Page 3 of 10 FirstFirst 12345678910 LastLast
Results 101 to 150 of 493

Thread: FrankenScript by Slim76 - It Attacks Access Points and .pcap files

  1. #101
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    So here's a little feedback.

    It's working well, selecting the wifi adapter and starting wash. Then wash hangs(noting to do with FS2, has do do with wash) on a certain router. From that point I cannot do anything but stop the process. So that's my feedback.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  2. #102
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    So here's a little feedback.

    It's working well, selecting the wifi adapter and starting wash. Then wash hangs(noting to do with FS2, has do do with wash) on a certain router. From that point I cannot do anything but stop the process. So that's my feedback.
    Many thanks for the feedback.
    I've never heard of that issue before, are you sure its not something to do with your setup?.
    When wash hangs can you continue through the script if you press Ctrl+c on the wash screen?.

  3. #103
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Quote Originally Posted by slim76 View Post
    Many thanks for the feedback.
    I've never heard of that issue before, are you sure its not something to do with your setup?.
    When wash hangs can you continue through the script if you press Ctrl+c on the wash screen?.
    that's because most know how scripts works, and install it in the right directory, 'Home'(root) folder. Mine was in a sub-folder of 'Home'. Now I know x/

    Everything is working fine now. Wash and airodump-ng starts and give me the choice of the target. Vicious little **** you've created there Slim!!

    I have not explored all possibilities yet. Some of the things I've noticed to maybe improve FS:

    - console windows popping up is somewhat 'unpleasant', though no big deal, it must do what its got to do, the functionalities matter the most, and I doubt that there's anything you can do about it, as FS calls different processes and they most have their own console window to operate in. Just pointing it out, as it is somewhat distracting when multitasking. Something like Wifite comes to mind here as a solution(?)

    - I cannot surf on one wifi adapter and use FS2 on another at the same time. Or am I missing something again? Network manager must be off right?



    Edit:
    Swearing
    Last edited by g0tmi1k; 2015-03-31 at 09:31. Reason: Swearing
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  4. #104
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Quote Originally Posted by Quest View Post
    - I cannot surf on one wifi adapter and use FS2 on another at the same time. Or am I missing something again? Network manager must be off right?
    Nevermind. Having the network manager open and using FS2 does work. So surfing and testing at the same time is possible. Slowly un-confusing myself after a bad start here.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  5. #105
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    Nevermind. Having the network manager open and using FS2 does work. So surfing and testing at the same time is possible. Slowly un-confusing myself after a bad start here.
    Sorry there's no instructions. LOL
    Glad its working for you and many thanks for taking the time to leave feedback. :-)

  6. #106
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Slim, what are the option(s) to attack a wpa protected network that does not have wps(pin number) with FS2?

    Does this technique without dictionary looks familiar to you?

    1. scan
    Code:
    airodump-ng mon0
    2. listening
    Code:
    airodump-ng -c CH# --bssid 'BSSID' showstatistics -w 'filename' 'interface'
    airodump-ng -c 11 --bssid 58:98:35:CB:A2:77 --showack -w filemario mon0
    3. deauthenticate a client
    Code:
    aireplay-ng -0 10 -a 'BSSID' -c 'CLIENT:MAC:ADDRESS' 'interface'
    aireplay-ng -0 10 -a 58:98:35:CB:A2:77 -c 70:D4:F2:91:AE:67 mon0
    4. crunch
    Code:
    crunch 8 8 0123456789 | aircrack-ng -a 2 'filename.cap' -e '”essid”' -b 'HANDSHAKE' -w -
    crunch 8 8 0123456789 | aircrack-ng -a 2 filemario-01.cap -e “mario” -b 58:98:35:CB:A2:77 -w -
    I've seen something similar in FS2, but dictionary dependent -OR-(as the tradition will have it) I'm missing something?
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  7. #107
    Join Date
    2013-Oct
    Posts
    321
    I'm not sure what you are asking.

    If you mean you want to capture a wpa/wpa2 handshake:
    Choose option [1] from the main menu, then choose a target network that is wpa/wpa2 encrypted.
    Then choose option "[1] = WPA/WPA2 Handshake Capture" from the menu.

    Or if you are asking how to attack a handshake capture file without a dictionary:
    crunch 10 10 abcdef23456789 -d 3 | pyrit -e $AP_essid -i - -o - passthrough | cowpatty -d - -r $HOME/FrankenScript/temp/$Capture_File -s $AP_essid

    Or if you are asking if the above command is in FrankenScript2:
    I removed most of the options to attack a handshake capture file, but I'll be rewritting them and adding them again at some point.

    Hope at least one of those answered your question?. LOL

  8. #108
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Thank you, that pretty much answered my questions.

    Slim, what are the chances of you and repzeroworld, i) joining your scripts together, and then ii) turning your scripts into an application?

    You can check out repzeroworld script here https://forums.kali.org/showthread.p...ful-Link/page3

    I'm asking because it would be alot easier to invoke both of your scripts in one application with a simple command, and then it could be incorporated in the next Kali.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  9. #109
    Join Date
    2013-Oct
    Posts
    321
    You're welcome mate.

    From my point of view the chances are slim to none, at this moment in time it's beyond my knowlledge.
    FrankenScript is a basic script, it hasn't even been written very well. LOL
    FrankenScript isn't copyright protected and people are free to do whatever they like with it.

    PLEASE NOTE:
    FrankenScript uses other scripts/tools that were created by other people, it would be a useless script without these other scripts/tools (Many thanks to everyone).
    If anyone is interested in what scripts/tools are used then please research them for your self, I only say this because listing them all would take forever and missing someone out might offend them.

  10. #110
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    I started a topic (in Kali Linux General Use) asking if anyone knows how to make such a program. Something that would seekout scripts in the root folder and give the user the choice of scripts to be lunched. That would solve it right there.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  11. #111
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    I started a topic (in Kali Linux General Use) asking if anyone knows how to make such a program. Something that would seekout scripts in the root folder and give the user the choice of scripts to be lunched. That would solve it right there.
    That shouldn't be to hard to achieve, FrankenScript uses the same method to detect capture files in the capture file folder. ;-)

  12. #112
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    so you just officially offered to create such an application! Great! Thank you! You're the best Slim! The community will be for ever grateful!

    Here are some ideas for the name of the program..

    • Lazyboy
    • ScriptFinder
    • Shepherd
      ....


    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  13. #113
    Join Date
    2013-Mar
    Posts
    22
    is it Work for WPS Crack ? i mean Crack for Pin Number ?

  14. #114
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Mehran View Post
    is it Work for WPS Crack ? i mean Crack for Pin Number ?
    It uses reaver so yes it can crack wps.
    It also uses several scripts that can generate the wps pin for some but not all routers.

  15. #115
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    so you just officially offered to create such an application! Great! Thank you! You're the best Slim! The community will be for ever grateful!

    Here are some ideas for the name of the program..

    • Lazyboy
    • ScriptFinder
    • Shepherd
      ....


    I've added this function and I'll upload the updated version when I've finished adding the other wordlist/passthrough cracking options.

  16. #116
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    no way!!!! Thanks! I will check it out as soon as I'm done with writing a howto in the Howto section for some other stuff.


    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  17. #117
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Slim, does this looks familiar to you? It's a router identification list based upon MAC address bssid. It would be useful to implement, and have FrankenScript tell the operator which make(name of the company) is the target(router) as with some makes of routers I've had to install Reaver 1.3, as 1.4 had big problems with some of them. Sometimes all version of reaver will fail where Bully will succeed.

    That may save the operator many hours/days of futile attempts
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  18. #118
    Join Date
    2013-Jul
    Location
    United States
    Posts
    520
    You can have a look here to find the model number, and possible even the serial number here also!

  19. #119
    Join Date
    2013-Mar
    Posts
    22
    i got this error : Press [Enter] to stop the airodump scan and continue.xterm: cannot open /root/FrankenScript2/Temp_Working_Dirctory/Wash_Network_Scan.txt: 2:No such file or directory
    Wash_Network_Scan.txt is not exit on my folder also i create it but same .. and i cant chose AP

    Also on my Reaver i stuck on Sending identity response

    [+] Waiting for beacon from 64:68:0C:59:2C:9A
    [+] Switching mon0 to channel 3
    [+] Associated with 64:68:0C:59:2C:9A (ESSID: WLAN_23)
    [+] Trying pin 12345670
    [+] Sending EAPOL START request
    [+] Received identity request
    [+] Sending identity response

    Can help me why reaver stuck on this step ?
    Last edited by Mehran; 2014-07-04 at 11:05.

