Posts: 6
Threads: 1
Joined: Jan 2024
Hello, I'm learning and trying to crack my own wifi using hashcat. I already used aircrack but on cpu it's really to slow and not very efficient so I want to use hashcat. I'm using this resources, so up to date hashcat hashcat.net . There's two problem :
- First, after disabling my wifi with $ sudo systemctl stop NetworkManager.service $ sudo systemctl stop wpa_supplicant.service I can reenable it. If I restart the services my interfaces is gone and I can't connect to wifi with it. I can see that with nmcli
- More important, I always end up the dump with errors witn no clue why. Here's a typical error message
102 ERROR(s) during runtime
25024 packet(s) captured
1 SHB written to pcapng dumpfile
1 IDB written to pcapng dumpfile
1 ECB written to pcapng dumpfile
55 EPB written to pcapng dumpfile
exit on error
bye-bye
This time was the only one where I had enough frame to launch hashcat on a... public wifi with no password... Else when there's no public wifi captured but only private wifi, it always stop before getting enough frame and I can't start hashcat.
I tried this on my day-to-day endeavouros and on a The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux installed for the occasion on a dualboot.
Thank you for reading me !
Posts: 1,044
Threads: 2
Joined: Jun 2017
01-09-2024, 01:55 PM
(This post was last modified: 01-09-2024, 02:00 PM by ZerBea.)
That is an indicator that something is wrong with you configuration and/or with the WiFi device driver:
Code:
102 ERROR(s) during runtime
Please comment output of:
Code:
$ hcxdumptool -v
$ hcxdumptool -L
Latest git head of hcxdumptool will give some additional information about the ERRORs.
Posts: 6
Threads: 1
Joined: Jan 2024
Sure, ```hcxdumptool 6.3.2 (C) 2023 ZeroBeat
running on Linux kernel 6.6.9-arch1-1
running GNU libc version 2.38
compiled by gcc 13.2.1
compiled with Linux API headers 6.4.0
compiled with GNU libc headers 2.38```
```available wlan devices:
phy idx hw-mac virtual-mac m ifname driver (protocol)
---------------------------------------------------------------------------------------------
0 2 04e8b908011f 04e8b908011f + wlan0 iwlwifi (NETLINK)
* active monitor mode available
+ monitor mode available
- no monitor mode available```
Since I have the exact same problem on both OS, can it really be a driver problem ?
Posts: 1,044
Threads: 2
Joined: Jun 2017
01-09-2024, 06:33 PM
(This post was last modified: 01-09-2024, 06:44 PM by ZerBea.)
Thanks.
There are several (still unfixed) problems regarding this chipsets and the Linux driver (iwlwifi):
https://bugzilla.kernel.org/show_bug.cgi?id=214291
https://duckduckgo.com/?q=iwlwifi+mpacke...fab&ia=web
As long as these issues are not fixed, hcxdumptool will not work running this chipsets.
Monitor mode and packet injection is official not supported:
https://www.intel.com/content/www/us/en/...ducts.html
Due to this problems, I do not recommend this chipset in combination with hcxdumtool.
From hcxdumptool README.md:
Code:
Not recommended WiFi chipsets:
* Broadcom (neither monitor mode nor frame injection by official Linux kernel)
* Qualcomm (no frame injection by official Linux kernel)
* Intel (monitor mode and frame injection problems)
Posts: 6
Threads: 1
Joined: Jan 2024
I see, is there alternative or must I buy external chipset ? (usb wifi ?)
Posts: 1,044
Threads: 2
Joined: Jun 2017
01-09-2024, 07:48 PM
(This post was last modified: 01-09-2024, 08:03 PM by ZerBea.)
As a first step (and to figure out if things changed since the bug report of "2021-09-02 15:32 UTC" you can go for latest git:
https://github.com/ZerBea/hc
enable the new debug mode in Makefile:
Code:
# uncomment to enable DEBUG log
#DEFS += -DHCXDEBUG
Compile and run hcxdumptool.
When terminated, take a look at hcxdumptool.log.
The log file should contain errno messages as reported by the system.
(I'm interested in this log, too).
In general, it is not a good idea to use a PCIe card (notebook) due to possible interferences (and a poor range), e.g.
https://www.phoronix.com/forums/forum/ha...-for-linux
https://forums.tomshardware.com/threads/...on.735369/
and a lot more.
USB WiFi (with external antenna connector) is a good choice. Here are some tests:
https://github.com/ZerBea/hcxdumptool/discussions/361
best value for money as of today:
https://github.com/ZerBea/hcxdumptool/di...nt-7551692
BTW:
Monitor mode capabilities of an interface/driver do not mean automatically capabilities to inject frames:
https://community.intel.com/t5/Wireless/...-p/1560256
hcxdumptool need both (monitor mode and full packet injection capabilities).
Posts: 6
Threads: 1
Joined: Jan 2024
I have bad news : I uninstall hcxdumptool, compile it from source on your repo and uncomment the debug value. Indeed I get a log file, but it's empty
Posts: 1,044
Threads: 2
Joined: Jun 2017
This are good news. Looks like latest git head is working as expected.
Posts: 6
Threads: 1
Joined: Jan 2024
So if I understand this correctly, the problem isn't about my card being incompatible, but doesn't have the ability to send packet ?
Here's a simple test ```sudo aireplay-ng -9 wlan0
08:44:10 Trying broadcast probe requests...
08:44:12 No Answer...
08:44:12 Found 0 APs```
I succeed finding a password for a wifi with its hash but sometimes I think I can't capture the 4 way handshake and the dump crash before. Is the only solution to resolve all my problem is the wifi card ? I guess I can spend 10$ if it's the only issue
Posts: 1,044
Threads: 2
Joined: Jun 2017
08:44:12 No Answer...
The WiFi card/adapter does not support frame injection.
Please notice that aireplay-ng only test if broadcast proberequests are acknowledged by an AP.
Even if these should be acknowledged it doesn't mean that injection of other frames is supported, too.
If you would like to buy a WiFi USB adapter, make sure that the driver is part of the Linux kernel, that it support monitor mode and full frame injection.
This drivers meet that requirements:
Mediatek (mt76 & mt7601)
https://git.kernel.org/pub/scm/linux/ker...?h=v6.6.10
Realtek (8188, 8192, 8710, 8723):
https://git.kernel.org/pub/scm/linux/ker...?h=v6.6.10
Ralink (2x00, this are mostly old chipsets)
https://git.kernel.org/pub/scm/linux/ker...?h=v6.6.10
Atheros (only ath9k)
https://git.kernel.org/pub/scm/linux/ker...?h=v6.6.10
newer chipsets will cause problems, e.g. no frame injection:
https://wireless.wiki.kernel.org/en/user...ers/ath10k