Skip to content
This repository has been archived by the owner on Mar 17, 2024. It is now read-only.

phenotypic/WiFiCrack

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

49 Commits
 
 
 
 
 
 

Repository files navigation

WiFiCrack

This repository is not actively maintained. See WiFiCrackPy for an updated version of this project.

WiFiCrack demonstrates of some of the security flaws associated with WPA(2) networks by demonstrating simple and efficient cracking. It captures the necessary Wi-Fi packets associated with with WPA(2) handshakes and then utilises hashcat to attempt to extract the hashed passkey. The script is for educational purposes and should not be misused.

Prerequisites

You must have Xcode installed. You will need to install any other outstanding requirements:

Command Installation
hashcat Manual installation: install via brew by running brew install hashcat
mergecap Manual installation: comes with the Wireshark application (v2.6.12)
./hashcat-utils/src/cap2hccapx.bin Automatic installation option when script is run

Note: You will also need to supply a word list for hashcat

Note: The script has been successfully tested with macOS Catlaina when using the bash shell. zsh may cause some problems

Usage

Download with:

git clone https://github.com/phenotypic/WiFiCrack.git

Run from same directory with:

bash WiFiCrack.sh

The script is fairly easy to use, simply run it using the command above and enter your sudo password when prompted. Here are some flags you can add:

Flag Description
-h Help: Display all available flags
-k Keep: Keep all captured packet files (deleted at end of session by default)
-a Alert: Turn off successful crack alert
-w <wordlist> Wordlist: Manually define a wordlist path (the script will prompt you otherwise)
-i <interface> Interface: Manually set Wi-Fi interface (script should normally auto-detect the correct interface)
-d <device> Device: Manually define 'devices' for hashcat

After running the script, you will be asked to choose a network to crack.

Following the selection of a network, you may have to wait for a while until a handshake occurs on the target network (i.e. for a device to (re)connect to the network), but this can be hastened by performing a deauthentication attack.

Once a handshake is captured, WiFiCrack will initialise hashcat to extract the Wi-Fi password. This step may take a while depending on a number of factors including your processing power. If successful you will be presented with the password, otherwise, WiFiCrack will retain the handshake in its directory if you would like to perform another type of attack against the capture.

To-do list

  • Integrate deauthentication attack into main script
  • Provide more hashcat attack options (e.g. brute force)