Comments (3)
ZerBea
commented on September 28, 2024
1
Thanks.
That dump file contain faulty timestamps (two packets at the same time is not possible):
$ tshark -r Ziggo6611EA8_546751b90ca6.pcapng -T fields -e frame.number -e frame.time
...
5 Jan 31, 2024 12:14:53.098470317 CET
6 Jan 31, 2024 12:14:53.098470317 CET
7 Jan 31, 2024 12:14:53.100778137 CET
8 Jan 31, 2024 12:14:53.100778137 CET
...
And it contains faulty interface information (Number of interfaces in file: 91):
$ capinfos Ziggo6611EA8_546751b90ca6.pcapng
File name: Ziggo6611EA8_546751b90ca6.pcapng
File type: Wireshark/... - pcapng
File encapsulation: IEEE 802.11 plus radiotap radio header
File timestamp precision: nanoseconds (9)
Packet size limit: file hdr: (not set)
Number of packets: 96
File size: 41 kB
Data size: 27 kB
Capture duration: 165,605046167 seconds
First packet time: 2024-01-31 12:13:40,221948029
Last packet time: 2024-01-31 12:16:25,826994196
Data byte rate: 164 bytes/s
Data bit rate: 1.315 bits/s
Average packet size: 283,66 bytes
Average packet rate: 0 packets/s
SHA256: 6cb813c8d7bde813cf782e970bbca2e692726dac93c81454bc184e752682d1dc
SHA1: 26d925f632df6fb677bfd5632fda29a620470a03
Strict time order: False
Section 0:
Capture hardware: arm64
Capture oper-sys: linux
Capture application: gopacket
Number of interfaces in file: 91
Interface #0 info:
Name = wlan0mon
Encapsulation = IEEE 802.11 plus radiotap radio header (23 - ieee-802-11-radiotap)
Capture length = 0
Time precision = nanoseconds (9)
Time ticks per second = 1000000000
Time resolution = 0x09
Operating system = linux
Number of stat entries = 0
Number of packets = 96
Interface #1 info:
Name = wlan0mon
Encapsulation = IEEE 802.11 plus radiotap radio header (23 - ieee-802-11-radiotap)
Capture length = 0
Time precision = nanoseconds (9)
Time ticks per second = 1000000000
Time resolution = 0x09
Operating system = linux
Number of stat entries = 0
Number of packets = 0
...
We can close this here, because the issue is related to gopacket.
For the analysis I've used tshark and capinfos from Wireshark suite.
from hcxtools.
ZerBea
commented on September 28, 2024
Yes, the application (application: gopacket) stored a faulty interface description block and hcxpcapngtool throws a warning (maximum of supported interfaces reached: 255).
And it looks like it destroys the time stamps, too.
Please add a gopacket pcapng file.
BTW:
hcxpcapngtool understand pcapng/pcap and cap format. There is absolutely no need to convert dump files.
You have not set -o option. As a result hcxpcangtool does not save converted hashes to a hc22000 file.
from hcxtools.
jayofelony
commented on September 28, 2024
Bettercap in its original form saves all captures as pcap, I am trying to get it to save as pcapng by default now.
from hcxtools.
Related Issues (20)
- handshake detection HOT 40
- Check PMKID HOT 10
- ignore ie HOT 34
- Warning: out of sequence timestamps! hcxpcapngtool/hcxdumptool HOT 9
- wifite ends in an infinite loop HOT 6
- About using - o some questions HOT 17
- atal error: openssl/core.h: No such file or directory HOT 3
- valid message pairs and nonce-error-corrections HOT 29
- hcxhash2cap not working on some files HOT 18
- feature request: hcxhashtool - add import function of deprecatred hccapx hash files HOT 1
- feature request: hcxhashtool - add import function of ancient hccap hash file HOT 1
- please help me in this issue HOT 1
- fatal error: openssl/sha.h: No such file or directory (misconfigured KALI distribution) HOT 9
- Issue with cap2hccapx.bin not producing readable hash HOT 7
- Please add obtain BSSID HOT 11
- Package Offers to Uninstall 1000+ packages on Debian kali-pi HOT 1
- Please add more detailed valid hash info HOT 19
- KALI Linux: unable to install i tried everything i could HOT 2
- Convert hccap (hccapx) to pcap (pcapng) HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hcxtools.