Open kimocoder opened 2 years ago
Pushed a lot of fixes and various stuff the past two days, but it's one thing I don't seem to figure out that easily... As for now, passing hashes through "john" isn't working, so I ran through it all to see everything and this is the case, not sure if it was because of the change from HcxPcapTool to Hcxpcapngtool and updates to "john" (possibly both);
Have to find a new way to parse this both for "john" and "cowpatty" has the same problem. Changes was when we moved from deprecated HcxPcapTool to HcxPcapngTool, but I have a real time struggle with it at the moment, however I prepared everything else besides this issue. @ZerBea I noticed that two of them wasn't working, props for some time :1st_place_medal:
The passwotd is there in plain sight, it's just the parsing through python that need an update. split and lines section :100:
The fancy section over at and below. It all seems good, but it's not. https://github.com/kimocoder/wifite2/blob/c01b4b1b8d844eda40013a232bbaf6ccce1eb6ec/wifite/tools/john.py#L47
Beside this fixed issue https://github.com/openwall/john/issues/5205 john is working as expected here. The issue is still open on Arch Linux: https://bugs.archlinux.org/task/76252?project=5&string=john
The same applies to --john output of hcxpcapngtool and hcxhashtool. Status of cowpatty is not known here, because I don't use it. If I need to calculate a rainbow table (for some reasons to verify a large number of PMKs) I use hcxkeys (GPU) which is much faster.
BTW: Arch Linux moved to OpenSSL 3.0.x https://archlinux.org/packages/core/x86_64/openssl/ We'll get some warnings until I adapt the code from 1.1 to 3.0 (EVP functions are faster on 3.0).
Forgot to mention that dwpa is using hashcat and john, too: https://github.com/RealEnder/dwpa As far as I know without problems: https://wpa-sec.stanev.org/
I will dig deeper, because it seems that the check in stdout isn't working anymore, I did extensive tests and see the problem. I will setup a test network and show exact, but from our side it looks good and all :+1:
Updated the parsing of password which happens at https://github.com/kimocoder/wifite2/blob/c01b4b1b8d844eda40013a232bbaf6ccce1eb6ec/wifite/tools/john.py#L47
And below
BTW: There is a plan to adopt hcxtools' (and hashcat's) new unified WPA input line format to JtR: https://github.com/openwall/john/issues/4183
I finished the refactoring of hcxlabtool. Nearly everything is improved, now. I removed WIRELESS EXTENSIONS and ioctl() calls (except that one that detect presence of WIRELESS EXTENSIONS) completely. The interface is now controlled via NL80211 and RTNETLINK which offer a lot more options than WIRELESS EXTENSION ever do. NL80211 drivers should work out of the box. I tested (successfully) rtl88xxau and I got the first responses regarding iwlwifi: https://github.com/ZerBea/hcxdumptool/issues/245#issuecomment-1445521370 https://github.com/ZerBea/hcxdumptool/issues/186#issuecomment-1445396333
Maybe hcxlabtool will be a better solution to run in background of WiFite2 than the WIRELESS EXTENSION dinosaur hcxdumptool. Less unnecessary features and less status messages but much faster and more effective than hcxdumptool.
TODO updated. Added support for latest hcxdumptool and cowpatty is working again.
PMKID doesn't look for duplicates in "cracked.json" so on continuous scans, the PMKID attack does each selected target over again and duplicate (or more) in the JSON. Not ideal.
Remove the BAD_DRIVERS part, as that part was added to aircrack-ng's airmon-ng few years back now.
Tidy up some Exceptions, make it a bit nicer.
Provide a better wordlist as most systems are more powerful even integrated gpus are lot better so having larger base of wordlist makes it better.
"john" cracker isnt working at this point. After the change from HcxPcapTool to HcxPcapngTool the regex and everything parsing the output doesnt work to it, need to try find a solution soon.
Add more password to the probable wordlist.
Better usage and implementation of hcx tools suite.
Add back "ignore none essid" behind a switch
Go through README.md and look for improvements/changes.