def run(self):
time = int(self.time) / int(len(self.object['aplist']))
self.create_brtue_text()
for i in xrange(0, len(self.object['aplist'])):
channel = self.object['aplist'][i]['channel']
bssid = self.object['aplist'][i]['bssid']
essid = self.object['aplist'][i]['essid']
enc_type = self.object['aplist'][i]['enc_type']
ap_crack = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time)
public_ip = False
conn_host = False
ap_crack.run()
ap_values = ap_crack.get_value()
if ap_values['key']:
if network.set_new_connection(essid, ap_values['key'], self.iface):
if self.public_ip_get:
public_ip = network.myip()
if self.conn_host_info:
try:
conn_host = network.network_host_ip(self.iface)
except IOError:
conn_host = False
self.result_value += str({'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'],
'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'],
'public_ip': public_ip, 'conn_host_info': conn_host}) + ", "
ap_crack.stop()
self.result_value = str(self.result_value[:-2]) + ']'
def run(self):
time = int(self.time) / int(len(self.object['aplist']))
if self.dict_password:
pass
else:
self.create_brtue_text()
r = Reader() # Reader class in airodump module
nets = r.get_sorted_networks()
for i in xrange(0, len(self.object['aplist'])):
channel = self.object['aplist'][i]['channel']
bssid = self.object['aplist'][i]['bssid']
# Get the essid match the encoding format that AP is broadcast.
for k in range(0, len(nets)):
if nets[k]['bssid'] == bssid:
essid = nets[k]['essid']
break
enc_type = self.object['aplist'][i]['enc_type']
public_ip = False
conn_host = False
if essid == '':
print '[!!]Can not connect without ESSID'
continue
ap_crack = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time)
ap_crack.run()
ap_values = ap_crack.get_value()
if ap_values['key']: # Found Key
retval, public_ip, conn_host = network.get_ap_info(essid, bssid, enc_type, ap_values['key'], self.iface, self.public_ip_get, self.conn_host_info)
'''
print ap_values['key']
if network.set_new_connection(essid, bssid, ap_values['key'], self.iface, enc_type):
print 'connect network success'
if self.public_ip_get:
public_ip = network.myip()
print 'ip : '+public_ip
if self.conn_host_info:
try:
conn_host = network.network_host_ip(self.iface)
print 'conn host :'+ conn_host
except IOError:
conn_host = False
# Releqse Session
execute('iw dev '+self.iface+' disconnect')
execute('ifconfig '+self.iface+' down')
execute('dhcpcd -k '+ self.iface)
execute('killall wpa_supplicant')
else: # if 'set_new_connection' function return false
print '[!!] Failed to connect to AP '+ essid
'''
self.result_value += str({'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'],
'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'],
'public_ip': public_ip, 'conn_host_info': conn_host}) + ", "
ap_crack.stop()
self.result_value = str(self.result_value[:-2]) + ']'
def run(self):
time = int(self.time) / int(len(self.object['aplist']))
self.create_brtue_text()
for i in xrange(0, len(self.object['aplist'])):
channel = self.object['aplist'][i]['channel']
bssid = self.object['aplist'][i]['bssid']
essid = self.object['aplist'][i]['essid']
enc_type = self.object['aplist'][i]['enc_type']
ap_crack = Attack(self.iface,
channel,
bssid,
essid,
enc_type,
timeout=time)
public_ip = False
conn_host = False
ap_crack.run()
ap_values = ap_crack.get_value()
if ap_values['key']:
if network.set_new_connection(essid, ap_values['key'],
self.iface):
if self.public_ip_get:
public_ip = network.myip()
if self.conn_host_info:
try:
conn_host = network.network_host_ip(self.iface)
except IOError:
conn_host = False
self.result_value += str({
'essid': ap_values['essid'],
'bssid': ap_values['bssid'],
'inject_T': ap_values['inject_T'],
'fake_auth_T': ap_values['fake_auth_T'],
'arp_req_T': ap_values['arp_req_T'],
'key': ap_values['key'],
'public_ip': public_ip,
'conn_host_info': conn_host
}) + ", "
ap_crack.stop()
self.result_value = str(self.result_value[:-2]) + ']'
class _auto_pentest(Process):
def __init__(self, iface, option, result):
self.option = option
super(_auto_pentest, self).__init__()
self.time = int(self.option['timeout']) * 60
self.iface = iface
self.conn_host_info = self.option['conn_host_info']
self.public_ip_get = self.option['public_ip_info']
self.brute_min_len = self.option['bruteforce_minlength']
self.brute_max_len = self.option['bruteforce_maxlength']
self.brute_number = self.option['bruteforce_number']
self.brute_space = self.option['bruteforce_space']
self.brute_special = self.option['bruteforce_special']
self.brute_string = self.option['bruteforce_strings']
self.dict_password = self.option['dictionary_password']
self.dict_user = self.option['dictionary_user']
self.result_value = None
self.result = result
self.apcrack = None
signal.signal(signal.SIGTERM, signal_handler)
global G_PEN
G_PEN = self
def run(self):
time = int(self.time) / int(len(self.option['aplist']))
if self.dict_password:
pass
else:
self.create_brtue_text()
r = Reader() # Reader class in airodump module
nets = r.get_sorted_networks()
for i in xrange(0, len(self.option['aplist'])):
channel = self.option['aplist'][i]['channel']
bssid = self.option['aplist'][i]['bssid']
# Get the essid match the encoding format that AP is broadcast.
for k in range(0, len(nets)):
if nets[k]['bssid'] == bssid:
essid = nets[k]['essid']
break
enc_type = self.option['aplist'][i]['enc_type']
public_ip = False
conn_host = False
if essid == '':
print '[!!] Can not connect without ESSID'
continue
self.apcrack = Attack(self.iface,
channel,
bssid,
essid,
enc_type,
timeout=time)
print "[*] ATTACK START"
self.apcrack.run()
print "[*] ATTACK END"
ap_values = self.apcrack.get_value()
if ap_values['key']: # Found Key
retval, public_ip, conn_host = network.get_ap_info(
essid, channel, enc_type, ap_values['key'], self.iface,
self.public_ip_get, self.conn_host_info)
self.result_value = {
'essid': ap_values['essid'],
'bssid': ap_values['bssid'],
'inject_T': ap_values['inject_T'],
'fake_auth_T': ap_values['fake_auth_T'],
'arp_req_T': ap_values['arp_req_T'],
'key': ap_values['key'],
'public_ip': public_ip,
'conn_host_info': conn_host
}
self.result.put(self.result_value)
print self.result
self.apcrack.stop()
self.apcrack = None
def create_brtue_text(self):
text = brute_force.brute_text_create(
min_length=int(self.brute_min_len),
max_length=int(self.brute_max_len),
letters=bool(self.brute_string),
numbers=bool(self.brute_number),
symbols=bool(self.brute_special),
spaces=bool(self.brute_space))
f = open('./dict/password.lst', 'w')
for t in text: # Performance improvement needs.
f.write(t + '\n')
f.close()
class _auto_pentest(Process):
def __init__(self, iface, option, result):
self.option = option
super(_auto_pentest, self).__init__()
self.time = int(self.option['timeout']) * 60
self.iface = iface
self.conn_host_info = self.option['conn_host_info']
self.public_ip_get = self.option['public_ip_info']
self.brute_min_len = self.option['bruteforce_minlength']
self.brute_max_len = self.option['bruteforce_maxlength']
self.brute_number = self.option['bruteforce_number']
self.brute_space = self.option['bruteforce_space']
self.brute_special = self.option['bruteforce_special']
self.brute_string = self.option['bruteforce_strings']
self.dict_password = self.option['dictionary_password']
self.dict_user = self.option['dictionary_user']
self.result_value = None
self.result = result
self.apcrack = None
signal.signal(signal.SIGTERM, signal_handler)
global G_PEN
G_PEN = self
def run(self):
time = int(self.time) / int(len(self.option['aplist']))
if self.dict_password:
pass
else:
self.create_brtue_text()
r = Reader() # Reader class in airodump module
nets = r.get_sorted_networks()
for i in xrange(0, len(self.option['aplist'])):
channel = self.option['aplist'][i]['channel']
bssid = self.option['aplist'][i]['bssid']
# Get the essid match the encoding format that AP is broadcast.
for k in range(0, len(nets)):
if nets[k]['bssid'] == bssid:
essid = nets[k]['essid']
break
enc_type = self.option['aplist'][i]['enc_type']
public_ip = False
conn_host = False
if essid == '':
print '[!!] Can not connect without ESSID'
continue
self.apcrack = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time)
print "[*] ATTACK START"
self.apcrack.run()
print "[*] ATTACK END"
ap_values = self.apcrack.get_value()
if ap_values['key']: # Found Key
retval, public_ip, conn_host = network.get_ap_info(essid, channel, enc_type, ap_values['key'], self.iface, self.public_ip_get, self.conn_host_info)
self.result_value = {'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'],
'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'],
'public_ip': public_ip, 'conn_host_info': conn_host}
self.result.put(self.result_value)
print self.result
self.apcrack.stop()
self.apcrack = None
def create_brtue_text(self):
text = brute_force.brute_text_create(min_length=int(self.brute_min_len),
max_length=int(self.brute_max_len),
letters=bool(self.brute_string),
numbers=bool(self.brute_number),
symbols=bool(self.brute_special),
spaces=bool(self.brute_space))
f = open('./dict/password.lst', 'w')
for t in text: # Performance improvement needs.
f.write(t + '\n')
f.close()