i8igmac Posted February 11, 2015 Posted February 11, 2015 I would like to sort through a list of CAP files and extract only the data needed for cracking... these files can become very large in size, just looking for a way to process and save hard drive space... command line examples! Quote
cooper Posted February 11, 2015 Posted February 11, 2015 (edited) https://hashcat.net/wiki/doku.php?id=wpa_clean_and_convert_script Something like that? Edit: And an alternative would be http://www.question-defense.com/2010/03/29/tshark-strip-wpa-wireless-captures-by-essid-with-tshark Edited February 11, 2015 by Cooper Quote
i8igmac Posted February 12, 2015 Author Posted February 12, 2015 (edited) tshark -r <input file> -R "eapol || wlan_mgt.tag.interpretation eq <essid> || (wlan.fc.type_subtype==0x08 && wlan_mgt.ssid eq <essid>)" -w <output file> I wonder if tshark will do a regex or wildcard for the essid. Wlan_mgt.tag.interpretation eq * Edited February 12, 2015 by i8igmac Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.