Network PenTest Wireless

wifite2 v2.2.5 release: new version of the popular wireless network auditor, “wifite”

do son September 4, 2018 No Comments wifite2

Wifite 2

A complete re-write of wifite, a Python script for auditing wireless networks.

What’s new?

  • Fewer bugs
    • Cleaner process management. Does not leave processes running in the background (the old wifite was bad about this).
    • No longer “one monolithic script”. Has working unit tests. Pull requests are less-painful!
  • Speed
    • Target access points are refreshed every second instead of every 5 seconds.
  • Accuracy
    • Displays real-time Power level of the currently-attacked target.
    • Displays more information during an attack (e.g. % during WEP chopchop attacks, Pixie-Dust step index, etc)
  • Educational
    • The --verbose option (expandable to -vv or -vvv) shows which commands are executed & the output of those commands.
    • This can help debug why Wifite is not working for you. Or so you can learn how these tools are used.
  • Actively developed (as of March 2018).
  • Python 3 support.
  • Sweet new ASCII banner.

What’s gone in Wifite2?

  • No more WPS PIN attack, because it can take days on-average.
    • However, the Pixie-Dust attack is still an option.
  • Some command-line arguments (--wept--wpst, and other confusing switches).
    • You can still access some of these, try ./Wifite.py -h -v

What’s not new?

  • (Mostly) Backward compatible with the original wifite‘s arguments.
  • Same text-based interface everyone knows and loves.

Full Feature List

  • Reaver (or -bully) Pixie-Dust attack (enabled-by-default, force with: --wps-only)
  • WPA handshake capture (enabled by-default, force with: --no-wps)
  • Validates handshakes against pyrittsharkcowpatty, and aircrack-ng (when available)
  • Various WEP attacks (replay, chopchop, fragment, hirte, p0841, caffe-latte)
  • Automatically decloaks hidden access points while scanning or attacking.
    • Note: Only works when channel is fixed. Use the -c <channel> switch.
    • Disable this via --no-deauths switch
  • 5Ghz support for some wireless cards (via -5 switch).
    • Note: Some tools don’t play well on 5GHz channels (e.g. aireplay-ng)
  • Stores cracked passwords and handshakes to the current directory (--cracked)
    • Includes metadata about the access point.
  • Provides commands to crack captured WPA handshakes (--crack)
    • Includes all commands needed to crack using aircrack-ngjohnhashcat, or pyrit.

Support

Wifite2 is designed specifically for the latest version of Kali‘s rolling release (tested on Kali 2017.2, updated Jan 2018).

Other pen-testing distributions (such as BackBox) have outdated versions of these suites; these distributions are not supported.

Changelog

v2.2.5:

Previous timeout for PMKID capture was 15 seconds. This was increased to 30 seconds by default.

Users can specify the time to wait using –pmkid-timeout X where X is the number of seconds to wait.

Installing & Running

git clone https://github.com/derv82/wifite2.git
cd wifite2
./Wifite.py

 

Decloaking & cracking a hidden access point (via the WPA Handshake attack): Decloaking and Cracking a hidden access point

Cracking a weak WEP password (using the WEP Replay attack): Cracking a weak WEP password

Various cracking options (using --crack option): --crack option

Copyright (C) 2017 derv82

Source: https://github.com/derv82/

Share