For sure this
attack must fail on a RADIUS server. The authentication is done by the RADIUS authentication server (not by the router). This provides additional security. Various kinds of the Extensible Authentication Protocol (EAP) are used for the authentication, some older versions of them are
attackable by the combination of hcxdumptool, hcxpcaptool and hashcat:
--netntlm-out=<file> : output netNTLMv1 file (hashcat -m 5500, john netntlm)
--md5-out=<file> : output MD5 challenge file (hashcat -m 4800)
hcxdumptool is able to capture them and hcxpcaptool is able to detect most of them.
For example:
file name....................: hashmodes.cap
file type....................: pcap 2.4
file hardware information....: unknown
file os information..........: unknown
file application information.: unknown
network type.................: DLT_IEEE802_11 (105)
endianess....................: little endian
read errors..................: flawless
packets inside...............: 54198
skipped packets..............: 0
packets with GPS data........: 0
packets with FCS.............: 52
WDS packets..................: 4
beacons (with ESSID inside)..: 29813
probe requests...............: 1191
probe responses..............: 3034
association requests.........: 85
EAPOL packets................: 189
EAPOL
PMKIDs.................: 3
EAP packets..................: 15204
EAP START packets............: 2164
IPv4 packets.................: 16
GRE packets..................: 16
found........................: EAP type ID
found........................: MD5-Challenge
found........................: EAP-TLS Authentication
found........................: EAP-Cisco Wireless Authentication
found........................: EAP-SIM (GSM Subscriber Modules) Authentication
found........................: PEAP Authentication
found........................: WPS Authentication
found........................: PPP-CHAP Authentication
best handshakes..............: 7 (ap-less: 0)
Get more informations about the EAP types here:
https://www.vocal.com/secure-communication/eap-types/
https://www.intel.com/content/www/us/en/...rking.html
BTW:
I haven't seen any feature requests for hashcat to add more EAP versions, yet.