  20. #120
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Mehran View Post
    i got this error : Press [Enter] to stop the airodump scan and continue.xterm: cannot open /root/FrankenScript2/Temp_Working_Dirctory/Wash_Network_Scan.txt: 2:No such file or directory
    Wash_Network_Scan.txt is not exit on my folder also i create it but same .. and i cant chose AP

    Also on my Reaver i stuck on Sending identity response

    [+] Waiting for beacon from 64:68:0C:59:2C:9A
    [+] Switching mon0 to channel 3
    [+] Associated with 64:68:0C:59:2C:9A (ESSID: WLAN_23)
    [+] Trying pin 12345670
    [+] Sending EAPOL START request
    [+] Received identity request
    [+] Sending identity response

    Can help me why reaver stuck on this step ?
    Copy the FrankenScript2 folder and contents to your home folder then try it again.

  21. #121
    Join Date
    2013-Oct
    Posts
    321
    I'm trying to get Bully working but it keeps trying the same pin over and over again, has anyone else had the same problem and can anyone advise me how to fix the issue?.

  22. #122
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    what's the syntax Bro?

    It works out of the box for me(no special steps). I just enter simple syntax
    Code:
    bully monX -c XX -b XX:XX:XX:XX:XX:XX -v3
    or

    Code:
    bully monX -c XX -b XX:XX:XX:XX:XX:XX -v3 -p XXXX
    when specifying a certain first four pin number.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  23. #123
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    what's the syntax Bro?

    It works out of the box for me(no special steps). I just enter simple syntax
    Code:
    bully monX -c XX -b XX:XX:XX:XX:XX:XX -v3
    or

    Code:
    bully monX -c XX -b XX:XX:XX:XX:XX:XX -v3 -p XXXX
    when specifying a certain first four pin number.
    Already tried those but cheers anyway matey :-)

  24. #124
    Join Date
    2014-Apr
    Location
    Down Under
    Posts
    315
    Hi there slim,

    I've been trying out your script, I'm a big fan!

    So far, I was able to capture my handshake and I noticed it auto converts to .hccap. I've seen here in the thread that there was an option to attack a handshake file from within the script. Has this been removed or am I using an old version? I went through the script and couldn't find any feature that relates.

    Cheers

  25. #125
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by staticn0de View Post
    Hi there slim,

    I've been trying out your script, I'm a big fan!

    So far, I was able to capture my handshake and I noticed it auto converts to .hccap. I've seen here in the thread that there was an option to attack a handshake file from within the script. Has this been removed or am I using an old version? I went through the script and couldn't find any feature that relates.

    Cheers
    I think I removed the options from the version you're using, but I'll upload an updated version later today or tomorrow if all goes well.

    FrankenScript2 Information.
    =================

    [1] Scan And Attack AP's:
    -------------------------
    Auto check/auto enable monitor mode function.
    MAC address spoofing options.
    Kill processes options (airmon-ng check kill).
    Network scanners - wash & airodump-ng combined.
    Sort displayed scan results by Signal Strength, Attack Method, or Orignally Displayed.
    Default access point WEP/WPA passkey generators.
    WEP Attacks - Aircrack Tools.
    WPA/WPA2 Attacks - Aircrack Tools.
    WPS Attacks - Reaver & Bully & Default WPS-Pin generators.
    Recovered passkeys are saved in $HOME/FrankenScript2/Recovered-Passkeys.txt.

    [2] Return To Scanned AP's:
    ---------------------------
    Returns you to the last network scan.

    [3] Attack Handshake.cap Files:
    -------------------------------
    [1] = Wordlist + Pyrit + Cowpatty (Non-Resumable).
    Simple capture file presentation & selection.
    Drag & drop a wordlist onto the screen, or manually input the path and file name.
    Attack method - Two attacks are run at the same time (Same processing power but the chances of getting the passkey sooner are greater):
    Attack 1 - Works through a wordlist from the beginning to the end.
    Attack 2 - Works through a wordlist from the end to the beginning.
    Recovered passkeys are saved in $HOME/FrankenScript2/Recovered-Passkeys.txt.

    [2] = Passthrough Attack (Resumable).
    Start a new attack option.
    Easy capture file selection.
    Configurable passkey's creation options.
    Attack - Crunch Pyrit cowpatty.
    Resume an attack.
    Recovered passkeys are saved in $HOME/FrankenScript2/Recovered-Passkeys.txt.

    [4] Script Launcher:
    --------------------
    Launch other scripts.
    Scripts must be placed in the $HOME/FrankenScript2/Scripts folder.
    Script file names can't contain any blank spaces or special characters.

