PDA

View Full Version : airgeddon, a multi-use bash script for Linux systems to audit wireless networks



v1s1t0r
2017-03-04, 15:59
Hi all. Me and my collaborators are developing since about a year airgeddon, a GPL wireless pentesting tool.

https://github.com/v1s1t0r1sh3r3/airgeddon

I think it is mature enough to share it with you here. It has a lot of features (most important listed):

-Assisted Handshake capturing
-Wpa/wpa2 decrypting
-DoS
-Wps own pin database, bruteforce&dict attacks, Pixie Dust (all with reaver and bully)
-Evil Twin attacks on 5 different modes (captive portal, sniffing with sslstrip, sslstrip2+BeEF using bettercap, etc).
-Auto-updating (can be disabled).
-etc

Is already in 7 languages. It is compatible with a lot of linux distributions and of course with Kali since Kali 2.0 until now. Is already included in other distributions like BlackArch, Wifislax, ArchStrike repositories.

Take a look and don't hesitate to provide feedback! Thanks to all :)

mstrmnn
2017-03-05, 09:33
I love VMR-MDK-K2-2016R-011x9.sh (https://forums.kali.org/showthread.php?27264-VMR-MDK-K2-011x8-sh-for-Kali2-0) very much but I'm curious to give airgeddon a try. Sounds very promising. Thanks for sharing!

mmusket33
2017-03-06, 01:21
To: v1s1t0r

MTeams has not run airgeddon however we did do a audit of airgeddon.sh looking for things that concern us. For instance we liked the fact that you got beef working and that you had a nice WPS pin list. This being said MTeams could find no indication that mac codes of the user are being spoofed and that users are broadcasting their hardware mac. If MTeams is in error here please state.

Musket Teams

v1s1t0r
2017-03-06, 23:37
Yeah, The BSSID is already spoofed but the card on the LAN is not. I'm preparing v6.11 with auto-spoofing. Thank you for the suggestion, it will be implemented very soon.

v1s1t0r
2017-03-07, 20:48
Done... I put mac spoofing by default in all Evil Twin attacks. Anyway, is not very useful... I tested it in a lot of different Linux and in all of them the MAC appearing for the clients on the fake network was the cloned one... so is not too much useful. Anyway is done, will be on master branch very soon after a little bit more of testing.

Quest
2017-03-11, 09:23
Thanks for this v1s1t0r,

If you could eventually make it KL1 compatible that would be cool. Or tell me what I need to modify to make it run with KL1 1.1.0a (mon0).

Cheers!

mmusket33
2017-03-11, 09:56
To v1s1t0r

MTeams suggests that you spoof the mac for all the external operations like mdk3 reaver bully etc. This provides security for the user. As it stands now reaver for example is using the device mac during the attack.


To Quest

You can embed your airmon-ng as a function in the program and replace all the airmon-ng entries with the function name. You will have to set the device and monitor mon0 both in monitor mode to avoid a negative one issue.

If there are entries calling up the text data from ifconfig you may have to adjust. But that is case by case. There may be other small issues. Write us here in these forums if you have any questions or problems.. Examples of this are found in our latest varmacscan. You will find airmon-ng embedded as a function at the beginning of the program.


MTeams

v1s1t0r
2017-03-11, 10:10
Hi Quest, not sure to understand what is exactly "KL1 1.1.0a (mon0)". airgeddon is compatible with Kali since Kali 2.0 and higher/later. Not tested with previous versions (if that is KL1, not sure).

Regarding the "mon0". airgeddon use "airmon-ng" and if the system have "airmon-ng" and "airmon-zc" it uses "airmon-zc" in order to have the same behaviour in all systems. In Kali there is no "airmon-zc", so if you have for example a wireless card which its usual name is "wlan0", after putting it in monitor mode it changes to "wlan0mon" and you still have only one interface. It doesn't split it on two interfaces ("wlan0" and "mon0") like other scripts do. This "splitting", in airgeddon is only done on Evil Twin attacks in order to create fake AP with hostapd (which requires managed mode to put it on master mode) and to launch DoS (which requires monitor), but all of this is handled automatically and internally. Regarding the Network Manager, airgeddon detects automatically the version and it do the usual "check kill" only if really needed. It is because is only needed for certain versions of Network Manager. On modern versions is not needed. airgeddon handles all of this stuff.

Could be amazing if somebody could interested in packaging airgeddon in a .deb file for Kali with its dendendencies (essential tools checked at the beginning in airgeddon) and as suggested packages the optional tools (which are already checked but not needed to run airgeddon, only used for certain features).

Thanks for your interest! :D

undersc0re
2017-03-11, 22:20
Fantastic work, works great for me so far!

MiAl
2017-04-01, 08:43
Hi! Thanks for the work you've done!

What do you think about to implement Mask attack without Hashcat? I mean aircrack + maskprocessor ( https://hashcat.net/wiki/doku.php?id=maskprocessor )

I have no necessary Hashcat dependencies (I suppose it is common problem now), but maskprocessor works fine for me.

v1s1t0r
2017-04-04, 22:16
Interesting... but at the moment I'm very busy with different tasks. Yesterday v6.12 went to master with some small fixes.

1. Finishing the wiki which is done at 95%. Now airgeddon have real documentation about installation, usage, requirements, compatibility, etc: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki

I'm working paralelly on v6.2 with docker support. I already set the automated build from github to dockerhub-dockercloud based on branch with different tags. It has docker detection to know if running inside the container or not and based on that, some things are customized to improve the experience.

There is other branch too (v7.0) I'm preparing with WEP attacks... yes, you read well... WEP. I decided belatedly to put these old legacy attacks in the script too... who knows! I did an all-in-one attack which launch "everything"... chop-chop, caffe-latte, hirte, fragmentation, fake auth, arp request replay, etc. Very handy I think :)

I'll keep you updated if you want!

mstrmnn
2017-04-05, 08:17
Thanks again, great work! Keep us updated, please!

JackBauer
2017-04-05, 14:02
Would you mind to (quickly) explain how the feature "Captive portal with DNS blackhole to capture wifi passwords" works?
Does it expect the "victim" to input the WPA password into a fake web page?

v1s1t0r
2017-04-05, 21:47
Yeah, it generate a fake cloned AP. Then kick using DoS the clients from the legitimate AP, open a DHCP server. Create a DNS blackhole with dnsspoof to redirect everything to the captive portal which is a "neutral" webpage. You can set the language of captive portal between the 7 languages supported. This attack of course is focused on n00b users, but believe me... it works much more than you can imagine...

The "victim experience" is something like this:

1. Ohh, I can't surf the web <- because of DoS
2. Here are different options... some n00b users just think. I'll try later... and that's all. You must keep with everything set up waiting and waiting. Anyway, if the user has a really need to use internet, he/she probably will try to touch everything with the hope of get it working... some of his/her steps could be to search again for wireless networks.
3. At this point, the user can click on the fake network without think anything strange... or maybe he/she can see the "duplicated" network... maybe can think, this is quite strange and anyway click on fake network. If click on legitimate network, the DoS will kick him/her again... and maybe finally because of desperation can click into the trap. Maybe is a smart user and never is going to be tricked... who knows! but believe me... standard users doesn't know anything about any of this. They only want internet working.
4.After entering into the fake network, airgeddon have a "control window" on which you can check connected clients (ip, mac and hostname). So you can see the effectiveness of the trap. Once in the network airgeddon have all iptables stuff and everything ready with the captive portal web. You must do anything... only wait, like when you go fishing :p . The user will see a "neutral" web page saying something like "Enter your wireless network password to get internet access". If it fails... you can check in airgeddon's control window the failed attempts with the captured bad passwords. If the user put the right password, everything is going to be killed (all processes and windows) leaving the right password on windows and saving it into the path you put before while setting the attack. The user will reconnect automatically in a few seconds to the legitimate network (there is no DoS) and now he/she can surf... so he/she will think: "aha! I fixed it!".

Anyway the best is to try the attack and test it with your own network to check the behavior.

Edit: after posting... I saw videos on youtube about airgeddon... nice! it seems somebody put a video using evil twin... but it seems in the video only set the trap, no clients connect, the video ends at that point.

MiAl
2017-04-07, 05:01
v1s1t0r, did you see the news about hashcat? https://hashcat.net/forum/thread-6273.html

TL;NR

.hccap format is deprecated now. We should use .hccapx file format.
And atom developed the new utility cap2hccapx ( https://github.com/hashcat/hashcat-utils ) for conversion to the new format. So far as airgeddon uses hashcat, you need to keep these changes in mind.

v1s1t0r
2017-04-16, 01:23
airgeddon updated, v6.2 now on master with Docker support. Automated builds on Dockerhub (https://hub.docker.com/r/v1s1t0r1sh3r3/airgeddon/) with automatic image tagging based on branch.

New wiki for all airgeddon's documentation. Available at: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki

Kali deb package added too: https://github.com/v1s1t0r1sh3r3/airgeddon/tree/master/binaries/kali. Now you can install airgeddon on Kali downloading .deb file and using dpkg.

undersc0re
2017-04-17, 03:24
I have the i5-6200 with built in graphics 520, I figured I would give it a shot installing the opencl and see if hashcat would run faster cracking the wpa handshake than the aircrack. 1900 k/s seems so slow via the cpu, is it possible or even worth trying? I keep getting errors and I assume its totally not compatible with hashcat, I assume I would actually have to use a seperate graphics card or cards, other than that this airgeddon seems to be pretty smooth! Loving it.

pamamolf
2017-04-25, 13:52
WEP attacks will be good :)

undersc0re
2017-05-01, 19:36
I guess hashcat has been updated a while ago, this script seems to deal with the old file format and I have updated hashcat lately, is there a way to get this script to deal with the new version or would a guy have to install the old version of hashcat? Yes I am lazy and love this airgeddon script lol.

hashcat (v3.5.0) starting...

clGetDeviceIDs(): CL_DEVICE_NOT_FOUND

OpenCL Platform #1: Mesa, skipped or no OpenCL compatible devices found.

OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #1: Intel(R) HD Graphics, skipped.
* Device #2: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz, 1929/7716 MB allocatable, 4MCU

/tmp/hctmp.hccap: Old hccap format detected! You need to update: https://hashcat.net/q/hccapx

Started: Mon May 1 12:26:02 2017
Stopped: Mon May 1 12:26:02 2017
Press [Enter] key to continue...

v1s1t0r
2017-05-04, 09:27
that problem is not related to airgeddon.

airgeddon is already able to handle outputs of v2.0 and the new v3.x . I mean it supports fully haschat, but your problem is related to required OpenCL drivers to work with hashcat. You must do some tests to get it working before using it on airgeddon.

I'm not an expert of hashcat and for sure on hashcat's forum you'll get better answers but first you must be able to do "hashcat -b" for benchmark without any errors and then you'll be able to use it on airgeddon.

v1s1t0r
2017-05-07, 22:14
Hey, I released at last airgeddon v7.0 with WEP support performing an "All-in-One" attack against WEP networks. Very handy! ;) I'll keep developing and informing!

geodude9537
2017-05-29, 18:43
Hey, I released at last airgeddon v7.0 with WEP support performing an "All-in-One" attack against WEP networks. Very handy! ;) I'll keep developing and informing!
Where is the best place to download this????
and thanks for all the hard work you do!

v1s1t0r
2017-05-29, 19:45
You can download it from here: https://github.com/v1s1t0r1sh3r3/airgeddon

Follow the instructions to download and install it. They are on wiki at Installation & Usage section: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Installation%20&%20Usage

At the bottom, there are a special metion for Kali Linux users because there is a very easy to install .deb package. You will see the last version now is 7.02.

Regards.

donThomaso
2017-05-30, 19:11
Hi, I tried to run Airgeddon with the latest Nethunter on a nexus 10 but it thinks my network card is a non wifi card, tried a bunch of them. so is this script compatible with Nethunter or is there an easy fix for it?

v1s1t0r
2017-05-30, 20:42
No, sorry, I don't think so... because airgeddon needs xterm to open windows for attacks. so you need a X Window system running to connect. If you want to run it on Android, you can do it using "Linux Deploy" app installing for example a Kali Linux image. There you have a X window system and you can connect to it by VNC. Maybe a problem with this other configuration could be how to connect hardware to that linux (I didn't tested it). Not sure if using a OTG cable with an external USB wireless device could be an option.

donThomaso
2017-05-31, 07:27
No, sorry, I don't think so... because airgeddon needs xterm to open windows for attacks. so you need a X Window system running to connect. If you want to run it on Android, you can do it using "Linux Deploy" app installing for example a Kali Linux image. There you have a X window system and you can connect to it by VNC. Maybe a problem with this other configuration could be how to connect hardware to that linux (I didn't tested it). Not sure if using a OTG cable with an external USB wireless device could be an option.

Ok, Thanks. I will try it some day but i have a feeling that the network card will still show up *** non wifi

donThomaso
2017-06-01, 15:48
its the same in linuxdeploy :(

geodude9537
2017-06-01, 21:22
You can download it from here: https://github.com/v1s1t0r1sh3r3/airgeddon

Follow the instructions to download and install it. They are on wiki at Installation & Usage section: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Installation%20&%20Usage

At the bottom, there are a special metion for Kali Linux users because there is a very easy to install .deb package. You will see the last version now is 7.02.

Regards.

always glad to see a nice answer instead of harassing me for not reading and looking everywhere before asking,

v1s1t0r
2017-06-02, 23:50
Version 7.1 released. See the changelog here:
https://github.com/v1s1t0r1sh3r3/airgeddon/blob/master/CHANGELOG.md

Oh my god! I re-read again the entire thread... and sorry undersc0re... you were right!! my mistake. I read your post about hashcat very quickly first time and I thought it was the "normal" error regarding the opencl drivers... but I didn't saw this:


Old hccap format detected! You need to update...

Sorry for that. You are right, hashcat has been updated and now instead of hccap format a new one hccapx is needed. And you MiAl were right too...

First time I saw hashcat 3.0 I fixed the opencl drivers and I updated the line command and the output parsing based on a hashcat version detection (old style for hashcat 2.x and new for 3.0)... but it seems in newer versions this mandatory format change for capture file was introduced.

Now I have a hashcat 3.5 fully working and I can do the needed tests... but the problem is I don't know exactly were this mandatory changed was introduced. I know it wasn't at 3.0 but not sure if maybe was at 3.20 or maybe at 3.30. Does anybody know exactly when was introduced? I need to know that exactly in order to detect version and then do the change or not to make airgeddon compatible with all versions... can anybody help with this? thank you.

undersc0re
2017-06-03, 00:58
Version 7.1 released. See the changelog here:
https://github.com/v1s1t0r1sh3r3/airgeddon/blob/master/CHANGELOG.md

Oh my god! I re-read again the entire thread... and sorry undersc0re... you were right!! my mistake. I read your post about hashcat very quickly first time and I thought it was the "normal" error regarding the opencl drivers... but I didn't saw this:



Sorry for that. You are right, hashcat has been updated and now instead of hccap format a new one hccapx is needed. And you MiAl were right too...

First time I saw hashcat 3.0 I fixed the opencl drivers and I updated the line command and the output parsing based on a hashcat version detection (old style for hashcat 2.x and new for 3.0)... but it seems in newer versions this mandatory format change for capture file was introduced.

Now I have a hashcat 3.5 fully working and I can do the needed tests... but the problem is I don't know exactly were this mandatory changed was introduced. I know it wasn't at 3.0 but not sure if maybe was at 3.20 or maybe at 3.30. Does anybody know exactly when was introduced? I need to know that exactly in order to detect version and then do the change or not to make airgeddon compatible with all versions... can anybody help with this? thank you.

Looks like they added support for it in version 3.30 from what I can tell. https://github.com/hashcat/hashcat/blob/master/docs/changes.txt#L111

v1s1t0r
2017-06-03, 10:26
Thanks for the info... but on that link it says:


changes v3.30 -> v3.40:

So I guess the mandatory change is from 3.40 version and I think on 3.30 we can still use old format. Can anybody corroborate this info? Thank you.

kcdtv
2017-06-03, 13:24
* The first version that uses the new hccapx format is hashcat v 3.40-rc4
* The first version of hashcat-utils to have the tool to convert form cap to hccapx (cap2hccapx) is version 1.40
https://www.wifi-libre.com/topic-783-que-ventajas-trae-el-nuevo-formato-hccapx-para-crack-con-hashcat.html
Version 3.30 will not handle the hew format and will work with hccap

v1s1t0r
2017-06-03, 23:57
Thank you for the info. Done! I already implemented all the necessary to work on all hashcat versions :) It includes version detection, and hccap to hccapx conversion if needed (v3.40+). And of course is retro-compatible with hashcat 2 too. Everything is done on "dev" brach https://github.com/v1s1t0r1sh3r3/airgeddon/tree/dev for next v7.11 but I'm not going to pass it to master very soon because I need more testing and I'm going to implement more things for that version.

Feel free to download it from github and test the changes if you want.

Thanks again to all for the info.

MiAl
2017-06-14, 06:37
v1s1t0r, after exploring for targets, when a user are prompted to select a target, he cannot cancel the process. For instance, I was going to capture handshakes, but I changed my mind and I want to perform another attack or just I don’t see interesting networks. In this case, I can only press CTRL+C, but the script would quit.

Can you implement, if a user inputs 0 (or empty line), he is dropped to the main menu?

undersc0re
2017-06-14, 12:00
I would like to throw a request out here as well, when running aircrack on a cap file it would be cool to pause or exit and continue later, or just exit from the process and stay within the script. I quit the process once by closing the window, but it kept running in the background somehow, I guess I incorrectly exited the program and my cpu kept on working hard as if it were still running.

v1s1t0r
2017-06-17, 09:07
MiAl... hmmmnnn.... the 0 input to get back... this maybe.

undersc0re... in the middle of an aircrack decryption attack you can press ctrl+c and the attack will stop, airgeddon will prompt you to get out of script, then press n and you'll get back into airgeddon with the attack stopped.

dmatrix
2017-06-26, 21:14
Hi v1s1t0r, I wanted to use the GPU + CPU for handshakes, in future version I can?
thanks.

v1s1t0r
2017-06-26, 21:57
Maybe in the future... at the moment I don't have hardware to test GPU :(

5uk1
2017-07-18, 01:44
Great work guys i love this.

dmatrix
2017-07-22, 18:09
Why does not Hashcat continue?

Começando a descriptografar. Uma vez iniciado, pressione [Ctrl+C] para parar...
Pressione a tecla [Enter] para continuar...
hashcat (pull/1273/head) starting...

OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 780 Ti, skipped.

OpenCL Platform #2: The pocl project
====================================
* Device #2: pthread-AMD FX(tm)-4170 Quad-Core Processor, 9994/9994 MB allocatable, 4MCU

Hashes: 4 digests; 2 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Single-Salt
* Brute-Force
* Slow-Hash-SIMD

Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger disabled.

* Device #2: build_opts '-I /usr/share/hashcat/OpenCL -D VENDOR_ID=64 -D CUDA_ARCH=0 -D VECT_SIZE=4 -D DEVICE_TYPE=2 -D DGST_R0=0 -D DGST_R1=1 -D DGST_R2=2 -D DGST_R3=3 -D DGST_ELEM=4 -D KERN_TYPE=2500 -D _unroll -cl-std=CL1.2'
- Device #2: autotuned kernel-accel to 160
- Device #2: autotuned kernel-loops to 204
Cracking performance lower than expected? Append -w 3 to the commandline.

[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit =>

v1s1t0r
2017-07-25, 21:14
It seems there is no error there... the hashcat is starting as normal and is doing its task. You can press "s" key to watch the process. Everything seems normal there. No errors shown, so let it make the work.

Did you tried hashcat without airgeddon? I mean, first, be sure if it is working. Try "hashcat -b --force" to see if it works on "-b" (benchmark) option.

dmatrix
2017-08-05, 12:23
hi v1s1t0r, The Deb package airgeddon_7.11-1_all.deb is in erro.
I downloaded of the link https://github.com/v1s1t0r1sh3r3/airgeddon/blob/master/binaries/kali/airgeddon_7.11-1_all.deb
I installed with dpkg -i airgeddon_7.11-1_all.deb in New installation of Kali
root@kali:/usr/local/bin# airgeddon
/usr/local/bin/airgeddon: line 1252: unexpected EOF while looking for matching `)'
/usr/local/bin/airgeddon: line 1253: erro de sintaxe: fim prematuro do arquivo

I installed old package airgeddon_7.1-1_all.deb work

v1s1t0r
2017-08-06, 15:40
Thank you for your report dmatrix. It's fixed now.

