Question need some help

Discussion in 'Xiaopan Support' started by steven shawnewbie, 10 Aug 2014.

  1. steven shawnewbie

    Joined:
    10 Aug 2014
    Messages:
    1
    Likes Received:
    0
    need some help testing my own network using hashcat

    i had an idea playing with hashcat where it says

    Added hashes from file bt.hccap: 1 (1 salts)

    is there a way you can make hashcat display the loaded hash/salt or is there any program or webpage i can use to extract
    the hash/salt in stead of runnig this line (against the whole CAP file)

    ./hashcat-cli32.bin -1 abde3489 -m 2500 --pw-min=10 --pw-max=10 -s 72056784 -a3 bt.hccap ?1?1?1?1?1?1?1?1?1?1 Estimated.: 19:08:31:01

    i could run hashcat against the hash itself like this

    ./hashcat-cli32.bin -1 abde3489 -m (need help with which to choose tried all) --pw-min=10 -a 3 hashlist ?1?1?1?1?1?1?1?1?1?1 Estimated.: 00:00:07:22

    huge difference in time

    i have tried to find the hash myself using

    editcap -v -D 0 BTHub3-MQZX.cap /dev/null wich gave me loads of hashes to many to list 1 for each packet i think

    wireshark (still a newbie)

    capinfos BTHub3-MQZX.cap which gave me 1 SHA1, RIPEMD160, MD5

    md5sum BTHub3-MQZX.cap gave me 1 MD5 hash ee82e86b4e10b3e9aa761e89fe3fff60

    tested all hashes with all different -m 0 - 7600 (hashcat( did not work i know the caps good i tried in aircrack and cowpatty with small passlist
    got the password 8d9bb4aee3 hence the small hashcat charset and got KEY FOUND! [ 8d9bb4aee3 ]

    nearly forgot i stripped my cap down to just the 4 eapol packets using

    tshark -r BTHub3-MQZX.cap -R "eapol || wlan.fc.type_subtype == 0x08" -w BTHub3.cap which i then ran the stripped cap through
    editcap, capinfos, md5sum got different hashes c91ab0c98f27612b40e9a5a7d22107f1

    !!!!someone please tell me if i can get the hash/salt from my cap file you should be able to if it can load it then you should be able to see it or if those programs gave the right hash were did i go so wrong!!!!

    thanks

    newbie but keen to learn

    should stress if you dont want to tell me how (the full command) to do it please point me in the right direction and i will figger it out



    on a seperate note when changing from .cap to .hccap with aircrack it display Key MIC, STA and snonce could you tell me what they are and also tried them as hashes

    thanks again
     

Share This Page

Loading...