diff --git a/wifite/attack/wep.py b/wifite/attack/wep.py index 7934d35..39b1a03 100755 --- a/wifite/attack/wep.py +++ b/wifite/attack/wep.py @@ -85,6 +85,10 @@ class AttackWEP(Attack): while True: airodump_target = self.wait_for_target(airodump) + + if client_mac is None and len(airodump_target.clients) > 0: + client_mac = airodump_target.clients[0].station + status = "%d/{C}%d{W} IVs" % (airodump_target.ivs, Configuration.wep_crack_at_ivs) if fakeauth_proc: if fakeauth_proc and fakeauth_proc.status: @@ -154,7 +158,7 @@ class AttackWEP(Attack): # If .xor is not there, the process failed. Color.pl('\n{!} {O}%s attack{R} did not generate a .xor file' % attack_name) # XXX: For debugging - Color.pl('{?} {O}Command: {R}%s{W}' % aireplay.cmd) + Color.pl('{?} {O}Command: {R}%s{W}' % " ".join(aireplay.cmd)) Color.pl('{?} {O}Output:\n{R}%s{W}' % aireplay.get_output()) break @@ -179,8 +183,8 @@ class AttackWEP(Attack): break else: Color.pl('\n{!} {O}aireplay-ng exited unexpectedly{W}') - Color.pl('{?} {O}Command: {R}%s{W}' % aireplay.cmd) - Color.pl('{?} {O}Output:\n%s{W}' % aireplay.get_output()) + Color.pl('{?} {O}Command: {R}%s{W}' % " ".join(aireplay.cmd)) + Color.pl('{?} {O}Output:\n{R}%s{W}' % aireplay.get_output()) break # Continue to other attacks # Check if IVs stopped flowing (same for > N seconds) diff --git a/wifite/tools/aireplay.py b/wifite/tools/aireplay.py index c0c71d2..b9c1e01 100755 --- a/wifite/tools/aireplay.py +++ b/wifite/tools/aireplay.py @@ -90,17 +90,25 @@ class Aireplay(Thread): def get_output(self): ''' Returns stdout from aireplay process ''' - return self.pid.stdout() + return self.stdout def run(self): + self.stdout = '' + self.xor_percent = '0%' while self.pid.poll() is None: time.sleep(0.1) if not os.path.exists(self.output_file): continue # Read output file & clear output file with open(self.output_file, "r+") as fid: lines = fid.read() + self.stdout += lines fid.seek(0) fid.truncate() + + if Configuration.verbose > 1 and lines.strip() != '': + from ..util.color import Color + Color.pl('\n{P} [?] aireplay output:\n %s{W}' % lines.strip().replace('\n', '\n ')) + for line in lines.split("\n"): line = line.replace("\r", "").strip() if line == "": continue @@ -124,33 +132,85 @@ class Aireplay(Thread): self.status = True elif self.attack_type == WEPAttackType.chopchop: # Look for chopchop status. Potential output lines: + # (START) Read 178 packets... read_re = re.compile(r"Read (\d+) packets") matches = read_re.match(line) if matches: self.status = "Waiting for packet (read %s)..." % matches.group(1) + + # Sent 1912 packets, current guess: 70... + sent_re = re.compile(r"Sent (\d+) packets, current guess: (\w+)...") + matches = sent_re.match(line) + if matches: + self.status = "Generating .xor (%s)... current guess: %s" % (self.xor_percent, matches.group(2)) + # (DURING) Offset 52 (54% done) | xor = DE | pt = E0 | 152 frames written in 2782ms offset_re = re.compile(r"Offset.*\(\s*(\d+%) done\)") matches = offset_re.match(line) if matches: - self.status = "Generating Xor (%s)" % matches.group(1) + self.xor_percent = matches.group(1) + self.status = "Generating .xor (%s)..." % matches.group(1) + # (DONE) Saving keystream in replay_dec-0516-202246.xor saving_re = re.compile(r"Saving keystream in (.