Updating README for latest developments.
This commit is contained in:
derv82
101
README.md
101
README.md
@@ -1,38 +1,92 @@
|
||||
Wifite 2
|
||||
========
|
||||
|
||||
A complete re-write of [`wifite`](https://github.com/derv82/wifite), a Python script for auditing wireless networks.
|
||||
|
||||
What's new?
|
||||
-----------
|
||||
* Cleaner process management -- No longer leaves processes running in the background.
|
||||
* UX: Target access points are refreshed every second instead of every 5 seconds.
|
||||
* UX: Displays realtime Power level (in db) of currently-attacked target
|
||||
* No more WPS PIN attack (which can take days on-average). But the Pixie-Dust attack is still around.
|
||||
* Development: Lots of files instead of "one big script".
|
||||
Wifite runs existing wireless-auditing tools for you. Stop memorizing command arguments & switches!
|
||||
|
||||
What's new in Wifite2?
|
||||
----------------------
|
||||
|
||||
* **Less bugs**
|
||||
* Cleaner process management. Does not leave processes running in the background (the old `wifite` was bad about this).
|
||||
* No longer "one monolithic script". Has working unit tests. Pull requests are less-painful!
|
||||
* **Speed**
|
||||
* Target access points are refreshed every second instead of every 5 seconds.
|
||||
* **Accuracy**
|
||||
* Displays realtime Power level of currently-attacked target.
|
||||
* Displays more information during an attack (e.g. % during WEP chopchop attacks, Pixie-Dust step index, etc)
|
||||
* **Educational**
|
||||
* The `--verbose` option (expandable to `-vv` or `-vvv`) shows which commands are executed & the output of those commands.
|
||||
* This can help debug why Wifite is not working for you. Or so you can learn how these tools are used.
|
||||
* Actively developed (as of March 2018).
|
||||
* Python 3 support.
|
||||
* Sweet new ASCII banner.
|
||||
|
||||
What's gone in Wifite2?
|
||||
-----------------------
|
||||
|
||||
* No more WPS PIN attack, because it can take days on-average.
|
||||
* However, the Pixie-Dust attack is still an option.
|
||||
* Some command-line arguments (`--wept`, `--wpst`, and other confusing switches).
|
||||
* You can still access some of these, try `./Wifite.py -h -v`
|
||||
|
||||
What's not new?
|
||||
---------------
|
||||
* Backwards compatibility with the original `wifite`'s arguments.
|
||||
|
||||
* (Mostly) Backwards compatibile with the original `wifite`'s arguments.
|
||||
* Same text-based interface everyone knows and loves.
|
||||
|
||||
Brief Feature List
|
||||
------------------
|
||||
* Reaver Pixie-Dust attack (`--wps-only`)
|
||||
* WPA handshake capture (`--no-wps`)
|
||||
* Validates handshakes against `pyrit`, `tshark`, `cowpatty`, and `aircrack-ng`
|
||||
* Various WEP attacks (replay, chopchop, fragment, etc)
|
||||
* 5Ghz support for wireless cards that support 5ghz (use `-5` option)
|
||||
* Stores cracked passwords and handshakes to the current directory, with metadata about the access point (via `--cracked` command).
|
||||
* Decloaks hidden access points when channel is fixed (use `-c <channel>` option)
|
||||
* Provides commands to crack captured WPA handshakes (via `--crack` command)
|
||||
|
||||
Support
|
||||
-------
|
||||
Wifite2 is designed entirely for the latest version of Kali Rolling release (tested on Kali 2017.2, updated Jan 2018).
|
||||
* Reaver (or `-bully`) Pixie-Dust attack (enabled by-default, force with: `--wps-only`)
|
||||
* WPA handshake capture (enabled by-default, force with: `--no-wps`)
|
||||
* Validates handshakes against `pyrit`, `tshark`, `cowpatty`, and `aircrack-ng` (when available)
|
||||
* Various WEP attacks (replay, chopchop, fragment, hirte, p0841, caffe-latte)
|
||||
* Automatically decloaks hidden access points while scanning or attacking.
|
||||
* Note: Only works when channel is fixed. Use the `-c <channel>` switch.
|
||||
* Disable this via `--no-deauths` switch
|
||||
* 5Ghz support for some wireless cards (via `-5` switch).
|
||||
* Note: Some tools don't play well on 5GHz channels (e.g. `aireplay-ng`)
|
||||
* Stores cracked passwords and handshakes to the current directory (`--cracked`)
|
||||
* Includes metadata about the access point.
|
||||
* Provides commands to crack captured WPA handshakes (`--crack`)
|
||||
* Includes all commands needed to crack using `aircrack-ng`, `john`, `hashcat`, or `pyrit`.
|
||||
|
||||
This means only the latest versions of these programs are supported: Aircrack-ng suite, reaver, tshark, cowpatty.
|
||||
Linux Distribution Support
|
||||
--------------------------
|
||||
|
||||
Other pen-testing distributions (such as BackBox) have outdated versions of these suites; these distributions are not supported.
|
||||
Wifite2 is designed specifically for the latest version of **Kali**'s rolling release (tested on Kali 2017.2, updated Jan 2018).
|
||||
|
||||
Other pen-testing distributions (such as BackBox) have outdated versions of the tools used by Wifite; these distributions are not supported.
|
||||
|
||||
Required Tools
|
||||
--------------
|
||||
|
||||
Only the latest versions of these programs are supported:
|
||||
|
||||
**Required:**
|
||||
|
||||
* `iwconfig`: For identifying wireless devices already in Monitor Mode.
|
||||
* `ifconfig`: For starting/stopping wireless devices.
|
||||
* `Aircrack-ng` suite, includes:
|
||||
* `aircrack-ng`: For cracking WEP .cap files and and WPA handshake captures.
|
||||
* `aireplay-ng`: For deauthing access points, replaying capture files, various WEP attacks.
|
||||
* `airmon-ng`: For enumerating and enabling Monitor Mode on wireless devices.
|
||||
* `airodump-ng`: For target scanning & capture file generation.
|
||||
* `packetforge-ng`: For forging capture files.
|
||||
|
||||
**Optional, but Recommended:**
|
||||
|
||||
* `tshark`: For detecting WPS networks and inspecting handshake capture files.
|
||||
* `reaver`: For WPS Pixie-Dust attacks.
|
||||
* Note: Reaver's `wash` tool can be used to detect WPS networks if `tshark` is not found.
|
||||
* `bully`: For WPS Pixie-Dust attacks.
|
||||
* Alternative to Reaver. Specify `--bully` to use Bully instead of Reaver.
|
||||
* Bully is also used to fetch PSK if `reaver` cannot after cracking WPS PIN.
|
||||
* `cowpatty`: For detecting handshake captures.
|
||||
* `pyrit`: For detecting handshake captures.
|
||||
|
||||
Installing & Running
|
||||
--------------------
|
||||
@@ -45,6 +99,11 @@ cd wifite2
|
||||
Screenshots
|
||||
-----------
|
||||
|
||||
Cracking WPS PIN using `reaver`'s Pixie-Dust attack, then retrieving WPA PSK using `bully`:
|
||||
|
||||
|
||||
-------------
|
||||
|
||||
Decloaking & cracking a hidden access point (via the WPA Handshake attack):
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user