blackice55
-
Posts
4 -
Joined
-
Last visited
Posts posted by blackice55
-
-
I capture a new handhsake yesterday, But it seem I had a lot of broken one before aircrack-ng finaly detect a good one. By looking at the last 4 packet with the eapol filter in wireshark I was able to see that it was a good handshake because the packet 1,2,3,4 were here. I also check that the replay value was the same for the first 2 packet and the same for the last 2 packet and I make sur that the nouce value was the the same for the first and third packet.
I followed this page to make sure everything was good : http://aircrack-ng.org/doku.php?id=wpa_capture&DokuWiki=074d5917c87bb3032d8c42de85f2e8da
After that I selected the 4 good eapol packet and selected one brocast becon frame and put it in a new file like on the pictures.
https://goo.gl/photos/qUrziqhd9wChXsLA6
https://goo.gl/photos/hcFQa4S9uLqoJ9Sb8
Do you guys see any error in the way I am making sure that the .cap handshake is good before converting it to hccap?
-
Thx for all the responsse! I can confirm that this is working without a problem! hascat is pulling the important information from the pcap file by himself and crack the password like diginija said. I prefer not cleaning the file to prevent myself from beaking an otherwise perfect handshake!
-
hi! I would like to know if I need to clean my wpa handshake captured with aircrack-ng before converting it to hccap for cracking it in hascat? When I use the tool wpaclean in kali-linux It seems to remove important part of 4 ways handshake... Can I just use the file with all the junk traffic and the full handhsake inside it without having problems? I dont want to spend a day to crack a broken handshake.
https://goo.gl/photos/R6C3uqt3p8UtiKsp6
If I got the 4 way handshake like this picture for the same client I should be ok even with a .cap file not clean?
do I have to clean my .cap before cracking it?
in Security
Posted
I was not very clear sorry. I got multiples handshake first with only 1 or 2 eapol packet, and after that I got the full 4 way handshake. Here is the picture to show the capture. https://goo.gl/photos/2itrAV2xrC4bJZFu9
and here is the new clean .cap file: http://www.filedropper.com/bell919
Do you see any problem in this handshake?