    [5] WiFi Adapter Override:
    --------------------------
    WiFi adapter selection, only available if multiple wifi adapters are present.

    [6] System Mode Override:
    -------------------------
    Switch between "Networking Mode & Attack Mode".

    [7] Recovered Passkey's:
    ------------------------
    Displays all recovered passkeys.
    Recovered passkey file: $HOME/FrankenScript2/Recovered-Passkeys.txt

    [0] Exit FrankenScript2:
    ------------------------
    Removes tempory files.
    Disables attack mode and re-enables networking mode.
    Exit the script.
    Last edited by slim76; 2014-07-13 at 20:20.

  26. #126
    Join Date
    2014-Jul
    Location
    Salvador
    Posts
    6
    Quote Originally Posted by slim76 View Post
    I think I removed the options from the version you're using, but I'll upload an updated version later today or tomorrow if all goes well.

    FrankenScript2 Information.
    =================

    [1] Scan And Attack AP's:
    -------------------------
    Auto check/auto enable monitor mode function.
    MAC address spoofing options.
    Kill processes options (airmon-ng check kill).
    Network scanners - wash & airodump-ng combined.
    Sort displayed scan results by Signal Strength, Attack Method, or Orignally Displayed.
    Default access point WEP/WPA passkey generators.
    WEP Attacks - Aircrack Tools.
    WPA/WPA2 Attacks - Aircrack Tools.
    WPS Attacks - Reaver & Bully & Default WPS-Pin generators.
    Recovered passkeys are saved in $HOME/FrankenScript2/Recovered-Passkeys.txt.

    [2] Return To Scanned AP's:
    ---------------------------
    Returns you to the last network scan.

    [3] Attack Handshake.cap Files:
    -------------------------------
    [1] = Wordlist + Pyrit + Cowpatty (Non-Resumable).
    Simple capture file presentation & selection.
    Drag & drop a wordlist onto the screen, or manually input the path and file name.
    Attack method - Two attacks are run at the same time (Same processing power but the chances of getting the passkey sooner are greater):
    Attack 1 - Works through a wordlist from the beginning to the end.
    Attack 2 - Works through a wordlist from the end to the beginning.
    Recovered passkeys are saved in $HOME/FrankenScript2/Recovered-Passkeys.txt.

    [2] = Passthrough Attack (Resumable).
    Start a new attack option.
    Easy capture file selection.
    Configurable passkey's creation options.
    Attack - Crunch Pyrit cowpatty.
    Resume an attack.
    Recovered passkeys are saved in $HOME/FrankenScript2/Recovered-Passkeys.txt.

    [4] Script Launcher:
    --------------------
    Launch other scripts.
    Scripts must be placed in the $HOME/FrankenScript2/Scripts folder.
    Script file names can't contain any blank spaces or special characters.

    [5] WiFi Adapter Override:
    --------------------------
    WiFi adapter selection, only available if multiple wifi adapters are present.

    [6] System Mode Override:
    -------------------------
    Switch between "Networking Mode & Attack Mode".

    [7] Recovered Passkey's:
    ------------------------
    Displays all recovered passkeys.
    Recovered passkey file: $HOME/FrankenScript2/Recovered-Passkeys.txt

    [0] Exit FrankenScript2:
    ------------------------
    Removes tempory files.
    Disables attack mode and re-enables networking mode.
    Exit the script.
    Hello, I was very interested in using your script.
    If you can not open it on my terminal. Only appears the message that "the file is binary and can not be opened" how do I open it?

    I think it is because of the extension. "tar.gz" I can not open it.
    give me an answer.
    'm hanging on.

  27. #127
    Join Date
    2014-Apr
    Location
    Down Under
    Posts
    315
    Sounds great slim, I'm looking forward to trying it out.

    Have you considered putting the project on github?

  28. #128
    Join Date
    2013-Oct
    Posts
    321
    You need to upack the tar.gz file

  29. #129
    Join Date
    2013-Oct
    Posts
    321
    pmsl, do you really think it's good enough to put on github. lol

  30. #130
    Join Date
    2013-Oct
    Posts
    321
    Here's the latest FrankenScript.
    FrankenScript2: Updated 14/7/14

    FrankenScript2_Updated-14-7-2014.tar.gz
    http://mir.cr/0LY66HZC

    [1] Scan And Attack AP's:
    -------------------------
    Auto check/auto enable monitor mode function.
    MAC address spoofing options.
    Kill processes options (airmon-ng check kill).
    Network scanners - wash & airodump-ng combined.
    Sort displayed scan results by Signal Strength, Attack Method, or Orignally Displayed.
    Default access point WEP/WPA passkey generators.
    WEP Attacks - Aircrack Tools.
    WPA/WPA2 Attacks - Aircrack Tools.
    WPS Attacks - Reaver & Bully & Default WPS-Pin generators.
    Recovered passkeys are saved in $HOME/FrankenScript2/Recovered-Passkeys.txt.

    [2] Return To Scanned AP's:
    ---------------------------
    Returns you to the last network scan.

    [3] Attack Handshake.cap Files:
    -------------------------------
    [1] = Wordlist + Pyrit + Cowpatty (Non-Resumable).
    Simple capture file presentation & selection.
    Drag & drop a wordlist onto the screen, or manually input the path and file name.
    Attack method - Two attacks are run at the same time (Same processing power but the chances of getting the passkey sooner are greater):
    Attack 1 - Works through a wordlist from the beginning to the end.
    Attack 2 - Works through a wordlist from the end to the beginning.
    Recovered passkeys are saved in $HOME/FrankenScript2/Recovered-Passkeys.txt.

    [2] = Passthrough Attack (Resumable).
    Start a new attack option.
    Easy capture file selection.
    Configurable passkey's creation options.
    Attack - Crunch Pyrit cowpatty.
    Resume an attack.
    Recovered passkeys are saved in $HOME/FrankenScript2/Recovered-Passkeys.txt.

    [4] Script Launcher:
    --------------------
    Launch other scripts.
    Scripts must be placed in the $HOME/FrankenScript2/Scripts folder.
    Script file names can't contain any blank spaces or special characters.

    [5] WiFi Adapter Override:
    --------------------------
    WiFi adapter selection, only available if multiple wifi adapters are present.

    [6] System Mode Override:
    -------------------------
    Switch between "Networking Mode & Attack Mode".

    [7] Recovered Passkey's:
    ------------------------
    Displays all recovered passkeys.
    Recovered passkey file: $HOME/FrankenScript2/Recovered-Passkeys.txt

    [0] Exit FrankenScript2:
    ------------------------
    Removes tempory files.
    Disables attack mode and re-enables networking mode.
    Exit the script.

  31. #131
    Join Date
    2014-Apr
    Location
    Down Under
    Posts
    315
    Quote Originally Posted by slim76 View Post
    pmsl, do you really think it's good enough to put on github. lol
    Is it sad I had to google pmsl?

    That being said, I've seen some rubbish on github
    To start, your script actually works ☺ that's a step up from a lot of projects.

    It would make It easy to report issues and such if they come up.
    Last edited by staticn0de; 2014-07-14 at 12:33.

  32. #132
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by staticn0de View Post
    Is it sad I had to google pmsl?

    That being said, I've seen some rubbish on github
    To start, your script actually works ☺ that's a step up from a lot of projects.

    It would make It easy to report issues and such if they come up.
    I'm greatful for your support matey and glad you found it useful.

    Apologies for the pmsl, In my defence I was texting my girlfriend at the same time .
    It was never really intended for public use, but I shared it here to try and give back to the community.

  33. #133
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Good job slim!!

    I'm messing with it now, and here are my observations..

    [4] Script Launcher:
    Thank you!! It works.


    ATTACK METHOD - HANDSHAKE CAPTURE
    #################################

    NOTE: Wait for clients to be visable in airodump before entering option [2].

    [1] = Deauthenticate all connected clients.
    [2] = Deauthenticate a specific client.
    [3] = Return To Scanned APs.
    Please choose an option:
    oh really?


    Scanned_APs
    ===========

    30: ...

    1: ...

    [r] = Re-Scan
    [e] = Sort By - ESSID (AP Name)
    [s] = Sort By - Signal Strength
    [a] = Sort By - Attack Method
    [0] = Return To Main Menu

    Please choose an option or input the number of a target:
    that's cool! Are those new options?


    I'm getting this message. That is most likely from my end. Will reinstall and check-in later.
    ATTACK METHOD - HANDSHAKE CAPTURE
    #################################

    NOTE: Wait for clients to be visable in airodump before entering option [2].

    [1] = Deauthenticate all connected clients.
    [2] = Deauthenticate a specific client.
    [3] = Return To Scanned APs.
    Please choose an option: xterm: cannot open /root/FrankenScript2/Temp_Working_Dirctory/Handshake_Check.txt: 17:File exists



    EDIT:

    removed FS2 from Home, re-downloaded it and re-installed and I get this message just before a wep attack:

    Starting Fragment
    xterm: cannot open /root/FrankenScript2/Temp_Working_Dirctory/Aireplay_Fragment_Check.txt: 17:File exists
    but it proceeds with the attack normally(?)


    on wpa also...
    ATTACK METHOD - HANDSHAKE CAPTURE
    #################################

    NOTE: Wait for clients to be visable in airodump before entering option [2].

    [1] = Deauthenticate all connected clients.
    [2] = Deauthenticate a specific client.
    [3] = Return To Scanned APs.
    Please choose an option: xterm: cannot open /root/FrankenScript2/Temp_Working_Dirctory/Handshake_Check.txt: 17:File exists



    Can anyone else reproduce these messages/problems on their setup please?
    Last edited by Quest; 2014-07-15 at 20:04.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  34. #134
    Join Date
    2014-Apr
    Location
    Down Under
    Posts
    315
    Hey quest, did you happen to close the script with control + c and not exit using the option on the menu?

    From what I read in the script, it cleans temp files on exit. That would explain your file exists error

  35. #135
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    These syntaxes in FS2 when starting Bully , are not getting me anywhere, and they crash Bully back to the attack options...

    Option [1] = Bully & WPS Default Pin.
    Bully & WPS-Pin Attack Command:
    bully mon0 -b 84:C9:B2:XX:XX:XX -c X -e Xxxxx -p 3333 -F -B -l 60 -v 3

    Press [Enter] to launch the attack.
    And option [2] = Bully Basic Attack.
    Bully Basic Attack Command:
    bully mon0 -b 84:C9:B2:XX:XX:XX -c X -e Xxxxx -F -l 60 -v 3

    Press [Enter] to launch the attack.
    I've tried these commands directly in Bully to see what the problem was with these syntaxes and here is the return:

    root@kali:~# bully mon0 -b 84:C9:B2:XX:XX:XX -c X -e Xxxxx -p 3333 -F -B -l 60 -v 3
    [!] Bully v1.0-22 - WPS vulnerability assessment utility
    [+] Switching interface 'mon0' to channel '6'
    [!] Starting pin specified, defaulting to sequential mode
    [!] Using 'f2:af:63:61:fc:6b' for the source MAC address
    [+] Datalink type set to '127', radiotap headers present
    [+] Scanning for beacon from '84:c9:b2:0a:e1:22' on channel '6'
    [X] Unable to get a beacon from the AP, possible causes are
    [.] an invalid --bssid or -essid was provided,
    [.] the access point isn't on channel '6',
    [.] you aren't close enough to the access point.
    root@kali:~#

    root@kali:~# bully mon0 -b 84:C9:B2:XX:XX:XX -c X -e Xxxxx -F -l 60 -v 3
    [!] Bully v1.0-22 - WPS vulnerability assessment utility
    [+] Switching interface 'mon0' to channel '6'
    [!] Using 'f2:af:63:61:fc:6b' for the source MAC address
    [+] Datalink type set to '127', radiotap headers present
    [+] Scanning for beacon from '84:c9:b2:0a:e1:22' on channel '6'
    [X] Unable to get a beacon from the AP, possible causes are
    [.] an invalid --bssid or -essid was provided,
    [.] the access point isn't on channel '6',
    [.] you aren't close enough to the access point.
    root@kali:~#

    Now to confirm that it is possible to attack that same target with a simple syntax...

    root@kali:~# bully mon0 -c X -b 84:C9:B2:XX:XX:XX -v 3
    [!] Bully v1.0-22 - WPS vulnerability assessment utility
    [+] Switching interface 'mon0' to channel '6'
    [!] Using 'f2:af:63:61:fc:6b' for the source MAC address
    [+] Datalink type set to '127', radiotap headers present
    [+] Scanning for beacon from '84:c9:b2:0a:e1:22' on channel '6'
    [+] Got beacon for 'Xxxx wi-fi' (84:c9:b2:0a:e1:22)
    [+] Loading randomized pins from '/root/.bully/pins'
    [!] Restoring session from '/root/.bully/84c9b20ae122.run'
    [+] Index of starting pin number is '0023000'
    [+] Last State = 'NoAssoc' Next pin '71092997'
    [+] Rx( M5 ) = 'Pin1Bad' Next pin '18102994'
    [+] Rx( M5 ) = 'Pin1Bad' Next pin '24942997'
    [+] Rx( M5 ) = 'Pin1Bad' Next pin '20102999'
    [+] Rx( M5 ) = 'Pin1Bad' Next pin '07132995'
    [+] Rx( M5 ) = 'Pin1Bad' Next pin '58762998'
    [+] Rx( M5 ) = 'Pin1Bad' Next pin '38872990'
    [+] Rx( M5 ) = 'Pin1Bad' Next pin '21282997'
    [+] Rx( M5 ) = 'Pin1Bad' Next pin '98162994'
    ^C
    Saved session to '/root/.bully/84c9b20ae122.run'
    root@kali:~#
    Last edited by Quest; 2014-07-15 at 20:50.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  36. #136
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Quote Originally Posted by staticn0de View Post
    Hey quest, did you happen to close the script with control + c and not exit using the option on the menu?

    From what I read in the script, it cleans temp files on exit. That would explain your file exists error
    ah yes that is a possibility! Great if it's on my end Good catch friend!
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  37. #137
    Join Date
    2014-Jul
    Location
    Salvador
    Posts
    6
    Quote Originally Posted by Quest View Post
    These syntaxes in FS2 when starting Bully , are not getting me anywhere, and they crash Bully back to the attack options...

    Option [1] = Bully & WPS Default Pin.


    And option [2] = Bully Basic Attack.


    I've tried these commands directly in Bully to see what the problem was with these syntaxes and here is the return:







    Now to confirm that it is possible to attack that same target with a simple syntax...
    I can not understand this script. I open it, choose the first option it opens the wash and get an error message appears, claiming a missing file ".txt".

    What do I do? I need help!

  38. #138
    Join Date
    2014-Apr
    Location
    Down Under
    Posts
    315
    Quote Originally Posted by caiiostylle View Post
    I can not understand this script. I open it, choose the first option it opens the wash and get an error message appears, claiming a missing file ".txt".

    What do I do? I need help!
    Hey there, please post the entire error message.

  39. #139
    Join Date
    2014-Jul
    Location
    Salvador
    Posts
    6
    Quote Originally Posted by staticn0de View Post
    Hey there, please post the entire error message.
    This is my error..
    I select the first option to search after and then he opens the wash and displays the second screen.

    I want to remember who are usuando a wireless card in my notebook for this.





    Help me!

  40. #140
    Join Date
    2014-Apr
    Location
    Down Under
    Posts
    315
    Quote Originally Posted by caiiostylle View Post
    This is my error..
    I select the first option to search after and then he opens the wash and displays the second screen.

    I want to remember who are usuando a wireless card in my notebook for this.





    Help me!
    Looks to me that you're running the script from a folder on your desktop. You need to put the folder in your home directory.
    Last edited by staticn0de; 2014-07-16 at 05:19.

  41. #141
    Join Date
    2013-Oct
    Posts
    321
    @ Quest,
    The file error message is because a file didn't get deleted, I think I've solved the issue now.
    I've only used bully a couple of times but those commands worked for me ok, I'll look into it but please can you post all the bully commands that work for you.

    @ caiiostylle,
    Try what staticn0de suggested, if that doesn't work then please post the error message in english so I can try to help you.

    I'll post the updated version soon.
    Last edited by slim76; 2014-07-16 at 03:40.

  42. #142
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    sure thing bro,

    I'm not a Bully expert and I wish there was more feedback on that subject, but the few times I've used it, those below, worked great on any AP anywhere, anytime...

    bully monX -c XX -b XX:XX:XX:XX:XX:XX -v 3
    bully Interface -Chanel -BSSID -verbosity 3

    bully monX -c XX -b XX:XX:XX:XX:XX:XX -v 3 -p XXXX
    bully Interface -Chanel -BSSID -verbosity 3 -PIN

    "easy does it" as they say
    Last edited by Quest; 2014-07-16 at 04:32.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  43. #143
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    ATTACK METHOD - HANDSHAKE CAPTURE
    #################################

    NOTE: Wait for clients to be visable in airodump before entering option [2].

