-
Notifications
You must be signed in to change notification settings - Fork 382
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue with cap2hccapx.bin not producing readable hash #332
Comments
First of all, I'll close this report, because it is not a hcxtools bug, but more a question that can be discussed here: Second, cap2hccapx is a tool that belongs to hashcat-utils and not to hcxtools This old binary hccapx format (hash mode 2500/2501) has been replaced by a new HEX ASCII format (hash mode 22000/22001). |
Sorry, I was gonna close this myself as I came across your reply to another user a few years ago here: |
@ZerBea would you be able to point me in the right direction about how the MessagePair is produced and what the significants of it is. I know it has something to do with communicating the best way to handle the hash to hashcat. But I'm not sure why https://hashcat.net/cap2hashcat/ produces a different MessagePair than hcxpcapngtool.
And this is from https://hashcat.net/cap2hashcat/
Offline MESSAGEPAIR: Online MESSAGEPAIR: |
https://hashcat.net/cap2hashcat/index.pl compared to; I've made a lot of changes in the meantime, e.g.: |
I see, thanks!! |
That shouldn't be a problem, because latest hcxtools is always in sync with latest hashcat or JtR. |
Yeah, I'm able to use either one and they both give me the same expected password so there is no issue there. I was just wondering why it was. I probably wouldn't have noticed it but just for fun and created an MD5 hash of both, expecting to see the same hash, but they were different and that's when I noticed the MessagePair values |
https://hashcat.net/cap2hashcat/ has no issue producing a readable hash that can be used in hashcat. However, cap2hccapx.bin does not. I have provided cat output of both files. I was using a .cap file at first and thought that might be the issue. I then used editcap to convert .cap to .pcap, which did not solve the problem. I ran both .cap and .pcap through https://hashcat.net/cap2hashcat/ and they produced the same output file. I created a md5 hash of both to verify that .cap and .pcap files produce the same extracted hash when using the online version of the tool.
`
┌──(brien㉿kali)-[~/Downloads]
└─$ cat 2168007_1708302741.hc22000
WPA0292a9fe85d5656281517162c33c0f62b6cc40d0a4d09648e244a7c4fb434f52502d57494649062267437c90d9185d010b9dabdbbae1b014e4ee435b93e5cdfea39b79eadd4a0103007502010a000000000000000000015a494f36fadc4671749191c507b538920e7b1a42f01fc9faed572e61c5e035ed000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001630140100000fac040100000fac040100000fac02000002
WPA02b7703fd2171bec7933ffc900faa6eb5bcc40d0a4d09680822381a9c8434f52502d5749464909f8fed1b3f740126b61ff3a9a2da482712ccbfd73d4e555fefe50568faf70750103007502010a0010000000000000000321c9245f339ac3d486b85a9f8f3bc0092befdecd2859411acab4941f31c94de4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001630140100000fac040100000fac040100000fac020c0000
┌──(brien㉿kali)-[~/Downloads]
└─$ ls
2168007_1708302741.hc22000 Hashcat_wireless1.zip Sn1per corp_question1-01.cap generators
2168043_1708303118.hc22000 Phone VBOX_GE corp_question1-01.pcap mic_to_crack.hc22000
┌──(brien㉿kali)-[~/Downloads]
└─$ cat 2168043_1708303118.hc22000
WPA0292a9fe85d5656281517162c33c0f62b6cc40d0a4d09648e244a7c4fb434f52502d57494649062267437c90d9185d010b9dabdbbae1b014e4ee435b93e5cdfea39b79eadd4a0103007502010a000000000000000000015a494f36fadc4671749191c507b538920e7b1a42f01fc9faed572e61c5e035ed000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001630140100000fac040100000fac040100000fac02000002
WPA02b7703fd2171bec7933ffc900faa6eb5bcc40d0a4d09680822381a9c8434f52502d5749464909f8fed1b3f740126b61ff3a9a2da482712ccbfd73d4e555fefe50568faf70750103007502010a0010000000000000000321c9245f339ac3d486b85a9f8f3bc0092befdecd2859411acab4941f31c94de4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001630140100000fac040100000fac040100000fac020c0000
┌──(brien㉿kali)-[~/Downloads]
└─$ cat 2168043_1708303118.hc22000 | md5sum
6e3c01f00421f77a79d7dff41b0dc813 -
┌──(brien㉿kali)-[~/Downloads]
└─$ cat 2168007_1708302741.hc22000 | md5sum
6e3c01f00421f77a79d7dff41b0dc813 -
┌──(brien㉿kali)-[~/Downloads]
└─$
`
`
┌──(brien㉿kali)-[~/Downloads]
└─$ /usr/lib/hashcat-utils/cap2hccapx.bin corp_question1-01.pcap mic_to_crack.hccapx
Networks detected: 1
[*] BSSID=cc:40:d0:a4:d0:96 ESSID=CORP-WIFI (Length: 9)
--> STA=80:82:23:81:a9:c8, Message Pair=0, Replay Counter=1
--> STA=80:82:23:81:a9:c8, Message Pair=0, Replay Counter=2
--> STA=80:82:23:81:a9:c8, Message Pair=0, Replay Counter=2
--> STA=80:82:23:81:a9:c8, Message Pair=0, Replay Counter=3
--> STA=80:82:23:81:a9:c8, Message Pair=0, Replay Counter=3
--> STA=48:e2:44:a7:c4:fb, Message Pair=0, Replay Counter=1
--> STA=48:e2:44:a7:c4:fb, Message Pair=2, Replay Counter=1
--> STA=48:e2:44:a7:c4:fb, Message Pair=0, Replay Counter=1
--> STA=48:e2:44:a7:c4:fb, Message Pair=2, Replay Counter=1
Written 9 WPA Handshakes to: mic_to_crack.hccapx
┌──(brien㉿kali)-[~/Downloads]
└─$ cat mic_to_crack.hccapx
HCPX CORP-WIFI�Wי
��2�F����@ФЖ��!���锝�ڳZ��y���8��zK�f�▒�x��#�����٤��-6�!
�J��陖����7����
�yu��٤��-6�!
�J��陖����7����
�0���HCPX� CORP-WIFI8gX${9|�t����
��@ФЖ��!���锝�ڳZ��y���8��zK�f�▒�x��#��ȱ*1y�J�A�А�c��&O�"s^'��PvB��yu �*1y�J�A�А�c��&O�"s^'��PvB��0��� HCPX CORP-WIFI8gX${9|�t����
��@ФЖ�����Hg������/]!
�bx(m▒$���#��ȱ1y�J�A�А�c��&O�"s^'��PvB��yu
�1y�J�A�А�c��&O�"s^'��PvB��0���
HCPX� CORP-WIFI�p?�y3�����[�@ФЖ�����Hg������/
]!
�bx(m▒$���#���!�$_3��Ԇ�Z��;� +���(YA▒ʴ�1�M�yu
!�$_3��Ԇ�Z��;� +���(YA▒ʴ�1�M�0���
HCPX CORP-WIFI�p?�y3�����[�@ФЖ ��ѳ�@ka�:�-��q,��s��U��PV��pu��#���!�$_3��Ԇ�Z��;� +���(YA▒ʴ�1�M�yu
!�$_3��Ԇ�Z��;� +���(YA▒ʴ�1�M�0���
HCPX CORP-WIFI�����eb�Qqb�<b��@ФЖ"gC|��▒]
��ۺ����C[������y��JH�D���ZIO6��Fqt����8�{▒B����W.a��5�yu
ZIO6��Fqt����8�{▒B����W.a��5�0���HCPX CORP-WIFI�����eb�Qqb�<b��@ФЖ"gC|��▒]
��ۺ����C[������y��JH�D���ZIO6��Fqt����8�{▒B����W.a��5�yu
ZIO6��Fqt����8�{▒B����W.a��5�0���HCPX CORP-WIFI/������x~����@ФЖ<�K�Ǐ�Ð��F�����▒▒h�
./� ��H�D�����߾��/���v��;���{[U�w�g�em�yu ��߾��/���v��;���{[U�w�g�em�0���HCPX CORP-WIFI/������x~����@ФЖ<�K�Ǐ�Ð��F�����▒▒h�
./� ��H�D�����߾��/���v��;���{[U�w�g�em�yu��߾��/���v��;���{[U�w�g�em�0���
`
The text was updated successfully, but these errors were encountered: