hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Hello,

My admiration at your ability to develop solutions that help make the world a better place.  It requires a lot of dedication.

I compiled the code for Android using instructions.  I have an rooted Android 5.1.1 phone. The following files have been generated:
\GitHub\hcxdumptool\obj\local\armeabi-v7a\hcxdumptool
\GitHub\hcxdumptool\obj\local\armeabi-v7a\objs\hcxdumptoolzhcxdumptool.o
\GitHub\hcxdumptool\obj\local\armeabi-v7a\objs\hcxdumptoolzhcxdumptool.o.d

I would appreciate help (document) that explains how to install these on the phone.

Thanks
Reply
Hi chribonn.
Pull request to support Android came from here:
https://github.com/JuniorJPDJ
and should be answered by JuniorJPDJ.
Reply
(08-16-2018, 01:56 PM)chribonn Wrote: Hello,

My admiration at your ability to develop solutions that help make the world a better place.  It requires a lot of dedication.

I compiled the code for Android using instructions.  I have an rooted Android 5.1.1 phone. The following files have been generated:
\GitHub\hcxdumptool\obj\local\armeabi-v7a\hcxdumptool
\GitHub\hcxdumptool\obj\local\armeabi-v7a\objs\hcxdumptoolzhcxdumptool.o
\GitHub\hcxdumptool\obj\local\armeabi-v7a\objs\hcxdumptoolzhcxdumptool.o.d

I would appreciate help (document) that explains how to install these on the phone.

Thanks

If you are a simple user like me, buy a Nexus 5 on ebay and install this ROM:

https://gist.github.com/binkybear/8f0f4e...c3c3edd08e

works like a charmSmile

With the internal wireless card and tplink tl-wn722n

also.

Thanks Hashcat developers and especially to Zerbea for the dedication and patience with all users.
Reply
(08-15-2018, 08:46 AM)ZerBea Wrote: If so, is there any way to convert from 2500/hccapx to 16800/PMKID file formats?
-> No, hccapx doesn't store this informations. And if you use a dumper which saves only M2 and M3, PMKID get lost, too.
In this case what is the best way to manage handshakes in 2500/hccapx files? Except for raw editing with HEX-editor, ofcourse.
Is there any way to store hccapx as text and send it to hashcat, like HEX-escaping you wrote about in post #331 ?
Or maybe [*.hccapx] => [text] => Manage(add/delete/unique/sort) => [*.hccapx] => feed to hashcat?
Reply
...many ways lead to Rome.
You can split your hccapx file with split (a single record is 393 bytes) and use cut to merge them.
https://stackoverflow.com/questions/2016...r-of-lines

You can run wlanhcxinfo to get informations about the content of a hccapx file
You can run wlanhcx2ssid to manage the content and to select what ever you want from the content. Also it is possible to cascade wlanhcx2ssid to narrow down the results.
But there is no way to use a txt format for that purpose.

Please keep in mind:
If the dumper fails, you will never get all required data!
Do not use any additional tools to strip or modify the capture files (as long as you do not know how 802.11 protocol works), since they can mangle handshakes and lead to uncrackable results.
Reply
Running hcxdumptool on Android isn't trivial and rooting the device and/or using a custom ROM (for example LINEAGE) isn't enough.

Read more here:
https://github.com/seemoo-lab/nexmon
Reply
small update hcxpcaptool:
detect NETWORK EAP authentication system and Wilibox specific authentication fields:
$ hcxpcaptool -V test.pcapng
start reading from test.pcapng
Summary:                                        
file name....................: test.pcapng
file type....................: pcapng 1.0
file hardware information....: armv6l
file os information..........: Linux 4.14.59-1-ARCH
file application information.: hcxdumptool 4.2.1
network type.................: DLT_IEEE802_11_RADIO (127)
endianess....................: little endian
read errors..................: flawless
packets inside...............: 2
skipped packets..............: 0
packets with FCS.............: 0
authentications (OPEN SYSTEM): 1
authentications (NETWORK EAP): 1
authentications (WILIBOX)....: 1

Read more about NETWORK EAP here:
https://community.cisco.com/t5/wireless-...-p/3128082

I still don't know the secrets about that VENDOR specific field within the authentication frame. Not all devices use them.
Reply
hcxtools are part of Arch Linux distribution.
https://www.archlinux.org/packages/?q=hcx

the same also applies for hashcat and hashcat-utils
https://www.archlinux.org/packages/?q=hashcat

and NVIDIA driver:
https://www.archlinux.org/packages/?q=nvidia

All packages are easy to install by pacman.
Reply
(08-16-2018, 01:56 PM)chribonn Wrote: Hello,

My admiration at your ability to develop solutions that help make the world a better place.  It requires a lot of dedication.

I compiled the code for Android using instructions.  I have an rooted Android 5.1.1 phone. The following files have been generated:
\GitHub\hcxdumptool\obj\local\armeabi-v7a\hcxdumptool
\GitHub\hcxdumptool\obj\local\armeabi-v7a\objs\hcxdumptoolzhcxdumptool.o
\GitHub\hcxdumptool\obj\local\armeabi-v7a\objs\hcxdumptoolzhcxdumptool.o.d

I would appreciate help (document) that explains how to install these on the phone.

Thanks

\GitHub\hcxdumptool\obj\local\armeabi-v7a\hcxdumptool is binary, which you should copy to phone and run in terminal like with normal linux distro.
You also need nexmon firmware and nexmon compatible wifi chipset to have monitor mode working.
Reply
Hi, Zerbea
Request:
Please add to wlanhcxcat the new 16800 hash mode.
it is very useful for quick tests.
Reply