hcxtools
Note: the tools can be used stand-alone but also in combination with each other. The steps would be:
- hcxdumptool - capturing needed things
- hcxpcapngtool - converting to hash file
- hcxhashtool - selecting specific network to crack
Small set of tools convert packets from captures (h = hash, c = capture, convert and calculate candidates, x = different hashtypes) for the use with latest hashcat or John the Ripper. The tools are 100% compatible to hashcat and John the Ripper and recommended by hashcat. This branch is pretty closely synced to hashcat git and John the Ripper git.
- Support of hashcat hash-modes: 4800, 5500, 2200x, 16100, 250x (deprecated), 1680x (deprecated)
- Support of John the Ripper hash-modes: WPAPSK-PMK, PBKDF2-HMAC-SHA1, chap, netntlm, tacacs-plus
- Support of gzip (.gz) single file compression
Main purpose is to detect weak points within own WiFi networks by analyzing the hashes. Therefore convert the dump file to WPA-PBKDF2-PMKID+EAPOL hash file and check if wlan-key or plainmasterkey was transmitted unencrypted. Or upload the “uncleaned” dump file (pcapng, pcap, cap) here https://wpa-sec.stanev.org/?submit to find out if your ap or the client is vulnerable by using common wordlists or a weak password generation algorithm.
Installation
sudo apt install hcxtoolsOr from Github repo.
git clone https://github.com/ZerBea/hcxtools
make
make install