diff --git a/wifite/args.py b/wifite/args.py index 7534fde..7891e41 100755 --- a/wifite/args.py +++ b/wifite/args.py @@ -159,6 +159,12 @@ class Arguments(object): wep.add_argument('--nofakeauth', help=argparse.SUPPRESS, action='store_true', dest='require_fakeauth') wep.add_argument('-nofakeauth', help=argparse.SUPPRESS, action='store_true', dest='require_fakeauth') + wep.add_argument('--keep-ivs', + action='store_true', + dest='wep_keep_ivs', + default=False, + help=Color.s('Retain .IVS files and reuse when cracking (default: {G}off{W})')) + wep.add_argument('--pps', action='store', dest='wep_pps', diff --git a/wifite/attack/wep.py b/wifite/attack/wep.py index 41acf80..f229fa1 100755 --- a/wifite/attack/wep.py +++ b/wifite/attack/wep.py @@ -37,6 +37,15 @@ class AttackWEP(Attack): replay_file = None airodump_target = None + previous_ivs = 0 + current_ivs = 0 + total_ivs = 0 + keep_ivs = Configuration.wep_keep_ivs + + # Clean up previous WEP sessions + if keep_ivs: + Airodump.delete_airodump_temp_files('wep') + attacks_remaining = list(Configuration.wep_attacks) while len(attacks_remaining) > 0: attack_name = attacks_remaining.pop(0) @@ -47,7 +56,8 @@ class AttackWEP(Attack): target_bssid=self.target.bssid, ivs_only=True, # Only capture IVs packets skip_wps=True, # Don't check for WPS-compatibility - output_file_prefix='wep') as airodump: + output_file_prefix='wep', + delete_existing_files=not keep_ivs) as airodump: Color.clear_line() Color.p('\r{+} {O}waiting{W} for target to appear...') @@ -81,7 +91,7 @@ class AttackWEP(Attack): replay_file=replay_file) time_unchanged_ivs = time.time() # Timestamp when IVs last changed - previous_ivs = 0 + last_ivs_count = 0 # Loop until attack completes. @@ -91,7 +101,12 @@ class AttackWEP(Attack): if client_mac is None and len(airodump_target.clients) > 0: client_mac = airodump_target.clients[0].station - total_ivs = airodump_target.ivs + if keep_ivs and current_ivs > airodump_target.ivs: + # We now have less IVS than before; A new attack must have started. + # Track how many we have in-total. + previous_ivs += total_ivs + current_ivs = airodump_target.ivs + total_ivs = previous_ivs + current_ivs status = "%d/{C}%d{W} IVs" % (total_ivs, Configuration.wep_crack_at_ivs) if fakeauth_proc: @@ -118,6 +133,9 @@ class AttackWEP(Attack): self.crack_result = CrackResultWEP(self.target.bssid, self.target.essid, hex_key, ascii_key) self.crack_result.dump() + + Airodump.delete_airodump_temp_files('wep') + self.success = True return self.success @@ -127,31 +145,26 @@ class AttackWEP(Attack): # Check number of IVs, crack if necessary if total_ivs > Configuration.wep_crack_at_ivs: - if not aircrack: + if not aircrack or not aircrack.is_running(): # Aircrack hasn't started yet. Start it. ivs_files = airodump.find_files(endswith='.ivs') + ivs_files.sort() if len(ivs_files) > 0: - aircrack = Aircrack(ivs_files[-1]) + if not keep_ivs: + ivs_files = ivs_files[-1] # Use most-recent .ivs file + aircrack = Aircrack(ivs_files) - elif not aircrack.is_running(): - # Aircrack stopped running. - #Color.pl('\n{+} {C}aircrack{W} stopped, restarting...') - ivs_files = airodump.find_files(endswith='ivs') - if len(ivs_files) > 0: - aircrack = Aircrack(ivs_files[-1]) - # TODO: Why do we need fakeauth when aircrack stops? - #self.fake_auth() - - ''' elif Configuration.wep_restart_aircrack > 0 and \ aircrack.pid.running_time() > Configuration.wep_restart_aircrack: # Restart aircrack after X seconds + #Color.pl('\n{+} {C}aircrack{W} ran for more than {C}%d{W} seconds, restarting' % Configuration.wep_restart_aircrack) aircrack.stop() ivs_files = airodump.find_files(endswith='.ivs') - Color.pl('\n{+} {C}aircrack{W} ran for more than {C}%d{W} seconds, restarting' % Configuration.wep_restart_aircrack) + ivs_files.sort() if len(ivs_files) > 0: - aircrack = Aircrack(ivs_files[-1]) - ''' + if not keep_ivs: + ivs_files = ivs_files[-1] # Use most-recent .ivs file + aircrack = Aircrack(ivs_files) if not aireplay.is_running(): @@ -186,6 +199,7 @@ class AttackWEP(Attack): 'forgedreplay', client_mac=client_mac, replay_file=replay_file) + time_unchanged_ivs = time.time() # Reset unchanged IVs time (it may have taken a while to forge the packet) continue else: # Failed to forge packet. drop out @@ -197,7 +211,7 @@ class AttackWEP(Attack): break # Continue to other attacks # Check if IVs stopped flowing (same for > N seconds) - if airodump_target.ivs > previous_ivs: + if airodump_target.ivs > last_ivs_count: time_unchanged_ivs = time.time() elif Configuration.wep_restart_stale_ivs > 0 and \ attack_name != 'chopchop' and \ @@ -214,7 +228,7 @@ class AttackWEP(Attack): client_mac=client_mac, \ replay_file=replay_file) time_unchanged_ivs = time.time() - previous_ivs = airodump_target.ivs + last_ivs_count = airodump_target.ivs time.sleep(1) continue @@ -223,11 +237,19 @@ class AttackWEP(Attack): except KeyboardInterrupt: if fakeauth_proc: fakeauth_proc.stop() if len(attacks_remaining) == 0: + if keep_ivs: + Airodump.delete_airodump_temp_files('wep') + self.success = False return self.success + if self.user_wants_to_stop(attack_name, attacks_remaining, airodump_target): + if keep_ivs: + Airodump.delete_airodump_temp_files('wep') + self.success = False return self.success + except Exception as e: Color.pl("\n{!} {R}Error: {O}%s" % str(e)) if Configuration.verbose > 0 or Configuration.print_stack_traces: @@ -243,6 +265,9 @@ class AttackWEP(Attack): # End of big try-catch # End of for-each-attack-type loop + if keep_ivs: + Airodump.delete_airodump_temp_files('wep') + self.success = False return self.success diff --git a/wifite/config.py b/wifite/config.py index 89eb4ac..101adc3 100755 --- a/wifite/config.py +++ b/wifite/config.py @@ -62,6 +62,7 @@ class Configuration(object): Configuration.wep_restart_aircrack = 30 # Seconds to give aircrack to crack # before restarting the process. Configuration.wep_crack_at_ivs = 10000 # Number of IVS to start cracking + Configuration.wep_keep_ivs = False # Retain .ivs files across multiple attacks. # WPA variables Configuration.wpa_filter = False # Only attack WPA networks @@ -187,6 +188,9 @@ class Configuration(object): if args.wep_restart_aircrack: Configuration.wep_restart_aircrack = args.wep_restart_aircrack Color.pl('{+} {C}option:{W} will restart aircrack every {G}%d seconds{W}' % args.wep_restart_aircrack) + if args.wep_keep_ivs: + Configuration.wep_keep_ivs = args.wep_keep_ivs + Color.pl('{+} {C}option:{W} keep .ivs files across multiple WEP attacks') # WPA if args.wpa_filter: