Page 6 of 12 FirstFirst ... 45678 ... LastLast
Results 51 to 60 of 119

Thread: [Script] [Video] wiffy (v0.1)

  1. #51
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Script] [Video] wiffy (v0.1)

    Quote Originally Posted by Eatme View Post
    Im not running vmware either, and still get this problem..

    @roybatty
    I did say I was new first before anything, i put them in order cuz im still new to linux period, but im already familiar with backtrack. Like I said, i didnt know what the commands did per say in depth, so i took a guess what they did. :-\

    thanks for the correct info tho.
    Its been taken care of *hopefully* in the next update. (=



    Quote Originally Posted by jonathan11 View Post
    So I was trying to capture a WPA handshake from my network.
    I first tried to do in manually with
    Code:
    aireplay-ng --deauth 10 -a 00:**:**:6E:**:** -c 00:1C:**:3A:**:** mon0
    I did send countless of DeAuth's, see below:
    Code:
    21:07:47 Sending 64 directed DeAuth. STMAC: [00:1C:**:3A:**:**] [12|41 ACKs]
    21:07:47 Sending 64 directed DeAuth. STMAC: [00:1C:**:3A:**:**] [16|30 ACKs]
    21:07:48 Sending 64 directed DeAuth. STMAC: [00:1C:**:3A:**:**] [16|19 ACKs]
    21:07:48 Sending 64 directed DeAuth. STMAC: [00:1C:**:3A:**:**] [22|20 ACKs]
    21:07:50 Sending 64 directed DeAuth. STMAC: [00:1C:**:3A:**:**] [33|46 ACKs]
    21:07:51 Sending 64 directed DeAuth. STMAC: [00:1C:**:3A:**:**] [26|52 ACKs]
    21:07:52 Sending 64 directed DeAuth. STMAC: [00:1C:**:3A:**:**] [27|56 ACKs]
    21:07:53 Sending 64 directed DeAuth. STMAC: [00:1C:**:3A:**:**] [18|53 ACKs]
    for about 10 minutes or about 500 DeAuth's with no luck on the handshake.

    I then launched wiffy to see if wiffy was able to capture the handshake (I'm still quite a beginner and suspected that I did something wrong.)
    Wiffy found the handshake after about 10 seconds and I had a nearly empty wordlist for wiffy, just so I would get the *.cap.
    I then tried to crack the cap file wiffy generated with cowpatty. With the results:
    "End of pcap capture file, incomplete four-way handshake exchange. Try using a different capture."
    I then tried to run the *.cap file that wiffy generated into aircrack-ng
    Code:
    aircrack-ng /root/wiffy/wiffy-NAMEOFCAP.cap -w /root/internal/wordlist/testlist.lst
    and aircrack just launches and starts to plow thru my wordlist.

    This brought some questions, not all of them are directly related to wiffy I hope it's OK to post them anyways.

    Is the CAP incomplete since cowPatty wont take it?
    Or does cowPatty require different information then what aircrack-ng does?
    Could wiffy caputre a incomplete handshake?
    Why did I fail to manually DeAuth my laptop, was the signal strength too low? (As I understood by reading about aireplay-ng the low ACK count could be because of bad signal strength)
    I've had the simlar issue too. When running --deauth from my laptop - it doesn't deauth my desktop, but it will work okay with my iPod touch.
    I believe its a "issue" with Windows 7, because when I was running XP on the desktop, I can't ever remember it failing. (however its been a while since I've used windows!). Im not sure "why" its happening, as I would need to do a few tests - and I just haven't got the time to do so theses days. I dunno if its the drivers, signal strengh or the AP? on either the attacker/target.

    Did you try and re-run the command manually? I've found that sometimes stopping and rerunning it works the second/third time. (hence why wiffy worked)

    I haven't really used cowpatty that much, as I find aircrack-ng does the job for me, so I can't comment too much on this.
    What if you open the cap file with wireshark?
    Use Wireshark and apply a filter of “eapol”. This displays only eapol packets you are interested in. Thus you can see if capture contains 0,1,2,3 or 4 eapol packets.
    Source: cracking_wpa [Aircrack-ng]

    Is the CAP incomplete since cowPatty wont take it?
    I do not know. You tell me. (= *Open it with wireshark!*

    Or does cowPatty require different information then what aircrack-ng does?
    As far as I know, they both need the same - the four way handshake. Its just a question which app can "detect" it from the cap file.
    As airodump can capture it & aircrack-ng is part of the same suite - I believe the two work better togethor...

    Could wiffy caputre a incomplete handshake?
    I hope not! Wiffy automates airodump/aircrack. If you run wiffy with -V, you can see what commands its using.

    Why did I fail to manually DeAuth my laptop, was the signal strength too low? (As I understood by reading about aireplay-ng the low ACK count could be because of bad signal strength)
    That could be a issue...as well as a few other things. *see above for my ideas (doesn't mean its correct/right mind you!)
    Have you...g0tmi1k?

  2. #52
    Junior Member
    Join Date
    Sep 2008
    Posts
    32

    Default Re: [Script] [Video] wiffy (v0.1)

    One thing I have noticed that may help others. FYI, I am running BT4 R1 from a persistent USB install with a ~ two year old Alfa AWUS036H.

    If you are running a card with the RTL8187 chipset like the Alfa, Wiffy will switch drivers from the newer "rtl8187" to the older "r8187" for you automatically, as indicated in the above posts. The r8187 driver does not create a 'mon0' interface when going into monitor mode, so you need to change the default monitor interface variables from 'mon0' to 'wlan0' or 'wlan1' within the script itself, or use the command line arguments, ie "./wiffy.sh -i wlan0 -t wlan0" to specify the correct interfaces.

    The older r8187 driver also shows all received power levels as 0, which causes an error in the script (usually lines 195 and 196) when it is parsing the power level to decide how to apply the colors -- off the top of my head I believe the error message is "expecting an integer value for variable xxx".

    -- Tom

  3. #53
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Script] [Video] wiffy (v0.1)

    Quote Originally Posted by cseven View Post
    #20 ooooh pretty colors

    You know it's a sin to add flashy stuff to linux

    * When running mode'"inject" it stalls on installing airpwn because the connection is in monitor mode
    * (suggestion list) What would be nice is if the wiffy.keys was searched first to see if the AP is already been cracked. A simple grep <AP Name> wiffy.keys usually suffices though.
    Sorry cseven, I missed your reply when I was answering...

    Hehe! There is even more pretty colours now *Read the bit at the bottom*

    * I haven't tested "Inject" too much - Ill look into it for the next update.
    * Done. ~great idea btw~



    Quote Originally Posted by StriperTS View Post
    One thing I have noticed that may help others. FYI, I am running BT4 R1 from a persistent USB install with a ~ two year old Alfa AWUS036H.

    If you are running a card with the RTL8187 chipset like the Alfa, Wiffy will switch drivers from the newer "rtl8187" to the older "r8187" for you automatically, as indicated in the above posts. The r8187 driver does not create a 'mon0' interface when going into monitor mode, so you need to change the default monitor interface variables from 'mon0' to 'wlan0' or 'wlan1' within the script itself, or use the command line arguments, ie "./wiffy.sh -i wlan0 -t wlan0" to specify the correct interfaces.

    The older r8187 driver also shows all received power levels as 0, which causes an error in the script (usually lines 195 and 196) when it is parsing the power level to decide how to apply the colors -- off the top of my head I believe the error message is "expecting an integer value for variable xxx".

    -- Tom
    Thanks for helping out (=
    I hope that in update below, it fixes the need to change the monitorInterface, as it now should be able to automatically detect it (=
    I think as ive also moved away from iwlist - you shouldn't have to worry about the second error too (Power levels). If doesn't, could you report back?



    wiffy v0.1 #21
    *Big update~Be prepared for bugs *
    Added: Automatically detects monitor interface
    Added: Checks database to see if its been cracked before
    Added: "Timed Out" - WPA, WEP and scanning
    Updated: "findAP" - removed "iwlist", now using "airodump-ng" to scan for APs
    Updated: Fixed "chopchop" & "fragment" (WEP) attacks.
    Updated: Fixed "r8187" issue
    Updated: Internal workings & Renamed a few variables
    Updated: "interrupt" - Now has the option of returning to menu - or quitting
    Updated: "moveCap" - Only moves WPA/WPA2 caps.
    Updated: "Moved Caps" - enabled by default & changed default path
    Updated: "Select AP" - Added "connected clients", "manufacture", "signal strenght" and WPA2
    Updated: "Select AP" - Added more coloring
    Have you...g0tmi1k?

  4. #54
    Good friend of the forums Eatme's Avatar
    Join Date
    Aug 2009
    Location
    Socks5
    Posts
    308

    Default Re: [Script] [Video] wiffy (v0.1)

    OMG...booting to BT now !

    yippy !
    Wiffy-Auto-Cracker - was the best thing that ever happen to me. :) Wo0oT :)
    AWUSO36H_500mW_5dBi Antenna

  5. #55
    Junior Member
    Join Date
    Sep 2008
    Posts
    32

    Default Re: [Script] [Video] wiffy (v0.1)

    g0tmi1k,

    Looks great!

    Looks like you hardcoded the loading of the new rtl8187 drivers, but removed the logic to first check if a RTL8187 chipset is being used (line 828 in script)? I'm not sure if this will cause problems with users who have non RTL8187 based adapters?

    Also, since I am not running in vmware, I don't know if other users will still experience that "unknown error 132" that originally had you go down the r8187 path.

    Scan using airmon-ng is working great as well. It also successfully detected the correct mon interface when using the rtl8187 driver.

    But, some cards may not respond with "monitor mode enabled on mon0" when placed into monitor mode, which might cause problems with other adapters (line 836 in the script).

    For example, here is what using the old r8187 driver produces (sorry, its the only adapter I have):

    Code:
    root@bt:~/Wiffy# rmmod rtl8187
    root@bt:~/Wiffy# rmmod mac80211
    root@bt:~/Wiffy# modprobe r8187
    root@bt:~/Wiffy# airmon-ng
    
    
    Interface       Chipset         Driver
    
    wlan0           RTL8187         r8187
    
    root@bt:~/Wiffy# airmon-ng start wlan0
    
    Interface       Chipset         Driver
    
    wlan0           RTL8187         r8187 (monitor mode enabled)
    I know you aren't necessarily trying to create a single script that works for all configs and all adapters, and thats what the command line options for -i and -t are for, but just wanted to throw that out there.

    One other nit, the $update variable never gets set when performing an update, so it doesn't specify which version you have updated to (line 617).

    Good stuff, keep up the hard work

    -- Tom

  6. #56
    Junior Member
    Join Date
    Sep 2008
    Posts
    32

    Default Re: [Script] [Video] wiffy (v0.1)

    Just noticed that by default (no command line arguments), the script wants to save cap files to "caps" directory (outputCAP="$(pwd)/caps/"), but if this directory does not exist, the /tmp/wiffy-01.cap file can not be moved to this directory and the script will end.

    Once the caps directory is created manually, WPA cracking works fine

    -- Tom
    Last edited by StriperTS; 10-07-2010 at 05:20 PM.

  7. #57
    Good friend of the forums Eatme's Avatar
    Join Date
    Aug 2009
    Location
    Socks5
    Posts
    308

    Default Re: [Script] [Video] wiffy (v0.1)

    Quote Originally Posted by StriperTS View Post
    Just noticed that by default (no command line arguments), the script wants to save cap files to "caps" directory (outputCAP="$(pwd)/caps/"), but if this directory does not exist, the /tmp/wiffy-01.cap file can not be moved to this directory and the script will end.

    Once the caps directory is created manually, WPA cracking works fine

    -- Tom
    Thats because you have to manually edit it. $(pwd)=means wherever wiffy.sh is located, thats where the cap files are going to be saved at.

    Quote Originally Posted by StriperTS View Post
    Understood, but my point is that if the user doesn't manually create the "caps" directory, or another similar directory and updates the script or uses the "-o" option then it will fail. Just need to check for existence of "caps" directory first and create it if necessary for the default case.

    -- Tom
    But then again you're also right, that DIR has to be made even in prevs. versions. (im not sure if he's aware of this, but he will now)

    -I usually edit it, and make to save where I save my (all)own cap files..

    @g0tmi1k
    Nice job! Love the update and the new features...
    But one thing I also noticed:

    Bug:
    Sometimes it displays dups SSIDS. Only time iv'e seen it done this is when I restart the script at beginning (CTRL+C) or when it times out, and I enter [s] to re-scan.

    keep it up !!

