I Inadvertently Left Kali Running a Scan on Local APs Using the Airodump Function in Aircrack Whilst I Was Away for a Couple of Days. Upon My Return I Find That It Has Seemingly Grabbed Shedloads of WPA Handshakes for Various BSSIDs Whilst I've Been Away. As I'm Used to Using the Tutorials on Here (Whereby You Use the -W Command to Create a File for the Captured 'Shakes) I've No Idea Where to Find the Handshakes. I Know I Need to Make a Start on the Linux Basics Tutorials but Any Assistance in the Interim on Locating and Getting to Grips on the 'Shakes I've Grabbed Would Be Appreciated.
Forum Thread: Confused Noob
- Hot
- Active
-
Forum Thread:
Xoslim Elite Keto
0
Replies
2 hrs ago -
Forum Thread:
The Only Authentic Way to Hack Instagram!
42
Replies
3 hrs ago -
Forum Thread:
Whatsapp Dump with Meterpreter
12
Replies
4 hrs ago -
Forum Thread:
How to Setup Utopia Mining Bot? Utopia VM or Sandbox Tutorial
2
Replies
8 hrs ago -
Forum Thread:
What Is the Best Free Vpn Services?
19
Replies
12 hrs ago -
Forum Thread:
Can I Bypass Activation Lock on Iphone Without Email?
2
Replies
18 hrs ago -
Forum Thread:
Changing IP Address
6
Replies
18 hrs ago -
Forum Thread:
How to Setup Utopia Mining Bot? Utopia VM or Sandbox Tutorial
0
Replies
1 day ago -
Forum Thread:
Kali Linux
1
Replies
1 day ago -
Forum Thread:
Hacking into Whatsapp Series, Part 2: Phishing.
4
Replies
1 day ago -
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
34
Replies
1 day ago -
Forum Thread:
Need Help Getting Proxys to Work on Kali Linux :( (Noob)
0
Replies
1 day ago -
Forum Thread:
t14m4t - Automated Brute-Forcing Attack Tool.
0
Replies
1 day ago -
UNCLEAR:
Root User Account Kali Linux/Raspberry Pi 3 B+ (Change?/How to Change?)
0
Replies
2 days ago -
Forum Thread:
Gaining Access into the Victim's Whatsapp on Android
11
Replies
2 days ago -
Forum Thread:
Should Null Byte Start a YT Playlist for Better Understanding of Hacking Processes??
0
Replies
3 days ago -
Forum Thread:
AWUS036NHA TX Power Problem
8
Replies
3 days ago -
Forum Thread:
Installing Kali Stuck at Configure the Network
1
Replies
4 days ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
0
Replies
4 days ago -
Forum Thread:
How to Hack School Website
4
Replies
4 days ago
-
How To:
Check Your MacOS Computer for Malware & Keyloggers
-
How To:
Share Wi-Fi Adapters Across a Network with Airserv-Ng
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
Enumerate SMB with Enum4linux & Smbclient
-
The Hacks of Mr. Robot:
How to Spy on Anyone's Smartphone Activity
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
-
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
-
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Hack Android Using Kali (Remotely)
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How To:
Hack Any Account That Has Recovery via Phone Option Enabled (SMS) On Android:
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
2 Responses
Ciuffy is correct about the headline - I don't post much and was rushing off to a beer festival. Many thanks for your help.
A few things you can do (assuming you're using Kali):
Open up a terminal and run from the command line:
wpaclean new.cap old.cap
Note that the order in this is the opposite of what you'll usually see -- enter the file name you want to give your clean cap file FIRST, and then the file of the one you have now. e.g.
wpaclean SmallCap.cap HugeCapBecauseILeftAirCrackRunning.cap
This will strip the file down to only the relevant handshakes (you only need two from each set, but they have to be the right two).
pyrit -r Old.cap -o New.cap strip
This will strip it down to just handshakes, but won't pre-select them for you.
After that you can run:
pyrit -r New.cap analyze
This will return a list of all handshakes, and tell you if they're usable ("good spread") or not.
And, finally, you can do it manually by opening the cap file in wireshark and selecting individual packets. See this for an explanation:
http://aircrack-ng.org/doku.php?id=wpa_capture&DokuWiki=074d5917c87bb3032d8c42de85f2e8da
Caveat:
I've only ever used these on cap files that captured handshakes from a single ESSID. Not certain how they'll work if you have dozens of different ESSIDs in there.
What I've done is run pyrit strip on the cap file first, run pyrit analyze on it, and then run it through wpaclean. Then I'll open up the final cap file in wireshark and make sure they all look good. But I think you can get away with just wpaclean.
Share Your Thoughts