Skip to content
/ pcap-extractors Public

Containerized applications for extracting hashes from network capture files.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ThatOnePasswordWas40Passwords/pcap-extractors

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.github/workflows
.github/workflows
 
 
scripts
scripts
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
IMG_NAME
IMG_NAME
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
VERSION
VERSION
 
 

Repository files navigation

pcap-extractor

Pre-built, containerized applications for extraction methods of assorted auth types for cracking assorted packet capture authentication methods.

Running

See: Latest published container for more information.

For supported <bin>s, refer to currently packaged section.

export INFILE=/some/absolute/path/to/input.pcap

docker run --rm \
  -it \
  -v $(pwd):/workdir \
  -v ${INFILE}:/input.pcap \
  --platform linux/amd64 \
  ghcr.io/thatonepasswordwas40passwords/pcap-extractor:0.1.3 \
    <bin> <flags> /input.pcap

Currently packaged

hcxtools

All credit belongs to https://github.com/ZerBea/hcxtools/tree/master for bins.

hcxpcapngtool

Tool to convert raw capture files to Hashcat and JtR readable formats.

export INFILE=/some/absolute/path/to/input.pcap

docker run --rm \
  -it \
  -v $(pwd):/workdir \
  -v ${INFILE}:/input.pcap \
  --platform linux/amd64 \
  ghcr.io/thatonepasswordwas40passwords/pcap-extractor:0.1.3 \
    hcxpcapngtool -o output.hash /input.pcap

Genrated hashfile will be in $(pwd)/output.hash.

hcxhashtool

Tool to filter hashes from HC22000 files based on user input.

export INFILE=/some/absolute/path/to/hash.file

docker run --rm \
  -it \
  -v $(pwd):/workdir \
  -v ${INFILE}:/input.hash \
  --platform linux/amd64 \
  ghcr.io/thatonepasswordwas40passwords/pcap-extractor:0.1.3 \
    hcxhashtool -i /input.hash

hcxpsktool

Tool to get weak PSK candidates from hash files or user input.

hcxpmktool

Tool to calculate and verify a PSK and/or a PMK.

hcxeiutool

Tool to prepare -E -I -U output of hcxpcapngtool for use by Hashcat + rule or JtR + rule.

hcxwltool

Tool to calculate candidates for Hashcat and JtR based on mixed wordlists.

hcxhash2cap

Tool to convert hash files (PMKID&EAPOL, PMKID, EAPOL-hccapx, EAPOL-hccap, WPAPSK-john) to cap.

wlancap2wpasec

Tool to upload multiple (gzip compressed) pcapng, pcap and cap files to https://wpa-sec.stanev.org

whoismac

Tool to show vendor information and/or download oui reference list.

Know of/want any more?

Drop an issue for [request]: <tool> and I'll look into adding it.

Requirements (building)

CI

Builds are automatically triggered and published regularly as part of this repository's pull request process.

Manually

  • docker cli
  • Container engine (tested with colima on macOS)
  • GNU Make and GNU utils

Build

make

... verbosely:

make VERBOSE=y

... with arbitrary docker CLI args, use envar EXTRA_DOCKER_ARGS:

make VERBOSE=y EXTRA_DOCKER_ARGS="--no-cache <etc.>"

Publish

Need access to Github Container Registry set up, then:

make PUBLISH=y

About

Containerized applications for extracting hashes from network capture files.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages