Posts: 7
Threads: 3
Joined: Jul 2021
I am playing around with mode 2200 in my test environment. I successfully converted the .pcapng file into a 22000 format.
Later, I have used hcxhashtool to create a separate file for EAP.
When I feed this file into hashcat:
hashcat -m 22000 -a 3 -w 3 -O \mulhollandeap.22000 ?l?l?l?l?l?l?l?l
I receive the following information:
Hash 'mulhollandeap.22000': Separator unmatched
No hashes loaded.
Any tips please ?
Damien
Posts: 2,936
Threads: 12
Joined: May 2012
08-12-2021, 03:19 PM
(This post was last modified: 08-12-2021, 04:06 PM by epixoip.)
Double check the name of the file. The filename you are supplying does not exist, so Hashcat is attempting to use the filename you supplied as a literal hash string.
Posts: 7
Threads: 3
Joined: Jul 2021
It is not a pcapng file anymore, because I have converted the pcapng file with hcxcapngtool:
hcxpcapngtool -o mulholland.22000 mulholland.pcapng
And then, I have used hcxhashtool to create a file for EAP
hcxhashtool -i mulholland.22000 -o mullhollandeap.22000 --type=2 --essid=mulholland 130 ⨯
OUI information file...: N/A
total lines read.......: 2
valid hash lines.......: 2
EAPOL hash lines.......: 2
filter by ESSID........: mulholland
EAPOL written..........: 1
Info about the contents:
hcxhashtool -i mullhollandeap.22000 --info=stdout 1 ⨯
SSID.......: mulholland
MAC_AP.....: 000f6612b836 (unknown)
MAC_CLIENT.: 2477039fafd8 (unknown)
VERSION....: 802.1X-2001 (1)
KEY VERSION: WPA2
REPLAYCOUNT: 64348
RC INFO....: ROGUE attack / NC not required
MP M1M2 E2.: challenge
MIC........: c8e515ac6eba3407ceb7d10473ecdf02
HASHLINE...: WPA*02*here-comes-my-hash
OUI information file...: N/A
total lines read.......: 1
valid hash lines.......: 1
EAPOL hash lines.......: 1
EAPOL written..........: 1
And finally, the hashcat command from above
Posts: 1,042
Threads: 2
Joined: Jun 2017
08-12-2021, 05:17 PM
(This post was last modified: 08-12-2021, 05:36 PM by ZerBea.)
Both command lines (hashcat command line and hcxhashtool command line) are faulty.
Correct hashcat command line:
Code:
$ hashcat -m 22000 -w 3 -o founds.txt mulhollandeap.22000 -a 3 ?l?l?l?l?l?l?l?l
Corrrect hcxhashtool command lines:
Code:
$ hcxhashtool -i mulholland.22000 -o mullhollandeap.22000 --essid=mulholland
$ hcxhashtool -i mullhollandeap.22000 --info=stdout
BTW:
No need to choose type=2 if you filter by ESSID strict, because hashcat will take advantage of the reuse of PBKDF2.
Why do you add additional options to hcxhashtool like "130 x" (your first command line) and "1 x" (your second command line).
Posts: 7
Threads: 3
Joined: Jul 2021
The 130 x and 1 x comes from the Terminal window in The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) Linux, so copy/paste error
so, my only mistake was that I have added the --type. The goal was to create a separate file for each wireless network, so I have to use --essid instead.
The above works now, thank you ZerBea.
Posts: 1,042
Threads: 2
Joined: Jun 2017
Glad to hear this.
Here is some more information from Atom about hash mode 22000:
https://hashcat.net/forum/thread-10253-p...l#pid53276