New attack on WPA/WPA2 using PMKID
#59
(08-17-2018, 10:51 AM)ZerBea Wrote: hcxdumptool is able to run different attack vectors. And the client-less (PMKID) attack vector is only one of them:

ap-less:
Only one packet (M2) from a client required. You do not need to hunt for access points. Just wait until the clients come to you. Have patience - some clients will give you their PSK in the clear (hcxpcaptool -E -I -U)!
This attack vector is the most important one, because clients are weak! Try to annoy them!
You can run --nonce-error-corrections=0 on that handshake!

client-less:
Only one packet (M1 - PMKID) from an access point is required.
You have to hunt for access points (usually access points don't move). It's hard to annoy an access point.
You need to have a good antenna (high gain)!

m4 - retry:
After receipt of a single M4, M1, M2, M3 are requested as long as we didn't successfull captured an authorized handshake (M2/M3).
A client and an access point are required for this attack vector! You need to have a good antenna!

deauthentication (old school):
Disconnect a client from the network and capture the following authentication.
A client and an access point are required for this attack vector!
You need to have a good antenna (high gain)!
Attack vector will not work if PMF is enabled


Possible reason why you didn't receive a PMKID:
No access point with activated roaming is in range.

But so what:
A client is in range - play with him!
Thanks for the info. Not sure it answered my question?
Can someone tell me why am only getting Found handshake AP-LESS ,EAPOL TIMEOUT
I have not seen PMKID Found only handshake found

Thanks Kev


Messages In This Thread
New attack on WPA/WPA2 using PMKID - by atom - 08-04-2018, 06:50 PM
RE: New attack on WPA/WPA using PMKID - by hash93 - 08-04-2018, 09:18 PM
RE: New attack on WPA/WPA using PMKID - by ZerBea - 08-05-2018, 10:53 AM
RE: New attack on WPA/WPA2 using PMKID - by kcdtv - 08-05-2018, 11:41 PM
RE: New attack on WPA/WPA2 using PMKID - by lint - 08-06-2018, 06:09 PM
RE: New attack on WPA/WPA2 using PMKID - by lint - 11-07-2018, 07:05 PM
RE: New attack on WPA/WPA2 using PMKID - by atom - 08-08-2018, 11:16 AM
RE: New attack on WPA/WPA2 using PMKID - by atom - 08-08-2018, 11:55 AM
RE: New attack on WPA/WPA2 using PMKID - by kcdtv - 08-09-2018, 04:11 PM
RE: New attack on WPA/WPA2 using PMKID - by octf - 08-11-2018, 07:21 AM
RE: New attack on WPA/WPA2 using PMKID - by skan - 08-13-2018, 03:57 AM
RE: New attack on WPA/WPA2 using PMKID - by kevtheskin - 08-18-2018, 01:48 PM
RE: New attack on WPA/WPA2 using PMKID - by LoZio - 08-17-2018, 01:49 PM
RE: New attack on WPA/WPA2 using PMKID - by L3pus - 08-21-2018, 09:23 AM
RE: New attack on WPA/WPA2 using PMKID - by lint - 09-03-2018, 12:07 PM
RE: New attack on WPA/WPA2 using PMKID - by sao - 08-27-2018, 06:10 AM
RE: New attack on WPA/WPA2 using PMKID - by Mem5 - 08-27-2018, 07:24 PM
RE: New attack on WPA/WPA2 using PMKID - by JCas - 09-01-2018, 02:13 PM
RE: New attack on WPA/WPA2 using PMKID - by dafez - 09-03-2018, 04:40 PM
RE: New attack on WPA/WPA2 using PMKID - by dafez - 09-07-2018, 04:55 AM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-21-2018, 03:43 AM
RE: New attack on WPA/WPA2 using PMKID - by Mem5 - 09-21-2018, 09:39 AM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-21-2018, 12:51 PM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-22-2018, 01:49 AM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-22-2018, 04:50 PM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-22-2018, 10:22 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-23-2018, 11:07 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-27-2018, 06:29 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-27-2018, 06:20 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-27-2018, 06:31 PM
RE: New attack on WPA/WPA2 using PMKID - by lint - 11-07-2018, 07:10 PM