Comment on page

Cracking WPA2 Handshake

This section will cover how to crack a WPA2 handshakes captured with the previously showcased attack vector


We need to convert the captured .pcap file into .hccapx format in order to start cracking with it. There's a tool named cap2hccapx which can help us do this. However, we first need to download and compile it on our unix system.

Compiling cap2hccapx

  • Downloading Source
  • Compiling Tool
gcc -o cap2hccapx cap2hccapx.c
  • Testing Tool


Now that we have the tool compiled and ready to go, we can convert the file and prep it for cracking!
cap2hccapx E4-6F-13-FA-AD-E0_partial.pcap capture.hccapx

Cracking with .hccapx

I'll be using Hashcat for the cracking on my host machine. Here's a post where I explain why cracking on the host machine is better 😊!
.\hashcat.exe -m 2500 .\hashes\capture.hccapx .\wordlists\rockyou.txt --force
tinkerbell is the PSK of the network in question
We were successfully able to crack the handshake and retrieve the password to the lab network!