API Documentation

This Public / Open API allows users to submit WPA capture files (only) for processing and receive results via email. By using this API, you agree to the Terms & Conditions.

API Usage

To upload and process your file, use the following command:

curl -X POST -F "[email protected]" -F "file=@/path/to/your/file" https://api.onlinehashcrack.com

Note: Files should be in .cap, .pcap, or .pcapng format, max size 200 MB. The tool will automatically select the best PMKID or EAPOL.

Example Request

curl -X POST -F "[email protected]" -F "file=@/path/to/your/file" https://api.onlinehashcrack.com
																	
import requests
url = 'https://api.onlinehashcrack.com'
files = {'file': open('/path/to/your/file', 'rb')}
data = {'email': '[email protected]'}

response = requests.post(url, files=files, data=data)
print(response.text)

Response Format

The API returns a JSON response with the following structure.

Response Structure (batch summary)

The response is organized into three buckets: accepted, skipped, and rejected. Each bucket contains a count and a list of hashes (masked, e.g. 1AAB...5CC8).

  • accepted: hashes successfully added to the dashboard
  • skipped: hashes ignored because they were already submitted (reason: already_sent)
  • rejected: hashes refused due to an error (see reason)

Sample Response

{
	"accepted": {
		"count": 1,
		"hashes": [
			"WPA...5CC1"
		]
	},
	"skipped": {
		"count": 1,
		"reason": "already_sent",
		"hashes": [
			"WPA...5CC2"
		]
	},
	"rejected": {
		"count": 1,
		"hashes": [
			"WPA...C03"
		],
		"reason": "invalid_format"
	}
	"notice" => "By using this API to submit files for processing, you confirm that you are
	the legitimate owner of the data or have obtained explicit authorization to perform this analysis.
	All usage must comply with our Terms & Conditions: https://www.onlinehashcrack.com/terms-conditions.php.
	Unauthorized or unlawful use of this service is prohibited and may result in service suspension or account termination.",
		
	"next_steps" => "Results are available in your OnlineHashCrack dashboard: https://app.onlinehashcrack.com/tasks.
	If this is your first submission, an account has been created for your email address.
	You can access your results by visiting the dashboard and claiming your account."
}

Notes

  • hashes are masked for safety and are provided only for quick correlation in logs.
  • *.count is the number of tasks added or skipped or rejected.
  • rejected.reason is null when nothing was rejected, otherwise it contains an error code such as invalid_format or invalid_algorithm.

Optional Tool

For bulk uploads, consider using wlancap2wpasec:

wlancap2wpasec -u https://api.onlinehashcrack.com -e [email protected] wifidump.cap

Find more details and download options on the GitHub page.

Additional Algorithms

If you require additional algorithms such as NTLM, MD5, and others, please access the Private API available here.

Terms of Service

Using this API implies acceptance of our Terms & Conditions. Non-compliance may result in service termination and legal action.