Extract pmkid from cap file.

Discussion in 'Xiaopan Support' started by Helpmepls, 27 Oct 2020.

  1. Helpmepls

    Helpmepls New Member

    Joined:
    23 Oct 2020
    Messages:
    17
    Likes Received:
    0
    I was doing airodump, and instead of getting the [WPA handshake] I got [pmkid.
    I think this is because one of the station probed pmkid instead of eapol.
    So my question is, how can I extract the pmkid hash to crack?
    If you could crack it too, I would be very very grateful!
     

    Attached Files:

  2. Pazs

    Pazs Well-Known Member

    Joined:
    25 Nov 2019
    Messages:
    20
    Likes Received:
    7
    ~# hcxpcaptool -z YAMU.16800 '/root/YAMU-01.cap'

    reading from YAMU-01.cap

    summary capture file:
    ---------------------
    file name........................: YAMU-01.cap
    file type........................: pcap 2.4
    file hardware information........: unknown
    capture device vendor information: 000000
    file os information..............: unknown
    file application information.....: unknown (no custom options)
    network type.....................: DLT_IEEE802_11 (105)
    endianness.......................: little endian
    read errors......................: flawless
    minimum time stamp...............: 27.10.2020 08:39:17 (GMT)
    maximum time stamp...............: 27.10.2020 08:39:52 (GMT)
    packets inside...................: 5624
    skipped damaged packets..........: 0
    packets with GPS NMEA data.......: 0
    packets with GPS data (JSON old).: 0
    packets with FCS.................: 0
    beacons (total)..................: 1
    probe responses..................: 15
    association responses............: 1
    authentications (OPEN SYSTEM)....: 2
    authentications (BROADCOM).......: 1
    deauthentications................: 4550
    action packets...................: 10
    EAPOL packets (total)............: 5
    EAPOL packets (WPA2).............: 5
    PMKIDs (not zeroed - total)......: 1
    PMKIDs (WPA2)....................: 5
    PMKIDs from access points........: 1
    best PMKIDs (total)..............: 1

    summary output file(s):
    -----------------------
    1 PMKID(s) written to YAMU.16800
    -------------------------------------------------------
    Download-Link:

    Login or Signup to view links / downloads
    -------------------------------------------------------
    To encrypt with hashcat (Kai Linux) :

    hashcat -m 16800 -w 3 --status YAMU.16800 /root/Wordlists1/rockyou.txt


    choose your own wordlists and your path..
     
    • Like Like x 2
  3. Helpmepls

    Helpmepls New Member

    Joined:
    23 Oct 2020
    Messages:
    17
    Likes Received:
    0
    Thanks a lot
    --- Double Post Merged, 10 Nov 2020, Original Post Date: 10 Nov 2020 ---
    How did you extract the pmkid?
     
  4. Pazs

    Pazs Well-Known Member

    Joined:
    25 Nov 2019
    Messages:
    20
    Likes Received:
    7
    (Kali Linux) hcxpcaptool -z YAMU.16800 '/root/YAMU-01.cap'
    You need to download and install "hcxpcaptool" from github on your Kali Linux ..
     
    • Like Like x 1
    • Agree Agree x 1
  5. longshanks

    longshanks Well-Known Member
    VIP

    Joined:
    1 Jul 2016
    Messages:
    561
    Likes Received:
    301
    Well Done @Pazs
    I'll drop this one.
    hcxmactool --hccapxin YOUR.hccapx --pmkideapolout YOUR.txt (convert hccapx to 22000)

    :smuggrin:
    --- Double Post Merged, 10 Nov 2020, Original Post Date: 10 Nov 2020 ---
    And this Gem

    git clone Login or Signup to view links / downloads

    python3 multicapconverter.py -i /root/Downloads/wateva-01.cap -x hcpmkid -o wateva.hcpmkid --ignore-ie
     
    • Like Like x 1
  6. Pazs

    Pazs Well-Known Member

    Joined:
    25 Nov 2019
    Messages:
    20
    Likes Received:
    7
    I use this for hccapx´s too (hcxmactool --hccapxin YOUR.hccapx --pmkideapolout YOUR.txt [convert hccapx to 2200] ). A very nice, helpful Bro who is reg in another Forum too, telled me that commando per Pn and the address of the other Forum too =D

    " git clone Login or Signup to view links / downloads

    python3 multicapconverter.py -i /root/Downloads/wateva-01.cap -x hcpmkid -o wateva.hcpmkid --ignore-ie "
    Wow, thank you very much for that!
    I try it out in a few minutes.. (y)
     
    • Winner Winner x 1

Share This Page

Loading...
  • About Us

    We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.


    You can also find us on: Twitter and Facebook

  • Donate to Us

    Did you find our forums useful? Feel free to donate Bitcoin to us using the form below. Those who donate the equivlent of $10 USD or more will be upgraded to VIP membership. Don't have Bitcoin? Use your credit card to GO VIP here. Don't want to fork out some coin? There are other ways to GO VIP. Bitcoin: 1LMTGSoTyJWXuy2mQkHfgMzD7ez74x1Z8K