    Quote Originally Posted by g0tmi1k View Post
    Its been taken care of *hopefully* in the next update. (=
    yep it sure did. works for me now. Thanks
    Last edited by Eatme; 10-07-2010 at 05:44 PM.
    Wiffy-Auto-Cracker - was the best thing that ever happen to me. :) Wo0oT :)
    AWUSO36H_500mW_5dBi Antenna

  8. #58
    Junior Member
    Join Date
    Sep 2008
    Posts
    32

    Default Re: [Script] [Video] wiffy (v0.1)

    Quote Originally Posted by Eatme View Post
    Thats because you have to manually edit it. $(pwd)=means wherever wiffy.sh is located, thats where the cap files are going to be saved at.
    Understood, but my point is that if the user doesn't manually create the "caps" directory, or another similar directory and updates the script or uses the "-o" option then it will fail. Just need to check for existence of "caps" directory first and create it if necessary for the default case.

    -- Tom

  9. #59
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Script] [Video] wiffy (v0.1)

    Quote Originally Posted by Eatme View Post
    OMG...booting to BT now !

    yippy !
    hehe!
    Might be another update out by the time backtrack is started up!



    Quote Originally Posted by StriperTS View Post
    g0tmi1k,

    Looks great!

    Looks like you hardcoded the loading of the new rtl8187 drivers, but removed the logic to first check if a RTL8187 chipset is being used (line 828 in script)? I'm not sure if this will cause problems with users who have non RTL8187 based adapters?

    Also, since I am not running in vmware, I don't know if other users will still experience that "unknown error 132" that originally had you go down the r8187 path.

    Scan using airmon-ng is working great as well. It also successfully detected the correct mon interface when using the rtl8187 driver.

    But, some cards may not respond with "monitor mode enabled on mon0" when placed into monitor mode, which might cause problems with other adapters (line 836 in the script).

    For example, here is what using the old r8187 driver produces (sorry, its the only adapter I have):

    Code:
    root@bt:~/Wiffy# rmmod rtl8187
    root@bt:~/Wiffy# rmmod mac80211
    root@bt:~/Wiffy# modprobe r8187
    root@bt:~/Wiffy# airmon-ng
    
    
    Interface Chipset Driver
    
    wlan0 RTL8187 r8187
    
    root@bt:~/Wiffy# airmon-ng start wlan0
    
    Interface Chipset Driver
    
    wlan0 RTL8187 r8187 (monitor mode enabled)
    I know you aren't necessarily trying to create a single script that works for all configs and all adapters, and thats what the command line options for -i and -t are for, but just wanted to throw that out there.

    One other nit, the $update variable never gets set when performing an update, so it doesn't specify which version you have updated to (line 617).

    Good stuff, keep up the hard work

    -- Tom
    Thanks (=

    Yes, I was fed up of the "rtl8187" issue. (=
    Ive got rt73usb, not rtl8187 - so Im not sure....I'm just going on what other users say (however, there looks like its different for each user!)
    * http://www.backtrack-linux.org/forum...ror-132-a.html
    * http://www.backtrack-linux.org/forum...tml#post176892
    * http://www.backtrack-linux.org/forum...tml#post177696
    Code:
    *** Some people say ***
    rmmod rtl8187
    rmmod mac80211
    modprobe r8187
    *** OR ***
    rmmod r8187
    modprobe rtl8187
    So which one is "right?"
    Anyway, Im not running r8187/rtl8187 - and I dont have an issue with doing the commands (also don't use VMware (if I do use VM - its VirtualBox! so I cant test that too)

    Ive fixed the monitorInterface detection for the next release Thanks for pointing it out! =) Bigger thanks for supplying the info/code/output =D
    oooo Thanks for pointing out about "$update", Its been fixed (=
    I would like to create a script to do that, but its just too many things to think about...)=
    If you find anything else wrong/missing - please either reply or PM me! (=

    Edit:
    *Got half way replying - something came up - time I came back - you guys had replied some more!*

    Quote Originally Posted by StriperTS View Post
    Just noticed that by default (no command line arguments), the script wants to save cap files to "caps" directory (outputCAP="$(pwd)/caps/"), but if this directory does not exist, the /tmp/wiffy-01.cap file can not be moved to this directory and the script will end.

    Once the caps directory is created manually, WPA cracking works fine =)

    -- Tom
    opps... *Fixed*
    I thought using "-f" to force...would of done the trick, Im guessing not! *It now checks and creates a folder if needs be!*



    Quote Originally Posted by Eatme View Post
    Thats because you have to manually edit it. $(pwd)=means wherever wiffy.sh is located, thats where the cap files are going to be saved at.

    But then again you're also right, that DIR has to be made even in prevs. versions. (im not sure if he's aware of this, but he will now)

    -I usually edit it, and make to save where I save my (all)own cap files..

    @g0tmi1k
    Nice job! Love the update and the new features...
    But one thing I also noticed:

    Bug:
    Sometimes it displays dups SSIDS. Only time i've seen it done this is when I restart the script at beginning (CTRL+C) or when it times out, and I enter [s] to re-scan.

    keep it up !! =)

    yep it sure did. works for me now. Thanks
    Yep, I'm now aware of it =D *been taken care of too. I will upload the update after tying this*
    You also ask for the feature (keeping caps) if I remember rightly (I'm glad - because I'm using it now =D So much so, I didn't like all the caps in that folder - hence why I changed it)

    Thanks for the feedback. (=
    I'm guessed there are going to be a few bugs made because of the update....*tho more main ones about "breaking" (Ctrl + C)*.
    Ill try and look into it - about the dups.
    Is it just the SSIDs that a dups up, and or the BSSID or "everything"? Does the aircrack-ng window (when it is scanning) show theses dups? Is there connected clients to the SSIDs?

    Glad to hear that r8187/rtl8187 is fixed (or at least for you!)



    Quote Originally Posted by StriperTS View Post
    Understood, but my point is that if the user doesn't manually create the "caps" directory, or another similar directory and updates the script or uses the "-o" option then it will fail. Just need to check for existence of "caps" directory first and create it if necessary for the default case.

    -- Tom
    As most people didn't change the folder (if they used the feature), they wouldn't of noticed it (or if they did - they didn't tell me! =D
    I got fed up of having all the caps in the same folder - created the folder - then updated the script. Hence why I didn't pick it up. Short answer in the next update, it will not be a issue. =)
    Last edited by g0tmi1k; 10-07-2010 at 07:15 PM.
    Have you...g0tmi1k?

  10. #60
    Good friend of the forums Eatme's Avatar
    Join Date
    Aug 2009
    Location
    Socks5
    Posts
    308

    Default Re: [Script] [Video] wiffy (v0.1)

    Quote Originally Posted by g0tmi1k View Post
    I'm guessed there are going to be a few bugs made because of the update....*tho more main ones about "breaking" (Ctrl + C)*.
    Ill try and look into it - about the dups.
    Is it just the SSIDs that a dups up, and or the BSSID or "everything"? Does the aircrack-ng window (when it is scanning) show theses dups? Is there connected clients to the SSIDs?
    ctrl+c works fine.

    And yes everything shows up as a dup, in the main window, not the ones that pop up...

    I think it like 1 or 2 dups that showed, when I re-scanned it went away.
    Wiffy-Auto-Cracker - was the best thing that ever happen to me. :) Wo0oT :)
    AWUSO36H_500mW_5dBi Antenna

Page 6 of 12 FirstFirst ... 45678 ... LastLast

Similar Threads

  1. [Script] [Video] fakeAP_pwn (v0.3)
    By g0tmi1k in forum BackTrack Videos
    Replies: 143
    Last Post: 04-20-2011, 01:36 AM
  2. [Script][Video] EvilGrade (v0.1.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 27
    Last Post: 03-06-2011, 12:24 PM
  3. [Script] [Video] metasploit-FakeUpdate (v0.1.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 30
    Last Post: 12-06-2010, 04:53 PM
  4. [Script][Video] - Using McGrew Security's nbnspoof.py
    By orgcandman in forum Beginners Forum
    Replies: 3
    Last Post: 11-17-2010, 07:36 PM
  5. [Script] [Video] FakeAP_pwn (v0.2.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 184
    Last Post: 09-02-2010, 11:01 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •