hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
After some more investigation, I found this in ath9k/common-init.c:
https://git.kernel.org/pub/scm/linux/ker...?h=v5.8.16
Code:
/* Some 2 GHz radios are actually tunable on 2312-2732
* on 5 MHz steps, we support the channels which we know
* we have calibration data for all cards though to make
* this static */

It's time to play around with an Atheros device:
Code:
$ lsusb
ID 0cf3:9271 Qualcomm Atheros Communications AR9271 802.11n

$ hcxdumptool -I
wlan interfaces:
f81a67077d0e wlp39s0f3u1u1u2 (ath9k_htc)

hcxdumptool showing available channels as coded in ath9k/common-init.c:
Code:
static const struct ieee80211_channel ath9k_2ghz_chantable[] = {
    CHAN2G(2412, 0), /* Channel 1 */
    CHAN2G(2417, 1), /* Channel 2 */
    CHAN2G(2422, 2), /* Channel 3 */
    CHAN2G(2427, 3), /* Channel 4 */
    CHAN2G(2432, 4), /* Channel 5 */
    CHAN2G(2437, 5), /* Channel 6 */
    CHAN2G(2442, 6), /* Channel 7 */
    CHAN2G(2447, 7), /* Channel 8 */
    CHAN2G(2452, 8), /* Channel 9 */
    CHAN2G(2457, 9), /* Channel 10 */
    CHAN2G(2462, 10), /* Channel 11 */
    CHAN2G(2467, 11), /* Channel 12 */
    CHAN2G(2472, 12), /* Channel 13 */
    CHAN2G(2484, 13), /* Channel 14 */
};

$ sudo hcxdumptool -i wlp39s0f3u1u1u2 -C
initialization...
available channels:
  1 / 2412MHz (20 dBm)
  2 / 2417MHz (20 dBm)
  3 / 2422MHz (20 dBm)
  4 / 2427MHz (20 dBm)
  5 / 2432MHz (20 dBm)
  6 / 2437MHz (20 dBm)
  7 / 2442MHz (20 dBm)
  8 / 2447MHz (20 dBm)
  9 / 2452MHz (20 dBm)
10 / 2457MHz (20 dBm)
11 / 2462MHz (20 dBm)
12 / 2467MHz (20 dBm)
13 / 2472MHz (20 dBm)
14 / 2484MHz (20 dBm)

terminating...

By latest commit, I added support for additional 2.4GHz channels 15...33 (ath9k driver modification mandatory)
Code:
-c <digit>     : set channel (1,2,3, ...)
                 default channels: 1...13
                 maximum entries: 127
                 allowed channels (depends on the device):
                 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14
                 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33 (driver modification)
                 36, 38, 40, 42, 44, 46, 48, 50, 52, 54, 56, 58, 60, 62, 64, 68, 96
                 100, 102, 104, 106, 108, 110, 112, 114, 116, 118, 120, 122, 124, 126, 128
                 132, 134, 136, 138, 140, 142, 144, 149, 151, 153, 155, 157, 159
                 161, 165, 169, 173

Channellist according to The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) channel patch:
https://github.com/0x90/The-Distribution...penCL-Well (Kali)-scripts/blob/master/patches/ath9k-htc-channels-unlock.patch
Code:
CHAN2G(2407, 14)
CHAN2G(2402, 15)
CHAN2G(2397, 16)
CHAN2G(2392, 17)
CHAN2G(2387, 18)
CHAN2G(2382, 19)
CHAN2G(2377, 20)
CHAN2G(2372, 21)
CHAN2G(2367, 22)
CHAN2G(2362, 23)
CHAN2G(2357, 24)
CHAN2G(2352, 25)
CHAN2G(2347, 26)
CHAN2G(2342, 27)
CHAN2G(2337, 28)
CHAN2G(2332, 29)
CHAN2G(2327, 30)
CHAN2G(2322, 31)
CHAN2G(2317, 32)
CHAN2G(2312, 33)
Reply


Messages In This Thread
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by ZerBea - 10-24-2020, 06:09 PM