Academy - Cracking Passwords with Hashcat

Somebody have complete this answert?
“Perform MIC cracking using the attached .cap file”
I download and use the bin but hashcat don’t find nothing.

I had the same problem. When I used a hash created with hcxpcaptool instead of cap2hccapx.bin, as is intended for the second hash, hashcat informed me that the hash was already in my potfile.
Have a look at ~/.hashcat/hashcat.potfile and see if it’s already cracked.

Thank’s.

My problem it’s about the first question. Do you solve it?

Yes, I talked about the first question. Look in hashcat.potfile if there is a cracked password you haven’t entered yet. If not, try again with hcxpcaptool and look again. I have no idea what went wrong, because hashcat didn’t tell me about a successful crack either, but it was there.

I had to same issue with the first hash (MIC) - it was cracked in the pot file but hashcat never told me that. Thanks @iougiri as I was starting to go down the road of rules etc which take a very long time and didn’t feel right.

Its a useful common sense check for future projects…

1 Like

i had difficulties with the second hash also. I couldnt get ‘hcxpcaptool’ + dependencies to install. I’m using kali so looked on hcxtools | Kali Linux Tools where there was an alternative method. Eventually i found a program called ‘hcxpcapngtool’ (notice the different spelling to above) using the locate command. I don’t know if it was already installed on kali or I installed it from the link above… When you use the tool you have to look at the options and use the right flag as it considers the pkmid output depreciated.

I hope that helps

You’re wecome. Great that it helped you.

Hey all, I am attempting to solve question 1.

However, hashcat does not show any cracked password. The hashat.potfile does not show anything either. And whenever I try to crack it on my own Kali I get the error that plugin 2500 is deprecated.

I am not sure what to do. Any advice / tips would be very much appreciated.

All the best.

I want to follow up with this by saying that I was able to figure it out thanks to johneverist’s hcxpcaptool tip.

PMKID is deprecated using that tool so you have to make sure you use the right flag.

This was a hard one, and I believe that it needs updating because the instructions are not up to date. I am grateful for the challenge though because I feel like I learned alot through this trial and error!

Cheers.

For those getting the 2500 deprecated message on the MIC question: I saw the tip from @silentsolace and wanted to note that the hcxpcaptool is now called hcxpcapngtool (if you git clone the latest version). You can git clone the hcxtools as described in the lesson, then use the -h option for hcxpcapngtool–there is an option to output the .cap file to a -m 22000 file for hashcat. Then crack it using -m 22000 and rockyou.txt. Feel free to DM me if you’re still stuck!

For both flags:

hcxpcapngtool -o <xxxxx.cap>

hashcat -a 0 -m 22000 /usr/share/wordlists/rockyou.txt

You can try and use -m2500 for the mode and then at the end put --deprecated-check-disable.