wifite2 v2.2.5 release: new version of the popular wireless network auditor, “wifite”

by do son · Published September 4, 2018 · Updated September 4, 2018

Wifite 2

A complete re-write of wifite, a Python script for auditing wireless networks.

Fewer bugs
- Cleaner process management. Does not leave processes running in the background (the old wifite was bad about this).
- No longer “one monolithic script”. Has working unit tests. Pull requests are less-painful!
Speed
- Target access points are refreshed every second instead of every 5 seconds.
Accuracy
- Displays real-time Power level of the currently-attacked target.
- Displays more information during an attack (e.g. % during WEP chopchop attacks, Pixie-Dust step index, etc)
Educational
- The --verbose option (expandable to -vv or -vvv) shows which commands are executed & the output of those commands.
- This can help debug why Wifite is not working for you. Or so you can learn how these tools are used.
Actively developed (as of March 2018).
Python 3 support.
Sweet new ASCII banner.

No more WPS PIN attack, because it can take days on-average.
- However, the Pixie-Dust attack is still an option.
Some command-line arguments (--wept, --wpst, and other confusing switches).
- You can still access some of these, try ./Wifite.py -h -v

Reaver (or -bully) Pixie-Dust attack (enabled-by-default, force with: --wps-only)
WPA handshake capture (enabled by-default, force with: --no-wps)
Validates handshakes against pyrit, tshark, cowpatty, and aircrack-ng (when available)
Various WEP attacks (replay, chopchop, fragment, hirte, p0841, caffe-latte)
Automatically decloaks hidden access points while scanning or attacking.
- Note: Only works when channel is fixed. Use the -c <channel> switch.
- Disable this via --no-deauths switch
5Ghz support for some wireless cards (via -5 switch).
- Note: Some tools don’t play well on 5GHz channels (e.g. aireplay-ng)
Stores cracked passwords and handshakes to the current directory (--cracked)
- Includes metadata about the access point.
Provides commands to crack captured WPA handshakes (--crack)
- Includes all commands needed to crack using aircrack-ng, john, hashcat, or pyrit.

Wifite2 is designed specifically for the latest version of Kali‘s rolling release (tested on Kali 2017.2, updated Jan 2018).

Other pen-testing distributions (such as BackBox) have outdated versions of these suites; these distributions are not supported.

Previous timeout for PMKID capture was 15 seconds. This was increased to 30 seconds by default.

Users can specify the time to wait using –pmkid-timeout X where X is the number of seconds to wait.

git clone https://github.com/derv82/wifite2.git
cd wifite2
./Wifite.py

Decloaking & cracking a hidden access point (via the WPA Handshake attack):

Cracking a weak WEP password (using the WEP Replay attack):

Various cracking options (using --crack option):