hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Thanks ZerBea!
Yes I'm using the latest update. I check the system RAM and you are right, it's all use-up. I will upload the caps.
Reply
Hi ZerBea.
Do you get good success with possible plainmasterkeys? I have over 16 thousand unique tested, hashcat -m2501 and wlanhcxcat without any success. Am I missing something?
Reply
Hi hulley.
wlanhcxcat is not like hashcat. It is very, very slow. Main purpose is to verify an existing(!) PMK while another cracker is running.
A typical application example is:
hashcat is running und you want to check an existing PMK (debug purpose) or you wnat to retrieve the internal calculated MD5-64 checksum for this hashrecord

$ wlanhcxcat -i test.hccapx -w pmklist
started at 06:17:00 to test 788 records
output is the same like hashcat potfile if the PMK is verifed.

If Atom releases a new hashcat version I compare new hashcat results (potfile) with the output of wlanhcxcat to detect errors and report issues.
Reply
I'm having a problem where wlandump-ng is getting "stuck" after only a minute or two of running in The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali). For example, right now the terminal says "channel:   4, received packets: 4326, pcaperrors: 0" and it has been stuck there for awhile. How should I debug this?
Reply
Just crashed again. It happened after cycling through all of the channels once and then hitting channel 4, just like last time.
Reply
Looks like a driver issue.
First check if your dongle supports "full" monitor mode here:
https://wireless.wiki.kernel.org/en/users/drivers
or here:
https://wikidevi.com/wiki/Main_Page
Check dmesg if there are errors. Should look like this if everything is fine after plugin the dongle:
279065.696320] ieee80211 phy24: rt2x00_set_rt: Info - RT chipset 3070, rev 0201 detected
[279065.751395] ieee80211 phy24: rt2x00_set_rf: Info - RF chipset 0005 detected
[279065.752469] ieee80211 phy24: Selected rate control algorithm 'minstrel_ht'
[279065.789031] rt2800usb 1-1:1.0 wlp0s20f0u1: renamed from wlan0
[279065.817967] IPv6: ADDRCONF(NETDEV_UP): wlp0s20f0u1: link is not ready
[279065.818011] ieee80211 phy24: rt2x00lib_request_firmware: Info - Loading firmware file 'rt2870.bin'
[279065.818048] ieee80211 phy24: rt2x00lib_request_firmware: Info - Firmware detected - version: 0.36

You can run hcxdumptool with -C option to see on which channel the driver crashed.
If hcxdumptool runs without a crash, it could be a libpcap issue (wlandump-ng use libpcap, hcxdumptool not).
You can run wireshark parallel to wlandump-ng/hcxdumptool to monitor incomming and outgoing packets.
Right now only a few driver are working flawless! No USB AC dongle is working out of the box, yet
Here are some some additional informations:
https://docs."k*a*l*i".org/installation/troubleshooting-wireless-driver-issues
You can run  aireplay-ng -9 to test if packet injection works (and how long it works)?
You can run airmon-ng check kill to check if there other processes that have access to the interface.
Do you use a hig power WiFi (1 or 2 watts) dongle (alfa awusxxxx) and does the usb connector provides sufficient power
for that dongle?
Reply
It must be due to a recent k.ali update because it was working fine a week or so ago. I’ll do some tests when I get home
Reply
Found in dmesg:

ieee80211 phy12: rt2x00usb_vendor_request: Error - Vendor Request 0x07 failed for offset 0x1004 with error -110
Reply
also got this error in the terminal

error while sending deauthentication send: No buffer space available
Reply
Typical K*A*L*I problem since a long time (ALFA AWUS036NEH, ALFA AWUS036NH)
Forum there is full of posts like this:
https://forums.k*a*l*i.org/archive/index...26545.html
"Hi have the same problem with an Alfa AWUS036NH usb device. It works randomly but after some time it just stops working and dmesg gives me the following message..."
Do you use a VM?
Reply