I Inadvertently Left Kali Running a Scan on Local APs Using the Airodump Function in Aircrack Whilst I Was Away for a Couple of Days. Upon My Return I Find That It Has Seemingly Grabbed Shedloads of WPA Handshakes for Various BSSIDs Whilst I've Been Away. As I'm Used to Using the Tutorials on Here (Whereby You Use the -W Command to Create a File for the Captured 'Shakes) I've No Idea Where to Find the Handshakes. I Know I Need to Make a Start on the Linux Basics Tutorials but Any Assistance in the Interim on Locating and Getting to Grips on the 'Shakes I've Grabbed Would Be Appreciated.
Forum Thread: Confused Noob
- Hot
- Active
-
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
54
Replies
3 hrs ago -
Forum Thread:
Popcorntime Alternative?
4
Replies
1 day ago -
Forum Thread:
How Make a Simple Payload with Kali Linux (Detectable)
2
Replies
5 days ago -
Forum Thread:
Parrot Security Os Problem......
15
Replies
1 wk ago -
Forum Thread:
Hack Instagram Account Using BruteForce
200
Replies
1 wk ago -
Forum Thread:
card number generators...
6
Replies
1 wk ago -
Forum Thread:
How to Hack a Website to Edit It
24
Replies
1 wk ago -
Forum Thread:
Can some help me how to hack into a FB account to that was hacked. Trying to get a friends account back. Cheers.
5
Replies
1 wk ago -
Forum Thread:
How to Hack Wifi Network with CMD
82
Replies
3 wks ago -
How to:
Spoof E-Mail Using SendEmail and Postfix
2
Replies
4 wks ago -
How to:
See How to Write an NTFS Partition of HDD/SDD in Kali LinuX (The Ultimate Guide)
2
Replies
4 wks ago -
Forum Thread:
Eml to PST Conversion
9
Replies
1 mo ago -
Forum Thread:
PST File - Outlook Inbox Repair Tool Can't Repair
4
Replies
1 mo ago -
Metasploit Error:
Handler Failed to Bind
39
Replies
1 mo ago -
Forum Thread:
How to Mr Robot's Password Cracker?
10
Replies
1 mo ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
15
Replies
1 mo ago -
Forum Thread:
12 Ways How to Hack Any Social Network and Protect Yourself 2018
1
Replies
1 mo ago -
Forum Thread:
How to Make a Hacking Tool and What Programming Languages Are Used to Make One?
15
Replies
1 mo ago -
Forum Thread:
Does GSA Email Spider Gives Inaccessible or Hidden Email Addresses and Phone Numbers of Web Sites?
4
Replies
1 mo ago -
Forum Thread:
Whatsapp Hack?
18
Replies
1 mo ago
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Automate Wi-Fi Hacking with Wifite2
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
Write an XSS Cookie Stealer in JavaScript to Steal Passwords
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Bypass File Upload Restrictions on Web Apps to Get a Shell
-
How To:
Use Command Injection to Pop a Reverse Shell on a Web Server
-
How To:
Crack SSH Private Key Passwords with John the Ripper
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
Hack Like a Pro:
How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite
-
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
-
How To:
Use Hash-Identifier to Determine Hash Types for Password Cracking
-
How To:
Intercept Images from a Security Camera Using Wireshark
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
-
How To:
Hunt Down Social Media Accounts by Usernames with Sherlock
2 Responses
Ciuffy is correct about the headline - I don't post much and was rushing off to a beer festival. Many thanks for your help.
A few things you can do (assuming you're using Kali):
Open up a terminal and run from the command line:
wpaclean new.cap old.cap
Note that the order in this is the opposite of what you'll usually see -- enter the file name you want to give your clean cap file FIRST, and then the file of the one you have now. e.g.
wpaclean SmallCap.cap HugeCapBecauseILeftAirCrackRunning.cap
This will strip the file down to only the relevant handshakes (you only need two from each set, but they have to be the right two).
pyrit -r Old.cap -o New.cap strip
This will strip it down to just handshakes, but won't pre-select them for you.
After that you can run:
pyrit -r New.cap analyze
This will return a list of all handshakes, and tell you if they're usable ("good spread") or not.
And, finally, you can do it manually by opening the cap file in wireshark and selecting individual packets. See this for an explanation:
http://aircrack-ng.org/doku.php?id=wpa_capture&DokuWiki=074d5917c87bb3032d8c42de85f2e8da
Caveat:
I've only ever used these on cap files that captured handshakes from a single ESSID. Not certain how they'll work if you have dozens of different ESSIDs in there.
What I've done is run pyrit strip on the cap file first, run pyrit analyze on it, and then run it through wpaclean. Then I'll open up the final cap file in wireshark and make sure they all look good. But I think you can get away with just wpaclean.
Share Your Thoughts