hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Hey,

I really love your tools and had some great success with it. You really set a new standard for wifi-sec auditing!
But I can't really figure out, how to run the server / client stuff with hcxdumptool.
My current setup is a netbook with 4 wifi ifaces. Tried different approaches until I discovered the the server / client mode.
My wrapper / script looks like this

Code:
# Kill NetworkMangler / wpa_supplicant
blah

Iface0 & Iface1 & Iface2 & Iface3
tail -f -q ${LOGDIR}/Iface0.log ${LOGDIR}/Iface1.log ${LOGDIR}/Iface2.log (...)| tee -a $LOGDIR/hcxrun.log
# used to ssh from different mobiles tail -f-ed to see whats going on

==========================================
Iface0 () {
chann="-s 1"
opts="--enable_status=233 --stop_ap_attacks=6000 --resume_ap_attacks=12000 --ip=127.0.0.1"

timeout 30 hcxdumptool --do_rcascan -i $iface0 --bpfc=/root/hcx/protect.bpf
hcxdumptool -i $iface0 $opts $chann -o ${CAPDIR}/$iface0.pcapng | tee -a ${LOGDIR}/$iface0.log
}

==========================================
Iface1 () {
chann="-s 3"
opts="--enable_status=351 --stop_ap_attacks=6000 --resume_ap_attacks=12000 --ip=127.0.0.1"

timeout 30 hcxdumptool --do_rcascan -i $iface0 --bpfc=/root/hcx/protect.bpf
hcxdumptool -i $iface0 $opts $chann -o ${CAPDIR}/$iface0.pcapng | tee -a ${LOGDIR}/$iface0.log
}

==========================================
Iface2 () {
(...)
}

I left the --ip blank, works too
I'm assuming I don't need the -o ${CAPDIR}/$iface0.pcapng whith the clients since there will be only one cap, right?
Do I even need any enable_status other than 256 for the clients?
The logging would be redundant too, right?
Tinkered so much I seem to be stuck in a rut. Can you point me in a general direction where I can read more about server / client?

Thanks!
Reply


Messages In This Thread
wlandump-ng vs hcxdumptool - by hulley - 02-10-2018, 10:26 PM
RE: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats - by Runa - 11-17-2022, 12:35 PM