hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
hcxdumptool default capture format will be pcapng. That means upcomming hcxdumptool 4.2.0 will save the data in pcapng format. wlandump-ng and wlancap2hcx will be removed in version 4.2.0!
I decided to switch to pcapng, because it has many advantages. New attack modes requiere to calculate pre-hashes and nonces during runtime of the dumper. pcapng format is able to handle comments, and we can store this values within the comment field, to provide the following conversiontool with this values. I don't like the idea to use separate files or incredibly long commandlines for this purpose.

You can download first hcxdumptool testversion here:
https://github.com/ZerBea/hcxdumptool_bleeding_testing
This is a bleeding version. So expect compiler warnings and missing functions as well as some (heavy) bugs!

Latest update hcxpcaptool is able to evaluate pcapng options:
$ hcxpcaptool -o test.hccapx  sae_simple_psk.pcapng
start reading from sae_simple_psk.pcapng
summary:                                        
file name....................: sae_simple_psk.pcapng
file type....................: pcapng 1.0
file hardware information....: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz (with SSE4.2)
file os information..........: Linux 4.14.0-kali3-amd64
file application information.: Dumpcap (Wireshark) 2.4.4 (Git v2.4.4 packaged as 2.4.4-1)
network type.................: DLT_IEEE802_11_RADIO (127)
endianess....................: little endian
read errors..................: flawless
packets inside...............: 30
skipped packets..............: 0
packets with FCS.............: 0
beacons (with ESSID inside)..: 2
probe responses..............: 1
association requests.........: 1
association responses........: 1
authentications (SAE)........: 4
deauthentications............: 3
action packets...............: 1
EAPOL packets................: 4
best handshakes..............: 1 (ap-less: 0)

1 handshake(s) written to test.hccapx

Keep in mind: This is only an example of the evaluation of pcapng option fields and  n o t  SAE cracking!!!

Beside this informations:
file hardware information....: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz (with SSE4.2)
file os information..........: Linux 4.14.0-kali3-amd64
file application information.: Dumpcap (Wireshark) 2.4.4 (Git v2.4.4 packaged as 2.4.4-1)
hcxdumptool will save the interface name and the first three bytes of the capture device mac (OUI), too, to identify faulty vendor drivers. Also pre-hashed data like client based calculated authenticationkeys and nonces are saved in the comment fields.

Read more about pcapng format specs here:
https://pcapng.github.io/pcapng/
And about the advantages here:
http://www.lovemytool.com/blog/2012/10/f...walls.html

Get example cap from here:
https://github.com/vanhoefm/wifi-example-captures
or here:
https://www.cloudshark.org/captures/3638626f4551
Reply
(07-23-2018, 12:21 AM)ZerBea Wrote: hcxdumptool default capture format will be pcapng. That means upcomming hcxdumptool 4.2.0 will save the data in pcapng format. wlandump-ng and wlancap2hcx will be removed in version 4.2.0!
I decided to switch to pcapng, because it has many advantages. New attack modes requiere to calculate pre-hashes and nonces during runtime of the dumper. pcapng format is able to handle comments, and we can store this values within the comment field, to provide the following conversiontool with this values. I don't like the idea to use separate files or incredibly long commandlines for this purpose.

You can download first hcxdumptool testversion here:
https://github.com/ZerBea/hcxdumptool_bleeding_testing
This is a bleeding version. So expect compiler warnings and missing functions as well as some (heavy) bugs!

Latest update hcxpcaptool is able to evaluate pcapng options:
$ hcxpcaptool -o test.hccapx  sae_simple_psk.pcapng
start reading from sae_simple_psk.pcapng
summary:                                        
file name....................: sae_simple_psk.pcapng
file type....................: pcapng 1.0
file hardware information....: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz (with SSE4.2)
file os information..........: Linux 4.14.0-kali3-amd64
file application information.: Dumpcap (Wireshark) 2.4.4 (Git v2.4.4 packaged as 2.4.4-1)
network type.................: DLT_IEEE802_11_RADIO (127)
endianess....................: little endian
read errors..................: flawless
packets inside...............: 30
skipped packets..............: 0
packets with FCS.............: 0
beacons (with ESSID inside)..: 2
probe responses..............: 1
association requests.........: 1
association responses........: 1
authentications (SAE)........: 4
deauthentications............: 3
action packets...............: 1
EAPOL packets................: 4
best handshakes..............: 1 (ap-less: 0)

1 handshake(s) written to test.hccapx

Keep in mind: This is only an example of the evaluation of pcapng option fields and  n o t  SAE cracking!!!

Beside this informations:
file hardware information....: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz (with SSE4.2)
file os information..........: Linux 4.14.0-kali3-amd64
file application information.: Dumpcap (Wireshark) 2.4.4 (Git v2.4.4 packaged as 2.4.4-1)
hcxdumptool will save the interface name and the first three bytes of the capture device mac (OUI), too,  to identify faulty vendor drivers. Also pre-hashed data like client based calculated authenticationkeys and nonces are saved in the comment fields.

Read more about pcapng format specs here:
https://pcapng.github.io/pcapng/
And about the advantages here:
http://www.lovemytool.com/blog/2012/10/f...walls.html

Get example cap from here:
https://github.com/vanhoefm/wifi-example-captures
or here:
https://www.cloudshark.org/captures/3638626f4551

Excelent
Reply
Hi strike1953.
Well, I hope so. I didn't see any chance to save during runtime calculated values in a better way. The option field of pcapng seems to be a good way to do that.
Wireshark is an absolutely fantastic analysis tool (my favourite), so it's good to be compatible with that nice tool. Also I noticed, that wireshark opens a pcapng file much faster than an old cap/pcap file (32bit alignment, permit backward file navigation, ...).
Since hcxtools running in the background of https://wpa-sec.stanev.org/? , pcapng capture files are accepted by the server, as well as gz compressed files (pcapng, cap, pcap).
Last but not least can we provide the following hashcracktool with all values requiered by the cracking procedure:
dumper/attacker -> conversiontool -> hashcracker -> database
(for example: hcxdumptool -> hcxpcaptool -> hashcat -> wpa-sec database)
We do this allready in a very simple way, using the messagepair field in the hccapx record.
Reply
BTW:
Parsing pre-hashes or nonces isn't really witchcraft. We are doing this allready:
hcxpcaptool -h
--netntlm-out=<file>
In that case a SHA1 pre-hash, based on an EAP authentication frame, is parsed to hashcat.
Reply
Small update on hcxdumptool and hcxtools: moved to v 4.2.0 rc1:
Added complete new WPA attackmode according to new hashcat hashmodes 16800 and 16801. The attack is performed on the RSN IE (Robust Security Network Information Element) of an EAPOL 1/4 frame in 802.11i networks.
At this moment we do not know on which vendors and on how many routers this will work. Please test it...
Also hcxdumptool isn't ready for a 100% attack - I'm working on it.

$ hcxpcaptool -h
-z <file> : output PMKID file (hashcat hashmode -m 16800)
-Z <file> : output PMKID file (hashcat hashmode -m 16801)

Advantage:
only 2 packets required
1 associationrequest/reassociationrequest (proberesponse is ok, too)
2 EAPOL 1/4 (M1) with included RSN IE

Remember ap-less attack:
only 2 packets required
1 associationrequest/reassociationrequest (proberequest is ok, too)
2 EAPOL 2/4 (M2) as response to hcxdumptool

Just use hcxdumptool to capture, hcxpcaptool to convert and hashcat to crack

hcxtools update: 4.2.0 rc1
added new attack mode on WPA PMKID

$ hcxpcaptool -z hashfile.16800 pmkidassociationrequest.pcapng
start reading from pmkidassociationrequest.pcapng
summary:                                        
file name....................: pmkidassociationrequest.pcapng
file type....................: pcapng 1.0
file hardware information....: unknown
file os information..........: unknown
file application information.: unknown
network type.................: DLT_IEEE802_11_RADIO (127)
endianess....................: little endian
read errors..................: flawless
packets inside...............: 3
skipped packets..............: 0
packets with FCS.............: 0
association requests.........: 1
association responses........: 1
EAPOL packets................: 1
EAPOL PMKIDs.................: 1

1 PMKID(s) written to hashfile.16800

$ hashcat -m 16800 hashfile.16800 wordlist

example hashes are here:
https://hashcat.net/wiki/doku.php?id=example_hashes
Reply
Thanks the update. Going to test....
Reply
(07-25-2018, 08:44 PM)ZerBea Wrote: Small update on hcxdumptool and hcxtools: moved to v 4.2.0 rc1:
Added complete new WPA attackmode according to new hashcat hashmodes 16800 and 16801. The attack is performed on the RSN IE (Robust Security Network Information Element) of an EAPOL 1/4 frame.
At this moment we do not know on which vendors and on how many routers this will work. Please test it...
Also hcxdumptool isn't ready for a 100% attack - I'm working on it.

