View Full Version : How do I use .hash word list files to pentest?
I downloaded what I thought was a ready to use 7gb wordlist, when I -xvf'd the tarball, I discovered a bunch of .hash files? I tried to use them to pentest my router but I receive a "no such file or directory" error. Is this just a chmod problem or is there a special way to use these wordlists?
could you provide us the exact command you put to receive this error?
could you provide us the exact command you put to receive this error?
Thank you for your attention. aircrack-ng -w /root/7gb%20set/*.hash /root/*.cap
Note: I'm logged in as root, '7gb set' is a folder with 3900 .hash files inside and I only have one capture file in the/root Home folder. My hope was that it would step through all the tables to search out a match.
if you work with a single .hash and single .cap did it work?(so the full name instead of *.
Not to be obnoxious but in earnest; why would that make a difference?
because my guess is that aircrack try to find a file named literally : "*.pcacp" and "*.hash"
because my guess is that aircrack try to find a file named literally : "*.pcacp" and "*.hash"
I did as you suggested with no change in result. Does aircrack-ng read/accept .hash files for p/w matching? I'm tempted to delete these .hash files and just use a plain wordlist in .txt format. Please point me to a good source of these if you or anyone reading can.
Next issue:
My router is listed as pixiewps vulnerable but when I run the following in my updated Kali:
reaver -i wlan0mon -b XX:XX:XX:XX:XX:XX -K 1 -g 4 -N -Z -vv
it cannot find the WPS pin. I'm afraid of a false sense of security here so what can I tweak to get a better pentest? Does the pixiewps script in Kali 2.0 recognize the results of the -N (NACK flag)? Is using the -S (dhsmall flag) still recommended? What about changing the starting number pin try sequence?