alexandre/wifite2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Improve messaging during chopchop & fragment attacks

Browse Source 
Bugfix when chopchop fails.
Displays aircrack's error message when chopchop fails.

For improving WEP attacks in #27
This commit is contained in:
derv82
2018-03-25 15:58:21 -04:00
parent d8da6798de
commit b0bd57b1a3
3 changed files with 77 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
wifite/attack/wep.py
View File

@@ -85,6 +85,10 @@ class AttackWEP(Attack):
while True: while True:
airodump_target = self.wait_for_target(airodump) airodump_target = self.wait_for_target(airodump)
if client_mac is None and len(airodump_target.clients) > 0:
client_mac = airodump_target.clients[0].station
status = "%d/{C}%d{W} IVs" % (airodump_target.ivs, Configuration.wep_crack_at_ivs) status = "%d/{C}%d{W} IVs" % (airodump_target.ivs, Configuration.wep_crack_at_ivs)
if fakeauth_proc: if fakeauth_proc:
if fakeauth_proc and fakeauth_proc.status: if fakeauth_proc and fakeauth_proc.status:
@@ -154,7 +158,7 @@ class AttackWEP(Attack):
# If .xor is not there, the process failed. # If .xor is not there, the process failed.
Color.pl('\n{!} {O}%s attack{R} did not generate a .xor file' % attack_name) Color.pl('\n{!} {O}%s attack{R} did not generate a .xor file' % attack_name)
# XXX: For debugging # XXX: For debugging
Color.pl('{?} {O}Command: {R}%s{W}' % aireplay.cmd) Color.pl('{?} {O}Command: {R}%s{W}' % " ".join(aireplay.cmd))
Color.pl('{?} {O}Output:\n{R}%s{W}' % aireplay.get_output()) Color.pl('{?} {O}Output:\n{R}%s{W}' % aireplay.get_output())
break break
@@ -179,8 +183,8 @@ class AttackWEP(Attack):
break break
else: else:
Color.pl('\n{!} {O}aireplay-ng exited unexpectedly{W}') Color.pl('\n{!} {O}aireplay-ng exited unexpectedly{W}')
Color.pl('{?} {O}Command: {R}%s{W}' % aireplay.cmd) Color.pl('{?} {O}Command: {R}%s{W}' % " ".join(aireplay.cmd))
Color.pl('{?} {O}Output:\n%s{W}' % aireplay.get_output()) Color.pl('{?} {O}Output:\n{R}%s{W}' % aireplay.get_output())
break # Continue to other attacks break # Continue to other attacks
# Check if IVs stopped flowing (same for > N seconds) # Check if IVs stopped flowing (same for > N seconds)

72
wifite/tools/aireplay.py
View File

@@ -90,17 +90,25 @@ class Aireplay(Thread):
def get_output(self): def get_output(self):
''' Returns stdout from aireplay process ''' ''' Returns stdout from aireplay process '''
return self.pid.stdout() return self.stdout
def run(self): def run(self):
self.stdout = ''
self.xor_percent = '0%'
while self.pid.poll() is None: while self.pid.poll() is None:
time.sleep(0.1) time.sleep(0.1)
if not os.path.exists(self.output_file): continue if not os.path.exists(self.output_file): continue
# Read output file & clear output file # Read output file & clear output file
with open(self.output_file, "r+") as fid: with open(self.output_file, "r+") as fid:
lines = fid.read() lines = fid.read()
self.stdout += lines
fid.seek(0) fid.seek(0)
fid.truncate() fid.truncate()
if Configuration.verbose > 1 and lines.strip() != '':
from ..util.color import Color
Color.pl('\n{P} [?] aireplay output:\n %s{W}' % lines.strip().replace('\n', '\n '))
for line in lines.split("\n"): for line in lines.split("\n"):
line = line.replace("\r", "").strip() line = line.replace("\r", "").strip()
if line == "": continue if line == "": continue
@@ -124,33 +132,85 @@ class Aireplay(Thread):
self.status = True self.status = True
elif self.attack_type == WEPAttackType.chopchop: elif self.attack_type == WEPAttackType.chopchop:
# Look for chopchop status. Potential output lines: # Look for chopchop status. Potential output lines:
# (START) Read 178 packets... # (START) Read 178 packets...
read_re = re.compile(r"Read (\d+) packets") read_re = re.compile(r"Read (\d+) packets")
matches = read_re.match(line) matches = read_re.match(line)
if matches: if matches:
self.status = "Waiting for packet (read %s)..." % matches.group(1) self.status = "Waiting for packet (read %s)..." % matches.group(1)
# Sent 1912 packets, current guess: 70...
sent_re = re.compile(r"Sent (\d+) packets, current guess: (\w+)...")
matches = sent_re.match(line)
if matches:
self.status = "Generating .xor (%s)... current guess: %s" % (self.xor_percent, matches.group(2))
# (DURING) Offset 52 (54% done) | xor = DE | pt = E0 | 152 frames written in 2782ms # (DURING) Offset 52 (54% done) | xor = DE | pt = E0 | 152 frames written in 2782ms
offset_re = re.compile(r"Offset.*\(\s*(\d+%) done\)") offset_re = re.compile(r"Offset.*\(\s*(\d+%) done\)")
matches = offset_re.match(line) matches = offset_re.match(line)
if matches: if matches:
self.status = "Generating Xor (%s)" % matches.group(1) self.xor_percent = matches.group(1)
self.status = "Generating .xor (%s)..." % matches.group(1)
# (DONE) Saving keystream in replay_dec-0516-202246.xor # (DONE) Saving keystream in replay_dec-0516-202246.xor
saving_re = re.compile(r"Saving keystream in (.*\.xor)") saving_re = re.compile(r"Saving keystream in (.*\.xor)")
matches = saving_re.match(line) matches = saving_re.match(line)
if matches: if matches:
self.status = matches.group(1) self.status = matches.group(1)
pass
# (ERROR) fakeauth required
if 'try running aireplay-ng in authenticated mode' in line:
self.status = 'fakeauth is required and you are not authenticated'
elif self.attack_type == WEPAttackType.fragment: elif self.attack_type == WEPAttackType.fragment:
# TODO: Parse fragment output, update self.status # Parse fragment output, update self.status
# (START) Read 178 packets...
read_re = re.compile(r"Read (\d+) packets")
matches = read_re.match(line)
if matches:
self.status = "Waiting for packet (read %s)..." % matches.group(1)
# 01:08:15 Waiting for a data packet... # 01:08:15 Waiting for a data packet...
if 'Waiting for a data packet' in line:
self.status = 'waiting for packet'
# Read 207 packets...
trying_re = re.compile(r"Trying to get (\d+) bytes of a keystream")
matches = trying_re.match(line)
if matches:
self.status = 'trying to get %sb of a keystream' % matches.group(1)
# 01:08:17 Sending fragmented packet # 01:08:17 Sending fragmented packet
if 'Sending fragmented packet' in line:
self.status = 'sending packet'
# 01:08:37 Still nothing, trying another packet... # 01:08:37 Still nothing, trying another packet...
if 'Still nothing, trying another packet' in line:
self.status = 'sending another packet'
# XX:XX:XX Trying to get 1500 bytes of a keystream # XX:XX:XX Trying to get 1500 bytes of a keystream
trying_re = re.compile(r"Trying to get (\d+) bytes of a keystream")
matches = trying_re.match(line)
if matches:
self.status = 'trying to get %sb of a keystream' % matches.group(1)
# XX:XX:XX Got RELAYED packet!! # XX:XX:XX Got RELAYED packet!!
if 'Got RELAYED packet' in line:
self.status = 'got relayed packet'
# XX:XX:XX Thats our ARP packet! # XX:XX:XX Thats our ARP packet!
if 'Thats our ARP packet' in line:
self.status = 'relayed packet was our'
# XX:XX:XX Saving keystream in fragment-0124-161129.xor # XX:XX:XX Saving keystream in fragment-0124-161129.xor
saving_re = re.compile(r"Saving keystream in (.*\.xor)")
matches = saving_re.match(line)
if matches:
self.status = 'saving keystream to %s' % saving_re.group(1)
# XX:XX:XX Now you can build a packet with packetforge-ng out of that 1500 bytes keystream # XX:XX:XX Now you can build a packet with packetforge-ng out of that 1500 bytes keystream
pass
else: # Replay, forged replay, etc. else: # Replay, forged replay, etc.
# Parse Packets Sent & PacketsPerSecond. Possible output lines: # Parse Packets Sent & PacketsPerSecond. Possible output lines:
# Read 55 packets (got 0 ARP requests and 0 ACKs), sent 0 packets...(0 pps) # Read 55 packets (got 0 ARP requests and 0 ACKs), sent 0 packets...(0 pps)
@@ -188,7 +248,7 @@ class Aireplay(Thread):
cmd = ["aireplay-ng"] cmd = ["aireplay-ng"]
cmd.append("--ignore-negative-one") cmd.append("--ignore-negative-one")
if not client_mac and len(target.clients) > 0: if client_mac is None and len(target.clients) > 0:
# Client MAC wasn't specified, but there's an associated client. Use that. # Client MAC wasn't specified, but there's an associated client. Use that.
client_mac = target.clients[0].station client_mac = target.clients[0].station

8
wifite/util/process.py
View File

@@ -36,9 +36,9 @@ class Process(object):
pid.wait() pid.wait()
(stdout, stderr) = pid.communicate() (stdout, stderr) = pid.communicate()
if Configuration.verbose > 1 and stdout.strip() != '': if Configuration.verbose > 1 and stdout is not None and stdout.strip() != '':
Color.pe("{P} [stdout] %s{W}" % '\n [stdout] '.join(stdout.strip().split('\n'))) Color.pe("{P} [stdout] %s{W}" % '\n [stdout] '.join(stdout.strip().split('\n')))
if Configuration.verbose > 1 and stderr.strip() != '': if Configuration.verbose > 1 and stderr is not None and stderr.strip() != '':
Color.pe("{P} [stderr] %s{W}" % '\n [stderr] '.join(stderr.strip().split('\n'))) Color.pe("{P} [stderr] %s{W}" % '\n [stderr] '.join(stderr.strip().split('\n')))
return (stdout, stderr) return (stdout, stderr)
@@ -91,14 +91,14 @@ class Process(object):
def stdout(self): def stdout(self):
''' Waits for process to finish, returns stdout output ''' ''' Waits for process to finish, returns stdout output '''
self.get_output() self.get_output()
if Configuration.verbose > 1 and self.out.strip() != '': if Configuration.verbose > 1 and self.out is not None and self.out.strip() != '':
Color.pe("{P} [stdout] %s{W}" % '\n [stdout] '.join(self.out.strip().split('\n'))) Color.pe("{P} [stdout] %s{W}" % '\n [stdout] '.join(self.out.strip().split('\n')))
return self.out return self.out
def stderr(self): def stderr(self):
''' Waits for process to finish, returns stderr output ''' ''' Waits for process to finish, returns stderr output '''
self.get_output() self.get_output()
if Configuration.verbose > 1 and self.err.strip() != '': if Configuration.verbose > 1 and self.err is not None and self.err.strip() != '':
Color.pe("{P} [stderr] %s{W}" % '\n [stderr] '.join(self.err.strip().split('\n'))) Color.pe("{P} [stderr] %s{W}" % '\n [stderr] '.join(self.err.strip().split('\n')))
return self.err return self.err