unable to use --filterlist about hcxdumptool HOT 17 CLOSED

First of all:
You are using an old version. Please do a git clone to get latest commit.
And from the help menu (-h)
--enable_status= : enable status messages
bitmask:
1: EAPOL
2: PROBEREQUEST/PROBERESPONSE
4: AUTHENTICATON
8: ASSOCIATION

In your case:
hcxdumptool -o test.pcapng -i wlan0mon --filterlist=list.txt --filtermode=2 --enable_status=3

--enable_status=3 means: you will get EAPOL and PROBEREQUEST/PROBERESPONSE
1 + 2 = 3 !!!!!!!

from hcxdumptool.

--filterlist=list.txt --filtermode=2
use filter list as target list in transmission branch
receive everything, only interact with APs and CLIENTs in range, from the filter list
That means:
interact only with the entries in the filter list (112233445566)
and(!)
receive complete traffic, but do not interact with the rest of the access points and clients out there.
So if hcxdumptool receive a handshake and/or PMKID it will save it to the capture file,
but it will not interact with other access points or the clients.

If you do not want this, you must use filter mode 3
That means:
interact only with the targets in the target list
and(!)
receive only traffic from entries of the target list!

from hcxdumptool.

i was having the same issue ....then i just specified "-o test.pcapng" and it worked....
Command:
hcxdumptool - o hash -i wlan0mon --filterlist=list.txt --filtermode=2 --enable_status -o test.pcapng

from hcxdumptool.

from hcxdumptool.

with this command :
hcxdumptool - o hash -i wlan0mon --filterlist=list.txt --filtermode=2 --enable_status -o test.pcapng

i get :

reading blacklist line 1 failed: XX:XX:XX:.....
failed to init globals

and again from the help menu:
--filterlist= : mac filter list
format: 112233445566 + comment

Wrong:
XX:XX:XX:XX:XX:XX

Correct:
112233445566

from hcxdumptool.

Thanks it works like a charm.

from hcxdumptool.

Nice to hear that.
Most of the reported issues are related to a misconfigured system, lack of driver support or wrong usage of the options.

from hcxdumptool.

bitmask:
1: EAPOL
2: PROBEREQUEST/PROBERESPONSE
4: AUTHENTICATON
8: ASSOCIATION

if i want to get all these bitmask in one command then?what should i use:
--enable_status=???

i have run it for atleast 10 mints but i am not getting the "pmkid found" message..
plz help me!!!! :(

from hcxdumptool.

First, answer yourself this questions:
does my driver support full monitor mode?
is the interface set to monitor mode?
are services like NetworkManager and wpa_supplicant stopped?
do I use the latest commit of hcxdumptool?
did I read help menu and README.md?
If you answered all with yes run:
sudo hcxdumptool -o test.hccapx -i -t 15 --enable-status=3

from hcxdumptool.

and if you would like to see all status messages use:
--enable-status=15
(1 +2 +4 +8)

from hcxdumptool.

--filterlist is not working! v5.0.0

from hcxdumptool.

you need at least 2 options: filterlist and filtermode
git clone latest commit
add target to filterlist

then use
--filterlist= --filtermode=x

--filterlist= : mac filter list
format: 112233445566 + comment
maximum line lenght 255, maximum entries 64
--filtermode= : mode for filter list
1: use filter list as protection list (default) in transmission branch
receive everything, interact with all APs and CLIENTs in range,
except(!) the ones from the filter list
2: use filter list as target list in transmission branch
receive everything, only interact with APs and CLIENTs in range,
from the filter list
3: use filter list as target list in receiving branch
only receive APs and CLIENTs in range,
from the filter list

from hcxdumptool.

This is my command:
hcxdumptool -o hash -i wlan1mon --filterlist=list.txt --filtermode=2 --enable_status=3
list.txt has only 1 MAC address in 112233445566 format, still hcxdumptool scans all APs. Thank you for replaying.

from hcxdumptool.

Its working sir!

from hcxdumptool.

That's great. Many users have asked for this feature, so I added filter mode 3 to hcxdumptool.

from hcxdumptool.

Need help with hcxdumptool on nethunter. When running command "hcxdumptool -i wlan0 -w pmkid.pcapng" it runs and pumps in pmkid.pcapng but if i add any more to the command like --filterlist_ap=my filter.txt --filternode=3 or --enable_status=1 it throws "2 errors during run time" "failed to arm interface" .

from hcxdumptool.

This options (--filterlist_ap=my filter.txt --filternode=3 or --enable_status=1) have been removed since v6.3.0.
From now on, it is mandatory to add a Berkeley Packet Filter (BPF) that do the entire filtering.
More information is here:
#343
#330
as well as here:
$ hcxdumptool --help
and in changelog:
https://github.com/ZerBea/hcxdumptool/blob/master/changelog#L83

from hcxdumptool.