I Inadvertently Left Kali Running a Scan on Local APs Using the Airodump Function in Aircrack Whilst I Was Away for a Couple of Days. Upon My Return I Find That It Has Seemingly Grabbed Shedloads of WPA Handshakes for Various BSSIDs Whilst I've Been Away. As I'm Used to Using the Tutorials on Here (Whereby You Use the -W Command to Create a File for the Captured 'Shakes) I've No Idea Where to Find the Handshakes. I Know I Need to Make a Start on the Linux Basics Tutorials but Any Assistance in the Interim on Locating and Getting to Grips on the 'Shakes I've Grabbed Would Be Appreciated.
Forum Thread: Confused Noob
- Hot
- Active
-
Forum Thread: Hack and Track People's Device Constantly Using TRAPE 32 Replies
19 hrs ago -
Forum Thread: 12 Ways How to Hack Any Social Network and Protect Yourself 2018 1 Replies
1 day ago -
Metasploit Error: Handler Failed to Bind 40 Replies
4 days ago -
Forum Thread: How to Know if You Are a Script Kiddie? 9 Replies
2 wks ago -
Forum Thread: How to Identify and Crack Hashes 8 Replies
2 wks ago -
Forum Thread: How to Hack School Website 8 Replies
3 wks ago -
Forum Thread: Whenever I Try "Airmon-Ng Start wlan0" There's an Error? 16 Replies
3 wks ago -
Forum Thread: How to Fix 'Failed to Detect and Mount CD-ROM' Problem When Installing Kali Linux 14 Replies
3 wks ago -
Forum Thread: Awesome Keylogging Script - BeeLogger 30 Replies
1 mo ago -
Forum Thread: How to Hack Android Phone Using Same Wifi 27 Replies
1 mo ago -
Forum Thread: Complete Guide to Creating and Hosting a Phishing Page for Beginners 48 Replies
1 mo ago -
Forum Thread: Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom? 121 Replies
1 mo ago -
How to: Minecraft DoS'Ing with Python. 1 Replies
2 mo ago -
Forum Thread: HELP I Created an Apk for Hacking My Phone Using Kali Linux in Virtual Box How Can I Install That Apk on My Phone 17 Replies
2 mo ago -
Forum Thread: Tools for Beginner Hacker 3 Replies
2 mo ago -
Forum Thread: How to Embed an Android Payload in an Image? 9 Replies
3 mo ago -
Forum Thread: Metasploit reverse_tcp Handler Problem 46 Replies
3 mo ago -
Forum Thread: HACK ANDROID with KALI USING PORT FORWARDING(portmap.io) 11 Replies
3 mo ago -
Forum Thread: Fix Initramfs Problem 5 Replies
3 mo ago -
Forum Thread: Kali Wont Start, Stuck at Kali Login: 21 Replies
4 mo ago
-
How To: Dox Anyone
-
How To: Top 10 Things to Do After Installing Kali Linux
-
How To: Manually Exploit EternalBlue on Windows Server Using MS17-010 Python Exploit
-
How To: Enumerate SMB with Enum4linux & Smbclient
-
How to Hack Wi-Fi: Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To: Create Custom Wordlists for Password Cracking Using the Mentalist
-
How To: Brute-Force Nearly Any Website Login with Hatch
-
How To: Crack SSH Private Key Passwords with John the Ripper
-
How To: Gain SSH Access to Servers by Brute-Forcing Credentials
-
Android for Hackers: How to Turn an Android Phone into a Hacking Device Without Root
-
How to Hack Wi-Fi: Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To: Find Vulnerable Webcams Across the Globe Using Shodan
-
How To: Automate Wi-Fi Hacking with Wifite2
-
How To: Phish for Social Media & Other Account Passwords with BlackEye
-
Hack Like a Pro: How to Remotely Install a Keylogger onto Your Girlfriend's Computer
-
How To: Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To: Find Identifying Information from a Phone Number Using OSINT Tools
-
BT Recon: How to Snoop on Bluetooth Devices Using Kali Linux
-
How To: Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To: Spy on Traffic from a Smartphone with Wireshark
2 Responses
Ciuffy is correct about the headline - I don't post much and was rushing off to a beer festival. Many thanks for your help.
A few things you can do (assuming you're using Kali):
Open up a terminal and run from the command line:
wpaclean new.cap old.cap
Note that the order in this is the opposite of what you'll usually see -- enter the file name you want to give your clean cap file FIRST, and then the file of the one you have now. e.g.
wpaclean SmallCap.cap HugeCapBecauseILeftAirCrackRunning.cap
This will strip the file down to only the relevant handshakes (you only need two from each set, but they have to be the right two).
pyrit -r Old.cap -o New.cap strip
This will strip it down to just handshakes, but won't pre-select them for you.
After that you can run:
pyrit -r New.cap analyze
This will return a list of all handshakes, and tell you if they're usable ("good spread") or not.
And, finally, you can do it manually by opening the cap file in wireshark and selecting individual packets. See this for an explanation:
http://aircrack-ng.org/doku.php?id=wpa_capture&DokuWiki=074d5917c87bb3032d8c42de85f2e8da
Caveat:
I've only ever used these on cap files that captured handshakes from a single ESSID. Not certain how they'll work if you have dozens of different ESSIDs in there.
What I've done is run pyrit strip on the cap file first, run pyrit analyze on it, and then run it through wpaclean. Then I'll open up the final cap file in wireshark and make sure they all look good. But I think you can get away with just wpaclean.
Share Your Thoughts