Page 5 of 6 FirstFirst 123456 LastLast
Results 201 to 250 of 256

Thread: Howto frankenScript

  1. #201
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580

    Reaver/s | Bully syntax

    ok these are my reflections on Reaver/s and bully for options, and I will have to insist on the following


    Reaver 1.3, 1.4, 1.5 and Bully should have only one customizable option each, and that is

    Reaver 1.3, 1.4, 1.5
    Code:
    reaver -i monX -c X -b XX:XX:XX:XX:XX:XX
    Bully
    Code:
    bully monX -c X -b XX:XX:XX:XX:XX:XX
    1. arguments are known to cause problems and should therefore be avoided.
    2. arguments are a case to case basis and cannot be generalized.
    3. a simple syntax offers a solid base to build on.
    4. frankenscript already does most of the work and saves the user time, and eliminate human error by
    a) monitor mode
    b) spoofing
    c) providing the user with the correct AP's MAC
    d) providing the user with the correct channel
    e) providing the user with the correct syntax
    5. easy does it.

    I could provide more points of why prefabricating more elaborated syntax is a really bad idea, but I will stop there, the above points being more than enough.

    My only question would be:

    - why would anyone launch an attack and not want to see the verbose( -vv, -v 3 ) ? Is it even realistically plausible that anyone would use any syntax without wanting to see what is going on ?
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  2. #202
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    ok these are my reflections on Reaver/s and bully for options, and I will have to insist on the following


    Reaver 1.3, 1.4, 1.5 and Bully should have only one customizable option each, and that is

    Reaver 1.3, 1.4, 1.5
    Code:
    reaver -i monX -c X -b XX:XX:XX:XX:XX:XX
    Bully
    Code:
    bully monX -c X -b XX:XX:XX:XX:XX:XX
    1. arguments are known to cause problems and should therefore be avoided.
    2. arguments are a case to case basis and cannot be generalized.
    3. a simple syntax offers a solid base to build on.
    4. frankenscript already does most of the work and saves the user time, and eliminate human error by
    a) monitor mode
    b) spoofing
    c) providing the user with the correct AP's MAC
    d) providing the user with the correct channel
    e) providing the user with the correct syntax
    5. easy does it.

    I could provide more points of why prefabricating more elaborated syntax is a really bad idea, but I will stop there, the above points being more than enough.

    My only question would be:

    - why would anyone launch an attack and not want to see the verbose( -vv, -v 3 ) ? Is it even realistically plausible that anyone would use any syntax without wanting to see what is going on ?
    Check the reaver custom attack again and you notice it only uses the basic commands already, it's the same with bully except bully has -v 3 added.

  3. #203
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    I would like to do a survey to find out how many ppl do not use the full verbose. Not a big deal mind you to type in '-vv', but it will get redundant, especially(like I suspect) if everyone prefers full verbosity.

    Another question. Since it is up to users to specify extra arguments, would it be pertinent for another window to open with the arguments list upon choosing Reaver or Bully? It would be slick and to the point, but some might find that extra window redundant if they do not need it?


    So here are my questions to whomever:

    • Do you use full verbose when using Reaver(-vv) or Bully(-v 3)?
    • Would you like the arguments list to pop up when using Reaver(reaver) or Bully(bully)?
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  4. #204
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    I would like to do a survey to find out how many ppl do not use the full verbose. Not a big deal mind you to type in '-vv', but it will get redundant, especially(like I suspect) if everyone prefers full verbosity.

    Another question. Since it is up to users to specify extra arguments, would it be pertinent for another window to open with the arguments list upon choosing Reaver or Bully? It would be slick and to the point, but some might find that extra window redundant if they do not need it?


    So here are my questions to whomever:

    • Do you use full verbose when using Reaver(-vv) or Bully(-v 3)?
    • Would you like the arguments list to pop up when using Reaver(reaver) or Bully(bully)?
    verbose will be left out of the custom attacks, putting it in would limit the custom attack.
    I like the idea about displaying the arguments, I'll definitley be adding it into FrankenScript. :-)

  5. #205
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    actually it is already -v 3 in Bully by default..
    -v, --verbosity N : Verbosity level 1-3, 1 is quietest [3]
    no need to add the argument

    and how would adding the '- vv' argument in Reaver limit the custom attack?
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  6. #206
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    actually it is already -v 3 in Bully by default..
    no need to add the argument

    and how would adding the '- vv' argument in Reaver limit the custom attack?
    I didn't mean it would limit the actual attack, I mean't maybe not everyone would want to see the output for whatever reason.
    Its custom settings so you'll have to add whatever you want including the -vv. LOL
    Last edited by slim76; 2014-10-23 at 02:36.

  7. #207
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    just to clarify post#201 above.

    What I would like to see is, only one choice.

    Reaver 1.3, 1.4, 1.5
    Code:
    reaver -i monX -c X -b XX:XX:XX:XX:XX:XX
    Bully
    Code:
    bully monX -c X -b XX:XX:XX:XX:XX:XX
    That single option is customizable(user input). In other words there would be only the custom settings, as anything else is not recommended, arguments being on a case to case basis. What do you think?

    I think it's the way to go.
    Last edited by Quest; 2014-10-23 at 11:50.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  8. #208
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580

    GitHUB

    just created a github.

    https://github.com/Quest33/new-toys-R-and-D-

    it's going to be a learning process as I never used it before.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  9. #209
    Join Date
    2014-Jun
    Location
    Greece
    Posts
    133
    Quote Originally Posted by Quest View Post
    just created a github.

    https://github.com/Quest33/new-toys-R-and-D-

    it's going to be a learning process as I never used it before.
    Hi Quest.

    With all the respect those, can be founded useful to you:
    http://readwrite.com/2013/09/30/unde...ginners-part-1
    http://readwrite.com/2013/10/02/gith...ginners-part-2
    and this can help you to build a nice README.md file:
    https://confluence.atlassian.com/dis...n+syntax+guide

    If you want some help, please feel free to knock my door, but I don't thing that would be necessary. You will find your way!
    Security always begins with personal responsibility. - quietman7

  10. #210
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Thanks!

    actually if you could break it down?

    1. open an account
    2. download the software
    3. ?
    4. ...

    The problem is that i cannot really try it myself. I'm not the maker of FS, I'm just the OC(official complainer), and I eat popcorn also...

    Cheers!!
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  11. #211
    Join Date
    2014-Apr
    Location
    Down Under
    Posts
    315
    Quote Originally Posted by Quest View Post
    Thanks!

    actually if you could break it down?

    1. open an account
    2. download the software
    3. ?
    4. ...

    The problem is that i cannot really try it myself. I'm not the maker of FS, I'm just the OC(official complainer), and I eat popcorn also...

    Cheers!!
    Hey Quest,

    It would normally go something like this...

    Slim would upload his project to his own Github.

    We would then fork his project to our own repo's.

    I'd say "you know what would be good?! this thing which i'll write into the copy of Slims project stored in my repo". Slim can see that I made changes, if he likes the changes he can pull the code I changed into his project. I can also submit a pull request and say 'slim, I think these changes should be included because I fixed / changed x,y,z'

    The github software is useful too. I use the windows version for my updates because it's more pretty. After I clone my repo using the github software (clone the repo to my local drive which is a fork of the repo i'm editing) I edit it with something like Geany or Notepad++.

    When I finish my changes, the github software shows me the changes I have made and lets me save a comment against them like 'fixed typo in terminal shortcut for conky' and then I can commit my changes and they appear in my fork on github with the comment for all to see.
    chown -R us ./base

  12. #212
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Hey friend! Understood.

    From there FrankenScript.deb can be downloaded by anyone, without problems, ready to install? Or is it just a cloud based working platform? In other words could you upload a .deb ready to go?
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  13. #213
    Join Date
    2013-Oct
    Posts
    321
    I think i've finally gone crazy, I swear I saw some info in this thread regarding cowpatty and how to check for a valid handshake.
    I've been through the thread a few times now and I still can't find it. :-(

  14. #214
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    nah you're just nuts. Page 16 post# 156. Part of my laundry list

    What would be cool also is way to cleanup a .cap, but the only way that I found was with WPAClean and it got serious issues. Wish someone would put it on the operating table, open it and fixit.
    Last edited by Quest; 2014-10-31 at 01:59.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  15. #215
    Join Date
    2013-Oct
    Posts
    321
    Cheers matey.

