Fix tshark ssid discovery

Wifite.py

@@ -172,7 +172,7 @@ if __name__ == '__main__':
         w.main()
     except Exception, e:
         Color.pl('\n{!} {R}Error:{O} %s{W}' % str(e))
-        if Configuration.verbose > 0:
+        if Configuration.verbose > 0 or True:
             Color.pl('\n{!} {O}Full stack trace below')
             from traceback import format_exc
             Color.p('\n{!}    ')

py/Airodump.py

@@ -201,11 +201,11 @@ class Airodump(object):
 
                     if target.essid_len == 0:
                         # Ignore empty/blank ESSIDs
-                        continue
+                        pass
 
                     if target.channel == "-1":
                         # Ignore -1 channel
-                        continue
+                        pass
 
                     targets.append(target)
         return targets

py/AttackWPA.py

@@ -38,8 +38,9 @@ class AttackWPA(Attack):
                       output_file_prefix='wpa') as airodump:
 
             Color.clear_line()
-            Color.p('\r{+} {C}WPA-handshake attack{W}: ')
+            Color.pattack("WPA", self.target, "Handshake capture", "Waiting for target to appear...")
-            Color.p('{O}waiting{W} for target to appear...')
+            #Color.p('\r{+} {C}WPA-handshake attack{W}: ')
+            #Color.p('{O}waiting{W} for target to appear...')
             airodump_target = self.wait_for_target(airodump)
 
             # Get client station MAC addresses
@@ -55,9 +56,10 @@ class AttackWPA(Attack):
             while True:
                 if not deauth_proc or deauth_proc.poll() != None:
                     # Clear line only if we're not deauthing right now
-                    Color.p('\r%s\r' % (' ' * 90))
+                    Color.clear_line()
-                Color.p('\r{+} {C}WPA-handshake attack{W}: ')
+                Color.pattack("WPA", airodump_target, "Handshake capture", "Waiting for handshake...")
-                Color.p('waiting for {C}handshake{W}...')
+                #Color.p('\r{+} {C}WPA-handshake attack{W}: ')
+                #Color.p('waiting for {C}handshake{W}...')
 
                 time.sleep(1)
 
@@ -97,8 +99,8 @@ class AttackWPA(Attack):
                 airodump_target = self.wait_for_target(airodump)
                 for client in airodump_target.clients:
                     if client.station not in clients:
-                        Color.pl('\r{+} discovered {G}client{W}:' +
+                        Color.clear_line()
-                                 ' {C}%s{W}%s' % (client.station, ' ' * 10))
+                        Color.pl('\r{+} discovered new {G}client{W}: {C}%s{W}' % client.station)
                         clients.append(client.station)
 
                 # Send deauth to a client or broadcast

py/Color.py

@@ -82,8 +82,9 @@ class Color(object):
             [name] ESSID (MAC @ Pwr) Attack_Type: Progress
             e.g.: [WEP] Router2G (00:11:22 @ 23db) replay attack: 102 IVs
         '''
+        essid = "{C}%s{W}" % target.essid if target.essid_known else "{O}unknown{W}"
         Color.p("\r{+} {G}%s{W} ({C}%s @ %sdb{W}) {G}%s {C}%s{W}: %s " % (
-            target.essid, target.bssid, target.power, attack_type, attack_name, progress))
+            essid, target.bssid, target.power, attack_type, attack_name, progress))
 
 if __name__ == '__main__':
     Color.pl("{R}Testing{G}One{C}Two{P}Three{W}Done")

py/Configuration.py

@@ -59,7 +59,8 @@ class Configuration(object):
         Configuration.wordlist = None
         wordlists = [
             '/usr/share/wfuzz/wordlist/fuzzdb/wordlists-user-passwd/passwds/phpbb.txt',
-            '/usr/share/fuzzdb/wordlists-user-passwd/passwds/phpbb.txt'
+            '/usr/share/fuzzdb/wordlists-user-passwd/passwds/phpbb.txt',
+            '/usr/share/sqlmap/txt/wordlist.txt'
         ]
         for wlist in wordlists:
             if os.path.exists(wlist):

py/Handshake.py

@@ -90,22 +90,24 @@ class Handshake(object):
         cmd = [
             'tshark',
             '-r', self.capfile,
-            '-R', 'wlan.fc.type_subtype == 0x08',
+            '-R', 'wlan.fc.type_subtype == 0x08 || wlan.fc.type_subtype == 0x05',
+            '-2', # tshark: -R without -2 is deprecated.
             '-n'
         ]
         proc = Process(cmd, devnull=False)
         for line in proc.stdout().split('\n'):
             # Extract src, dst, and essid
             mac_regex = ('[a-zA-Z0-9]{2}:' * 6)[:-1]
-            match = re.search('(%s) -> (%s).*.*SSID=(.*)$'
+            match = re.search('(%s) [^ ]* (%s).*.*SSID=(.*)$'
                 % (mac_regex, mac_regex), line)
             if match == None:
                 # Line doesn't contain src, dst, ssid
                 continue
             (src, dst, essid) = match.groups()
+            if dst.lower() == "ff:ff:ff:ff:ff:ff": continue
             if self.bssid:
                 # We know the BSSID, only return the ESSID for this BSSID.
-                if self.bssid.lower() == src.lower():
+                if self.bssid.lower() == src.lower() or self.bssid.lower() == dst.lower():
                     essids.add((src, essid))
             else:
                 # We do not know BSSID, add it.
@@ -263,7 +265,7 @@ class Handshake(object):
                     hit_Target = False
             else:
                 # Line does not contain AccessPoint
-                if hit_target and ', good,' in line:
+                if hit_target and ', good' in line:
                     bssid_essid_pairs.add( (current_bssid, current_essid) )
         return [x for x in bssid_essid_pairs]
 

py/Scanner.py

@@ -52,7 +52,7 @@ class Scanner(object):
                     Color.p(
                         '\r{+} scanning, found' +
                         ' {G}%d{W} target(s),' % target_count +
-                        ' {G}%d{W} clients.' % client_count +
+                        ' {G}%d{W} client(s).' % client_count +
                         ' {O}Ctrl+C{W} when ready')
                     sleep(1)
             except KeyboardInterrupt: