hccapx file not cracking
#1
I used aircrack to capture a handshake of my network.  I ran cap2hccapx to convert the file.  I created a dictionary file with the password for the wifi.  I ran hashcat64 -m 2500 -a 0 capture.hccapx dictionary.txt.  Although I know the password is in the dictionary file, hashcat does not crack the password.  I also ran a BF on the file, but it won't crack that way either.

What am I doing wrong?
Reply
#2
To answer what went wrong, we must take a closer look into the cap file. Please attach the cap file (zip compressed) and, if possible, some information about the tool which did the capturing.
Reply
#3
I used airodump-ng to capture the handshake along with the aireplay-ng -0 attack.
Reply
#4
Ok. Now we must follow the path from the content of the cap file up to the conversion to hccapx format. Therefore we need the cap file.
Reply
#5
Sorry, I thought I did that, but I didn't click the button.  Here you go.  I included the original cap file and the converted hccapx file.


Attached Files
.zip   test.zip (Size: 46.61 KB / Downloads: 12)
Reply
#6
Thanks. The cap file is ok and contain a complete handshake M1, M2, M3 and 4xM4 (zeroed SNONCE). cap2hccapx converted it correct.
Additional the M1 contain a valid PMKID and you can run hashcat -m 16800 against it.
Next step is to make sure, OpenCL and/or CUDA isn't broken.
What GPU do you use? What driver is installed?

Also you can try the attached PMKID against your dictionary. Is the key recovered?


Attached Files
.zip   test.16800.zip (Size: 215 bytes / Downloads: 6)
Reply
#7
I have two AMD R9-290X installed in my system. I am using Windows 10. I do get an error that OPENCL kernel self-test failed. Since I am cracking other password hashes, I guess I ignorantly assumed it would be ok to run it anyway.

My driver version is from 7/30/19 26.20.13001.25001
Reply
#8
Ok, lets see if you're up to it:

Please download example 2500 hash from here:
https://hashcat.net/misc/example_hashes/hashcat.hccapx
Password: hashcat!
copy password to your wordlist and run hashcat against it
Is the password recovered?

You can test also hashmode -m 16800 running the wordlist against this PMKID
2582a8281bf9d4308d6f5731d0e61c61*4604ba734d4e*89acf0e761f4*ed487162465a774bfba60eb603a39f3a
Password: hashcat!
Is the password recovered, too?
Reply
#9
Still no recovery. Should I be looking in the direction of a driver problem?

Here is the results:
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: 8381533406003807685881523 (AP:ae:f5:0f:22:80:1c STA:98:7b:dc:f9:f9:50)
Time.Started.....: Tue Aug 27 10:57:25 2019 (2 secs)
Time.Estimated...: Tue Aug 27 10:57:27 2019 (0 secs)
Guess.Base.......: File (testpass.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 1 H/s (0.61ms) @ Accel:64 Loops:32 Thr:64 Vec:1
Speed.#2.........: 0 H/s (0.00ms) @ Accel:64 Loops:32 Thr:64 Vec:1
Speed.#*.........: 1 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 2/2 (100.00%)
Rejected.........: 1/2 (50.00%)
Restore.Point....: 0/2 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-32
Candidates.#1....: hashcat! -> hashcat!
Candidates.#2....: [Copying]
Hardware.Mon.#1..: Util: 9% Core:1050MHz Mem:1350MHz Bus:16
Hardware.Mon.#2..: Util: 0% Core:1000MHz Mem:1250MHz Bus:16
Reply
#10
Yes. Your driver is broken.

hashcat (v5.1.0-1397-g7f4df9eb) starting...
Session..........: hashcat
Status...........: Cracked
Hash.Name........: WPA-EAPOL-PBKDF2
Hash.Target......: 8381533406003807685881523 (AP:ae:f5:0f:22:80:1c STA:98:7b:dc:f9:f9:50)
Time.Started.....: Tue Aug 27 18:11:13 2019 (0 secs)
Time.Estimated...: Tue Aug 27 18:11:13 2019 (0 secs)
Guess.Mask.......: hashcat! [8]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 29 H/s (0.38ms) @ Accel:16 Loops:64 Thr:1024 Vec:1
Recovered........: 1/1 (100.00%) Digests
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 0/1 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidates.#1....: hashcat! -> hashcat!
Hardware.Mon.#1..: Temp: 58c Fan: 40% Util: 55% Core:1860MHz Mem:5005MHz Bus:16

aef50f22801c:987bdcf9f950:8381533406003807685881523:hashcat!

What is your hashcat version?
Reply