alexandre/wifite2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

All config value can be set via arguments

Browse Source 
But not all config values are honored during attacks (whoops).
This commit is contained in:
derv82
2015-06-02 23:14:11 -07:00
parent 7148040199
commit 3faa01c9e8
6 changed files with 217 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
Wifite.py Normal file → Executable file
View File

6
py/Airmon.py
View File

@@ -134,6 +134,7 @@ class Airmon(object):
@staticmethod
def ask():
''' Asks user to define which wireless interface to use '''
Color.pl('\n{+} looking for {C}wireless interfaces{W}')
mon_ifaces = Airmon.get_interfaces_in_monitor_mode()
mon_count = len(mon_ifaces)
if mon_count == 1:
@@ -143,8 +144,13 @@ class Airmon(object):
% iface);
return iface
Color.pl('')
a = Airmon()
a.print_menu()
Color.pl('')
count = len(a.interfaces)
if count == 0:
# No interfaces found

181
py/Arguments.py
View File

@@ -3,99 +3,206 @@
import argparse
class Arguments(object):
def __init__(self):
self.args = self.get_arguments()
''' Holds arguments used by the Wifite '''
def __init__(self, Configuration):
self.args = self.get_arguments(Configuration)
def get_arguments(self, Configuration):
''' Returns parser.args() containing all program arguments '''
def get_arguments(self):
description = 'Wrapper script around aircrack-ng and reaver'
description += ' https://github.com/derv82/wifite'
parser = argparse.ArgumentParser(
description=description)
description += ' https://github.com/derv82/wifite2'
parser = argparse.ArgumentParser(description=description)
# Global variables
glob = parser.add_argument_group('SETTINGS')
glob.add_argument('-i',
action='store',
dest='interface',
metavar='interface',
metavar='[interface]',
type=str,
help='Wireless interface to use (default: ask)')
glob.add_argument('-c',
action='store',
dest='channel',
metavar='channel',
metavar='[channel]',
type=int,
help='Wireless channel to scan (default: all channels)')
glob.add_argument('-b',
action='store',
dest='target_bssid',
metavar='[bssid]',
type=str,
help='BSSID (e.g. AA:BB:CC:DD:EE:FF) of access point to attack')
glob.add_argument('-e',
action='store',
dest='target_essid',
metavar='[essid]',
type=str,
help='ESSID (name) of access point to attack')
# WEP
wep = parser.add_argument_group('WEP-RELATED')
wep.add_argument('--wep',
action='store_true',
dest='wep_filter',
help='Only show WEP-encrypted networks')
help='Filter to display WEP-encrypted networks (default: off)')
wep.add_argument('--require-fakeauth',
action='store_true',
dest='require_fakeauth',
help='Fails attacks if fake-authentication fails')
help='Fails attacks if fake-auth fails (default: off)')
wep.add_argument('-pps',
action='store',
dest='wep_pps',
metavar='[pps]',
type=int,
help='Packets Per Second to replay (default: %d pps)'
% Configuration.wep_pps)
wep.add_argument('-wept',
action='store',
dest='wep_timeout',
metavar='[seconds]',
type=int,
help='Seconds to wait before failing (default: %d ivs)'
% Configuration.wep_timeout)
wep.add_argument('-wepc',
action='store',
dest='wep_crack_at_ivs',
metavar='[ivs]',
type=int,
help='Start cracking at this many IVs (default: %d ivs)'
% Configuration.wep_crack_at_ivs)
wep.add_argument('-weprs',
action='store',
dest='wep_restart_stale_ivs',
metavar='[seconds]',
type=int,
help='Restart aireplay if no new IVs appear (default: %ds)'
% Configuration.wep_restart_stale_ivs)
wep.add_argument('-weprc',
action='store',
dest='wep_restart_aircrack',
metavar='[seconds]',
type=int,
help='Restart aircrack after this delay (default: %ds)'
% Configuration.wep_restart_aircrack)
# WPA
wpa = parser.add_argument_group('WPA-RELATED')
wpa.add_argument('--wpa',
action='store_true',
dest='wpa_filter',
help='Only show WPA-encrypted networks')
help='Filter to display WPA-encrypted networks (includes WPS)')
wpa.add_argument('-wpadt',
action='store',
dest='wpa_deauth_timeout',
metavar='[seconds]',
type=int,
help='Time to wait before failing a Deauth (default: %ds)'
% Configuration.wpa_deauth_timeout)
wpa.add_argument('-wpat',
action='store',
dest='wpa_attack_timeout',
metavar='[seconds]',
type=int,
help='Time to wait before failing WPA attack (default: %ds)'
% Configuration.wpa_attack_timeout)
wpa.add_argument('-hs',
action='store',
dest='wpa_handshake_dir',
metavar='[dir]',
type=str,
help='Directory to store handshake files (default: %s)'
% Configuration.wpa_handshake_dir)
wpa.add_argument('--dict',
action='store',
dest='wordlist',
metavar='[file]',
type=str,
help='File containing passwords for cracking (default: %s)'
% Configuration.wordlist)
# WPS
wps = parser.add_argument_group('WPS-RELATED')
wps.add_argument('--wps',
action='store_true',
dest='wps_filter',
help='Only show WPA networks with WPS enabled')
help='Filter to display WPS-enabled networks')
wps.add_argument('--reaver',
action='store_true',
dest='reaver_only',
help='Only use Reaver on WPS networks (no handshake attack)')
help='ONLY use Reaver on WPS networks (default: off)')
wps.add_argument('--no-reaver',
action='store_true',
dest='no_reaver',
help='Do NOT use Reaver on WPS networks (handshake only)')
help='Do NOT use Reaver on WPS networks (default: off)')
wps.add_argument('--pixie',
action='store_true',
dest='pixie_only',
help='Only use the WPS Pixie-Dust attack (do not crack PINs)')
help='Only use the WPS Pixie-Dust attack (default: off)')
wps.add_argument('--pixiet',
action='store',
dest='wps_pixie_timeout',
metavar='[seconds]',
type=int,
help='Time to wait before stopping PixieDust (default: %ds)'
% Configuration.wps_pixie_timeout)
wps.add_argument('-wpst',
action='store',
dest='wps_pin_timeout',
metavar='[seconds]',
type=int,
help='Time to wait before stopping PIN attack (default: %ds)'
% Configuration.wps_pin_timeout)
wps.add_argument('-wpsmr',
action='store',
dest='wps_max_retries',
metavar='[retries]',
type=int,
help='Maximum number of Retries before stopping (default: %d)'
% Configuration.wps_max_retries)
wps.add_argument('-wpsmf',
action='store',
dest='wps_fail_threshold',
metavar='[fails]',
type=int,
help='Maximum number of Failures before stopping (default: %d)'
% Configuration.wps_fail_threshold)
wps.add_argument('-wpsmt',
action='store',
dest='wps_timeout_threshold',
metavar='[timeouts]',
type=int,
help='Maximum number of Timeouts before stopping (default: %d)'
% Configuration.wps_timeout_threshold)
wps.add_argument('--ignore-ratelimit',
action='store_false',
dest='wps_ignore_rate_limit',
help='Continues attack if WPS is rate-limited (default: off)')
# Cracking
crack = parser.add_argument_group('CRACKING')
crack.add_argument('--cracked',
# Commands
commands = parser.add_argument_group('COMMANDS')
commands.add_argument('--cracked',
action='store_true',
dest='cracked',
help='Display previously-cracked access points')
crack.add_argument('--check',
commands.add_argument('--check-hs',
action='store',
metavar='[file]',
dest='check',
dest='check_handshake',
help='Check a .cap file for WPA handshakes')
crack.add_argument('--crack-wpa',
commands.add_argument('--crack-wpa',
action='store',
type=str,
dest='crackwpa',
dest='crack_wpa',
metavar='[file]',
help='Crack a .cap file containing a WPA handshake')
crack.add_argument('--crack-wep',
commands.add_argument('--crack-wep',
action='store',
type=str,
dest='crackwep',
dest='crack_wep',
metavar='[file]',
help='Crack a .cap file containing WEP IVS')
crack.add_argument('--dict',
action='store',
type=str,
dest='wordlist',
metavar='[file]',
help='Dictionary/wordlist to use for cracking')
# Misc
commands = parser.add_argument_group('FUNCTIONS')
commands.add_argument('--update',
action='store_true',
dest='update',
@@ -104,7 +211,11 @@ class Arguments(object):
return parser.parse_args()
if __name__ == '__main__':
a = Arguments()
from Color import Color
from Configuration import Configuration
Configuration.initialize()
a = Arguments(Configuration)
args = a.args
print args
for (key,value) in sorted(args.__dict__.iteritems()):
Color.pl('{C}%s: {G}%s{W}' % (key.ljust(21),value))

7
py/AttackWPA.py
View File

@@ -23,6 +23,13 @@ class AttackWPA(Attack):
'''
Initiates full WPA hanshake capture attack.
'''
# Check if user only wants to run PixieDust attack
if Configuration.pixie_only and self.target.wps:
Color.pl('{!} {O}--pixie{R} set, ignoring WPA-handshake attack')
self.success = False
return self.success
# First, start Airodump process
with Airodump(channel=self.target.channel,
target_bssid=self.target.bssid,

4
py/AttackWPS.py
View File

@@ -35,7 +35,7 @@ class AttackWPS(Attack):
' support the {O}WPS pixie-dust attack{W}')
if Configuration.pixie_only:
Color.pl('{!} {O}--pixie-only{R} set, ignoring WPS-PIN attack{W}')
Color.pl('{!} {O}--pixie{R} set, ignoring WPS-PIN attack{W}')
self.success = False
else:
# Run WPS-PIN attack
@@ -136,7 +136,7 @@ class AttackWPS(Attack):
break
# TODO: Timeout check
if reaver.running_time() > Configuration.wps_timeout:
if reaver.running_time() > Configuration.wps_pixie_timeout:
Color.pl('{R}failed: {O}timeout after %d seconds{W}' % Configuration.wps_timeout)
break

67
py/Configuration.py
View File

@@ -2,18 +2,8 @@
import os
'''
--wep : Target WEP networks
--wpa : Target WPA networks
--wps : Target WPS networks
^ Can be combined
--no-reaver : Do not use reaver on WPS networks
--reaver : Only use reaver on WPS networks
'''
class Configuration(object):
''' Stores configuration variables for Wifite. '''
''' Stores configuration variables and functions for Wifite. '''
initialized = False # Flag indicating config has been initialized
temp_dir = None # Temporary directory
@@ -80,34 +70,74 @@ class Configuration(object):
Configuration.no_reaver = False # Do not use Reaver on WPS networks
Configuration.reaver = False # ONLY use Reaver on WPS networks
Configuration.pixie_only = False # ONLY use Pixie-Dust attack on WPS
Configuration.wps_timeout = 600 # Seconds to wait before failing
Configuration.wps_pin_timeout = 600 # Seconds to wait before reaver fails
Configuration.wps_pixie_timeout = 600 # Seconds to wait before pixie fails
Configuration.wps_max_retries = 20 # Retries before failing
Configuration.wps_fail_threshold = 30 # Max number of failures
Configuration.wps_timeout_threshold = 30 # Max number of timeouts
Configuration.wps_skip_rate_limit = True # Skip rate-limited WPS APs
# Commands
Configuration.cracked = False
Configuration.check_handshake = None
Configuration.crack_wpa = None
Configuration.crack_wep = None
Configuration.update = False
# Overwrite config values with arguments (if defined)
Configuration.load_from_arguments()
@staticmethod
def load_from_arguments():
from Arguments import Arguments
args = Arguments().args
''' Sets configuration values based on Argument.args object '''
from Arguments import Arguments
args = Arguments(Configuration).args
if args.channel: Configuration.target_channel = args.channel
if args.interface: Configuration.interface = args.interface
if args.target_bssid: Configuration.target_bssid = args.target_bssid
if args.target_essid: Configuration.target_essid = args.target_essid
# WEP
if args.wep_filter: Configuration.wep_filter = args.wep_filter
if args.wep_pps: Configuration.wep_pps = args.wep_pps
if args.wep_timeout: Configuration.wep_timeout = args.wep_timeout
if args.require_fakeauth: Configuration.require_fakeauth = False
if args.wep_crack_at_ivs:
Configuration.wep_crack_at_ivs = args.wep_crack_at_ivs
if args.wep_restart_stale_ivs:
Configuration.wep_restart_stale_ivs = args.wep_restart_stale_ivs
if args.wep_restart_aircrack:
Configuration.wep_restart_aircrack = args.wep_restart_aircrack
# WPA
if args.wpa_filter: Configuration.wpa_filter = args.wpa_filter
if args.wordlist: Configuration.wordlist = args.wordlist
if args.wpa_deauth_timeout:
Configuration.wpa_deauth_timeout = args.wpa_deauth_timeout
if args.wpa_attack_timeout:
Configuration.wpa_attack_timeout = args.wpa_attack_timeout
if args.wpa_handshake_dir:
Configuration.wpa_handshake_dir = args.wpa_handshake_dir
# WPS
if args.wps_filter: Configuration.wps_filter = args.wps_filter
if args.no_reaver: Configuration.no_reaver = args.no_reaver
if args.reaver_only: Configuration.reaver_only = args.reaver_only
if args.no_reaver: Configuration.no_reaver = args.no_reaver
if args.pixie_only: Configuration.pixie_only = args.pixie_only
if args.wps_pixie_timeout:
Configuration.wps_pixie_timeout = args.wps_pixie_timeout
if args.wps_pin_timeout:
Configuration.wps_pin_timeout = args.wps_pin_timeout
if args.wps_max_retries:
Configuration.wps_max_retries = args.wps_max_retries
if args.wps_fail_threshold:
Configuration.wps_fail_threshold = args.wps_fail_threshold
if args.wps_timeout_threshold:
Configuration.wps_timeout_threshold = args.wps_timeout_threshold
if args.wps_ignore_rate_limit:
Configuration.wps_skip_rate_limit = not args.wps_ignore_rate_limit
# Adjust encryption filter
if Configuration.wep_filter or \
@@ -119,6 +149,13 @@ class Configuration(object):
if Configuration.wpa_filter: Configuration.encryption_filter.append('WPA')
if Configuration.wps_filter: Configuration.encryption_filter.append('WPS')
# Commands
if args.cracked: Configuration.show_cracked = True
if args.crack_wpa: Configuration.crack_wpa = args.crack_wpa
if args.crack_wep: Configuration.crack_wep = args.crack_wep
if args.update: Configuration.update = True
if args.check_handshake: Configuration.check_handshake = args.check_handshake
if Configuration.interface == None:
# Interface wasn't defined, select it!
from Airmon import Airmon