NOTE: When cracking WPA/WPA2 passwords, make sure you check gpuhash.me first incase it's already been processed.

Home - Wireless Cracking - WPA/WPA2 PMKID attack step-by-step (hashcat mode 16800)


45 Results - Page 2 of 2 -
1 2
Author Message
Avatar
freeroute
Moderator
Status: Trusted
Joined: Sat, 16 Jul 2016
Posts: 2302
Team:
Reputation: 7782 Reputation
Online
Fri, 31 Aug 2018 @ 00:10:45

PMKID Attack WPA/WPA2 on WiFi Pineapples!
Pineapple NANO + TETRA

WARNING
This attack is EXTREMELY effective on the Pineapples! And is capable of capturing an entire neighborhood of PMKID's in a minute or less, no clients needed!
ONLY use hcxdumptool on networks you have permission to.

Source: https://forums.hak5.org/topic/44213-pmkid-attack-on-wifi-pineapples/


If I helped a +rep is appreciated!

: 13hDMK85KhVnPb2eTFBacHD6kDjKYFLudb
XMPP: freeroute@xmpp.jp

Avatar
dr-yachir0

Status: n/a
Joined: Wed, 12 Sep 2018
Posts: 3
Team:
Reputation: 0 Reputation
Offline
Wed, 12 Sep 2018 @ 20:12:12

i git this problem


Attachments: Login to view attachments.
Avatar
Reconsniper

Status: n/a
Joined: Sun, 05 Aug 2018
Posts: 63
Team:
Reputation: 663 Reputation
Offline
Sat, 15 Sep 2018 @ 11:20:43

It's alot easier to collect PMKID by using wifite in kali-linux. fully automated.
then use hashcat to decrypt.


BTC:1BQRHfzASYYcaJmwEFDGwKE94wX1pWMaVA

Avatar
freeroute
Moderator
Status: Trusted
Joined: Sat, 16 Jul 2016
Posts: 2302
Team:
Reputation: 7782 Reputation
Online
Sat, 15 Sep 2018 @ 11:30:28

dr-yachir0 said:

i git this problem

The last commit fixed this issue.
Update hcxdumptool and hcxtools, please.


If I helped a +rep is appreciated!

: 13hDMK85KhVnPb2eTFBacHD6kDjKYFLudb
XMPP: freeroute@xmpp.jp

Avatar
spashley

Status: n/a
Joined: Wed, 05 Dec 2018
Posts: 5
Team:
Reputation: 0 Reputation
Offline
Wed, 05 Dec 2018 @ 21:18:19

Hi guys,

so I did everything from scratch, including Null Byte's tutorial that I found on Youtube, but I keep getting the same error message over and over again no matter what I do :

hcxdumptool -i mon0 -o hcxdump.pcapng --filtermode=2 --filterlist=mac.txt --enable_status=1
warning: mon0 is probably a monitor interface

start capturing (stop with ctrl+c)
INTERFACE:...............: mon0
FILTERLIST...............: 1 entries
MAC CLIENT...............: fcc233e14c62
MAC ACCESS POINT.........: b4e1ebb04d49 (incremented on every new client)
EAPOL TIMEOUT............: 150000
REPLAYCOUNT..............: 63970
ANONCE...................: da555ac0973ac9c8635fe06dbaa17ff39d7a668afd74989fc1b3f04e7b3e32d5

failed to set channel

terminated...

- In my case, I'm using mon0, as my interface is not wlan0 or wlan1, it's wlp6s0, however the monitor mode seems to be working in mon0 instead.
Could you tell me where I'm getting things wrong? Is it in the monitoring mode, or something else?

P.S. : I've tried not killing the Network Manager and killing it, that didn't make any difference as well.


Avatar
freeroute
Moderator
Status: Trusted
Joined: Sat, 16 Jul 2016
Posts: 2302
Team:
Reputation: 7782 Reputation
Online
Wed, 05 Dec 2018 @ 22:00:41

Stop all services running on your device, which prevent that hcxdumptool is able to change the channel.
Commands:

"systemctl stop wpa_supplicant.service"
"systemctl stop network-manager.service"

"ip link set wlp6s0 down"
"iw dev wlp6s0 set type monitor"
"ip link set wlp6s0 up"

Check monitor mode:
"iw dev"

than run hcxdumptool.

Edited:
iw/ip functionality added to hcxdumptool.
now hcxdumptool will set monitor mode and bring up interface!
previous interface settings will be restored, when hcxdumptool terminated

So you need stop at least these 2 services: wpa_supplicant.service and network-manager.service than run hcxdumptool.

Note:
I recommend try set monitor mode manually in order to check your wifi card support monitor mode.
If you want to use hcxdumptool to caputure wlan traffic, please note that your WiFi adapter must support this.



If I helped a +rep is appreciated!

: 13hDMK85KhVnPb2eTFBacHD6kDjKYFLudb
XMPP: freeroute@xmpp.jp

Avatar
spashley

Status: n/a
Joined: Wed, 05 Dec 2018
Posts: 5
Team:
Reputation: 0 Reputation
Offline
Wed, 05 Dec 2018 @ 22:57:05

freeroute said:

Stop all services running on your device, which prevent that hcxdumptool is able to change the channel.
Commands:

"systemctl stop wpa_supplicant.service"
"systemctl stop network-manager.service"

"ip link set wlp6s0 down"
"iw dev wlp6s0 set type monitor"
"ip link set wlp6s0 up"

Check monitor mode:
"iw dev"

than run hcxdumptool.