    I got a couple of questions for you,

    1) What output message do you get from cowpatty if the capture file is good?.
    2) What output message do you get from cowpatty if the capture file is bad?.

  16. #216
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    good:
    Collected all necessary data to mount crack against WPA/PSK passphrase.
    bad:
    End of pcap capture file, incomplete four-way handshake exchange. Try using a
    different capture.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  17. #217
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    if anyone wants to reproduce the above..

    1. place a good .cap in root

    2. cowpatty -r Xxxxxx.cap -c
    that will produce the "good" return message.

    3. wpaclean Xxxxxx22.cap Xxxxxx.cap
    that will messup the output .cap for sure.

    4. cowpatty -r Xxxxxx22.cap -c
    that will produce the "bad" return message.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  18. #218
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    if anyone wants to reproduce the above..

    1. place a good .cap in root

    2. cowpatty -r Xxxxxx.cap -c
    that will produce the "good" return message.

    3. wpaclean Xxxxxx22.cap Xxxxxx.cap
    that will messup the output .cap for sure.

    4. cowpatty -r Xxxxxx22.cap -c
    that will produce the "bad" return message.
    Cheers once again matey.

    I've just tested cowpatty -r Xxxxxx.cap -c and wpaclean Xxxxxx22.cap Xxxxxx.cap, both appear to be working ok I think. LOL
    Did you execute the commands in the correct order, wpaclean New.cap Old.cap.

  19. #219
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    yes they have it backwards so it's the out.cap in.cap last.

    It's possible that wpaclean did not messup your out.cap. Keep trying with different .cap and you will see the problem with that app.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  20. #220
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580

    william.sh

    can you look at this please? http://www.exploresecurity.com/willi...action-script/

    I will try it.


    very interesting:

    Code:
    root@kali:~# cd /root && ./william.sh Xxxx222.cap Xxxx11.cap
    Mode=REVERSE m=1 (second message) n=1 (first message) ignoring duplicates
    Using packet 4 as second EAPOL packet
    BSSID is 38:60:77:xx:xx:xx
    TKIP network identified
    Client station is 94:eb:cd:xx:xx:xx
    Determined SSID from beacon frame (packet number 1)
    The SSID is XXXXXX
    There are 1 first messages before the chosen second message
    Using packet 2 as first EAPOL packet
    Writing packets to Xxxx222.cap
    Deleting temp files
    Now run "aircrack-ng Xxxx222.cap -w <dictionary_file>"
    
    root@kali:~# pyrit -r Xxxx222.cap analyze
    ERROR: could not insert 'nvidia': No such device
    Pyrit 0.4.1-dev (svn r308) (C) 2008-2011 Lukas Lueg http://pyrit.googlecode.com
    This code is distributed under the GNU General Public License v3+
    
    Parsing file 'Xxxx222.cap' (1/1)...
    Parsed 3 packets (3 802.11-packets), got 1 AP(s)
    
    #1: AccessPoint 38:60:77:xx:xx:xx ('XXXXXX'):
      #1: Station 94:eb:cd:xx:xx:xx, 1 handshake(s):
        #1: HMAC_MD5_RC4, bad, spread 1
    
    root@kali:~# cowpatty -r Xxxx222.cap -c
    cowpatty 4.6 - WPA-PSK dictionary attack. <[email protected]>
    
    Collected all necessary data to mount crack against WPA/PSK passphrase.
    root@kali:~#
    now pyrit and cowpatty don't agree on the output.cap file generated by william.
    Last edited by Quest; 2014-10-31 at 13:11.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  21. #221
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    can you look at this please? http://www.exploresecurity.com/willi...action-script/

    I will try it.


    very interesting:

