# PMKID Hash Capture

## <mark style="color:blue;">What is a PMKID Attack</mark>

The PMKID attack is a method used to crack WPA/WPA2-PSK Wi-Fi passwords. It targets the Pairwise Master Key Identifier (PMKID) exchange process in the 4-way handshake of the WPA/WPA2 authentication process. By capturing a PMKID hash and using a brute-force or dictionary attack, an attacker can attempt to recover the Wi-Fi password. This attack takes advantage of a weakness in the WPA/WPA2 protocol and the use of weak or easily guessable passwords. It is important to note that performing this attack without proper authorization is illegal and unethical. It is crucial to ensure the security of Wi-Fi networks by using strong passwords and implementing additional security measures.

## <mark style="color:blue;">Steps to follow to capture the PMKID Hash</mark>

1. installing Tools

you should install two tools: hcxdumptool , hcxpcapngtool

{% embed url="<https://github.com/ZerBea/hcxdumptool>" %}

{% embed url="<https://github.com/ZerBea/hcxtools>" %}

{% hint style="info" %}
Just Follow Steps in the GitHub Repository to download them&#x20;
{% endhint %}

2. Stop all services accessing the WIFI Network

```
sudo systemctl stop NetworkManager.service 
sudo systemctl stop wpa_supplicant.service
```

3. Capturing WIFI Network

```
sudo hcxdumptool -i [interface] -o dumpfile.pcapng --active_beacon --enable_status=15
```

{% hint style="info" %}
Now, let this command run for some time to capture the required information
{% endhint %}

4. Start WIFI Network services again

```
sudo systemctl start wpa_supplicant.service 
sudo systemctl start NetworkManager.service
```

You can crack the pcapng file "dumpfile.pcapng" using a wordlist (like in the previous test) or using Hashcat:

{% content-ref url="hashcat-cracking" %}
[hashcat-cracking](https://hackingforbabies.gitbook.io/en/wifi-cracking/hashcat-cracking)
{% endcontent-ref %}

## <mark style="color:blue;">Other YouTube Tutorials</mark>&#x20;

You can check those YouTube Videos/Tutorials about PMKID Hash Capture:

* [This YouTube Video](https://www.youtube.com/watch?v=Usw0IlGbkC4) created by [David Bombal](https://www.youtube.com/@davidbombal)
* [This YouTube Video](https://www.youtube.com/watch?v=1yaHe7zWg1k) created by [Null Byte](https://www.youtube.com/@NullByteWHT)

{% embed url="<https://null-byte.wonderhowto.com/how-to/hack-wi-fi-cracking-wpa2-passwords-using-new-pmkid-hashcat-attack-0189379/>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hackingforbabies.gitbook.io/en/wifi-cracking/pmkid-hash-capture.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.