Edited:
iw/ip functionality added to hcxdumptool.
now hcxdumptool will set monitor mode and bring up interface!
previous interface settings will be restored, when hcxdumptool terminated

So you need stop at least these 2 services: wpa_supplicant.service and network-manager.service than run hcxdumptool.


Note:
I recommend try set monitor mode manually in order to check your wifi card support monitor mode.
If you want to use hcxdumptool to caputure wlan traffic, please note that your WiFi adapter must support this.


Is it strange that when I go for
ip link set wlp6s0 up - I get a not possible due to RF-kill.
For some reason when I stop the wpa and NM, it always throws the RF-kill..

This also leads to any sort of hcxdumptool attempts after.

Monitor mode : I’ve tried setting it up from scratch via ifconfig and airmon-ng


Avatar
freeroute
Moderator
Status: Trusted
Joined: Sat, 16 Jul 2016
Posts: 2302
Team:
Reputation: 7782 Reputation
Online
Wed, 05 Dec 2018 @ 23:16:52

Did you try?

"rfkill unblock all"


If I helped a +rep is appreciated!

: 13hDMK85KhVnPb2eTFBacHD6kDjKYFLudb
XMPP: freeroute@xmpp.jp

Avatar
vtar

Status: n/a
Joined: Wed, 07 Mar 2018
Posts: 126
Team:
Reputation: 6 Reputation
Offline
Thu, 06 Dec 2018 @ 01:31:57

Can captured PMKID automatically using wifite?


Avatar
freeroute
Moderator
Status: Trusted
Joined: Sat, 16 Jul 2016
Posts: 2302
Team:
Reputation: 7782 Reputation
Online
Thu, 06 Dec 2018 @ 09:18:08

Additional guidance.
Today morning I got a message from the developer of the hcxtools/hcxdumptool.
Here it is: https://paste.hashkiller.co.uk/zMk6zvk3EeiA_0CNXEjIzQ

Main problem is that many user add(!) and a monitor interface additionally to an existing interface. That will block and slow down the interface.

Next problem is that some distributions run rfkill as a system service on boot:
https://www.freedesktop.org/software/systemd/man/systemd-rfkill.service.html

By the way: Null Byte's tutorial is not correct. They did not read the README file. (never use virtual interface)



If I helped a +rep is appreciated!

: 13hDMK85KhVnPb2eTFBacHD6kDjKYFLudb
XMPP: freeroute@xmpp.jp

Avatar
spashley

Status: n/a
Joined: Wed, 05 Dec 2018
Posts: 5
Team:
Reputation: 0 Reputation
Offline
8 days ago

freeroute said:

Did you try?

"rfkill unblock all"

Never even thought of using it.. Thanks a lot!
Sorry for my dumb questions but it’s my first time using hcxtools and I’ve learned quite a lot in the last 24h by trying out things.
I’m still unavle however to strip the Pkimd, as I’ve got 2 on a separate *pcapng but when I strip, it only goes for “Reading file”?

Also, I can see that the Pkimd gets found very fast, with me I spend hours waiting and I have to switch channels or don’t use them at all to speed-up..


Avatar
spashley

Status: n/a
Joined: Wed, 05 Dec 2018
Posts: 5
Team:
Reputation: 0 Reputation
Offline
8 days ago

<edit: Here is what I'm getting everytime.


Attachments: Login to view attachments.
Avatar
freeroute
Moderator
Status: Trusted
Joined: Sat, 16 Jul 2016
Posts: 2302
Team:
Reputation: 7782 Reputation
Online
8 days ago

Okay.
Need some info. Could you paste it, please?
https://paste.hashkiller.co.uk/S11x5PmSEeiA_0CNXEjIzQ


If I helped a +rep is appreciated!

: 13hDMK85KhVnPb2eTFBacHD6kDjKYFLudb
XMPP: freeroute@xmpp.jp

Avatar
spashley

Status: n/a
Joined: Wed, 05 Dec 2018
Posts: 5
Team:
Reputation: 0 Reputation
Offline
8 days ago

freeroute said:

Okay.
Need some info. Could you paste it, please?
https://paste.hashkiller.co.uk/S11x5PmSEeiA_0CNXEjIzQ

Updated.
Hope I got most of this right

- https://paste.hashkiller.co.uk/wWNOyPmWEeiA_0CNXEjIzQ


Avatar
freeroute
Moderator
Status: Trusted
Joined: Sat, 16 Jul 2016
Posts: 2302
Team:
Reputation: 7782 Reputation
Online
8 days ago

Your card doesn't support packet injection.

I received this message, I publish it in unchanged form:

"https://board.b-at-s.info/index.php?showtopic=10172
Unfortunately most Intel cards' drivers DO NOT support packet injection. I have the Intel 3160 in my laptop and I can
sadly guarantee that you can't get it to work. I tried everything and researched a lot. Heard you can rebuild different
drivers but no words on that.

Also here:"
https://forum.aircrack-ng.org/index.php?topic=1191.0


If I helped a +rep is appreciated!

: 13hDMK85KhVnPb2eTFBacHD6kDjKYFLudb
XMPP: freeroute@xmpp.jp


45 Results - Page 2 of 2 -
1 2

We have a total of 162985 messages in 20470 topics.
We have a total of 19225 registered users.
Our newest registered member is evsteeva.