Description
hcxtools is a set of tools for capturing, converting, and analyzing WPA/WPA2 handshakes and PMKID hashes. Works with hcxdumptool for capture and converts to hashcat/John formats.
Installation
BASH
sudo apt install hcxtools hcxdumptool
# From source
git clone https://github.com/ZerBea/hcxtools && cd hcxtools && make && sudo make install
git clone https://github.com/ZerBea/hcxdumptool && cd hcxdumptool && make && sudo make installBasic Usage
BASH
# Capture PMKID + handshakes
sudo hcxdumptool -i wlan0mon -o capture.pcapng --enable_status=1
# Convert to hashcat format
hcxpcapngtool -o hash.hc22000 capture.pcapng
# Crack with hashcat
hashcat -m 22000 hash.hc22000 wordlist.txtAdvanced Usage
BASH
# Target specific AP
sudo hcxdumptool -i wlan0mon -o capture.pcapng --filterlist_ap=AA:BB:CC:DD:EE:FF --filtermode=2
# Convert old cap to new format
hcxpcapngtool -o hash.hc22000 old_capture.cap
# Extract PMKID only
hcxpcapngtool --pmkid-eapol=pmkid_only.hc22000 capture.pcapng
# Show capture info
hcxpcapngtool --info=stdout capture.pcapngCommon Workflows
BASH
# Automated PMKID capture + crack
sudo hcxdumptool -i wlan0mon -o cap.pcapng --enable_status=1 --active_beacon
hcxpcapngtool -o hash.hc22000 cap.pcapng
hashcat -m 22000 hash.hc22000 rockyou.txt -r best64.rule