    [1] = Deauthenticate all connected clients.
    [2] = Deauthenticate a specific client.
    [3] = Return To Scanned APs.
    Please choose an option: xterm: cannot open /root/FrankenScript2/Temp_Working_Dirctory/Handshake_Check.txt: 17:File exists
    if you can get those fixed also
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  44. #144
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    also, the way you have FS2 raped up in folders (root/Desktop/Untitled Folder/FrankenScript2) is not practical me thinks. It was better before. I could just decompress it Home.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  45. #145
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    also, the way you have FS2 raped up in folders (root/Desktop/Untitled Folder/FrankenScript2) is not practical me thinks. It was better before. I could just decompress it Home.
    I don't understand what you mean when you said "(root/Desktop/Untitled Folder/FrankenScript2)", FrankenScript shouldn't be in that location.
    FrankenScript should be unpacked to your Home folder and not the Desktop.

  46. #146
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    The way the tar.gz is packaged. It is wrapped in many 'parent' folders before the FrankenScript2 folder.

    So when I uncompress it I have a "root" folder, inside that a "Desktop" folder, inside that a "Untitled Folder" folder, then finally I get the "FrankenScript2" folder.

    FrankenScript2_Updated-14-7-2014.tar.gz\root\Desktop\Untitled Folder - TAR+GZIP archive, unpacked size 2*401*208 bytes
    1,04*Mb (1*091*590)

    I used winrar4.0 and ark under Kali. I've DL the archive 3 times now with the same results. I doubt that I'm the only one getting that result.

    My FrankenScript2 folder is indeed in my Home directory. I have that part figured out by now
    Last edited by Quest; 2014-07-16 at 12:56.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  47. #147
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Also...

    it might just be me lucking out, but I'm not getting anywhere with that version of FS2, no matter what I try.

    No handshakes. No wep success. Nada. Keeps sending out packets endlessly. It does associate, but that's the extent of it. I had all kinds of success with the previous version.

    That might be on my end though(?)
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  48. #148
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    Also...

    it might just be me lucking out, but I'm not getting anywhere with that version of FS2, no matter what I try.

    No handshakes. No wep success. Nada. Keeps sending out packets endlessly. It does associate, but that's the extent of it. I had all kinds of success with the previous version.

    That might be on my end though(?)
    That's really odd cause everything works for me, Can anyone else confirm the same issue's please?.
    I'll be uploading another updated version within the next day or two, you can try the new version or I'll help you fix the current version.

  49. #149
    Join Date
    2014-Apr
    Location
    Down Under
    Posts
    315
    I have the same thing with the unpack. A tar xvf lands the directory in an untitled folder on my desktop. It did not matter I had the archive and run the extract from my home folder.

    The script itself works fine for me though. I am able to capture handshakes, use bully and reaver no problems. Haven't tripped a WEP attack yet.

    I was also able to brute force with word list.

    Have you considered adding support for cudahashcat? If not, I'll give it a crack on the weekend.

    No major issues as of yet with the script. I had the same as quest where I didn't close the script correctly. I added a line to clear temp on load and that fixed it.

  50. #150
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by staticn0de View Post
    I have the same thing with the unpack. A tar xvf lands the directory in an untitled folder on my desktop. It did not matter I had the archive and run the extract from my home folder.

    The script itself works fine for me though. I am able to capture handshakes, use bully and reaver no problems. Haven't tripped a WEP attack yet.

    I was also able to brute force with word list.

    Have you considered adding support for cudahashcat? If not, I'll give it a crack on the weekend.

    No major issues as of yet with the script. I had the same as quest where I didn't close the script correctly. I added a line to clear temp on load and that fixed it.
    Most grateful for your feedback and glad to hear it all works for you.
    I was thinking about adding cudahashcat but I always seem to get side tracked by something else, I'll probably add it when I've got bully working properly.

Similar Threads

  1. Replies: 0
    Last Post: 2020-05-07, 19:24
  2. Kali 2.0 on a USB, trying to access files from Windows 10 OS
    By Justa5uvus in forum General Archive
    Replies: 1
    Last Post: 2016-01-28, 11:41
  3. Any other programs to create evil twin/rogue access points?
    By Dark Terror in forum General Archive
    Replies: 1
    Last Post: 2015-05-11, 02:08
  4. WPA PSK Key in pcap/cap files?
    By Kalinoob in forum General Archive
    Replies: 1
    Last Post: 2014-01-06, 15:39
  5. ferret makes huge .pcap files
    By 3t3st3r in forum General Archive
    Replies: 2
    Last Post: 2013-05-19, 19:22

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •