I Inadvertently Left Kali Running a Scan on Local APs Using the Airodump Function in Aircrack Whilst I Was Away for a Couple of Days. Upon My Return I Find That It Has Seemingly Grabbed Shedloads of WPA Handshakes for Various BSSIDs Whilst I've Been Away. As I'm Used to Using the Tutorials on Here (Whereby You Use the -W Command to Create a File for the Captured 'Shakes) I've No Idea Where to Find the Handshakes. I Know I Need to Make a Start on the Linux Basics Tutorials but Any Assistance in the Interim on Locating and Getting to Grips on the 'Shakes I've Grabbed Would Be Appreciated.
Forum Thread: Confused Noob
- Hot
- Active
-
Forum Thread:
I Wan't to Learn Pentesting, and Planning to Learn Both C++ and Python. But I'm Not Sure About What I Should Start With?
2
Replies
1 day ago -
Forum Thread:
What Are Some Good Budget Laptops for Pentestin
12
Replies
4 days ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
8
Replies
4 days ago -
Forum Thread:
Hack Instagram Account Using BruteForce
193
Replies
4 days ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
117
Replies
6 days ago -
Forum Thread:
How Do I Access Different Directories Within Android via Meterpreter
5
Replies
1 wk ago -
Forum Thread:
Best Programming Language?
8
Replies
1 wk ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
4
Replies
1 wk ago -
Forum Thread:
Fix Meterpreter Problem
2
Replies
1 wk ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
31
Replies
2 wks ago -
Forum Thread:
Need Help with FatRat Over WAN
1
Replies
2 wks ago -
Forum Thread:
Kali Linux Boot Error
8
Replies
2 wks ago -
Forum Thread:
I Want to Hack in to My Friends System Through his wifi router i am controlling
8
Replies
2 wks ago -
Forum Thread:
Kali linux command error. Kindly help
3
Replies
2 wks ago -
Forum Thread:
How to Create a Python Remote Keylogger for Facebook
27
Replies
2 wks ago -
Forum Thread:
Kali Linux Handshake Porblem
2
Replies
3 wks ago -
Forum Thread:
Port Forwarding Problem in Metasploit Can't Establish Connection (WAN)
3
Replies
3 wks ago -
Forum Thread:
GMail Brute Force Dictionary Attack Script
31
Replies
1 mo ago -
Forum Thread:
Msfvenom Android Exploitation Outside LAN?
12
Replies
1 mo ago -
Forum Thread:
How to decrypt .CAP file of handshake during WiFi attack
2
Replies
1 mo ago
-
How To:
Clear the Logs & Bash History on Hacked Linux Systems to Cover Your Tracks & Remain Undetected
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How To:
Play Wi-Fi Hacking Games Using Microcontrollers to Practice Wi-Fi Attacks Legally
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Master Python, Django, Git & GitHub with This Bundle
-
How To:
Crack SSH Private Key Passwords with John the Ripper
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
How To:
Exploit EternalBlue on Windows Server with Metasploit
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
The Essential Skills to Becoming a Master Hacker
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
Hack Like a Pro:
How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite
2 Responses
Ciuffy is correct about the headline - I don't post much and was rushing off to a beer festival. Many thanks for your help.
A few things you can do (assuming you're using Kali):
Open up a terminal and run from the command line:
wpaclean new.cap old.cap
Note that the order in this is the opposite of what you'll usually see -- enter the file name you want to give your clean cap file FIRST, and then the file of the one you have now. e.g.
wpaclean SmallCap.cap HugeCapBecauseILeftAirCrackRunning.cap
This will strip the file down to only the relevant handshakes (you only need two from each set, but they have to be the right two).
pyrit -r Old.cap -o New.cap strip
This will strip it down to just handshakes, but won't pre-select them for you.
After that you can run:
pyrit -r New.cap analyze
This will return a list of all handshakes, and tell you if they're usable ("good spread") or not.
And, finally, you can do it manually by opening the cap file in wireshark and selecting individual packets. See this for an explanation:
http://aircrack-ng.org/doku.php?id=wpa_capture&DokuWiki=074d5917c87bb3032d8c42de85f2e8da
Caveat:
I've only ever used these on cap files that captured handshakes from a single ESSID. Not certain how they'll work if you have dozens of different ESSIDs in there.
What I've done is run pyrit strip on the cap file first, run pyrit analyze on it, and then run it through wpaclean. Then I'll open up the final cap file in wireshark and make sure they all look good. But I think you can get away with just wpaclean.
Share Your Thoughts