diff --git a/wifite/attack/all.py b/wifite/attack/all.py index 220ac73..8fbd88e 100755 --- a/wifite/attack/all.py +++ b/wifite/attack/all.py @@ -54,7 +54,7 @@ class AttackAll(object): # WPA can have multiple attack vectors: # WPS - if target.wps: + if target.wps != False: if Configuration.wps_pixie: attacks.append(AttackWPS(target, pixie_dust=True)) if Configuration.wps_pin: diff --git a/wifite/attack/pmkid.py b/wifite/attack/pmkid.py index dbbf877..e55623c 100755 --- a/wifite/attack/pmkid.py +++ b/wifite/attack/pmkid.py @@ -62,8 +62,8 @@ class AttackPMKID(Attack): Returns: True if handshake is captured. False otherwise. ''' - # Skip if user only wants to run PixieDust attack - if Configuration.wps_only and self.target.wps: + # Skip if user only wants to attack WPS targets + if Configuration.wps_only and self.target.wps == False: Color.pl('\r{!} {O}Skipping PMKID attack on {R}%s{O} because {R}--wps-only{O} is set{W}' % self.target.essid) self.success = False return False diff --git a/wifite/attack/wpa.py b/wifite/attack/wpa.py index 13d6651..6e8c04d 100755 --- a/wifite/attack/wpa.py +++ b/wifite/attack/wpa.py @@ -27,15 +27,17 @@ class AttackWPA(Attack): def run(self): '''Initiates full WPA handshake capture attack.''' - if Configuration.use_pmkid_only: - self.success = False - return False - # Skip if user only wants to run PixieDust attack - if Configuration.wps_only and self.target.wps: + # Skip if target is not WPS + if Configuration.wps_only and self.target.wps == False: Color.pl('\r{!} {O}Skipping WPA-Handshake attack on {R}%s{O} because {R}--wps-only{O} is set{W}' % self.target.essid) self.success = False return self.success + # Skip if user only wants to run PMKID attack + if Configuration.use_pmkid_only: + self.success = False + return False + # Capture the handshake (or use an old one) handshake = self.capture_handshake() diff --git a/wifite/model/target.py b/wifite/model/target.py index e382da2..26e7925 100755 --- a/wifite/model/target.py +++ b/wifite/model/target.py @@ -60,7 +60,8 @@ class Target(object): self.essid = None # '(%s)' % self.bssid self.essid_known = False - self.wps = None + # False=No WPS, None=Locked WPS, True=Unlocked WPS + self.wps = False self.decloaked = False # If ESSID was hidden but we decloaked it. @@ -136,9 +137,9 @@ class Target(object): if self.wps == True: wps = Color.s('{G} yes') elif self.wps == False: - wps = Color.s('{R} no') - else: - wps = Color.s('{O} n/a') + wps = Color.s('{O} no') + elif self.wps is None: + wps = Color.s('{R}lock') clients = ' ' if len(self.clients) > 0: diff --git a/wifite/tools/airodump.py b/wifite/tools/airodump.py index 1ba18cd..f85015e 100755 --- a/wifite/tools/airodump.py +++ b/wifite/tools/airodump.py @@ -260,7 +260,7 @@ class Airodump(Dependency): result.append(target) elif 'WPA' in Configuration.encryption_filter and 'WPA' in target.encryption: result.append(target) - elif 'WPS' in Configuration.encryption_filter and target.wps: + elif 'WPS' in Configuration.encryption_filter and target.wps != False: result.append(target) elif skip_wps: result.append(target) diff --git a/wifite/tools/tshark.py b/wifite/tools/tshark.py index d6f59fb..6ef39a9 100755 --- a/wifite/tools/tshark.py +++ b/wifite/tools/tshark.py @@ -159,6 +159,7 @@ class Tshark(Dependency): capfile - .cap file from airodump containing packets targets - list of Targets from scan, to be updated ''' + from ..config import Configuration if not Tshark.exists(): raise ValueError('Cannot detect WPS networks: Tshark does not exist') @@ -183,24 +184,32 @@ class Tshark(Dependency): # Failure is acceptable return - bssids = set() + wps_bssids = set() + locked_bssids = set() for line in lines.split('\n'): if ',' not in line: continue bssid, locked = line.split(',') # Ignore if WPS is locked? if '1' not in locked: - bssids.add(bssid.upper()) + wps_bssids.add(bssid.upper()) + else: + locked_bssids.add(bssid.upper()) for t in targets: - t.wps = t.bssid.upper() in bssids + target_bssid = t.bssid.upper() + if target_bssid in wps_bssids: + t.wps = True + elif target_bssid in locked_bssids: + t.wps = None + else: + t.wps = False if __name__ == '__main__': test_file = './tests/files/contains_wps_network.cap' target_bssid = 'A4:2B:8C:16:6B:3A' - ''' from ..model.target import Target fields = [ 'A4:2B:8C:16:6B:3A', # BSSID @@ -219,6 +228,5 @@ if __name__ == '__main__': print('Target(BSSID={}).wps = {} (Expected: True)'.format(targets[0].bssid, targets[0].wps)) assert targets[0].wps == True - ''' print(Tshark.bssids_with_handshakes(test_file, bssid=target_bssid)) diff --git a/wifite/tools/wash.py b/wifite/tools/wash.py index 57e7afc..743e85e 100755 --- a/wifite/tools/wash.py +++ b/wifite/tools/wash.py @@ -36,22 +36,31 @@ class Wash(Dependency): except: # Failure is acceptable return - + # Find all BSSIDs - bssids = set() + wps_bssids = set() + locked_bssids = set() for line in lines.split('\n'): try: obj = json.loads(line) bssid = obj['bssid'] locked = obj['wps_locked'] if locked != True: - bssids.add(bssid) + wps_bssids.add(bssid) + else: + locked_bssids.add(bssid) except: pass # Update targets for t in targets: - t.wps = t.bssid.upper() in bssids + target_bssid = t.bssid.upper() + if target_bssid in wps_bssids: + t.wps = True + elif target_bssid in locked_bssids: + t.wps = None + else: + t.wps = False if __name__ == '__main__': test_file = './tests/files/contains_wps_network.cap' diff --git a/wifite/util/scanner.py b/wifite/util/scanner.py index 568fd34..f28108e 100755 --- a/wifite/util/scanner.py +++ b/wifite/util/scanner.py @@ -88,7 +88,7 @@ class Scanner(object): return False # No specific target from user. for target in self.targets: - if Configuration.wps_only and target.wps != True: + if Configuration.wps_only and target.wps == False: continue if bssid and target.bssid and bssid.lower() == target.bssid.lower(): self.target = target