Wifite (An automated wireless attack tool)

Posted by on

Wifite is one of the great penetration testing tool for cracking wireless devices. It is written in python. Wifite is for linux systems only. It uses the common wireless attack tools(aircrack-ng, pyrite, reaver) and enhances the speed of cracking passwords. With this tool, you can test the strength of passwords in your wireless devices and make your devices more secure.

What do we need to run wifite ?

  • A linux system
  • Python 2
  • Aircrack-ng
  • Standard linux programs(iwconfig, ifconfig, which, iw)

You may also have these extra packages:

  • Reaver
  • pyrit
  • tshark
  • cowpatty

Cracking wireless/wifi passwords with wifite

  1. Download _wifite.py_ from here
    wget -O wifite.py https://github.com/derv82/wifite/raw/master/wifite.py
  2. Make it an executable:
    chmod +x wifite.py
  3. Now execute the script as root user:
    python wifite.py

Now, wifite will look for wireless cards attached to your machine and ask you to select card if more than one card is available.

Now, it will capture all the wireless networks available around you and display all until you press Ctrl+C . Now, when your wireless/wifi to be cracked is displayed, Press Ctrl+C and enter the NUM(number) value of the the wifi to be cracked and press Enter .

Now, wait until it cracks out the password and displays on the screen.

How it works ?

First, it disables the monitor mode of the wireless device using _airmon-ng_ so that it can anonymize the MAC address then uses get_iface() method to retrieve the new interface's name.

Now, using _airodump-ng_ it captures the available wireless access points and returns user selection.

Now, the attack os decided through the kind of password interface of the access point. WPA attack is handled by WPAAttack class, WPS attack is handled by WPSAttack class and WEP by WEPAttack.

In WPS attack, first pixie-dust attack is tried if it fails then WPS pin attack along with brute-force attack is tried.

In WPA attack, _airodump-ng_ is used capture the target and during the capture deauthentication packets are send to the target until a handshake is captuted.

In WEP attack, _airodump-ng_ is used to capture packets and a fake authentication is tried with the target, then _aircrack-ng_ is used to crack the key.

For more info, have a look at the Readme.md at https://github.com/derv82/wifite

Join our telegram channel
Back to home page

Comments

Post a Comment