GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → ph4r05 → kismet-deauth-wpa2-handshake-plugin

ph4r05 / kismet-deauth-wpa2-handshake-plugin

Licence: MIT license
Python plugin for Kismet to perform deauthentication to collect WPA2 handshakes

Programming Languages

python
139335 projects - #7 most used programming language

Labels

deauthwpa2wardrivingkismet-pluginwpa2-handshake

Projects that are alternatives of or similar to kismet-deauth-wpa2-handshake-plugin

Auto-Besside-Capturer
Capture WPA handshakes, using besside-ng. Auto upload to http://wpa-sec.stanev.org for cracking the password.
Stars: ✭ 28 (-55.56%)
Mutual labels:  wpa2, wardriving, wpa2-handshake
WPA2-FritzBox-Pswd-Wordlist-Generator
This Script will produce all of the WPA2 Passwords used by various Router companies aswell as Fritzbox. All of these Passwords will be 16 Numbers in length. So it could get a bit large.
Stars: ✭ 22 (-65.08%)
Mutual labels:  wpa2, wpa2-handshake
refluxion
Refluxion -- MITM WPA attacks tool
Stars: ✭ 25 (-60.32%)
Mutual labels:  wpa2, wpa2-handshake
wifimitm
Wi-Fi Machine-in-the-Middle: Automation of MitM Attack on Wi-Fi Networks
Stars: ✭ 49 (-22.22%)
Mutual labels:  wpa2
warpi
"GUI" script running on a Raspberry Pi 4
Stars: ✭ 29 (-53.97%)
Mutual labels:  wardriving
Esp8266 deauther
Affordable WiFi hacking platform for testing and learning
Stars: ✭ 9,312 (+14680.95%)
Mutual labels:  deauth
wifi-deauther
A fully automatic wifi deauther coded in Python
Stars: ✭ 25 (-60.32%)
Mutual labels:  deauth
Bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
Stars: ✭ 10,735 (+16939.68%)
Mutual labels:  wpa2
Create ap
[NOT MAINTAINED] This script creates a NATed or Bridged WiFi Access Point.
Stars: ✭ 4,142 (+6474.6%)
Mutual labels:  wpa2
invasit-network
Automatizated bash script to invade WPA2 networks with wordlist method
Stars: ✭ 16 (-74.6%)
Mutual labels:  wpa2
kismon
A GUI client for kismet
Stars: ✭ 72 (+14.29%)
Mutual labels:  wardriving
Lscript
The LAZY script will make your life easier, and of course faster.
Stars: ✭ 3,056 (+4750.79%)
Mutual labels:  wpa2-handshake

Deauth plugin for Kismet

This basic Python plugin for Kismet runclient.py.

The main purpose of the plugin is to collect WPA handshakes by actively deauthenticating connected clients automatically.

The plugin communicates with Kismet server over the kismet protocol on TCP 2501. Its listening to BSSID, SSID, Client events and builds an internal database of interesting targets.

Once a client on interesting SSID is captured, it is enqueued to a priority queue for deauth. Another deauth thread scans the deauth queue and performs deauth & handshake collection.

Plugin is designed to use a different WiFi interface than kismet uses not to interfere with the scanning. Plugin starts airodump-ng on a given channel to capture the handshake, performs deauth and keeps collecting for next 10 seconds waiting for client to authenticate again.

The plugin is based on kismetclient repo. For more details take a look at the blog.

kismetclient

A Python client for the Kismet server protocol.

Start by creating a client:

from kismetclient import Client as KismetClient

address = ('127.0.0.1', 2501)
k = KismetClient(address)

Then register any desired builtin protocol handlers:

from kismetclient import handlers
k.register_handler('TRACKINFO', handlers.print_fields)

Create and register a custom protocol handler:

def handle_ssid(client, ssid, mac):
    print 'SSID spotted: "%s" with mac %s' % (ssid, mac)
k.register_handler('SSID', handle_ssid)

and call the listen() method in a loop:

while True:
    k.listen()

The listen() method will retrieve responses from the kismet server, parsing them, and calling registered handlers as appropriate.

kismetclient is agnostic about how you loop this call; choose a method that works well with the rest of your application's architecture. You could run it in a separate blocking thread that handles events by parsing them and pushing to a queue, or you could use gevent to avoid blocking during the socket read call.

A handler is a callable whose first argument is the client generating the message, with all other arguments named after kismet's protocol capabilities. A handler may specify just client and **fields parameters in order to get all fields for a message in the default order. In general, your handlers should be quick to run and not depend on other blocking code.

Handlers are registered by calling the register_handler method on the client. The first argument is the name of the protocol to handle, the second is the function to handle it. It is valid to register a handler for a protocol which is already handled - in this case the new handler overrides the old one.

Commands can be sent using client.cmd(cmd, *args):

k.cmd('ENABLE', protocol, fields)

The first argument is the kismet command name, followed by the command arguments.

A trivial example application is included in runclient.py. Reading the source is also likely to be helpful.

To discover which protocols and capabilities your kismet server supports, start the kismet server and use the interactive python shell:

>>> from kismetclient import Client
>>> k = Client()
>>> k.protocols.keys()
['CRITFAIL', 'ACK', 'PACKET', 'NETTAG', 'BTSCANDEV', 'CAPABILITY',
'SOURCE', 'COMMON', 'CLISRC', 'TRACKINFO', 'PROTOCOLS', 'BSSIDSRC',
'STATUS', 'WEPKEY', 'STRING', 'SPECTRUM', 'ERROR', 'CHANNEL', 'GPS',
'INFO', 'SSID', 'BSSID', 'PLUGIN', 'BATTERY', 'TERMINATE', 'REMOVE',
'ALERT', 'KISMET', 'CLIENT', 'TIME', 'CLITAG']
>>> k.protocols['GPS']
['lat', 'lon', 'alt', 'spd', 'heading', 'fix', 'satinfo', 'hdop',
'vdop', 'connected']

To discover Kismet commands, grep the Kismet source for RegisterClientCommand. At the time of this writing, this list included: CAPABILITY, ENABLE, REMOVE, SHUTDOWN, ADDTRACKERFILTER, ADDNETCLIFILTER, ADDNETTAG, DELNETTAG, ADDCLITAG, DELCLITAG, ADDSOURCE, DELSOURCE, RESTARTSOURCE, HOPSOURCE, and CHANSOURCE. For usage, consult the source or monitor an interactive session between the official client and server using wireshark.

This software is developed using Python 2.7 and the master branch of Kismet. It may also work on Python 2.6 and earlier versions of Kismet, but ymmv. Please open tickets for bugs using github.

Donating

This implementation is an open source. If you like the code or you do find it useful please feel free to donate to the author whatever amount you would like by clicking on the paypal button below. And if you don't feel like donating, that's OK too.

Bitcoin:

19MNw2vgnvymQK66AUEtCDpR3UPjnenqwj
19MNw2vgnvymQK66AUEtCDpR3UPjnenqwj

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].