New attack on WPA/WPA2 using PMKID
(11-17-2018, 12:50 AM)ZerBea Wrote: Ok, fixed that ugly big endian issue when we are doing an option walk through the pcapng options:
https://github.com/ZerBea/hcxtools/commi...8548768110
Thanks for reporting this and the test pcapng files. Now hcxpcaptool will show correct informations about big endian pcapng file on little endian systems. But nevertheless, v2.pcapng doesn't contain handshakes or PMKIDs.

$ hcxpcaptool -V v1.pcapng
reading from v1.pcapng
summary:                                        
file name....................: v1.pcapng
file type....................: pcapng 1.0
file hardware information....: mips
file os information..........: Linux 3.18.84
file application information.: hcxdumptool 5.0.0
network type.................: DLT_IEEE802_11_RADIO (127)
endianess....................: big endian
read errors..................: flawless
packets inside...............: 286
skipped packets..............: 0
packets with GPS data........: 0
packets with FCS.............: 259
beacons (with ESSID inside)..: 7
probe requests...............: 8
probe responses..............: 10
association requests.........: 7
association responses........: 13
reassociation requests.......: 1
reassociation responses......: 1
authentications (OPEN SYSTEM): 160
authentications (BROADCOM)...: 7
EAPOL packets................: 78
EAPOL PMKIDs.................: 4
best handshakes..............: 2 (ap-less: 0)


$ hcxpcaptool -V v2.pcapng
reading from v2.pcapng
summary:                                        
file name....................: v2.pcapng
file type....................: pcapng 1.0
file hardware information....: mips
file os information..........: Linux 3.18.84
file application information.: hcxdumptool 5.0.0
network type.................: DLT_IEEE802_11_RADIO (127)
endianess....................: big endian
read errors..................: flawless
packets inside...............: 14
skipped packets..............: 0
packets with GPS data........: 0
packets with FCS.............: 14
beacons (with ESSID inside)..: 3
probe requests...............: 1
probe responses..............: 3
authentications (OPEN SYSTEM): 7
authentications (BROADCOM)...: 2

Now let's identify the next issue. Therefore we need a pcapng which contains a handshake or a PMKID from your target.

Alright so I tried another dump this time with enable_status 1, see if that worked at all

Code:
[23:05:49 - 006] 2c3033f3f889 -> f0a22504c0b1 [FOUND PMKID CLIENT-LESS]
[23:05:51 - 006] 2c3033f3f889 -> e8617eb9ac97 [FOUND PMKID]
[23:06:01 - 011] 9c1e958f2ea2 -> f0a22504c0b1 [FOUND PMKID CLIENT-LESS]

Im not exactly sure what wifi clients these are as mode 1 doesnt show the ID's but editing it in notepad shows the "shit wifi" and Im seeing [FOUND PMKID] in the console, does that mean it worked? Still learning how to interpolate this

v3 is here http://www.mediafire.com/?bqos57dnnf4kn8...socgondcui


Messages In This Thread
New attack on WPA/WPA2 using PMKID - by atom - 08-04-2018, 06:50 PM
RE: New attack on WPA/WPA using PMKID - by hash93 - 08-04-2018, 09:18 PM
RE: New attack on WPA/WPA using PMKID - by ZerBea - 08-05-2018, 10:53 AM
RE: New attack on WPA/WPA2 using PMKID - by kcdtv - 08-05-2018, 11:41 PM
RE: New attack on WPA/WPA2 using PMKID - by lint - 08-06-2018, 06:09 PM
RE: New attack on WPA/WPA2 using PMKID - by lint - 11-07-2018, 07:05 PM
RE: New attack on WPA/WPA2 using PMKID - by atom - 08-08-2018, 11:16 AM
RE: New attack on WPA/WPA2 using PMKID - by atom - 08-08-2018, 11:55 AM
RE: New attack on WPA/WPA2 using PMKID - by kcdtv - 08-09-2018, 04:11 PM
RE: New attack on WPA/WPA2 using PMKID - by octf - 08-11-2018, 07:21 AM
RE: New attack on WPA/WPA2 using PMKID - by skan - 08-13-2018, 03:57 AM
RE: New attack on WPA/WPA2 using PMKID - by LoZio - 08-17-2018, 01:49 PM
RE: New attack on WPA/WPA2 using PMKID - by L3pus - 08-21-2018, 09:23 AM
RE: New attack on WPA/WPA2 using PMKID - by lint - 09-03-2018, 12:07 PM
RE: New attack on WPA/WPA2 using PMKID - by sao - 08-27-2018, 06:10 AM
RE: New attack on WPA/WPA2 using PMKID - by Mem5 - 08-27-2018, 07:24 PM
RE: New attack on WPA/WPA2 using PMKID - by JCas - 09-01-2018, 02:13 PM
RE: New attack on WPA/WPA2 using PMKID - by dafez - 09-03-2018, 04:40 PM
RE: New attack on WPA/WPA2 using PMKID - by dafez - 09-07-2018, 04:55 AM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-21-2018, 03:43 AM
RE: New attack on WPA/WPA2 using PMKID - by Mem5 - 09-21-2018, 09:39 AM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-21-2018, 12:51 PM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-22-2018, 01:49 AM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-22-2018, 04:50 PM
RE: New attack on WPA/WPA2 using PMKID - by marcou3000 - 09-22-2018, 10:22 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-23-2018, 11:07 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-27-2018, 06:29 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-27-2018, 06:20 PM
RE: New attack on WPA/WPA2 using PMKID - by Rit - 10-27-2018, 06:31 PM
RE: New attack on WPA/WPA2 using PMKID - by lint - 11-07-2018, 07:10 PM
RE: New attack on WPA/WPA2 using PMKID - by dojo_mast3r - 11-17-2018, 01:10 AM