*\.xor)") matches = saving_re.match(line) if matches: self.status = matches.group(1) - pass + + # (ERROR) fakeauth required + if 'try running aireplay-ng in authenticated mode' in line: + self.status = 'fakeauth is required and you are not authenticated' + elif self.attack_type == WEPAttackType.fragment: - # TODO: Parse fragment output, update self.status + # Parse fragment output, update self.status + + # (START) Read 178 packets... + read_re = re.compile(r"Read (\d+) packets") + matches = read_re.match(line) + if matches: + self.status = "Waiting for packet (read %s)..." % matches.group(1) + # 01:08:15 Waiting for a data packet... + if 'Waiting for a data packet' in line: + self.status = 'waiting for packet' + + # Read 207 packets... + trying_re = re.compile(r"Trying to get (\d+) bytes of a keystream") + matches = trying_re.match(line) + if matches: + self.status = 'trying to get %sb of a keystream' % matches.group(1) + # 01:08:17 Sending fragmented packet + if 'Sending fragmented packet' in line: + self.status = 'sending packet' + # 01:08:37 Still nothing, trying another packet... + if 'Still nothing, trying another packet' in line: + self.status = 'sending another packet' + # XX:XX:XX Trying to get 1500 bytes of a keystream + trying_re = re.compile(r"Trying to get (\d+) bytes of a keystream") + matches = trying_re.match(line) + if matches: + self.status = 'trying to get %sb of a keystream' % matches.group(1) + # XX:XX:XX Got RELAYED packet!! + if 'Got RELAYED packet' in line: + self.status = 'got relayed packet' + # XX:XX:XX Thats our ARP packet! + if 'Thats our ARP packet' in line: + self.status = 'relayed packet was our' + # XX:XX:XX Saving keystream in fragment-0124-161129.xor + saving_re = re.compile(r"Saving keystream in (.*\.xor)") + matches = saving_re.match(line) + if matches: + self.status = 'saving keystream to %s' % saving_re.group(1) + # XX:XX:XX Now you can build a packet with packetforge-ng out of that 1500 bytes keystream - pass + else: # Replay, forged replay, etc. # Parse Packets Sent & PacketsPerSecond. Possible output lines: # Read 55 packets (got 0 ARP requests and 0 ACKs), sent 0 packets...(0 pps) @@ -188,7 +248,7 @@ class Aireplay(Thread): cmd = ["aireplay-ng"] cmd.append("--ignore-negative-one") - if not client_mac and len(target.clients) > 0: + if client_mac is None and len(target.clients) > 0: # Client MAC wasn't specified, but there's an associated client. Use that. client_mac = target.clients[0].station diff --git a/wifite/util/process.py b/wifite/util/process.py index 76c22cc..a9564dd 100755 --- a/wifite/util/process.py +++ b/wifite/util/process.py @@ -36,9 +36,9 @@ class Process(object): pid.wait() (stdout, stderr) = pid.communicate() - if Configuration.verbose > 1 and stdout.strip() != '': + if Configuration.verbose > 1 and stdout is not None and stdout.strip() != '': Color.pe("{P} [stdout] %s{W}" % '\n [stdout] '.join(stdout.strip().split('\n'))) - if Configuration.verbose > 1 and stderr.strip() != '': + if Configuration.verbose > 1 and stderr is not None and stderr.strip() != '': Color.pe("{P} [stderr] %s{W}" % '\n [stderr] '.join(stderr.strip().split('\n'))) return (stdout, stderr) @@ -91,14 +91,14 @@ class Process(object): def stdout(self): ''' Waits for process to finish, returns stdout output ''' self.get_output() - if Configuration.verbose > 1 and self.out.strip() != '': + if Configuration.verbose > 1 and self.out is not None and self.out.strip() != '': Color.pe("{P} [stdout] %s{W}" % '\n [stdout] '.join(self.out.strip().split('\n'))) return self.out def stderr(self): ''' Waits for process to finish, returns stderr output ''' self.get_output() - if Configuration.verbose > 1 and self.err.strip() != '': + if Configuration.verbose > 1 and self.err is not None and self.err.strip() != '': Color.pe("{P} [stderr] %s{W}" % '\n [stderr] '.join(self.err.strip().split('\n'))) return self.err