$ hcxpcaptool -h
-z <file> : output PMKID file (hashcat hashmode -m 16800)
-Z <file> : output PMKID file (hashcat hashmode -m 16801)

Advantage:
only 2 packets required
1 associationrequest/reassociationrequest (proberesponse is ok, too)
2 EAPOL 1/4 (M1) with included RSN IE

Remember ap-less attack:
only 2 packets required
1 associationrequest/reassociationrequest (proberequest is ok, too)
2 EAPOL 2/4 (M2) as response to hcxdumptool

Just use hcxdumptool to capture, hcxpcaptool to convert and hashcat to crack

hcxtools update: 4.2.0 rc1
added new attack mode on WPA PMKID

$ hcxpcaptool -z hashfile.16800 pmkidassociationrequest.pcapng
start reading from pmkidassociationrequest.pcapng
summary:                                        
file name....................: pmkidassociationrequest.pcapng
file type....................: pcapng 1.0
file hardware information....: unknown
file os information..........: unknown
file application information.: unknown
network type.................: DLT_IEEE802_11_RADIO (127)
endianess....................: little endian
read errors..................: flawless
packets inside...............: 3
skipped packets..............: 0
packets with FCS.............: 0
association requests.........: 1
association responses........: 1
EAPOL packets................: 1
EAPOL PMKIDs.................: 1

1 PMKID(s) written to hashfile.16800

$ hashcat -m 16800 hashfile.16800 wordlist

example hashes are here:
https://hashcat.net/wiki/doku.php?id=example_hashes



Hashcat -m 16800?????? where?
Unknown hash-type '16800' selected
Reply
please use latest git updates!
hashcat:
https://github.com/hashcat/hashcat/commi...3d8d7f4400
hcxtools:
https://github.com/ZerBea/hcxtools
hcxdumptool:
https://github.com/ZerBea/hcxdumptool

or test hcxdumptool-bleeding (disabled make install because it's really a bleeding version):
https://github.com/ZerBea/hcxdumptool_bleeding_testing
I started the complete refactoring of hcxdumptool, because old version acts as an AP for CLIENTs (ap-less attack).
After the implementation of hasmodes 1680x, new hcxdumptool acts as CLIENT for APs (client-less attack), too.
Unfortunately I noticed that new hcxdumptool now attacks itself (because of full mac randomization).

We need full randomization of all values to prevent counter measures against us. That includes
- mac address
- replaycounter
- nonce
- authenticationkeys
- and perhaps more...

Now, bleeding will start like this:
$ sudo ./hcxdumptool-bleeding -i wlp39s0f3u4u5 -o test.pcapng -t 10 -s 1 -H blacklisthost -C blacklistclient

start capturing (stop with ctrl+c)
INTERFACE:...: wlp39s0f3u4u5
MAC_STA......: f0a2253d7966 (client)
MAC_AP.......: 140708855fcf (start OUI)
REPLAYCOUNTER: 64052
ANONCE.......: 56f695dcb497439bbde941b67cdb98b06ad9b98c45dfc55853bd45b8551dabac

[10:14:16 - 001] f0a2253d7966 -> ffffffffffff [SENDING BROADCAST PROBEREQUEST]
...
and if you receive a PMKID it will look like this:
[10:21:18 - 001] xxxxxxxxxxxx -> xxxxxxxxxxxx [EAPOL M1, REPLAYCOUNT 1, FOUND PMKID]

No M2, M3 or M4 needed for hashcat -m 16800 to recover the PSK. The PMKID is authorized by the AP and 100% valid.
Reply
太棒了伙计加油
Reply
(07-26-2018, 09:54 AM)ZerBea Wrote: please use latest git updates!
hashcat:
https://github.com/hashcat/hashcat/commi...3d8d7f4400
hcxtools:
https://github.com/ZerBea/hcxtools
hcxdumptool:
https://github.com/ZerBea/hcxdumptool

or test hcxdumptool-bleeding (disabled make install because it's really a bleeding version):
https://github.com/ZerBea/hcxdumptool_bleeding_testing
I started the complete refactoring of hcxdumptool, because old version acts as an AP for CLIENTs (ap-less attack).
After the implementation of hasmodes 1680x, new hcxdumptool acts as CLIENT for APs (client-less attack), too.
Unfortunately I noticed that new hcxdumptool now attacks itself (because of full mac randomization).

We need full randomization of all values to prevent counter measures against us. That includes
- mac address
- replaycounter
- nonce
- authenticationkeys
- and perhaps more...

Now, bleeding will start like this:
$ sudo ./hcxdumptool-bleeding -i wlp39s0f3u4u5 -o test.pcapng -t 10 -s 1 -H blacklisthost -C blacklistclient

start capturing (stop with ctrl+c)
INTERFACE:...: wlp39s0f3u4u5
MAC_STA......: f0a2253d7966 (client)
MAC_AP.......: 140708855fcf (start OUI)
REPLAYCOUNTER: 64052
ANONCE.......: 56f695dcb497439bbde941b67cdb98b06ad9b98c45dfc55853bd45b8551dabac

[10:14:16 - 001] f0a2253d7966 -> ffffffffffff [SENDING BROADCAST PROBEREQUEST]
...
and if you receive a PMKID it will look like this:
[10:21:18 - 001] xxxxxxxxxxxx -> xxxxxxxxxxxx [EAPOL M1, REPLAYCOUNT 1, FOUND PMKID]

No M2, M3 or M4 needed for hashcat -m 16800 to recover the PSK. The PMKID is authorized by the AP and 100% valid.


Sorry, thank you
Reply