  5 / 2432MHz (14 dBm)
  6 / 2437MHz (14 dBm)
  7 / 2442MHz (14 dBm)
  8 / 2447MHz (14 dBm)
  9 / 2452MHz (14 dBm)
10 / 2457MHz (14 dBm)
11 / 2462MHz (14 dBm)
12 / 2467MHz (14 dBm)
13 / 2472MHz (14 dBm)
36 / 5180MHz (17 dBm)
40 / 5200MHz (17 dBm)
44 / 5220MHz (17 dBm)
48 / 5240MHz (17 dBm)
52 / 5260MHz (17 dBm)
56 / 5280MHz (17 dBm)
60 / 5300MHz (17 dBm)
64 / 5320MHz (17 dBm)
100 / 5500MHz (17 dBm)
104 / 5520MHz (17 dBm)
108 / 5540MHz (17 dBm)
112 / 5560MHz (17 dBm)
116 / 5580MHz (17 dBm)
120 / 5600MHz (17 dBm)
124 / 5620MHz (17 dBm)
128 / 5640MHz (17 dBm)
132 / 5660MHz (17 dBm)
136 / 5680MHz (17 dBm)
140 / 5700MHz (17 dBm)
149 / 5745MHz (17 dBm)
153 / 5765MHz (17 dBm)
157 / 5785MHz (17 dBm)
161 / 5805MHz (17 dBm)
165 / 5825MHz (17 dBm)

terminating...

$ sudo hcxdumptool -i wlp39s0f3u1u1u4 -C
initialization...
available channels:
  1 / 2412MHz (30 dBm)
  2 / 2417MHz (30 dBm)
  3 / 2422MHz (30 dBm)
  4 / 2427MHz (30 dBm)
  5 / 2432MHz (30 dBm)
  6 / 2437MHz (30 dBm)
  7 / 2442MHz (30 dBm)
  8 / 2447MHz (30 dBm)
  9 / 2452MHz (30 dBm)
10 / 2457MHz (30 dBm)
11 / 2462MHz (30 dBm)
12 / 2467MHz (30 dBm)
13 / 2472MHz (30 dBm)
14 / 2484MHz (30 dBm)

terminating...

Now you can run hcxdumptool using your own channel list e.g.: -c 1,6,11

It is mandatory to set the "Regulatory domain":
"The regdomain setting is often made difficult or impossible to change so that the end users do not conflict with local regulatory agencies."
Please read more here:
https://wiki.archlinux.org/index.php/Net...ory_domain
Reply


Messages In This Thread
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 10-24-2020, 08:59 AM