Example #1
0
    def run(self):
        time = int(self.time) / int(len(self.object['aplist']))
        self.create_brtue_text()
        for i in xrange(0, len(self.object['aplist'])):
            channel = self.object['aplist'][i]['channel']
            bssid = self.object['aplist'][i]['bssid']
            essid = self.object['aplist'][i]['essid']
            enc_type = self.object['aplist'][i]['enc_type']
            ap_crack = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time)
            public_ip = False
            conn_host = False
            ap_crack.run()
            ap_values = ap_crack.get_value()
            if ap_values['key']:
                if network.set_new_connection(essid, ap_values['key'], self.iface):
                    if self.public_ip_get:
                        public_ip = network.myip()
                    if self.conn_host_info:
                        try:
                            conn_host = network.network_host_ip(self.iface)
                        except IOError:
                            conn_host = False

            self.result_value += str({'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'],
                                  'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'],
                                  'public_ip': public_ip, 'conn_host_info': conn_host}) + ", "
            ap_crack.stop()

        self.result_value = str(self.result_value[:-2]) + ']'
Example #2
0
    def run(self):
        time = int(self.time) / int(len(self.object['aplist']))
        if self.dict_password:
            pass
        else:
            self.create_brtue_text()
        r = Reader() # Reader class in airodump module
        nets = r.get_sorted_networks()
        for i in xrange(0, len(self.object['aplist'])):
            channel     = self.object['aplist'][i]['channel']
            bssid       = self.object['aplist'][i]['bssid']
            # Get the essid match the encoding format that AP is broadcast.
            for k in range(0, len(nets)):
                if nets[k]['bssid'] == bssid:
                    essid = nets[k]['essid']
                    break
            enc_type    = self.object['aplist'][i]['enc_type']
            public_ip   = False
            conn_host   = False
            if essid == '':
                print '[!!]Can not connect without ESSID'
                continue
            ap_crack    = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time)
            ap_crack.run()
            ap_values = ap_crack.get_value()

            if ap_values['key']: # Found Key
                retval, public_ip, conn_host = network.get_ap_info(essid, bssid, enc_type, ap_values['key'], self.iface, self.public_ip_get, self.conn_host_info)

                '''
                print ap_values['key']
                if network.set_new_connection(essid, bssid, ap_values['key'], self.iface, enc_type):
                    print 'connect network success'
                    if self.public_ip_get:
                        public_ip = network.myip()
                        print 'ip : '+public_ip
                    if self.conn_host_info:
                        try:
                            conn_host = network.network_host_ip(self.iface)
                            print 'conn host :'+ conn_host
                        except IOError:
                            conn_host = False
                    # Releqse Session
                    execute('iw dev '+self.iface+' disconnect')
                    execute('ifconfig '+self.iface+' down')
                    execute('dhcpcd -k '+ self.iface)
                    execute('killall wpa_supplicant')
                else: # if 'set_new_connection' function return false
                    print '[!!] Failed to connect to AP '+ essid
                '''
            self.result_value += str({'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'],
                                  'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'],
                                  'public_ip': public_ip, 'conn_host_info': conn_host}) + ", "
            ap_crack.stop()

        self.result_value = str(self.result_value[:-2]) + ']'
Example #3
0
    def run(self):
        time = int(self.time) / int(len(self.object['aplist']))
        self.create_brtue_text()
        for i in xrange(0, len(self.object['aplist'])):
            channel = self.object['aplist'][i]['channel']
            bssid = self.object['aplist'][i]['bssid']
            essid = self.object['aplist'][i]['essid']
            enc_type = self.object['aplist'][i]['enc_type']
            ap_crack = Attack(self.iface,
                              channel,
                              bssid,
                              essid,
                              enc_type,
                              timeout=time)
            public_ip = False
            conn_host = False
            ap_crack.run()
            ap_values = ap_crack.get_value()
            if ap_values['key']:
                if network.set_new_connection(essid, ap_values['key'],
                                              self.iface):
                    if self.public_ip_get:
                        public_ip = network.myip()
                    if self.conn_host_info:
                        try:
                            conn_host = network.network_host_ip(self.iface)
                        except IOError:
                            conn_host = False

            self.result_value += str({
                'essid': ap_values['essid'],
                'bssid': ap_values['bssid'],
                'inject_T': ap_values['inject_T'],
                'fake_auth_T': ap_values['fake_auth_T'],
                'arp_req_T': ap_values['arp_req_T'],
                'key': ap_values['key'],
                'public_ip': public_ip,
                'conn_host_info': conn_host
            }) + ", "
            ap_crack.stop()

        self.result_value = str(self.result_value[:-2]) + ']'
Example #4
0
class _auto_pentest(Process):
    def __init__(self, iface, option, result):
        self.option = option
        super(_auto_pentest, self).__init__()
        self.time = int(self.option['timeout']) * 60
        self.iface = iface
        self.conn_host_info = self.option['conn_host_info']
        self.public_ip_get = self.option['public_ip_info']
        self.brute_min_len = self.option['bruteforce_minlength']
        self.brute_max_len = self.option['bruteforce_maxlength']
        self.brute_number = self.option['bruteforce_number']
        self.brute_space = self.option['bruteforce_space']
        self.brute_special = self.option['bruteforce_special']
        self.brute_string = self.option['bruteforce_strings']
        self.dict_password = self.option['dictionary_password']
        self.dict_user = self.option['dictionary_user']
        self.result_value = None
        self.result = result
        self.apcrack = None
        signal.signal(signal.SIGTERM, signal_handler)
        global G_PEN
        G_PEN = self

    def run(self):
        time = int(self.time) / int(len(self.option['aplist']))
        if self.dict_password:
            pass
        else:
            self.create_brtue_text()

        r = Reader()  # Reader class in airodump module
        nets = r.get_sorted_networks()
        for i in xrange(0, len(self.option['aplist'])):
            channel = self.option['aplist'][i]['channel']
            bssid = self.option['aplist'][i]['bssid']
            # Get the essid match the encoding format that AP is broadcast.
            for k in range(0, len(nets)):
                if nets[k]['bssid'] == bssid:
                    essid = nets[k]['essid']
                    break
            enc_type = self.option['aplist'][i]['enc_type']
            public_ip = False
            conn_host = False
            if essid == '':
                print '[!!] Can not connect without ESSID'
                continue
            self.apcrack = Attack(self.iface,
                                  channel,
                                  bssid,
                                  essid,
                                  enc_type,
                                  timeout=time)
            print "[*] ATTACK START"
            self.apcrack.run()
            print "[*] ATTACK END"
            ap_values = self.apcrack.get_value()

            if ap_values['key']:  # Found Key
                retval, public_ip, conn_host = network.get_ap_info(
                    essid, channel, enc_type, ap_values['key'], self.iface,
                    self.public_ip_get, self.conn_host_info)

                self.result_value = {
                    'essid': ap_values['essid'],
                    'bssid': ap_values['bssid'],
                    'inject_T': ap_values['inject_T'],
                    'fake_auth_T': ap_values['fake_auth_T'],
                    'arp_req_T': ap_values['arp_req_T'],
                    'key': ap_values['key'],
                    'public_ip': public_ip,
                    'conn_host_info': conn_host
                }
                self.result.put(self.result_value)
                print self.result
            self.apcrack.stop()
            self.apcrack = None

    def create_brtue_text(self):
        text = brute_force.brute_text_create(
            min_length=int(self.brute_min_len),
            max_length=int(self.brute_max_len),
            letters=bool(self.brute_string),
            numbers=bool(self.brute_number),
            symbols=bool(self.brute_special),
            spaces=bool(self.brute_space))

        f = open('./dict/password.lst', 'w')
        for t in text:  # Performance improvement needs.
            f.write(t + '\n')
        f.close()
Example #5
0
class _auto_pentest(Process):
    def __init__(self, iface, option, result):
        self.option = option
        super(_auto_pentest, self).__init__()
        self.time = int(self.option['timeout']) * 60
        self.iface = iface
        self.conn_host_info = self.option['conn_host_info']
        self.public_ip_get  = self.option['public_ip_info']
        self.brute_min_len  = self.option['bruteforce_minlength']
        self.brute_max_len  = self.option['bruteforce_maxlength']
        self.brute_number   = self.option['bruteforce_number']
        self.brute_space    = self.option['bruteforce_space']
        self.brute_special  = self.option['bruteforce_special']
        self.brute_string   = self.option['bruteforce_strings']
        self.dict_password  = self.option['dictionary_password']
        self.dict_user      = self.option['dictionary_user']
        self.result_value   = None
        self.result = result
        self.apcrack = None
        signal.signal(signal.SIGTERM, signal_handler)
        global G_PEN
        G_PEN = self


    def run(self):
        time = int(self.time) / int(len(self.option['aplist']))
        if self.dict_password:
            pass
        else:
            self.create_brtue_text()

        r = Reader() # Reader class in airodump module
        nets = r.get_sorted_networks()
        for i in xrange(0, len(self.option['aplist'])):
            channel     = self.option['aplist'][i]['channel']
            bssid       = self.option['aplist'][i]['bssid']
            # Get the essid match the encoding format that AP is broadcast.
            for k in range(0, len(nets)):
                if nets[k]['bssid'] == bssid:
                    essid = nets[k]['essid']
                    break
            enc_type    = self.option['aplist'][i]['enc_type']
            public_ip   = False
            conn_host   = False
            if essid == '':
                print '[!!] Can not connect without ESSID'
                continue
            self.apcrack    = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time)
            print "[*] ATTACK START"
            self.apcrack.run()
            print "[*] ATTACK END"
            ap_values = self.apcrack.get_value()

            if ap_values['key']: # Found Key
                retval, public_ip, conn_host = network.get_ap_info(essid, channel, enc_type, ap_values['key'], self.iface, self.public_ip_get, self.conn_host_info)

                self.result_value = {'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'],
                                'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'],
                                'public_ip': public_ip, 'conn_host_info': conn_host}
                self.result.put(self.result_value)
                print self.result
            self.apcrack.stop()
            self.apcrack = None


    def create_brtue_text(self):
        text = brute_force.brute_text_create(min_length=int(self.brute_min_len),
                                      max_length=int(self.brute_max_len),
                                      letters=bool(self.brute_string),
                                      numbers=bool(self.brute_number),
                                      symbols=bool(self.brute_special),
                                      spaces=bool(self.brute_space))

        f = open('./dict/password.lst', 'w')
        for t in text:      # Performance improvement needs.
            f.write(t + '\n')
        f.close()