Wiffy (v0.1)

A bash script to automate cracking WiFi networks! Supports WEP (Client & Client-less), WPA/WPA2, MAC filtering and hidden SSID with the option of connecting afterwards.

Links

Watch video on-line:

Download video: http://download.g0tmi1k.com/videos_archive/wiffy_v0.1.mp4

Download script (wiffy.sh): *Coming soon*

Method

  • Scans for wireless networks and saves gathered data
  • Configures the attacker's wireless card
  • Tries to detect currently connected clients
  • Starts to capture data
  • Depending on encryption on the wireless network - starts different attacks
  • Once enough 'essential' data has been collected starts to crack the WiFi key * Optional: Connect to network with the clients MAC (For MAC Filtering) and WiFi Key

Tools

  • The bash file - wiffy.sh (37.24 KB, SHA1:49f7a930120544a6cec11171abe500f7042ba49d)
  • A wireless card - that supports monitor mode
  • Dictionaries/Word-lists - If you're wanting to crack WPA/WPA2
  • aircrack-ng suite, macchanger - All on BackTrack! = Optional: Subversion

How do I use it?

  1. Either edit wiffy.sh or specify, via command line, your interface. (You can view your interfaces via ifconfig and use kate to edit.)
  2. If an ESSID or BSSID wasn't set via command line, select which is YOUR network
  3. Wait...
  4. ...Game over. =)

Commands

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
bash wiffy.sh
1
clear
kate wiffy.sh
iwconfig
bash wiffy.sh -?
clear
bash wiffy.sh -v -e g0tmi1k -x
bash wiffy.sh -x -e g0tmi1k -V

ipconfig /all

bash wiffy.sh -m dos -c [MAC] -v
2

192.168.1.1
google.com
g0tmi1k.blogspot.com

Troubleshooting

  • WEP
    • Didn't detect my client
      • Add it in manually
      • Re-run the script
    • IV's do not increase
      • DeAuth didn't work --- Client using Windows 7?
      • Use a different router/client
  • WPA
    • You can ONLY crack WPA/WPA2 when:
      • The ESSID is known
      • The WiFi key is in the word-list
      • There is a connected client
  • Doesn't detect any/my wireless network
    • Don't run from a virtual machine
    • Driver issue - Use a different WiFi device
    • Re-run the script
    • You're too close/far away
    • Unplug WiFi device, wait, replug
  • "Extras" doesn't work
    • Network doesn't have a DHCP server
  • Slow
    • Re-run the script
    • Try a different attack... manually!
  • ...still not working correctly?
    • Re run with Diagnostics mode enabled (-d)
    • Make a note of the setup (Hardware, versions etc)
    • Get in touch!

Notes

  • Tested in BackTrack 4 (R1).
  • It's worth doing this "manually" (without the script) before using this, so you have an idea of what's happening, and why. The script is only meant to save time.
  • I'm running BackTrack 4 R1 in VM, The target is running Windows 7 Ultimate (fully up-to-date 2010-09-11), with firewall enabled, no AV and with UAC enabled (Windows 7 Default)

Song: Duck Sauce - Barbara Streisand (O-God Remix) & The Prodigy - Out of Space

Video length: 6:59

Capture length: 45:07

Blog Post: https://blog.g0tmi1k.com/2011/01/owning-windows-xp-sp1-vs/