How can i find ESSID from a hash in the POTFILE?
#1
I am a begginner.
Before i was using Hashcat 5.1.0 version so when i crack a cap file there was a hash like thhis in the POTFILE
825cdf79adda713a70832625db704f16:[router mac]:[client mac]:[ESSID Router name]:password

Now i am using hashcat 6.1.1
Some times i start multi tasks for cap files.
Yesterday i worked on 3 cap files and all of them was cracked.
In the POTFILE there are 3 hash lines but they don't have SSID names!

So How do I know which password is which file's.

Examples (If it is forbidden, I will delete)


From these cracked hashes how can i learn its ESSID Router name? and also it would be nice if i learn its router mac, client mac informations too!

How can i reach this infos? What should i do? Which command can someone help me?

This is important for me because sometimes i work on alot of cap files so it is hard to find which password is which file's after results on the POTFILE. Because there are only passes!

Thanks very much.
Reply
#2
The pot file line is the result of PBKDF2:
Code:
PMK*ESSID:PSK


Code:
$ whoismac -x 5475726b54656c656b6f6d5f5445454146
TurkTelekom_TEEAF

or
Code:
$ echo "5475726b54656c656b6f6d5f5445454146" | perl -pe 's/(..)/chr(hex($1))/ge'
TurkTelekom_TEEAF

or use xxd:
https://www.systutorials.com/convert-hex...using-xxd/

or use an online converter:
https://www.binaryhexconverter.com/hex-t...-converter

or use an ASCII table:
http://www.asciitable.com/
Reply
#3
(03-23-2021, 07:42 PM)ZerBea Wrote: The pot file line is the result of PBKDF2:
Code:
PMK*ESSID:PSK


Code:
$ whoismac -x 5475726b54656c656b6f6d5f5445454146
TurkTelekom_TEEAF

or
Code:
$ echo "5475726b54656c656b6f6d5f5445454146" | perl -pe 's/(..)/chr(hex($1))/ge'
TurkTelekom

or use xxd:
https://www.systutorials.com/convert-hex...using-xxd/

or use an online converter:
https://www.binaryhexconverter.com/hex-t...-converter

or use an ASCII table:
http://www.asciitable.com/

Thanks very much you are awesome.
Reply