James Eduard

James Eduard

  • Hacking
  • Information Gathering

    • Hashcatch – Capture Handshakes Of Nearby WiFi Networks Automatically

    pir8g33k2 mins0

    [vc_row][vc_column][vc_column_text]Hashcatch deauthenticates clients connected to all nearby WiFi networks and tries to capture the handshakes. It can be used in any linux device including Raspberry Pi and Nethunter devices so that you can capture handshakes while walking your dog

    Written by @SivaneshAshok

    PoC of hashcatch (running with a couple of WiFi networks within range)

    hashcatch PoC

    Install from source

    1. git clone https://github.com/staz0t/hashcatch
    2. Install the prerequisites and ensure that they are working properly
    3. [optional] Add the hashcatch directory to your PATH
    4. ./hashcatch --setup
    5. Answer the prompts
    6. And done!

    Install using packages

    1. Download the respective package for your distribution from releases
    2. Run sudo pacman -U ./hashcatch-<ver>-1-any.pkg.tar.xz or sudo apt install ./hashcatch_<ver>_all.deb
    3. sudo hashcatch --setup
    4. Answer the prompts
    5. And done!

    Prerequisites

    • aircrack-ng
    • hashcat-utils
    • hcxtools
    • jq

    Usage

    sudo hashcatch to start hashcatch

    hashcatch --help to print the help screen

    • Hashcatch runs indefinitely until keyboard interrupt
    • Handshakes captured will be stored in /usr/share/hashcatch/handshakes/
    • The captured WiFi network’s BSSID and ESSID will be added to /usr/share/hashcatch/db
    • If you’re targeting a wifi network, spend around 20 to 30 seconds within the wifi’s range to ensure handshake capture
    • [Experimental] If you are connected to the internet while capturing, the following data will also be added to the db file
      • latitude
      • longitude
      • signal radius
      • time of record
      • Note: Kudos to Alexander Mylnikov for the API he’s running that returns the location details of a router’s MAC address using public databases

    The Configuration file

    • The configuration file can be found in /etc/hashcatch/hashcatch.conf
    • You can later edit the “interface” field to set the interface of your choice
    • You can also add an “ignore” field to mention the WiFi networks you want hashcatch to ignore while running
    • Refer the example given below to know about the format in which entries should be added to the configuration file
    • Format option name=option1,option2,option3
    • No space in between option name, equal sign and options
    • Example
    interface=wlan0
ignore=Google Starbucks,AndroidAP

    Features to be added

    • More location features
    • Automatic upload to websites to start cracking the handshake
    • PMKID attack
    • Pixiedust attack for WPS enabled networks
    • More location features
    • Automatically check handshakes with a rainbow table

      Download at Github

    pir8g33k

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Related Articles

    2 mins
    You May Have Missed