need some help testing my own network using hashcat i had an idea playing with hashcat where it says Added hashes from file bt.hccap: 1 (1 salts) is there a way you can make hashcat display the loaded hash/salt or is there any program or webpage i can use to extract the hash/salt in stead of runnig this line (against the whole CAP file) ./hashcat-cli32.bin -1 abde3489 -m 2500 --pw-min=10 --pw-max=10 -s 72056784 -a3 bt.hccap ?1?1?1?1?1?1?1?1?1?1 Estimated.: 19:08:31:01 i could run hashcat against the hash itself like this ./hashcat-cli32.bin -1 abde3489 -m (need help with which to choose tried all) --pw-min=10 -a 3 hashlist ?1?1?1?1?1?1?1?1?1?1 Estimated.: 00:00:07:22 huge difference in time i have tried to find the hash myself using editcap -v -D 0 BTHub3-MQZX.cap /dev/null wich gave me loads of hashes to many to list 1 for each packet i think wireshark (still a newbie) capinfos BTHub3-MQZX.cap which gave me 1 SHA1, RIPEMD160, MD5 md5sum BTHub3-MQZX.cap gave me 1 MD5 hash ee82e86b4e10b3e9aa761e89fe3fff60 tested all hashes with all different -m 0 - 7600 (hashcat( did not work i know the caps good i tried in aircrack and cowpatty with small passlist got the password 8d9bb4aee3 hence the small hashcat charset and got KEY FOUND! [ 8d9bb4aee3 ] nearly forgot i stripped my cap down to just the 4 eapol packets using tshark -r BTHub3-MQZX.cap -R "eapol || wlan.fc.type_subtype == 0x08" -w BTHub3.cap which i then ran the stripped cap through editcap, capinfos, md5sum got different hashes c91ab0c98f27612b40e9a5a7d22107f1 !!!!someone please tell me if i can get the hash/salt from my cap file you should be able to if it can load it then you should be able to see it or if those programs gave the right hash were did i go so wrong!!!! thanks newbie but keen to learn should stress if you dont want to tell me how (the full command) to do it please point me in the right direction and i will figger it out on a seperate note when changing from .cap to .hccap with aircrack it display Key MIC, STA and snonce could you tell me what they are and also tried them as hashes thanks again