An extensive Tool for Cracking WPA/WPA2, managing handshakes and computing hashes.
WiFiBroot is an extensive research tool for WPA/WPA2 cracking and currently is under development. The version above provided may have some glitches while being designed. So, you are very my much welcome to contribute in this project by reporting anything you find unusual. WiFiBroot uses the handshakes along with provided dictionaries to crack passwords by computing various hashes like PMK, PTK, KCK and MIC etc. It uses linux device files and some internal linux commands to interact with the monitor interface. Further, it uses it own built-in wireless sniffer that sniffs wireless packets and further manipulates them. It works by first identifying networks in an area, choose one of them as target, tries to capture handshakes by sending deauth packets from AP to client and vice virsa and at the end, tries to guess the passwords by computing EAPOL hashes.
- Native Packet manipulation.
- Sort clients and APs according to reported power and accordingly perform further action. Provides stability.
- Auto-detect EAPOL and auto-send dissociation frames.
- Store handshakes in a seperate directory.
- Supports verbose mode
- As of it is built in Python, you may not be able to acheive the speed of other C utilities like coWPAtty and aircrack.
All you need to have a kick start is a wireless card thats supports packet injection in monitor mode. Usual Usage:
$ sudo python wifibroot.py -i wlan1mon
WiFiBroot heavily depends on scapy. So, you would need scapy installed. Almost, every other library will be already installed on your system:
$ sudo pip install scapy
The script must be run under root privileges for the interface necassities. If you fell suppressed with this configuration, you can edit a few lines of verification in the source code.
Normal Usage:
$ sudo python wifibroot.py -i wlan1mon [options]
All options:
-h, --help show this help message and exit
-i INTERFACE, --interface=INTERFACE
Monitor Interface to use.
-e ESSID, --essid=ESSID
Targets AP's with the specified ESSIDs
-b BSSID, --bssid=BSSID
Targets AP's with the specified BSSIDs
-c CHANNEL, --channel=CHANNEL
Listen on specified Channel.
-p PASSWORD, --password=PASSWORD
Check the AP against provided WPA Key Passphrase.
-d DICTIONARY, --dictionary=DICTIONARY
Dictionary containing Passwords
--newhandshake Discard previous handshake and capture new one.
-n, --nowrite Do not Save the Captured Handshakes
-v, --verbose Verbose Mode. More information and print hashes.
Under normal mode, it will print out a few important details and will print password if found. For research facilities, verbose mode will show you live packets as soon as they get captured and will print hexdump of computed hashes. The hashes will include, PMK (Pairwise Master Key), PTK (Pairwise Transient Key) and MIC (Message Integrity Code). An example given below:
Website: https://www.shelvoide.com
Twitter: @hash3liZer
Email: [email protected]