Results 1 to 9 of 9

Thread: Bash Script to automate WEP cracking

  1. #1
    Just burned his ISO Hobo4ssassin's Avatar
    Join Date
    Mar 2011
    Location
    Minnesota
    Posts
    5

    Default Bash Script to automate WEP cracking

    UPDATE: BashWEP v2.0
    http://code.google.com/p/bashwep/dow...0v2.0&can=2&q=

    I was fairly unhappy with the performance of the "WEP Buster" program in Backtrack 4, and although I am easily able to just type out the needed commands myself, I decided to write this script to automate the process. All you need to do is answer some questions at the beginning to set the variables and the rest is automatic. This script is pretty much idiot-proof, and it has never failed to crack a WEP access point for me. Although it is intended to be run in Backtrack 4, it will also run in Ubuntu if you have the aircrack-ng suite, drivers patched for injection, konsole, and macchanger installed.

    UPDATE: This attachment is OLD (v1.2 I believe), the newest version is at the link above.
    BashWEP.txt

    I call it BashWEP

    This is my first attempt at scripting, so the code may be a little crude, but I think I did a good job making it fairly sturdy. It evolved several times after testing it with my idiot friends. Any constructive comments or suggestions are appreciated.
    Last edited by Hobo4ssassin; 03-27-2011 at 10:06 AM. Reason: Edited 03/27/2011 to v2.0

  2. #2
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: Bash Script to automate WEP cracking

    Nice script but some remarks, just by reading the script :
    - You should let the user choose the interface he wants to use (I sometimes don't use airmon-ng to put in monitor mode and directly use my wifi card that airodump puts in monitor mode). But since you say you wanted to do something idiot-proof, not leaving the choice can be good!
    - When launching airodump to show APs, maybe add a -a option to avoid non-associated clients to show up.

    That is all ! Also, maybe some error checking, but since I suck at that, I can't really tell people to be cautious with that (and I know it's a bad behavior I have to change...)

    I'll try to give it a try and I'll edit this post to report!

    EDIT: So I tried it and... it failed me, sorry! Well, I didn't want to wait for hours getting a data packet, so I'll try again while I use the connection to generate data packets.
    Also, you should try using xterm windows instead of konsole. You can get their pid and kill them once you don't need them anymore. (I'm just realizing it should be the same with konsole...) But anyway xterm windows are prettier and configurable !

    I hope this helps
    Last edited by comaX; 03-19-2011 at 12:45 PM.
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  3. #3
    Just burned his ISO Hobo4ssassin's Avatar
    Join Date
    Mar 2011
    Location
    Minnesota
    Posts
    5

    Default Re: Bash Script to automate WEP cracking

    That's strange that you weren't able to capture a data packet. Even with stubborn routers I generally get a decent data packet before it reads 25,000 packets. What was your connection strength with the AP? I have found that it sometimes doesn't get a data packet if the connection strength is below 82dBm.

    Right now I have the script set to use the chop-chop attack by default because it generally works for me on the first try, although it sometimes takes up to 10 minutes, but I might add some options to try other types of attacks as well. The secondary attack it is set to use (if something fails or if you cancel the chop-chop attack) is generally much faster but less reliable in my experience. I haven't tried any of the other aireplay-ng attacks besides chop-chop, fragmentation, and replay, and I have never had any success with a fragmentation attack.

    Do you have any favorite attacks you think I should add? I could make a menu interface where you could choose what type of attack you'd like to run first...

    Thanks for the feedback btw.

  4. #4
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: Bash Script to automate WEP cracking

    Yeahp, in fact I was surprised not to see the ARP request attack (-3). Once authenticated, you wait for an ARP and it's done. Of course, you need an ARP, which sometimes never comes. You can also use the -h option to use one of the client's MAC and then deauth them to force reconnecting and gaining an ARP packet. Problem with that procedure is that I don't know how you can automatize it...

    As for my not receiving packets, I may have been too far. I'll get closer for a new try

    (Is you nickname related to "hobo with a shotgun" ?)
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  5. #5
    Just burned his ISO Hobo4ssassin's Avatar
    Join Date
    Mar 2011
    Location
    Minnesota
    Posts
    5

    Default Re: Bash Script to automate WEP cracking

    It'll probably take me a few days because I have other things on my plate right now, but I'll try to add a menu sometime this week so it's possible to choose the type of attack you want to use.

    Originally I wanted to make this script so simple that even complete idiots can use it, so I might even put a dialog at the beginning asking if you are a beginner or expert, so the beginner mode will run the script as it is now, and the expert mode will give you more options and control over the process.

    Code:
    echo "What is your skill level?"
    echo "[beginner / expert]"
    Something like that...

    The reasoning behind the format of the current attack is that I very rarely see residential wireless networks with clients always connected, and unless there is mac filtering, this attack works even if there are no associated clients.

    As for my name... no it's my gamertag on Live and it just kinda stuck as a nickname, so i use it everywhere now. My friends call me Hobo hahaha I can't wait for Hobo with a Shotgun to come out though. I love those Grindhouse films.

  6. #6
    Member longjidin's Avatar
    Join Date
    Feb 2010
    Location
    Kg Lengkong to Bukit Lada
    Posts
    93

    Default Re: Bash Script to automate WEP cracking

    Nice script .............! need more improvement>>> happy hunting!

  7. #7
    Just burned his ISO Hobo4ssassin's Avatar
    Join Date
    Mar 2011
    Location
    Minnesota
    Posts
    5

    Default Re: Bash Script to automate WEP cracking

    Quote Originally Posted by longjidin View Post
    Nice script .............! need more improvement
    I love comments like this... you offered absolutely nothing constructive at all.

    Anyways, here is a link to the latest version of the script. I had to upload it on google code because the source was too big to upload directly here.
    VERSION 2.0
    http://code.google.com/p/bashwep/dow...0v2.0&can=2&q=

    ComaX, I am hoping to get some feedback from you on this version. Most of the changes I made were in response to your initial feedback.

    I didn't get a chance to *fully* test this version, partially because it's 5am here, and partially because some of the attacks I added require associated clients. Also I am a little worried about some of the commands behaving differently on different systems because I have only been able to test it out on my personal computer.

    Last thing, if anyone uses cafe-latte personally, I would love to see usage example of how *you* use it, and possibly implement it in the next version. I haven't had a chance to use the cafe-latte attack myself, but hopefully sometime this next week I will have a chance to experiment with it against my friend's computer.

  8. #8
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: Bash Script to automate WEP cracking

    Hi, just saw your new version. I'll try it and give you feedback

    Edit : a first feedback by reading the code ;
    - Adding 3 and 5 attacks is nice
    - Changing mac is a nice feature, but you should do some error checking on the mac adress, and maybe make an option to randomize it (totally, or partially, keeping vendor code).
    - Same as previous comment, you should get konsoles' pid with $! to close them from your script when you're done with them

    I'll try and give you more feedback after I had time to test it
    Last edited by comaX; 03-27-2011 at 12:42 PM.
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  9. #9
    Just burned his ISO Hobo4ssassin's Avatar
    Join Date
    Mar 2011
    Location
    Minnesota
    Posts
    5

    Default Re: Bash Script to automate WEP cracking

    Quote Originally Posted by comaX View Post
    - Changing mac is a nice feature, but you should do some error checking on the mac adress, and maybe make an option to randomize it (totally, or partially, keeping vendor code).
    - Same as previous comment, you should get konsoles' pid with $! to close them from your script when you're done with them
    I will probably have some time today to do more thorough testing, to check for errors, and I am currently doing more research on PID and will include that in v2.1
    I am teaching myself everything I have done so far, so bear that in mind

    p.s. My posts are taking forever to show up because each of my posts need to be approved by a moderator. Is this because I'm new, or is it like that for everyone?

Similar Threads

  1. Replies: 6
    Last Post: 10-08-2010, 11:40 PM
  2. Replies: 10
    Last Post: 07-12-2010, 03:04 PM
  3. Soft AP bash script
    By junke1990 in forum OLD Wireless
    Replies: 1
    Last Post: 04-03-2010, 08:30 AM
  4. writing bash script help?
    By imported_dragracekid in forum OLD Newbie Area
    Replies: 10
    Last Post: 02-03-2009, 08:31 PM
  5. Replies: 1
    Last Post: 10-06-2007, 09:38 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •