Native format of Hashcat password "recovery" utility.
A sample of file for testing can be downloaded from https://web.archive.org/web/20150220013635if_/http://hashcat.net:80/misc/example_hashes/hashcat.hccap
This page hosts a formal specification of Hashcat capture file (old version) using Kaitai Struct. This specification can be automatically translated into a variety of programming languages to get a parsing library.
All parsing code for Java generated by Kaitai Struct depends on the Java runtime library. You have to install it before you can parse data.
The Java runtime library is published in the Maven Central Repository. Refer to the artifact page for instructions how to add it into your project with the build tool that you use.
Parse a local file and get structure in memory:
Hccap data = Hccap.fromFile("path/to/local/file.hccap");
Or parse structure from a byte array:
byte[] someArray = new byte[] { ... };
Hccap data = new Hccap(new ByteBufferKaitaiStream(someArray));
After that, one can get various attributes from the structure by invoking getter methods like:
data.records() // => get records
// This is a generated file! Please edit source .ksy file and use kaitai-struct-compiler to rebuild
import io.kaitai.struct.ByteBufferKaitaiStream;
import io.kaitai.struct.KaitaiStruct;
import io.kaitai.struct.KaitaiStream;
import java.io.IOException;
import java.util.ArrayList;
/**
* Native format of Hashcat password "recovery" utility.
*
* A sample of file for testing can be downloaded from
* <https://web.archive.org/web/20150220013635if_/http://hashcat.net:80/misc/example_hashes/hashcat.hccap>
* @see <a href="https://hashcat.net/wiki/doku.php?id=hccap">Source</a>
*/
public class Hccap extends KaitaiStruct {
public static Hccap fromFile(String fileName) throws IOException {
return new Hccap(new ByteBufferKaitaiStream(fileName));
}
public Hccap(KaitaiStream _io) {
this(_io, null, null);
}
public Hccap(KaitaiStream _io, KaitaiStruct _parent) {
this(_io, _parent, null);
}
public Hccap(KaitaiStream _io, KaitaiStruct _parent, Hccap _root) {
super(_io);
this._parent = _parent;
this._root = _root == null ? this : _root;
_read();
}
private void _read() {
this.records = new ArrayList<HccapRecord>();
{
int i = 0;
while (!this._io.isEof()) {
this.records.add(new HccapRecord(this._io, this, _root));
i++;
}
}
}
public static class HccapRecord extends KaitaiStruct {
public static HccapRecord fromFile(String fileName) throws IOException {
return new HccapRecord(new ByteBufferKaitaiStream(fileName));
}
public HccapRecord(KaitaiStream _io) {
this(_io, null, null);
}
public HccapRecord(KaitaiStream _io, Hccap _parent) {
this(_io, _parent, null);
}
public HccapRecord(KaitaiStream _io, Hccap _parent, Hccap _root) {
super(_io);
this._parent = _parent;
this._root = _root;
_read();
}
private void _read() {
this.essid = this._io.readBytes(36);
this.macAp = this._io.readBytes(6);
this.macStation = this._io.readBytes(6);
this.nonceStation = this._io.readBytes(32);
this.nonceAp = this._io.readBytes(32);
this._raw_eapolBuffer = this._io.readBytes(256);
KaitaiStream _io__raw_eapolBuffer = new ByteBufferKaitaiStream(_raw_eapolBuffer);
this.eapolBuffer = new EapolDummy(_io__raw_eapolBuffer, this, _root);
this.lenEapol = this._io.readU4le();
this.keyver = this._io.readU4le();
this.keymic = this._io.readBytes(16);
}
private byte[] eapol;
public byte[] eapol() {
if (this.eapol != null)
return this.eapol;
KaitaiStream io = eapolBuffer()._io();
long _pos = io.pos();
io.seek(0);
this.eapol = io.readBytes(lenEapol());
io.seek(_pos);
return this.eapol;
}
private byte[] essid;
private byte[] macAp;
private byte[] macStation;
private byte[] nonceStation;
private byte[] nonceAp;
private EapolDummy eapolBuffer;
private long lenEapol;
private long keyver;
private byte[] keymic;
private Hccap _root;
private Hccap _parent;
private byte[] _raw_eapolBuffer;
public byte[] essid() { return essid; }
/**
* The BSSID (MAC address) of the access point
*/
public byte[] macAp() { return macAp; }
/**
* The MAC address of a client connecting to the access point
*/
public byte[] macStation() { return macStation; }
/**
* Nonce (random salt) generated by the client connecting to the access point.
*/
public byte[] nonceStation() { return nonceStation; }
/**
* Nonce (random salt) generated by the access point.
*/
public byte[] nonceAp() { return nonceAp; }
/**
* Buffer for EAPOL data, only first `len_eapol` bytes are used
*/
public EapolDummy eapolBuffer() { return eapolBuffer; }
/**
* Size of EAPOL data
*/
public long lenEapol() { return lenEapol; }
/**
* The flag used to distinguish WPA from WPA2 ciphers. Value of
* 1 means WPA, other - WPA2.
*/
public long keyver() { return keyver; }
/**
* The final hash value. MD5 for WPA and SHA-1 for WPA2
* (truncated to 128 bit).
*/
public byte[] keymic() { return keymic; }
public Hccap _root() { return _root; }
public Hccap _parent() { return _parent; }
public byte[] _raw_eapolBuffer() { return _raw_eapolBuffer; }
}
public static class EapolDummy extends KaitaiStruct {
public static EapolDummy fromFile(String fileName) throws IOException {
return new EapolDummy(new ByteBufferKaitaiStream(fileName));
}
public EapolDummy(KaitaiStream _io) {
this(_io, null, null);
}
public EapolDummy(KaitaiStream _io, Hccap.HccapRecord _parent) {
this(_io, _parent, null);
}
public EapolDummy(KaitaiStream _io, Hccap.HccapRecord _parent, Hccap _root) {
super(_io);
this._parent = _parent;
this._root = _root;
_read();
}
private void _read() {
}
private Hccap _root;
private Hccap.HccapRecord _parent;
public Hccap _root() { return _root; }
public Hccap.HccapRecord _parent() { return _parent; }
}
private ArrayList<HccapRecord> records;
private Hccap _root;
private KaitaiStruct _parent;
public ArrayList<HccapRecord> records() { return records; }
public Hccap _root() { return _root; }
public KaitaiStruct _parent() { return _parent; }
}