Mark James Actor Love Boat, Articles H

kali linux 2020.4 The total number of passwords to try is Number of Chars in Charset ^ Length. I've had successful steps 1 & 2 but unsuccessful step 3. wlan2 is a compatible ALFA and is in monitor mode but I'm having the errors below. Connect and share knowledge within a single location that is structured and easy to search. You might sometimes feel this feature as a limitation as you still have to keep the system awake, so that the process doesnt gets cleared away from the memory. Hashcat says it will take 10 years using ?a?a?a?a?a?a?a?a?a?a AND it will take almost 115 days to crack it when I use ?h?h?h?h?h?h?h?h?h?h. ", "[kidsname][birthyear]", etc. The latest attack against the PMKID uses Hashcat to crack WPA passwords and allows hackers to find networks with weak passwords more easily. The following command is and example of how your scenario would work with a password of length = 8. hashcat -m 2500 -a 3 capture.hccapx ?d?d?d?d?d?d?d?d gru wifi Don't do anything illegal with hashcat. lets have a look at what Mask attack really is. The -a 3 denotes the "mask attack" (which is bruteforce but more optimized). If we have a WPA2 handshake, and wanted to brute force it with -1 ?l?u?d for starters, but we dont know the length of the password, would this be a good start? It had a proprietary code base until 2015, but is now released as free software and also open source. Education Zone Human-generated strings are more likely to fall early and are generally bad password choices. Why Fast Hash Cat? Instagram: https://www.instagram.com/davidbombal Cisco Press: Up to 50% discount Does it make any sense? First of all find the interface that support monitor mode. Start the attack and wait for you to receive PMKIDs and / or EAPOL message pairs, then exit hcxdumptool. There is no many documentation about this program, I cant find much but to ask . Versions are available for Linux, OS X, and Windows and can come in CPU-based or GPU-based variants. The network password might be weak and very easy to break, but without a device connected to kick off briefly, there is no opportunity to capture a handshake, thus no chance to try cracking it. Change your life through affordable training and education. You can audit your own network with hcxtools to see if it is susceptible to this attack. Aside from aKali-compatible network adapter, make sure that youve fully updated and upgraded your system. I think what am looking for is, if it means: Start incrementing from 8 up to 12, given the custom char set of lower case, upper case, and digits, Sorry that was a typo, it was supposed to be -a 3 -1 ?l?u?d, (This post was last modified: 02-18-2015, 07:28 PM by, (This post was last modified: 02-18-2015, 08:10 PM by, https://hashcat.net/wiki/doku.php?id=masm_charsets, https://hashcat.net/wiki/doku.php?id=mask_attack. Is it normal that after I install everithing and start the hcxdumptool, it is searching for a long time? Hashcat: 6:50 Brute force WiFi WPA2 - David Bombal You can audit your own network with hcxtools to see if it is susceptible to this attack. Breaking this down, -i tells the program which interface we are using, in this case, wlan1mon. I challenged ChatGPT to code and hack (Are we doomed? This is where hcxtools differs from Besside-ng, in that a conversion step is required to prepare the file for Hashcat. Is it a bug? Next, change into its directory and run make and make install like before. DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna GPU has amazing calculation power to crack the password. The old way of cracking WPA2 has been around quite some time and involves momentarilydisconnecting a connected devicefrom the access point we want to try to crack. Rather than relying on intercepting two-way communications between Wi-Fi devices to try cracking the password, an attacker can communicate directly with a vulnerable access point using the new method. To learn more, see our tips on writing great answers. The ways of brute-force attack are varied, mainly into: Hybrid brute-force attacks: trying or submitting thousands of expected and dictionary words, or even random words. rev2023.3.3.43278. Using a tool like probemon, one can sometimes instead of SSID, get a WPA passphrase in clear. Make sure that you are aware of the vulnerabilities and protect yourself. The second source of password guesses comes from data breaches thatreveal millions of real user passwords. Overview Brute force WiFi WPA2 David Bombal 1.62M subscribers Subscribe 20K 689K views 2 years ago CompTIA Security+ It's really important that you use strong WiFi passwords. By clicking Accept all cookies, you agree Stack Exchange can store cookies on your device and disclose information in accordance with our Cookie Policy. To do so, open a new terminal window or leave the /hexdumptool directory, then install hxctools. Kali Installation: https://youtu.be/VAMP8DqSDjg What is the correct way to screw wall and ceiling drywalls? And he got a true passion for it too ;) That kind of shit you cant fake! Additional information (NONCE, REPLAYCOUNT, MAC, hash values calculated during the session) are stored in pcapng option fields. Is it plausible for constructed languages to be used to affect thought and control or mold people towards desired outcomes? By clicking Post Your Answer, you agree to our terms of service, privacy policy and cookie policy. Refresh the page, check Medium 's site. wpa2 As you add more GPUs to the mix, performance will scale linearly with their performance. Simply type the following to install the latest version of Hashcat. Brute forcing Password with Hashcat Mask Method - tbhaxor How can I do that with HashCat? What sort of strategies would a medieval military use against a fantasy giant? It is collecting Till you stop that Program with strg+c. Staging Ground Beta 1 Recap, and Reviewers needed for Beta 2. How do I bruteforce a WPA2 password given the following conditions? Then, change into the directory and finish the installation withmakeand thenmake install. it is very simple. Running the command should show us the following. 2023 Network Engineer path to success: CCNA? Is Fast Hash Cat legal? Try:> apt-get install libcurl4-openssl-dev libssl-dev zlib1g-dev libpcap-dev, and secondly help me to upgrade and install postgresql10 to postgresql11 and pg_upgradecluster. Copy file to hashcat: 6:31 hashcat (v5.0.0-109-gb457f402) starting clGetPlatformIDs(): CLPLATFORMNOTFOUNDKHR, To use hashcat you have to install one of these, brother help me .. i get this error when i try to install hcxtools..nhcx2cap.c -lpcapwlanhcx2cap.c:12:10: fatal error: pcap.h: No such file or directory#include ^~~~~~~~compilation terminated.make: ** Makefile:81: wlanhcx2cap Error 1, You need to install the dependencies, including the various header files that are included with `-dev` packages. Aside from a Kali-compatible network adapter, make sure that you've fully updated and upgraded your system. Then unzip it, on Windows or Linux machine you can use 7Zip, for OS X you should use Unarchiever. Wifite aims to be the set it and forget it wireless auditing tool. You are a very lucky (wo)man. oclHashcat*.exefor AMD graphics card. Overview: 0:00 It says started and stopped because of openCL error. So each mask will tend to take (roughly) more time than the previous ones. Not the answer you're looking for? The objective will be to use a Kali-compatible wireless network adapter to capture the information needed from the network to try brute-forcing the password. In our test run, none of the PMKIDs we gathered contained passwords in our password list, thus we were unable to crack any of the hashes. To start attacking the hashes weve captured, well need to pick a good password list. You can use the help switch to get a list of these different types, but for now were doing WPA2 so well use 2500. what do you do if you want abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 and checking 8 or more characters? Well use interface WLAN1 that supports monitor mode, 3. Hashcat Tutorial on Brute force & Mask Attack step by step guide It only takes a minute to sign up. So each mask will tend to take (roughly) more time than the previous ones. You'll probably not want to wait around until it's done, though. hashcat will start working through your list of masks, one at a time. When it finishes installing, well move onto installing hxctools. For the first one, there are 8 digits left, 24 lower and 24 upper case, which makes a total of 56 choices (or (26+26+10-6), the type does not longer matter. This is the true power of using cudaHashcat or oclHashcat or Hashcat on Kali Linux to break WPA2 WPA passwords. How can I explain to my manager that a project he wishes to undertake cannot be performed by the team? Since then the phone is sending probe requests with the passphrase in clear as the supposedly SSID. Want to start making money as a white hat hacker? Quite unrelated, instead of using brute force, I suggest going to fish "almost" literally for WPA passphrase. GitHub - lpolone/aws-hashcat: A AWS & Hashcat environment for WPA2 The filename well be saving the results to can be specified with the-oflag argument. Just add session at the end of the command you want to run followed by the session name. cudaHashcat64.exe The program, In the same folder theres a cudaHashcat32.exe for 32 bit OS and cudaHashcat32.bin / cudaHashcat64.bin for Linux. Computer Engineer and a cyber security enthusiast. The quality is unmatched anywhere! I hope you enjoyed this guide to the new PMKID-based Hashcat attack on WPA2 passwords! yours will depend on graphics card you are using and Windows version(32/64). It works similar to Besside-ng in that it requires minimal arguments to start an attack from the command line, can be run against either specific targets or targets of convenience, and can be executed quickly over SSH on a Raspberry Pi or another device without a screen. Why are non-Western countries siding with China in the UN? Topological invariance of rational Pontrjagin classes for non-compact spaces. Time to crack is based on too many variables to answer. I dream of a future where all questions to teach combinatorics are "How many passwords following these criteria exist?". Start Wifite: 2:48 I asked the question about the used tools, because the attack of the target and the conversion to a format that hashcat accept is a main part in the workflow: Thanks for your reply. Analog for letters 26*25 combinations upper and lowercase. Hashcat Hashcat is the self-proclaimed world's fastest CPU-based password recovery tool. Once you have a password list, put it in the same folder as the .16800 file you just converted, and then run the following command in a terminal window. Its really important that you use strong WiFi passwords. Making statements based on opinion; back them up with references or personal experience. 4. Brute force WiFi WPA2 - YouTube The latest attack against the PMKID uses Hashcat to crack WPA passwords and allows hackers to find networks with weak passwords more easily. Buy results securely, you only pay if the password is found! WPA3 will be much harder to attack because of its modern key establishment protocol called "Simultaneous Authentication of Equals" (SAE). This command is telling hxcpcaptool to use the information included in the file to help Hashcat understand it with the-E,-I, and-Uflags. And we have a solution for that too. While the new attack against Wi-Fi passwords makes it easier for hackers to attempt an attack on a target, the same methods that were effective against previous types of WPA cracking remain effective. Stack Exchange network consists of 181 Q&A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers. Asking for help, clarification, or responding to other answers. hashcat: /build/pocl-rUy81a/pocl-1.1/lib/CL/devices/common.c:375: poclmemobjscleanup: Assertion `(event->memobjsi)->pocl_refcount > 0' failed. Is a PhD visitor considered as a visiting scholar? Cracking WiFi (WPA2) Password using Hashcat and Wifite | by Govind Sharma | Medium Sign up Sign In 500 Apologies, but something went wrong on our end. ================ In our command above, were using wlan1mon to save captured PMKIDs to a file called galleria.pcapng. While you can specify anotherstatusvalue, I havent had success capturing with any value except1. Buy results. This will most likely be your result too against any networks with a strong password but expect to see results here for networks using a weak password. In combination this is ((10*9*26*25*26*25*56*55)) combinations, just for the characters, the password might consist of, without knowing the right order. After chosing all elements, the order is selected by shuffling. Next, the --force option ignores any warnings to proceed with the attack, and the last part of the command specifies the password list we're using to try to brute force the PMKIDs in our file, in this case, called "topwifipass.txt.". If you can help me out I'd be very thankful. Dont Miss:Null Bytes Collection of Wi-Fi Hacking Guides, Your email address will not be published. The -a flag tells us which types of attack to use, in this case, a "straight" attack, and then the -w and --kernel-accel=1 flags specifies the highest performance workload profile. If you don't, some packages can be out of date and cause issues while capturing. This article is referred from rootsh3ll.com. Hashcat command bruteforce decrypt wpa/wpa2 key using more then one successful handshake, ProFTPd hashing algorhythm - password audit with hashcat. How can we factor Moore's law into password cracking estimates? This tells policygen how many passwords per second your target platform can attempt. If either condition is not met, this attack will fail. kali linux Site design / logo 2023 Stack Exchange Inc; user contributions licensed under CC BY-SA. Need help? It works similar toBesside-ngin that it requires minimal arguments to start an attack from the command line, can be run against either specific targets or targets of convenience, and can be executed quickly over SSH on aRaspberry Pior another device without a screen. If your network doesnt even support the robust security element containing the PMKID, this attack has no chance of success. It's worth mentioning that not every network is vulnerable to this attack. The nature of simulating nature: A Q&A with IBM Quantum researcher Dr. Jamie We've added a "Necessary cookies only" option to the cookie consent popup. Is a collection of years plural or singular? Hey, just a questionis there a way to retrieve the PMKID from an established connection on a guest network? Code: DBAF15P, wifi hashcat will start working through your list of masks, one at a time. How does the SQL injection from the "Bobby Tables" XKCD comic work? 03. You only get the passphrase but as the user fails to complete the connection to the AP, the SSID is never seen in the probe request. Can be 8-63 char long. fall very quickly, too. As Hashcat cracks away, youll be able to check in as it progresses to see if any keys have been recovered. Does Counterspell prevent from any further spells being cast on a given turn? How do I align things in the following tabular environment? Now we are ready to capture the PMKIDs of devices we want to try attacking. With this complete, we can move on to setting up the wireless network adapter. The guides are beautifull and well written down to the T. And I love his personality, tone of voice, detailed instructions, speed of talk, it all is perfect for leaning and he is a stereotype hacker haha! hcxdumptool -i wlan1mon -o galleria.pcapng --enable__status=1, hcxdumptool -i wlan1mon -o galleria.pcapng --enable_status=1. When the handshake file was transferred to the machine running hashcat, it could start the brute-force process. NOTE: Once execution is completed session will be deleted. First of all, you should use this at your own risk. Is there a single-word adjective for "having exceptionally strong moral principles"? First, take a look at the policygen tool from the PACK toolkit. View GPUs: 7:08 Would it be more secure to enforce "at least one upper case" or to enforce "at least one letter (any case)". Udemy CCNA Course: https://bit.ly/ccnafor10dollars I don't know where the difference is coming from, especially not, what binom(26, lower) means. The second downside of this tactic is that it's noisy and legally troubling in that it forces you to send packets that deliberately disconnect an authorized user for a service they are paying to use. (The policygen tool that Royce used doesn't allow specifying that every letter can be used only once so this number is slightly lower.). based brute force password search space? Multiplied the 8!=(40320) shufflings per combination possible, I reach therefore. It can get you into trouble and is easily detectable by some of our previous guides. On Aug. 4, 2018, apost on the Hashcat forumdetailed a new technique leveraging an attack against the RSN IE (Robust Security Network Information Element) of a single EAPOL frame to capture the needed information to attempt a brute-force attack. All equipment is my own. I changed hcxpcaptool to hcxpcapngtool but the flag "-z" doesn't work and there is no z in the help file. Learn how to secure hybrid networks so you can stop these kinds of attacks: https://davidbombal.wiki/me. Hashcat is the self-proclaimed world's fastest CPU-based password recovery tool. comptia Movie with vikings/warriors fighting an alien that looks like a wolf with tentacles. Are there significant problems with a password generation pattern using groups of alternating consonants/wovels? Well, it's not even a factor of 2 lower. I used, hashcat.exe -a 3 -m 2500 -d 1 wpa2.hccapx -increment (password 10 characters long) -1 ?l?d (, Speed up cracking a wpa2.hccapx file in hashcat, How Intuit democratizes AI development across teams through reusability. For closer estimation, you may not be able to predict when your specific passphrase would be cracked, but you can establish an upper bound and an average (half of that upper bound). Theme by, How to Get Kids involved in Computer Science & Coding, Learn Python and Ethical Hacking from Scratch FULL free download [Updated], Things Ive learned from Effective Java Part 1, Dijkstras algorithm to find the shortest path, An Introduction to Term Frequency Inverse Document Frequency (tf-idf). Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. In our command above, we're using wlan1mon to save captured PMKIDs to a file called "galleria.pcapng." Sorry, learning. This should produce a PCAPNG file containing the information we need to attempt a brute-forcing attack, but we will need to convert it into a format Hashcat can understand. Your email address will not be published. 5 years / 100 is still 19 days. This should produce a PCAPNG file containing the information we need to attempt a brute-forcing attack, but we will need to convert it into a format Hashcat can understand. Alfa AWUSO36NH: https://amzn.to/3moeQiI, ================ (The fact that letters are not allowed to repeat make things a lot easier here. wps -a 1: The hybrid attackpassword.txt: wordlist?d?l?d?l= Mask (4 letters and numbers). Why are physically impossible and logically impossible concepts considered separate in terms of probability? ncdu: What's going on with this second size column? Support me: If we assume that your passphrase was randomly generated (not influenced by human selection factors), then some basic math and a couple of tools can get you most of the way there. Most of the time, this happens when data traffic is also being recorded. Then I fill 4 mandatory characters. > hashcat.exe -m 2500 -b -w 4 - b : run benchmark of selected hash-modes - m 2500 : hash mode - WPA-EAPOL-PBKDF2 - w 4 : workload profile 4 (nightmare) Just press [p] to pause the execution and continue your work. Simply type the following to install the latest version of Hashcat. Use of the original .cap and .hccapx formats is discouraged. Finally, we'll need to install Hashcat, which should be easy, as it's included in the Kali Linux repo by default. Once the PMKID is captured, the next step is to load the hash into Hashcat and attempt to crack the password. It will show you the line containing WPA and corresponding code. vegan) just to try it, does this inconvenience the caterers and staff? I'm not aware of a toolset that allows specifying that a character can only be used once. The first downside is the requirement that someone is connected to the network to attack it. Even if your network is vulnerable,a strong passwordis still the best defense against an attacker gaining access to your Wi-Fi network using this or another password cracking attack. Now we are ready to capture the PMKIDs of devices we want to try attacking. Asking for help, clarification, or responding to other answers. How should I ethically approach user password storage for later plaintext retrieval? Has 90% of ice around Antarctica disappeared in less than a decade? For example, if you have a GPU similar to my GTX 970 SC (which can do 185 kH/s for WPA/WPA2 using hashcat), you'll get something like the following: The resulting set of 2940 masks covers the set of all possibilities that match your constraints. Learn more about Stack Overflow the company, and our products. Save every day on Cisco Press learning products! The channel we want to scan on can be indicated with the-cflag followed by the number of the channel to scan. Hello everybody, I have a question. You can also upload WPA/WPA2 handshakes. Here, we can see weve gathered 21 PMKIDs in a short amount of time. Jump-start your hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from cybersecurity professionals. The explanation is that a novice (android ?) Does a barbarian benefit from the fast movement ability while wearing medium armor? 1 source for beginner hackers/pentesters to start out! hashcat v4.2.0 or higher This attack was discovered accidentally while looking for new ways to attack the new WPA3 security standard. How to crack a WPA2 Password using HashCat? - Stack Overflow $ wget https://wpa-sec.stanev.org/dict/cracked.txt.gz hashcat gpu If you want to perform a bruteforce attack, you will need to know the length of the password. -m 2500= The specific hashtype. Short story taking place on a toroidal planet or moon involving flying. To do this, type the following command into a terminal window, substituting the name of your wireless network adapter for wlan0. My router does not expose its PMKID, butit has a main private connection, and a "guest" connection for other customers on the go. Follow Up: struct sockaddr storage initialization by network format-string. If either condition is not met, this attack will fail. Make sure that you are aware of the vulnerabilities and protect yourself. Reverse brute-force attacks: trying to get the derivation key of the password using exhaustive research. This is rather easy. Disclaimer: Video is for educational purposes only. Similar to the previous attacks against WPA, the attacker must be in proximity to the network they wish to attack. Stack Exchange network consists of 181 Q&A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers. After plugging in your Kali-compatible wireless network adapter, you can find the name by typing ifconfig or ip a. :) Share Improve this answer Follow For each category we have binom(26, lower) * binom(26, upper) * binom(10, digits) possible selections of letters and 8! After executing the command you should see a similar output: Wait for Hashcat to finish the task. It is not possible for everyone every time to keep the system on and not use for personal work and the Hashcat developers understands this problem very well. Open up your Command Prompt/Terminal and navigate your location to the folder that you unzipped. So now you should have a good understanding of the mask attack, right ? Since version 6.0.0, hashcat accepts the new hash mode 22000: Difference between hash mode 22000 and hash mode 22001: In order to be able to use the hash mode 22000 to the full extent, you need the following tools: Optionally there is hcxlabtool, which you can use as an experienced user or in headless operation instead of hcxdumptool: https://github.com/ZerBea/wifi_laboratory, For users who don't want to struggle with compiling hcxtools from sources there is an online converter: https://hashcat.net/cap2hashcat/. fall first. WPA3 will be much harder to attack because of its modern key establishment protocol called "Simultaneous Authentication of Equals" (SAE). Second, we need at least 2 lowercase, 2 uppercase and 2 numbers. brute_force_attack [hashcat wiki] First, we'll install the tools we need. Make sure you learn how to secure your networks and applications. A list of the other attack modes can be found using the help switch. Big thanks to Cisco Meraki for sponsoring this video! No need to be sad if you dont have enough money to purchase thoseexpensive Graphics cardsfor this purpose you can still trycracking the passwords at high speedsusing the clouds. Brute-Force attack In addition, Hashcat is told how to handle the hash via the message pair field. On Windows, create a batch file "attack.bat", open it with a text editor, and paste the following: $ hashcat -m 22000 hash.hc22000 cracked.txt.gz on Windows add: $ pause Execute the attack using the batch file, which should be changed to suit your needs. So that's an upper bound. Next, we'll specify the name of the file we want to crack, in this case, "galleriaHC.16800." Is this attack still working?Im using it recently and it just got so many zeroed and useless_EAPOL packets (WPA2).: 5984PMKIDs (zeroed and useless): 194PMKIDs (not zeroed - total): 2PMKIDs (WPA2)..: 203PMKIDs from access points..: 2best handshakes (total).: 34 (ap-less: 23)best PMKIDs (total)..: 2, summary output file(s):-----------------------2 PMKID(s) written to sbXXXX.16800, 23:29:43 4 60f4455a0bf3 <-> b8ee0edcd642 MP:M1M2 RC:63833 EAPOLTIME:5009 (BTHub6-XXXX)23:32:59 8 c49ded1b9b29 <-> a00460eaa829 MP:M1M2 RC:63833 EAPOLTIME:83953 (BTHub6-TXXXT)23:42:50 6 2816a85a4674 <-> 50d4f7aadc93 MP:M1M2 RC:63833 EAPOLTIME:7735 (BTHub6-XXXX), 21:30:22 10 c8aacc11eb69 <-> e4a7c58fe46e PMKID:03a7d262d18dadfac106555cb02b3e5a (XXXX), Does anyone has any clue about this? Rather than using Aireplay-ng or Aircrack-ng, well be using a new wireless attack tool to do thiscalled hcxtools. Refresh the page, check Medium. To convert our PCAPNG file, we'll use hcxpcaptool with a few arguments specified. wifite This will most likely be your result too against any networks with a strong password but expect to see results here for networks using a weak password. Creating and restoring sessions with hashcat is Extremely Easy. :). Some people always uses UPPERCASE as the first character in their passwords, few lowercase letters and finishes with numbers. Discord: http://discord.davidbombal.com Then, change into the directory and finish the installation with make and then make install. Once you have a password list, put it in the same folder as the .16800 file you just converted, and then run the following command in a terminal window. If you get an error, try typingsudobefore the command. Well use hcxpcaptool to convert our PCAPNG file into one Hashcat can work with, leaving only the step of selecting a robust list of passwords for your brute-forcing attempts. We'll use hcxpcaptool to convert our PCAPNG file into one Hashcat can work with, leaving only the step of selecting a robust list of passwords for your brute-forcing attempts. How Intuit democratizes AI development across teams through reusability. By clicking Accept all cookies, you agree Stack Exchange can store cookies on your device and disclose information in accordance with our Cookie Policy. Notice that policygen estimates the time to be more than 1 year. I don't understand where the 4793 is coming from - as well, as the 61. Disclaimer: Video is for educational purposes only. The -Z flag is used for the name of the newly converted file for Hashcat to use, and the last part of the command is the PCAPNG file we want to convert. Why are trials on "Law & Order" in the New York Supreme Court? To learn more, see our tips on writing great answers. Stop making these mistakes on your resume and interview. Do new devs get fired if they can't solve a certain bug? In this command, we are starting Hashcat in 16800 mode, which is for attacking WPA-PMKID-PBKDF2 network protocols. The old way of cracking WPA2 has been around quite some time and involves momentarily disconnecting a connected device from the access point we want to try to crack. Now it will start working ,it will perform many attacks and after a few minutes it will the either give the password or the .cap file, 8.