Anyway, v7.2 is incoming very soon. I hope someday to see airgeddon available on kali repositories to avoid this kind of problems :D

geodude9537
2017-08-07, 00:40
i downloaded it and installed
it yesterday about noon, worked great first time no problem, thanks for the hard work V1s1T0r.

v1s1t0r
2017-09-17, 22:57
Hi there. New airgeddon version 7.21 released. It has translation to italian and some more small changes. Now I'm adding more wps pins for next version and I'll see if I can add Arcadyan pin generation algorithm.

Cheers!

dmatrix
2017-09-29, 01:12
Please v1s1t0r, could change Bully attack to sequential (-S --sequential) for next version airgeddon. thanks.

v1s1t0r
2017-09-29, 11:32
dmatrix, on which attack? do you mean on brute force I guess. Right? In that case it makes sense. I can add it for the next release.

dmatrix
2017-09-29, 23:49
Yes v1s1t0r, bruce force attack is random PIN. thanks.

v1s1t0r
2017-09-30, 01:21
Done. It will be for the next 7.22 version.

undersc0re
2017-10-03, 19:40
I try to use the script to capture a handshake from a network that is 5G and it seems like when I try this option with my awus036ach card the first window pops up where it is deauthing and then that second window never pops up where it begins capturing handshake and then that first window just closes and nothing...might be my drivers for the awus036ach card causing havoc. It works fine to death and capture packets on the non 5G router. I am sure this has nothing to do with this actual script, I will try the manual way when I get a chance as I had a hard time getting a good cap file with this card to begin with. Also with the awus036ach I have to enable monitor mode manually for this script.

Is anyone else having good luck with the awus036ach card with this script?

v1s1t0r
2017-10-04, 07:27
Yeah, it seems more a driver problem. Sorry, I don't have that model to test. Try to launch the commands out of airgeddon. You'll probably get the same result. The command for the capture is simple: airodump-ng -c "${channel}" -d "${bssid}" -w "${tmpdir}handshake" "${interface}"

Regarding more news on airgeddon... on new 7.22 version the new Arcadyan PIN generation algorithm was implemented. It has a 100% of effectiveness on Orange-XXXX networks (very common in some countries like Spain for example). Another new submenu for WPS was added to calculate PINs offline using the different implemented algorithms. Everything is ready but I must wait for some translations... if anybody wants to test it, can be downloaded on "dev" branch using this command: git clone -b dev https://github.com/v1s1t0r1sh3r3/airgeddon

v1s1t0r
2017-10-14, 09:24
v7.22 released. This is the changelog:https://github.com/v1s1t0r1sh3r3/airgeddon/blob/master/CHANGELOG.md

New features, a PIN can be generated using any integrated algorithm for a target. This also can be done offline, without launching any attack. And the PIN database can be queried to search for PINs of a target too.

As we said before, the Arcadyan algorithm is fully integrated too (bye bye Orange-XXXX networks! xdd). Can anybody give some feedback about this?

donThomaso
2017-10-16, 09:54
any plans to implement the new wpa2 hack? https://www.krackattacks.com/

v1s1t0r
2017-10-16, 10:01
Sure! It is just awesome. As soon as the tool/s is/are released for sure! it will be integrated on airgeddon. :D

underscore88
2017-10-17, 00:43
Sure! It is just awesome. As soon as the tool/s is/are released for sure! it will be integrated on airgeddon. :D

Yeah it's awesome.. let's try a search all community/asking for picking it before the 90% of world get the patch ahah :)

v1s1t0r
2017-11-10, 06:49
Hi! I added a new feature on v7.23. Is what I called the DoS pursuit mode. Is more an Evil Twin feature than a DoS feature because is not only available at DoS submenu, it's also available on Evil Twin attacks and is fully integrated with them.

DoS pursuit mode consists in keep a background scanning to detect if target AP changed its channel. If a change is detected, airgeddon warns you and re-launch the attack over the new channel. In this way, the AP channel hopping is avoided. Many APs could have channel configured as "auto" and after a restart could get another different channel and your Evil Twin attack could be useless if you don't detect it in time. Now with this optional modification there is no escape. This increases the Evil Twin effectiveness. To perform it, airgeddon offers the possibility of enabling it on Evil Twin attacks. It warns you that to perform it, another additional wireless interface is required. Of course there is a new intermediate submenu for this interface selection with all validations, etc.

Probably it will pass to master at the end of this month. It's ready and tested but we should wait for translations, etc. If anybody wants to test it, it can be downloaded from "dev" branch of github (as always). git clone -b dev https://github.com/v1s1t0r1sh3r3/airgeddon.git

This is another feature no present on other scripts I think ;)

Now, starting to think about future v8.0 version... I want to add on it full 5ghz support.

v1s1t0r
2018-02-08, 11:29
Hello all. Version 8.0 of airgeddon is incoming. Full 5ghz support.

It's already done under testing now and waiting for some translations but it will be on master branch very soon. You can download now from dev branch. You know how... git clone -b dev https://github.com/v1s1t0r1sh3r3/airgeddon.git

It would be nice if somebody could test it. Thanks!

MiAl
2018-02-12, 09:25
Great job! Now it looks pretty completed.

I really love WPS PINs attack based on the most common PIN generation algorithms. It is powerful like Pixie Dust!

There are some missing dependencies in Kali Linux for airgeddon, to install them:


sudo apt update && sudo apt install bettercap lighttpd isc-dhcp-server hostapd

It would be great if one day you will implement automation of WPS PINs attacks.

Thanks a lot for continuous development!

v1s1t0r
2018-02-20, 07:19
v8.0 with 5ghz support released. WPS pin database also updated with a lot of new pins.

donThomaso
2018-04-13, 13:23
hi, I've installed you script on my raspberry pi 3 but i can't find hashcat for it. apt-get install hashcat says it's old and recommends hashcat-data. what attacks require hashcat? do i need some OpenCL for ARM for it to work?

v1s1t0r
2018-08-08, 22:45
Hi, 8.11 version is incoming, with some fixes, turkish translations and it will support airmon non compatible cards. Until v8.10 only cards compatible with airmon were able to be used. But for the next coming soon 8.11 version all cards that are able to be in monitor mode will be supported. Regards!

grid
2018-08-10, 19:28
Just got around to using airgeddon recently on a wireless test, was a great time-saver!

Many thanks, v1s1t0r, and all involved, for the work :)

Ramses2
2018-08-17, 08:44
Hi V1s1t0r,

Amazing program and really usefull. 1 question about the wireless adapter. I have the realthek and Atheros from Alfa. which adapter is best to use??

v1s1t0r
2018-08-19, 18:33
airgeddon v8.11 released. As I said, it has support for any wireless card able to be in monitor mode. Now it doesn't matter if it is not compatible to airmon. Thi version has Turkish translations and some fixes also.

Now started to work on a new branch for future v9.0 with WPA/WPA2 enterprise attacks.

@Ramses2, not sure if there is an universal answer for that. It depends of the driver. Personally I prefer Atheros but as I said, is hard to determine which is better.

undersc0re
2018-09-10, 21:06
Love your work and I have a request! Is it possible to implement the ability to extract the pmkid from a target and convert it to a hash in your project? Keep up the good work and thank you!

virvivir
2018-09-11, 03:33
can anybody give a walk through how to install hashcat on kali-pi, any feed will be appreciated, thx so much

mstrmnn
2018-09-11, 08:13
^^ https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_do_i_in stall_hashcat

(Bytheway: This thread here is not the right place to ask about hashcat ...)

v1s1t0r
2018-09-16, 06:32
Hi undersc0re, still waiting for a tool which simplifie all the process before implement it in airgeddon.

virvivir, I can't tell this 100% but I think hashcat can't be used in ARM devices.

mstrmnn
2018-09-16, 16:49
I can't tell this 100% but I think hashcat can't be used in ARM devices.
Oh, you're right: https://hashcat.net/forum/thread-2368.html

But: https://hashcat.net/forum/thread-7245-post-39849.html#pid39849

undersc0re
2018-10-02, 00:15
Hi undersc0re, still waiting for a tool which simplifie all the process before implement it in airgeddon.

virvivir, I can't tell this 100% but I think hashcat can't be used in ARM devices.

It looks like aircrack-ng has embraced it in 1.4 they have implemented pmkid now from what I can see!

v1s1t0r
2018-10-02, 06:06
Great news, if you are right it can be implemented in airgeddon with a version check based on that. If aircrack is version 1.4 the attack can be done. In that case, it is an interesting feature that will be added for sure for future versions.

v1s1t0r
2018-11-10, 09:48
v8.12 released with some minor changes. v9.0 is still under developing with the enterprise attacks stuff. Cheers!

wketty
2018-11-23, 13:32
Than you V1s1t0r, it was usefull

Amazing program and really useful and cool, waiting for the v9! Cheers!

v1s1t0r
2018-12-20, 08:57
Still developing enterprise attacks. Pretty close to finish them. It's taking more time because it is not the unique new stuff for that v9.0 . I finished a new options system based in bash fallback substitution vars. With this new system the users will be able to modify a lot of options from the menus, from a configuration file or directly using flags on the command line while launching airgeddon. From this new system a lot of stuff can be done: disable colors, disable the intro to skip flying saucer stuff, set dependencies check to silent mode, disable 5ghz, disable hints, disable autoupdates, etc... here is a link of the available options: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Options

The translators are working hard now. The idea is to release v9 on January. If someone wants to test it right now it can be done cloning "enterprise" branch. Regards!

dmatrix
2019-01-04, 17:47
could add in menu tools support for GPU development mode. For those who have Cuda / Opencl installed could use in Aircrack or Hashcat

Rabinhood
2019-01-21, 16:00
Fantastic script. I have a question: I lunch a script in a vnc terminal and the script don't start because there isn't a X graphic server. I can't use it in a vnc terminal session?

dmatrix
2019-01-22, 12:32
Fantastic script. I have a question: I lunch a script in a vnc terminal and the script don't start because there isn't a X graphic server. I can't use it in a vnc terminal session?

I had this problem in Linux Debian, resolved logged graph with root account

v1s1t0r
2019-01-29, 16:03
Hi all. At last, airgeddon v9.0 was released today. It took a lot of effort but it worths the time. A link to the changelog: https://github.com/v1s1t0r1sh3r3/airgeddon/blob/master/CHANGELOG.md


Started to work on 9.01.

undersc0re
2019-01-29, 18:09
Awesome, thanks for your hard work, appreciate it, and love using it!

v1s1t0r
2019-01-31, 12:11
Hey, I released today v9.01 as a quick fix. It seems there was some problems using Evil Twin attacks because of the latest iptables update... now iptables command is launching nftables and the old iptables is on iptables-legacy command. So... because of this I did a quick fix in order to get it working flawlessly on any environment. airgeddon is going to detect if you have nftables and will do the needed job etc etc... anyway, for sure in the next future I'll need to adapt iptables rules for the new nftables stuff.

Regards.

pamamolf
2019-03-01, 23:54
Hello

Thanks for your great script !

"for sure in the next future I'll need to adapt iptables rules for the new nftables stuff."

Any ETA for this?

v1s1t0r
2019-03-03, 10:25
Not yet because with the fix, now is going to work always... but for sure it will be done. If I receive some help it can be done very soon. I just need to "translate" all the iptables commands to the new nomenclature... These are the commands to translate. Any help is welcome:

Saving and restoring:
iptables-save > file
iptables-restore < file

Probably saving and restoring will be the same

Cleaning rules:
iptables -F
iptables -t nat -F
iptables -X
iptables -t nat -X

Cleaning stuff maybe will be unchanged (wild guess, didn't checked yet new nomenclature documentation)

Policy stuff:
iptables -P FORWARD ACCEPT

Some rules:
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.1.1:80
iptables -A INPUT -p tcp --destination-port 80 -j ACCEPT
iptables -A INPUT -p udp --destination-port 53 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000

NAT masquerading:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Icmp stuff:
iptables -A INPUT -p icmp --icmp-type 8 -s 192.168.1.0/255.255.255.0 -d 192.168.1.1/255.255.255.0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s 192.168.1.0/255.255.255.0 -d 192.168.1.1/255.255.255.0 -j DROP

That's all. For sure, airgeddon has more iptables rules... but most of them are "repeated" just with some different data (port or whatever)... but translating this I could adapt it to the new nftables. Any help? I have not too much time lately!

Thanks.

v1s1t0r
2019-03-09, 10:55
Done...@pamamolf, nftables integration is finished: https://github.com/v1s1t0r1sh3r3/airgeddon/pull/234

Now airgeddon detects if nft is present and if present is using it. If no nftables present it works as always using iptables... everything is done automatically. I even added a new option AIRGEDDON_FORCE_IPTABLES that can be set to true to force use of iptables instead of nftables if the user prefer that. It is documented as all options at wiki here: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Options

This is milestoned to be released on next 9.10 version. Anyway you can use and test it now cloning dev branch of the project (git clone -b dev <repo>).

Cheers.

v1s1t0r
2019-03-30, 12:13
airgeddon v9.10 was released today. Now mdk3 was replaced by mdk4 . It has now support for nftables.

We are working hard on v9.20 which will have support for tmux in order to avoid the requirement of a X window system. It will be able to be configured in options .airgeddonrc file and on some environments (headless servers) could be an interesting feature.

Cheers!

v1s1t0r
2019-04-12, 20:37
Sorry for reposting... but if there are not too much activity I'll inform anyway about new releases here...

v9.11 released with some fixes making airgeddon compatible with BeEF versions. It seems on new BeEF versions there are some modifications in the config file. Now airgeddon is able to detect BeEF version and perform the needed changes in order to make it work with all of them even with the coming soon 0.4.7.2 BeEF version which did not reached yet the Kali repositories. I added also a couple of minor fixes and now once airgeddon update, the new .airgeddonrc file containing options is also updated to add new possible options and to avoid possible warnings. In addition, airgeddon will save the customizations on this file to avoid overriding them on update, so user can keep safely their customizations.

Tmux support is already done in another branch (headless_tmux) and is now under beta testing. v9.20 will have this new feature which will allow us to launch airgeddon on headless (without X window system) environments. Very useful for old raspberry pi or similar resources limited devices.

Cheers!

smoothy
2019-04-15, 11:09
Appreciate the update and love your work. This is by far the funnest setup out there and super reliable, all it needs is PMKID if you can be bothered.

donThomaso
2019-05-05, 10:30
Hi, I'm trying the wps bruteforce but it only tries the same pin over and over.

v1s1t0r
2019-05-05, 10:36
@smoothy, yeah, that will be implemented for sure!

@donThomaso, What airgeddon version do you have? are you trying reaver or bully bruteforce?

donThomaso
2019-05-05, 13:24
@donThomaso, What airgeddon version do you have? are you trying reaver or bully bruteforce?

I have the latest stable, and at the moment I'm running a reaver bruteforce. it does go on to an new pin after a few hours i noticed but it tried like 3 pins in half a day

v1s1t0r
2019-05-05, 18:56
hhmm.... it works ok for me. I think it depends of the Access Point. But in anycase it not seems an airgeddon issue. Maybe you want to ask to the reaver staff at their github.

v1s1t0r
2019-05-25, 20:48
v9.20 with tmux support to be used in headless servers was released today. Happy hacking!

asmatadel
2019-06-15, 21:59
thanks for your hard work

derrikjeray
2019-06-23, 05:59
This being said MTeams could find no indication that mac codes of the user are being spoofed and that users are broadcasting their hardware mac.

v1s1t0r
2019-07-05, 18:45
Due the retiring of the mdk4 package from the Debian testing repos and from the Kali repos, we added a feature to use mdk3 backward compatibility. For the next v9.21 there will be a new option at options file (.airgeddonrc) called AIRGEDDON_MDK_VERSION with the default value mdk4 but it can be changed to mdk3 to use mdk3 instead.

Now working on the custom certificates creation for enterprise attacks which will released on v9.21 as well. Cheers!

dmatrix
2019-07-11, 12:25
I noticed that Pixiedust only works on routers with Ralink chipset
do you know why?

mkardo
2019-07-11, 23:04
I've also noticed that wps null attack works on all v***zon D-link 2750b

v1s1t0r
2019-07-12, 05:09
The WPS Pixie Dust vulnerability is based on the lack of randomness over the PRNG used to cipher the public key. This vulnerability is affecting only to some Access Points. It depends of the vendor's WPS implementation. Some APs are affected and others are not affected. Here you can find a list (maybe is not pretty much up-to-date) about different access points regarding this topic: https://docs.google.com/spreadsheets/d/1tSlbqVQ59kGn8hgmwcPTHUECQ3o9YhXR91A_p7Nnj5Y/edit?pli=1#gid=2048815923

Take a look at it if you want to check how many access points are affected. You'll see there there are more APs affected than the Ralink chipset based. Hope it helps.

v1s1t0r
2019-08-12, 21:15
Hi, v9.21 was released today with custom certificates creation for enterprise attacks, some fixes and the backwards compatibility for mdk (now mdk3 or mdk4 can be chosen). Happy hacking!

ea1kt
2019-08-14, 22:23
Hi, v9.21 is working fine for me. Good job!!
I woluld suggest the following order for the windows:

window1: select wlan
window2: get it into monitor mode
window3: scan for targets
window4: choose attack mode

On my computers window4 appears before window3. Is there some reason for this?

cold iron
2019-08-15, 16:48
Hi Only one problem, it the mode where it's looking for sites to use, I find very few site as compeared to airodump-ng start wlan0. Seems like it lacks power. Are there any switches to up it's pull in power?

v1s1t0r
2019-08-16, 07:58
Hi @ea1kt, what are you talking about exactly? which attack with 4 windows? what you are describing are not windows are the order of the actions to take. You can do your own action order choosing options on menus. What you want can be done doing that actions in the precise order.

@cold iron, what you mean with "mode where it's looking for sites to use" ?? Do you mean standard airodump-ng scanning? ok, airgeddon is using airodump-ng, so using it without using airgeddon is exactly the same. The power of your card is the same and that is not related to airgeddon. The unique difference using airgeddon's airodump-ng is that airgeddon is filtering out the unneeded networks depending of the menu on which you are launching it. For example, if you are on the WEP menu, on the scan only WEP networks will appear. If you are on Handshake capturing menu, only WPA/WPA2 networks will appear, etc. This may cause that inside airgeddon the results of the scan are less but is not true. They are the same but they are filtered in order to be useful.

Cheers!

cold iron
2019-08-20, 17:42
Hi, well I see a big difference between the to client screens, a lot less in the wpa screen and all them are missing are very close which seems odd. The close ones should show better.
Great program I must say, thanks

ea1kt
2019-08-20, 18:29
Hi, well I see a big difference between the to client screens, a lot less in the wpa screen and all them are missing are very close which seems odd. The close ones should show better.
Great program I must say, thanks

I don?t quite understand your msg. but let me say @V1s1t0r?s answer is right. I did?t know the scans were filtered as he explains in his answer to @cold iron. Now everything makes sense, and after reading carefully every option in airgeddon one can see there is more in the program than meets the eye at first sight.


Cheers and beers.

cold iron
2019-08-23, 17:07
Hi ea1kt..... I like the router part of the program, but the search for clients part picks up a lot less bbsid then the handshake one. That was what I was trying to say. Also the clients closes to me do not show up at all in the router search which seems odd but do in the hand shake window. Just wondering why.

ea1kt
2019-09-04, 12:31
Hi @v1s1t0r, i've stup airgeddon ona RPi3+ with Kali and testedit with an external wireless adapter: working OK.
If I use the internal card, when exploring for targets I get the following error msg:
Interface wlan0 selected. Mode: Monitor. Supported bands: 2.4Ghz, 5Ghz
Selected BSSID: E2:41:36:25:D3:00
Selected channel: 6
Selected ESSID: MOVISTAR_D300
Type of encryption: WPA2

Select an option from menu:
---------
0. Return to main menu
1. Select another network interface
2. Put interface in monitor mode
3. Put interface in managed mode
4. Explore for targets (monitor mode needed)
------------ (monitor mode needed for capturing) -------------
5. Capture Handshake
---------
6. Clean/optimize Handshake file
---------
*Hint* The natural order to proceed in this menu is usually: 1-Select wifi card 2-Put it in monitor mode 3-Select target network 4-Capture Handshake
---------
> 4

**************************** Exploring for targets *****************************
Exploring for targets option chosen (monitor mode needed)

Selected interface wlan0 is in monitor mode. Exploration can be performed

WPA/WPA2 filter enabled in scan. When started, press [Ctrl+C] to stop...
Press [Enter] key to continue...
airgeddon.sh: line 11619: /tmp/nws-01.csv: No such file or directory

(I get this same error with two different RPi's with different sd-cards). The internal card supports monitor mode and injection: working OK with the aircrack suite.
In the /temp folder there is a nws.csv file but no nws-01.csv file. Please, how can I tackle this?

v1s1t0r
2019-09-04, 14:47
@ea1kt that error is probably caused because it is trying to launch an xterm window and it seems you don't have a X windows system to connect to.

For that headless systems you can use tmux instead of xterm just modifying the AIRGEDDON_WINDOWS_HANDLING and setting it to "tmux" in .airgeddonrc options file. You can do it also from the options menu inside the application.

If you have a X windows system up and running and you are still getting that error using xterm, maybe you need to fix some kind of problem to access to it. Usually a simple xhosts + command do the trick.

v1s1t0r
2019-09-27, 06:16
v9.23 released . This release is a minor release. No major changes, just small fixes.

I don't want to spoil too much yet, but we are working in a new version (v10.0) with a major change. We are trying to create a plugins system on which the users will be able to perform custom modifications and will be able to develop easily some modifications to airgeddon. I'll give more details when it gets a more mature stage.

Cheers!

v1s1t0r
2019-10-06, 18:19
Hi, we are working hard on the next version. We are creating a plugins system! in order to let the community to create their own airgeddon customizations. It is ambitious but if finally we are able to do it, it will be awesome! Here is a link where we explain everything related to this with more detail: https://github.com/v1s1t0r1sh3r3/airgeddon/issues/308

We also created a Discord channel in order to help to the users. Here is the public invitation link: https://discord.gg/sQ9dgt9

Regards

v1s1t0r
2019-11-04, 15:26
Done!! new v10.0 airgeddon version with plugins system and other minor improvements was released!!

Changelog:



v10.0
- Added plugins system
- Added example plugin: Missing dependencies auto-installation for some distros (Kali, Parrot, BlackArch)
- Improvements for Evil Twin on captive portal detection for newer devices
- Missing 5GHz channels added
- Github pull request template added and issue templates updated
- Fixed error on hex2ascii conversion for some WEP passwords

Now the community will be able to develop their own airgeddon customizations easily... thanks to the function hooking system (prehook, override and posthook), we can choose the function we want to interact to and easily perform the needded modifications. More info at links:
https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Plugins%20System
https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Plugins%20Development

We also created a new wiki section "Plugins Hall of Fame" https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Plugins%20Hall%20of%20Fame where we will place external links to awesome plugins developed by the community.

Now the limits are only set by your imagination :D

Regards!

aaronouthier
2019-11-30, 15:08
Having a problem when putting a device into monitor mode:


Interface wlan1 selected. Mode: Managed. Supported bands: 2.4GHz, 5GHz

Select an option from menu:
...
I select option 2 to put into monitor mode.
Now, I get:


The inteface changed it's name while setting in monitor mode. Autoselected

Monitor mode now is set on enabled
Press any key to continue...

Interface enabled selected. Mode: (Non wifi card)
...

The interface name is not called "enabled", and it IS a wifi card.

This is occurring on a bare metal install (not a virtual machine) of Kali 2019.4, with all packages installed and up to date. By the way, the interface name has NOT changed, according to ifconfig. It is still wlan1 after being put into monitor mode!

My card is an alfa AWUS036ACH with official aircrack-ng dkms driver loaded.

What is going on?

v1s1t0r
2019-11-30, 18:10
Hi, I can say that the problems you are experiencing are problems of the driver because they are printing a very different output on iwconfig commands than the rest of the drivers for the rest of the cards.

So, all the Realtek chipsets RTL88xx like yours (RTL8812AU) are having problems using airgeddon due this different output. Anyway, don't worry! there are some workarounds for you:

Since the airgeddon v10.0 was released, there is a new awesome feature, a plugins system. Now users can develop their own custom stuff. More info here: airgeddon Plugins System (https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Plugins%20System). What is this useful for these kind of cards? because there is a plugin to handle that awful different behavior. You can find it here (https://github.com/OscarAkaElvis/airgeddon_realtek_chipset_fixer).

So using the plugin, you can work safely using that cards in airgeddon.

Anyway, check the list of the recommended and whitelisted cards: airgeddon Compatible Cards (https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Cards%20and%20Chipsets)

For the next v10.01 airgeddon will have removed use of ifconfig and iwconfig commands (they are deprecated). Instead, ip and iw commands are used... so for v10.01 the plugin will be no needed and you'll be able to use your card directly with airgeddon without any plugin because the problems were caused by the use of iwconfig. v10.01 is already developed but not released yet (just waiting for some translations before releasing it). If you want to use it now you can do a git clone of the "dev" branch: git clone -b dev https://github.com/v1s1t0r1sh3r3/airgeddon

Enjoy! :)

cold iron
2019-12-19, 16:18
Installed the new Kali and trying to install Airgaddon's missing tools. But I keep getting "unable to locate package" I am using the same command as before but not working.
I know this may be a dumb question, sorry.

v1s1t0r
2019-12-20, 13:52
In first place, if you are using airgeddon v10.0 which already has the plugins system, there is a buitin plugin which will install the missing dependencies for you if they are missing. So do a git clone, launch it and follow the instructions on the screen, that's all you need.

Anyway, if you want to install them manually, of course you can, but you need to know how to do it... which dependency are you missing? which command are you launching to try to install it? please be more specific! otherwise is impossible to help you. It's important to be concrete to ask something.

donThomaso
2019-12-29, 13:15
I'm having problems exploring targets for WPS and would like to know which network adapters are working 100%. I have one TL-WN722N and one AWUS036NEH.
One of them was working(to scan) this morning but now i cant get any of them to work. I can enable monitor mode and do the other scans.

v1s1t0r
2019-12-29, 19:29
Read the airgeddon wiki for that: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Cards%20and%20Chipsets

Panda cards are cheap and easy to find on ebay, amazon, etc.

cold iron
2019-12-30, 13:08
Read the airgeddon wiki for that: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Cards%20and%20Chipsets

Panda cards are cheap and easy to find on ebay, amazon, etc.

Thanks for the replay, but what I need to download is via the hardwire web which is over 100mps. For some odd reason, Kali can not find the package to download. But I can go to the url address and see it.!!

v1s1t0r
2019-12-30, 13:55
Not sure what are you referring to. airgeddon is not available (yet) at Kali repos. To install airgeddon on Kali you can do the common git clone method or install the available .deb package from the github.

cold iron
2019-12-30, 16:52
Yes. I have airgeddon install, but missing some of the tools like 8 or so. When I try to download them I get that message "can not find package" or something like that. Github has all the files, I can search and find them but for some reason, kali can't.!!

v1s1t0r
2019-12-31, 08:34
Kali has all the packages needed on their repos. Please, post here the packages you are missing. Probably you are doing something wrong. For example... if you read something like this:

wash .... Ok
openssl .... Ok
dhcpd .... Error (Possible package name : isc-dhcp-server / dhcp-server / dhcp)
reaver .... Ok

That means that you are missing the command dhcpd, but the name of the package is not dhcpd. It is "isc-dhcp-server" or "dhcp-server" or "dhcp", it depends of your linux distribution. For Kali, Parrot and Debian based distros you should perform to fix this: "apt install isc-dhcp-server".

Paste here your problem and what you are missing.

v1s1t0r
2019-12-31, 08:40
By the way, I followed the Kali guide: https://www.kali.org/docs/development/public-packaging/

I created an account and a repo at Gitlab.com: https://gitlab.com/v1s1t0r1sh3r3/airgeddon

I was able to create the .deb package following the guide. I had some problems but now are solved. I hope with this airgeddon could be added to Kali repos :D

cold iron
2020-01-01, 13:59
Hi, thanks for helping! Here are some of the missing tools.

Possible package name : bettercap


package name : lighttpd


package name : sc-dhcp-server/dhcp-server/dhc


package name : hostapd-wpe



package name : mdk4


package name : hostapd


I used
sudo apt-get install application_name to get them and all I get is "can not find package"
I tried apt-get install name
I tried a few other commands, none work.

I'll try your : "apt install isc-dhcp-server". maybe it will help. Thanks

v1s1t0r
2020-01-01, 14:57
yeah, it's easy.... just launch (copy and paste the entire command):

apt update && apt install hostapd-wpe mdk4 hostapd isc-dhcp-server lighttpd

For bettercap I recommend to use the command:

gem install bettercap

In this way you'll get the latest compatible version (1.6.2)

But there is another thing I can't understand... if you have airgeddon v10.0 or higher, it includes a plugin which will ask you for auto install the missing dependencies if you are really using Kali Linux.

cold iron
2020-01-01, 15:46
I do have V,10 and I tried to update plug-in and got a message saying....An error occurred while trying to install dependencies. And yes I am online via lan @ over 100mps. Frustrating..

v1s1t0r
2020-01-01, 19:10
Did you launch the command I put here? can you put an screenshot of your error? Please, join our Discord channel to continue with this. You can find the invitation link at Contact section of airgeddons github wiki: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Contact

cold iron
2020-01-02, 13:23
Did you launch the command I put here? can you put an screenshot of your error? Please, join our Discord channel to continue with this. You can find the invitation link at Contact section of airgeddons github wiki: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Contact

Yes I did but got the same "can not find package". Could there be something messed up in Kodi 2019.4?

v1s1t0r
2020-01-02, 13:43
Maybe you can launch the apt command with the packages one by one to know which one is missing on the repos. I mean:

apt install hostapd-wpe
apt install mdk4
apt install hostapd
apt install isc-dhcp-server lighttpd

In this way you can know which one is causing the problem.

Anyway, review you repos on the apt configuration to be sure that they are ok.

And I insist, join to Discord channel for better support.

cold iron
2020-01-02, 14:09
Maybe you can launch the apt command with the packages one by one to know which one is missing on the repos. I mean:

apt install hostapd-wpe
apt install mdk4
apt install hostapd
apt install isc-dhcp-server lighttpd

In this way you can know which one is causing the problem.

Anyway, review you repos on the apt configuration to be sure that they are ok.

And I insist, join to Discord channel for better support.

I'll give it a try!
I joined the Discord forum, looks good. Thanks

donThomaso
2020-02-09, 21:58
I read on the github page that "Kali Nethunter for Android is not officially supported by airgeddon. Anyway, some users were able to run airgeddon successfully on it."
what does it take? I got stuck because my Nethunter doesn't have x window system. any way to add it?

v1s1t0r
2020-02-09, 22:55
You can avoid the use of X window system configuring to use tmux instead to work on Nethunter. Just modify the options file ".airgeddonrc" located at same dir as airgeddon.sh and change the var AIRGEDDON_WINDOWS_HANDLING from xterm to tmux. More info about this here: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Options

By the way, we are thinking into add PMKID stuff for the next release. Better late than never.

einsteinbutt
2020-03-12, 19:04
Thank You so much v1s1t0r for sharing everything it helps me alot i used to implement Mask attack without Hashcat so i've to face problems so i heard about Hashcat from software technology inc (https://orbitaltecltd.com) now i am using Hashcat I must say that it meets my expectations entirely and works perfect currently i am using it on i7-6200 with graphics 1 GB, i also downloaded airgeddon v7.0 with WEP you are doing very pretty good please keep developing and informing! i am looking forward to see new version.

v1s1t0r
2020-03-19, 12:10
Hi all! today v10.10 was released, with PMKID support and more. Enjoy! :)

v1s1t0r
2020-03-26, 08:08
v10.11 released... fixes and more... now airgeddon is aware of pmkid capturing while trying to capture a handshake. If a pmkid is captured accidentally while trying to capture a handshake, now airgeddon is able to handle it. And pmkid is also integrated on evil twin captive portal attack to use a pmkid instead of a handshake file as an option to perform the attack.

We'll keep informing....

dmatrix
2020-05-21, 14:52
thank you! excellent job! This version 10.20 was much faster on my slow AMD Athlon Processor Neo MV-40
Menus navigate faster now!

ZackJones
2020-06-25, 08:07
Thanks for the topic, I honestly did not dare to try airgeddon, but after a lot of positive reviews I will try!

NOSudo_
2020-06-27, 23:01
Some of my fondest memories are with airgeddon. Thank you for your hard work!

v1s1t0r
2020-10-17, 19:44
airgeddon v10.30 has been released. With arabic language support and other minor fixes. Enjoy!

mallorcapleasures
2020-11-23, 17:30
I will never fully understand this type of programming and its derivatives., Jjajaja

v1s1t0r
2020-12-14, 15:56
Another release to finish the year.... v10.31 was released. With bettercap 2.x support! Complete changelog:



- Fixed error of no returning to DoS menu after fail on handshake capture for Evil Twin Captive portal attack
- Fixed error of no returning to Evil Twin main menu for some special situations on BeEF attack
- Removed deprecated hcxpcaptool, replaced by hcxpcapngtool
- Replaced old PMKID hash format to be used in hashcat, from 16800 to 22000
- Improved responsive behaviour of Evil Twin Captive Portal web page
- Compatibility extended to Bettercap 2.x (>=2.28) for sslstrip2/BeEF Evil Twin attack


Enjoy!

mikahawkins1
2020-12-18, 17:46
Quite impressive.

v1s1t0r
2020-12-21, 09:20
Great, after this release at last the tool was added to Kali repos! :)

matlabi
2021-05-04, 11:45
It will be for the next 7.22 version.

undersc0re
2021-10-22, 23:17
When I try to grab a pmkid from a specific target it just keeps trying some other target I have not chosen, and trys that target every time No matter what other target I try. It is just stuck on trying that targets pmkid no matter how many times I reboot or choose different targets. Latest versions of airgeddon and kali.

jaimsolis
2021-11-05, 09:34
Good Post.

Bobo360
2022-05-02, 12:53
Thanks, great place.
But a problem that I am not finding a solution. For WPS attack, the router hangs after 3 attempts. Is there a way to get the router to restart? Or some other way? Changing the MAC I know it doesn't work. Thanks

ea1kt
2022-05-03, 09:34
I don't think the router hangs, after 3 attempts as self protection it disables the wps. To enable it you have to get into the routers configuration and activate it

Bobo360
2022-05-03, 09:51
Yes, exactly. but isn't there a way to re-enable it without going into the settings?

ea1kt
2022-05-17, 09:34
Not that I know of, and if you are attacking someone's else router it's very probable that the owner even ignores his router is locked.