    Code:
    root@kali:~# cd /root && ./william.sh Xxxx222.cap Xxxx11.cap
    Mode=REVERSE m=1 (second message) n=1 (first message) ignoring duplicates
    Using packet 4 as second EAPOL packet
    BSSID is 38:60:77:xx:xx:xx
    TKIP network identified
    Client station is 94:eb:cd:xx:xx:xx
    Determined SSID from beacon frame (packet number 1)
    The SSID is XXXXXX
    There are 1 first messages before the chosen second message
    Using packet 2 as first EAPOL packet
    Writing packets to Xxxx222.cap
    Deleting temp files
    Now run "aircrack-ng Xxxx222.cap -w <dictionary_file>"
    
    root@kali:~# pyrit -r Xxxx222.cap analyze
    ERROR: could not insert 'nvidia': No such device
    Pyrit 0.4.1-dev (svn r308) (C) 2008-2011 Lukas Lueg http://pyrit.googlecode.com
    This code is distributed under the GNU General Public License v3+
    
    Parsing file 'Xxxx222.cap' (1/1)...
    Parsed 3 packets (3 802.11-packets), got 1 AP(s)
    
    #1: AccessPoint 38:60:77:xx:xx:xx ('XXXXXX'):
      #1: Station 94:eb:cd:xx:xx:xx, 1 handshake(s):
        #1: HMAC_MD5_RC4, bad, spread 1
    
    root@kali:~# cowpatty -r Xxxx222.cap -c
    cowpatty 4.6 - WPA-PSK dictionary attack. <[email protected]>
    
    Collected all necessary data to mount crack against WPA/PSK passphrase.
    root@kali:~#
    now pyrit and cowpatty don't agree on the output.cap file generated by william.
    Are you just trying to clean and convert the .cap file for use with hashcat, if so is it absolutely necessary to clean the .cap file before converting it?.

  22. #222
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Quote Originally Posted by slim76 View Post
    Are you just trying to clean and convert the .cap file for use with hashcat, ...
    no, that is not necessary. The cleanup is an independent step/option.

    Quote Originally Posted by slim76 View Post
    ... if so is it absolutely necessary to clean the .cap file before converting it?.
    no, just makes sense to remove excess data from a .cap, though I'm not sure how that translate in real life. One of the effect excess data has, is that the program won't find the passphrase.

    I would definitely include william.sh as an option to clean captured handshakes.

    [1] Verify a captured handshake file.
    [1] pyrit
    [2] cowpatty


    [2] Generate a clean version of a captured handshake file.
    [1] william
    Last edited by Quest; 2014-10-31 at 17:02.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  23. #223
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580

    Post list recap

    Packaging
    • the '( )' should not be used when creating a .deb in the file name because it won't install.


    Invoke
    • fs3.sh, is version specific(3). I do not have to type in wifitev82 when invoking Wifite. fs.sh would be more time proof.
    • Popup arguments list upon invoking Reaver or Bully to help users build their syntax.


    Scans
    • it is counter-intuitive to click on the first window and press [Enter] to stop airodump or wash. [Ctrl]+[c] should be allowed to stop the process in the second window, and that would return the 'Enter' in the first window.
    • when selecting a target, identify the router make&model based upon MAC would save me time when testing.
    http://anonsvn.wireshark.org/wireshark/trunk/manuf

    Features
    • Script Launcher.., that was useful.
    • verify a .cap option separately would be useful also. cowpatty -r Xxxxxxx.cap -c , pyrit -r Xxxxxxx.cap analyze
    • Clean a captured handshake as an option with william.sh
    • Reaver 1.3
    • Reaver 1.5
    • cuda/ocl/Hashcat


    Modifications:
    • Only one customizable option (1 syntax) for Reaver and Bully, for reasons expressed in post #201 page 21.
    https://forums.kali.org/showthread.p...ll=1#post38851




    Last edited by Quest; 2014-11-02 at 00:49.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  24. #224
    Join Date
    2014-Nov
    Posts
    1
    Just registered to say thank you toSlim for coding Frankenscipt!

    It's awesome that someone is still improving on reaver and WPS vulnerabilities. The script has made things much faster and easier. I do have a few suggestions for improvement:

    1) I would like to second the idea to add syntax lists for Reaver and Bully. Most of them i've memorized but i still have to refer to my "cheat sheet" on occasion.

    2) Also, I would like to see a way to save custom syntax in either a list, or in association with a specific ESSID. For instance, I commonly use -vv -N -T -d 3 on a couple of my routers where basic settings will not work. I have to use trial and error to find the best syntax strings and usually write them down in a notebook. It would be nice to be able to save them.

    3) Is there any way to automate the trial and error process based on Reaver output? Say I get a rate limit lockout, and the scipt adds -L to try and ignore the lockout which sometimes works. Or, sets a high -d X number and works down to determine the ideal time between pin attempts or number of pin attempts that trigger a lockout? There are alot of ways to go with this and I'm sure some more experianced users could weigh in on how they addapt their syntax for certain situations.

    4) Add options for flooding the router for a reset. Currently I scan AP's using wash in Frankenscript, then hop over to a script called AP-Fucker and use the Destruction Mode to attempt to reset the AP. This sometimes works.

    5) I don't know if it's been discussed but there is another way to determine the default pin on some d-link routers discovered by the same guy who created Reaver. Check it out on his blog here. His blog has a lot of good ino on router vulnerabilities.

    That's all I can think of for now. Thanks again Slim!

  25. #225
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Hello L0vecore,

    1) yes that will most likely be added.

    2) good idea!

    3) FS does not have artificial intelligence. I do see, like you, the potential for that, eventually.

    4) something similar was added at one point but was taken out.

    5) no, but yes (probly the most ambiguous answer ever)

    Thanks man
    Last edited by Quest; 2014-11-06 at 00:40.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  26. #226
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by L0vecore View Post
    Just registered to say thank you toSlim for coding Frankenscipt!

    It's awesome that someone is still improving on reaver and WPS vulnerabilities. The script has made things much faster and easier. I do have a few suggestions for improvement:

    1) I would like to second the idea to add syntax lists for Reaver and Bully. Most of them i've memorized but i still have to refer to my "cheat sheet" on occasion.

    2) Also, I would like to see a way to save custom syntax in either a list, or in association with a specific ESSID. For instance, I commonly use -vv -N -T -d 3 on a couple of my routers where basic settings will not work. I have to use trial and error to find the best syntax strings and usually write them down in a notebook. It would be nice to be able to save them.

    3) Is there any way to automate the trial and error process based on Reaver output? Say I get a rate limit lockout, and the scipt adds -L to try and ignore the lockout which sometimes works. Or, sets a high -d X number and works down to determine the ideal time between pin attempts or number of pin attempts that trigger a lockout? There are alot of ways to go with this and I'm sure some more experianced users could weigh in on how they addapt their syntax for certain situations.

    4) Add options for flooding the router for a reset. Currently I scan AP's using wash in Frankenscript, then hop over to a script called AP-Fucker and use the Destruction Mode to attempt to reset the AP. This sometimes works.

    5) I don't know if it's been discussed but there is another way to determine the default pin on some d-link routers discovered by the same guy who created Reaver. Check it out on his blog here. His blog has a lot of good ino on router vulnerabilities.

    That's all I can think of for now. Thanks again Slim!
    You're welcome mate.
    Cheers for the suggestions.

    Questions 1-3, I'll try to include them in frankenscript at some point in time.
    Question 4, I doubt I'll be adding that option again.
    Question 5, I'm not good at scripting or coding but if someone scripts it then I'll add it. :-)

  27. #227
    Join Date
    2013-Oct
    Posts
    321
    @ Quest

    I decided to setup and configure my Nvidia graphics along with cuda and cudahashcat, so I should be adding cudahashcat to frankenscript very soon. :-)

  28. #228
    Join Date
    2014-Nov
    Location
    Bulgaria
    Posts
    9
    Sorry that i ask here, but if it's possible someone to modified revdk3 script to work with bully ?

  29. #229
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Hi WaLkZ!

    yup, definitely the wrong place to post that request. revdk3 is made by repzeroworld, and he has an account over at https://forums.hak5.org/index.php?/t...mdk3-solution/ and someone overthere already asked that question in post# 18.

    Good luck!
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  30. #230
    Quote Originally Posted by slim76 View Post
    To uninstall/remove the previous FrankenScript type: dpkg -r FrankenScript_v3.1 or dpkg -r fs3

    Updated FrankenScript (9-10-14).
    Fixed the uninstall problem.
    Fixed location paths.


    Download Link:
    http://mir.cr/DHEDYWHS
    [/B]
    apologies if this was addressed, but I couldn't find the info.

    Getting a The captured handshake is bad, the file will be deleted. error with this linked above version.
    Is there a later version of FS3?

    p.s.
    Great tool guys.

    Cheers.
    Last edited by wn722; 2014-12-05 at 10:47.

  31. #231
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Hi wn722,

    - yes you have the latest version.

    - it's normal to have the "The captured handshake is bad, the file will be deleted" message if the cap file is not workable. If you keep having bad caps all the time, without a good one ever, then something is definitely out-of-wak.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  32. #232
    what constitutes a bad handshake?
    I'm testing it with my own wifi and the old scripty method with aireplay and airodump works fine.

  33. #233
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    FS uses pyrit to verify cap files, so if you have a cap file you could try and verify it just to see if it a workable cap file..

    cap file in Home >
    Code:
    cowpatty -r Xxxxxxx.cap -c
    Edit: oopss

    Code:
    pyrit -r Xxxxxxx.cap analyze
    Last edited by Quest; 2014-12-05 at 13:07.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  34. #234
    Join Date
    2014-Mar
    Location
    new delhi
    Posts
    7
    can't install sccript "GDBus.Errorrg.gtk.GDBus.UnmappedGError.Quark._pk_5ftransactio n_5ferror.Code4: SimulateInstallFiles not supported by backend"

  35. #235
    Join Date
    2014-Dec
    Posts
    7
    Quote Originally Posted by Quest View Post
    FS uses pyrit to verify cap files, so if you have a cap file you could try and verify it just to see if it a workable cap file..

    cap file in Home >
    Code:
    cowpatty -r Xxxxxxx.cap -c
    Edit: oopss

    Code:
    pyrit -r Xxxxxxx.cap analyze
    Thank you fir this script.. trying it out now with bully. Just curious, whats your success ratio out of the two, Reaver and Bully. In the past I've been successful with reaver but just got back into this, and giving Bully a first time try. So far so good against my Motorola Router, though it throws the AP lock warning every 3 pins or so :/

    Quote Originally Posted by jerry.goyal View Post
    can't install sccript "GDBus.Errorrg.gtk.GDBus.UnmappedGError.Quark._pk_5ftransactio n_5ferror.Code4: SimulateInstallFiles not supported by backend"
    Jerry, use dpkg -i <path to the deb> that should do it.

  36. #236
    Join Date
    2014-Dec
    Posts
    7
    Literally just sat here and read through all 24 pages. Thank you all Slim, Quest, and others who has updated this script. Im using it with Bully now, but as I just got done reading the last few pages, looks like Reaver v1.5 is addeed? lol shiiiet, if Bully fails i'll give it a try.. May I ask, why the option to reset the AP for WPS lock was taken out? Hope ya'll had a great christmas and Happy Holidays!

  37. #237
    Join Date
    2014-Dec
    Posts
    7
    hmm.. cant get reaver to work properly, it just gets stuck on the same PIN. I noticed its running reaver 1.4. How do I force it to run 1.5? Bully surprisingly works better than when I run it manually w/out FS3.

  38. #238
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Coupee36 View Post
    hmm.. cant get reaver to work properly, it just gets stuck on the same PIN. I noticed its running reaver 1.4. How do I force it to run 1.5? Bully surprisingly works better than when I run it manually w/out FS3.
    Ho ho ho, Merry Christmas to all. :-)

    The version of FrankenScript you're using doesn't contain Reaver 1.5, you would need to uninstall Reaver 1.4 from kali and then install Reaver 1.5 if you wish to use Reaver 1.5.


    I've nearly finished the latest version of FrankenScript, I hope to have it finished and uploaded within a few days to a week.

    Changes I've made to FrankenScript:

    Changed menu's and options.
    Made changes to all of the attacks.
    Added custom configuration options (custom options will remain set until changed or deleted).
    Added show router information (if available).
    Added a previously cracked networks check to the displayed scan results, (Cracked networks are displayed in red, uncracked networks are displayed in white).
    Added other versions of reaver (They can be used without installing to kali).
    Added custom arguments options for reaver and bully (Custom commands can be stored and selected).
    Added another wps default pin generator (pingen.py).

  39. #239
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Hi Slim! Great, looking forward to the new release =]

    Quote Originally Posted by Coupee36 View Post
    Literally just sat here and read through all 24 pages. Thank you all Slim, Quest, and others who has updated this script. Im using it with Bully now, but as I just got done reading the last few pages, looks like Reaver v1.5 is addeed? lol shiiiet, if Bully fails i'll give it a try.. May I ask, why the option to reset the AP for WPS lock was taken out? Hope ya'll had a great christmas and Happy Holidays!
    Hi Coupee36! The option to reset APs was dropped because it would be like, potentially, giving machine guns to monkeys. That is my understanding. FS is designed to facilitate operations and save the operator time, but that ease of use can also cause problems if not used properly. That is my explanation.

    Happy Yule!
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  40. #240
    Join Date
    2013-Oct
    Posts
    321
    Quote Originally Posted by Quest View Post
    Hi Slim! Great, looking forward to the new release =]

    Hi Coupee36! The option to reset APs was dropped because it would be like, potentially, giving machine guns to monkeys. That is my understanding. FS is designed to facilitate operations and save the operator time, but that ease of use can also cause problems if not used properly. That is my explanation.

    Happy Yule!
    That's exactly the reason, well said matey. :-)

  41. #241
    Join Date
    2014-Dec
    Posts
    7
    Quote Originally Posted by slim76 View Post
    Ho ho ho, Merry Christmas to all. :-)

    The version of FrankenScript you're using doesn't contain Reaver 1.5, you would need to uninstall Reaver 1.4 from kali and then install Reaver 1.5 if you wish to use Reaver 1.5.


    I've nearly finished the latest version of FrankenScript, I hope to have it finished and uploaded within a few days to a week.

    Changes I've made to FrankenScript:

    Changed menu's and options.
    Made changes to all of the attacks.
    Added custom configuration options (custom options will remain set until changed or deleted).
    Added show router information (if available).
    Added a previously cracked networks check to the displayed scan results, (Cracked networks are displayed in red, uncracked networks are displayed in white).
    Added other versions of reaver (They can be used without installing to kali).
    Added custom arguments options for reaver and bully (Custom commands can be stored and selected).
    Added another wps default pin generator (pingen.py).
    Hi Slim, thanks for the updates. Cant wait for the next release. In the meantime i"ll try the current script with Reaver 1.5.

    Quote Originally Posted by Quest View Post
    Hi Slim! Great, looking forward to the new release =]

    Hi Coupee36! The option to reset APs was dropped because it would be like, potentially, giving machine guns to monkeys. That is my understanding. FS is designed to facilitate operations and save the operator time, but that ease of use can also cause problems if not used properly. That is my explanation.

    Happy Yule!
    Hey Quest, makes sense ,

    On a side note.. what method is FrankenScript using to spoof the Mac Address? Not sure if anyone has seen this before in Kali, but macchanger doesnt work that well for me when it comes to mac spoofing. Though it says it has changed the MAC address and ifconfig displays the spoof address, but when I connect to my WIFI and run a simple IP scan, the permanent MAC address still comes up. I have found using ifconfig <int> hw ether <mac> after taking down the wlan0 int works the best and truly the MAC address is spoofed when an internal IP scan is performed on the network.

    Have a great weekend all!

  42. #242
    Join Date
    2014-Dec
    Posts
    7
    for what its worth.. this is the custom Reaver command I use that has decent success rate with modern AP's.

    reaver -i mon0 -vv -b <bbsid> -d 15 -r 3:15 -T .5

  43. #243
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    good for you if you have found a steady formula! I find that preconceived syntax, are like wearing someone else underwear... Not only are they on a case-to-case basis, arguments are known to cause problems in some some weird and unexpected ways. That being said you bring up an interesting point
    ...with modern AP's.
    We did have long debates about what prefabricated formulas should be included, and I think that
    Quote Originally Posted by slim76 View Post
    ...
    Added custom arguments options for reaver and bully (Custom commands can be stored and selected).
    will solve it for all.

    Clever move
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  44. #244
    Join Date
    2014-Dec
    Posts
    7
    Quote Originally Posted by Quest View Post
    good for you if you have found a steady formula! I find that preconceived syntax, are like wearing someone else underwear... Not only are they on a case-to-case basis, arguments are known to cause problems in some some weird and unexpected ways. That being said you bring up an interesting point

    We did have long debates about what prefabricated formulas should be included, and I think that
    will solve it for all.

    Clever move
    yup.. can't wait for next release.

  45. #245
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    That looks interesting...
    https://forums.kali.org/showthread.p...ll=1#post40956

    from the included help file..
    ...

    The breakthrough came when MTeams turned their attention to WPS locked routers. It was soon discovered that a small number of WPS pins could be collected from some routers which wash and reaver reported as locked. Presumably no one was spending time attacking locked routers. After more testing, it was found that if these same WPS locked routers were subjected to short bursts of a mdk3 combination simultaneously, usually a mixture of DDOS and EAPOL, then the router would allow further pins to be harvested. In these cases the router did not reset, the WPS locking mechanism remained in place and sometimes the router changed channels. But what was important here was that more WPS pins could be collected. These routers would eventually stop providing pins, BUT if subjected to another dose of mdk3, the router would supply another batch of pins.

    ...
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  46. #246
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  47. #247
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    ... and this...

    After almost two years of public development (and another year behind the scenes), we are proud to announce our first point release of Kali Linux – version 1.1.0.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  48. #248
    is FS still a live project?
    I got the latest version and it keeps spitting out the WPA handshakes - cause they are BAD

    Parsing file '/usr/share/FS3/Temp_Working_Dirctory/Deauthenticate_a_client_6466B3C2552F/psk-01.cap' (1/1)...
    Traceback (most recent call last):
    File "/usr/bin/pyrit", line 6, in <module>
    pyrit_cli.Pyrit_CLI().initFromArgv()
    File "/usr/lib/pymodules/python2.7/pyrit_cli.py", line 115, in initFromArgv
    func(self, **options)
    File "/usr/lib/pymodules/python2.7/pyrit_cli.py", line 163, in new_f
    f(*args, **kwds)
    File "/usr/lib/pymodules/python2.7/pyrit_cli.py", line 478, in stripCapture
    parser = self._getParser(capturefile)
    File "/usr/lib/pymodules/python2.7/pyrit_cli.py", line 179, in _getParser
    parser.parse_pcapdevice(dev)
    File "/usr/lib/pymodules/python2.7/cpyrit/pckttools.py", line 600, in parse_pcapdevice
    for pckt in reader:
    File "/usr/lib/pymodules/python2.7/cpyrit/pckttools.py", line 500, in next
    pckt = self.read()
    File "/usr/lib/pymodules/python2.7/cpyrit/pckttools.py", line 488, in read
    r = _cpyrit_cpu.PcapDevice.read(self)
    IOError: libpcap-error while reading: truncated dump file; tried to read 1542 captured bytes, only got 1399
    No file found that matches '/usr/share/FS3/Temp_Working_Dirctory/Deauthenticate_a_client_6466B3C2552F/Stripped.cap'
    The captured handshake is bad, the file will be deleted.

  49. #249
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Hi wn722,

    I believe it is. Slim must be busy and/or waiting for new and better toys to make another version.

    Please state your version of Kali. There might(?) be a greater problem that has nothing to do with FS.. https://forums.kali.org/showthread.p...ersion-of-Kali

    I do believe we have the same setup. Kali 1.1.0a / TP-LINK TL-WN722N. It is difficult to cap a good handshake. Make sure when attempting handshakes that you choose the option to "kill all process" in FS. That helps. Try that and report back please, I would like to see that situation solved.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  50. #250
    hey Quest
    ya, I'm running
    cat /etc/issue
    Kali GNU/Linux 1.1.0 \n \l
    JUST upgraded and it's working now...

Similar Threads

  1. Howto live usb on a uefi32 and X64 HW :confused:
    By snoopy1949 in forum General Archive
    Replies: 3
    Last Post: 2016-12-27, 06:49
  2. Replies: 492
    Last Post: 2016-10-27, 05:30
  3. Kali 2.0 USB persistent: old howto no more valid
    By ovosodo in forum Installing Archive
    Replies: 5
    Last Post: 2015-08-15, 09:45
  4. Howto HDD installation on a USB key
    By Quest in forum How-To Archive
    Replies: 5
    Last Post: 2015-02-12, 16:18

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •