derv82 / wifite2

Rewrite of the popular wireless network auditor, "wifite"
GNU General Public License v2.0
6.47k stars 1.32k forks source link

wifite get stucked on NetHunter(HuaweiPhone rooted) #126

Open wangmu0579 opened 6 years ago

wangmu0579 commented 6 years ago

I have installed NetHunter on Huawei Honor6x succes with phone rooted. But when i try to run wifite but it stucked and it must be stopped by CTRL+C。 I have tried use latest version but no luck. iwconfig seems work well.

(I sshed to NetHunter with my computer) Another problem: how to enable wifi adapter for NetHunter which seems identified by NetHunter?

root@kali:~/wifite2# lsusb
Bus 001 Device 069: ID 0bda:8179 Realtek Semiconductor Corp. RTL8188EUS 802.11n Wireless Network Adapter
root@kali:~/wifite2# python Wifite.py 
  .               .    
.´  ·  .     .  ·  `.  wifite 2.1.8
:  :  :  (¯)  :  :  :  automated wireless auditor
`.  ·  ` /¯\ ´  ·  .´  https://github.com/derv82/wifite2
  `     /¯¯¯\     ´    

 [!] warning: recommended app hashcat was not found install @ https://hashcat.net/hashcat/
 [!] warning: recommended app hcxdumptool was not found install @ https://github.com/ZerBea/hcxdumptool
 [!] warning: recommended app hcxpcaptool was not found install @ https://github.com/ZerBea/hcxtools
iwconfig wlan0

^C
 [!] interrupted, shutting down...
root@kali:~/wifite2# wifite
  .               .    
.´  ·  .     .  ·  `.  wifite 2.1.6
:  :  :  (¯)  :  :  :  automated wireless auditor
`.  ·  ` /¯\ ´  ·  .´  https://github.com/derv82/wifite2
  `     /¯¯¯\     ´    

^C
 [!] interrupted, shutting down...
root@kali:~/wifite2# 

iwconfig seems work well:

root@kali:~/wifite2# iwconfig
rmnet2    no wireless extensions.
sit0      no wireless extensions.
lo        no wireless extensions.
rmnet3    no wireless extensions.
wlan0     IEEE 802.11  ESSID:off/any  Nickname:""
          NWID:off/any  Mode:Unknown/bug  Frequency:inf GHz  
          Access Point: 64:3A:XX:28:B4:XX   
          RTS thr:off   Fragment thr:off
          Power Management:off
          Link Quality:55  Signal level:201  Noise level:0
          Rx invalid nwid:0  invalid crypt:0  invalid misc:0
rmnet4    no wireless extensions.
rmnet_ims  no wireless extensions.
Hisilicon0  no wireless extensions.
p2p0      IEEE 802.11  ESSID:off/any  Nickname:""
          NWID:off/any  Mode:Unknown/bug  Frequency:inf GHz  
          Access Point: Not-Associated   
          RTS thr:off   Fragment thr:off
          Power Management:on
          Link Quality:0  Signal level:0  Noise level:0
          Rx invalid nwid:0  invalid crypt:0  invalid misc:0
rmnet0    no wireless extensions.
rmnet_ims1  no wireless extensions.
rmnet_vowifi  no wireless extensions.
rmnet1    no wireless extensions.
wangmu0579 commented 6 years ago

2018-08-18 12-31-06

derv82 commented 6 years ago

What is the output if you run Wifite with -vv option (verbose)? That will show what programs Wifite is running, maybe it's getting stuck when calling iwconfig or airmon-ng...

Also, your iwconfig says wlan1 is in Mode:Unknown/bug which seems odd.

kimocoder commented 6 years ago

Last time I checked, 8188EUS doesn't support monitor mode/injection. At least not in Kali. I have a monitor mode driver which I've added injection too, but haven't released it yet.

derv82 commented 6 years ago

@kimocoder Thanks for the info!

Although it's still bad that Wifite gets hung up. Hopefully I can fix that if @wangmu0579 can provide the -vv output.

wangmu0579 commented 6 years ago

This is output for wifite -vv. Great thanks for help.

root@kali:~/linux-4.1.18/master# wifite -vv
  .               .    
.´  ·  .     .  ·  `.  wifite 2.1.6
:  :  :  (¯)  :  :  :  automated wireless auditor
`.  ·  ` /¯\ ´  ·  .´  https://github.com/derv82/wifite2
  `     /¯¯¯\     ´    

 [+] option: verbosity level 2

 [?]  Executing: which airmon-ng
 [stdout] /usr/sbin/airmon-ng

 [?]  Executing: which airodump-ng
 [stdout] /usr/sbin/airodump-ng

 [?]  Executing: which aircrack-ng
 [stdout] /usr/bin/aircrack-ng

 [?]  Executing: which aireplay-ng
 [stdout] /usr/sbin/aireplay-ng

 [?]  Executing: which iwconfig
 [stdout] /sbin/iwconfig

 [?]  Executing: which ifconfig
 [stdout] /sbin/ifconfig

 [?]  Executing: which reaver
 [stdout] /usr/bin/reaver

 [?]  Executing: which bully
 [!] warning: recommended app bully was not found
     install @ https://github.com/aanarchyy/bully

 [?]  Executing: which pyrit
 [stdout] /usr/bin/pyrit

 [?]  Executing: which tshark
 [stdout] /usr/bin/tshark

 [?]  Executing: which macchanger
 [stdout] /usr/bin/macchanger

 [?]  Executing: airmon-ng check
wangmu0579 commented 6 years ago

about 8188eus, following was the output after plugin the WIFI adapter

root@kali:~/linux-4.1.18/master# lsusb
Bus 001 Device 044: ID 0bda:8179 Realtek Semiconductor Corp. RTL8188EUS 802.11n Wireless Network Adapter
root@kali:~/linux-4.1.18/master# 

But seems Nethunter not driver correctly for 8188eus as wlan1 not appeared. I tried DKMS which following the instruction at https://github.com/lwfinger/rtl8188eu and seem success. But still no new interface found. Do you have any good idea put the rtl8188eu to injection mode for my NetHunter(Huawei Honor6x rooted phone)>

root@kali:~/linux-4.1.18/master#  dkms build 8188eu/1.0

Kernel preparation unnecessary for this kernel.  Skipping...

Building module:
cleaning build area...
'make' all KVER=4.1.18-g6bbdebf..........................................
cleaning build area...

DKMS: build completed.
root@kali:~/linux-4.1.18/master#  dkms install 8188eu/1.0

8188eu.ko:
Running module version sanity check.

Good news! Module version v4.1.4_6773.20130222 for 8188eu.ko
exactly matches what is already found in kernel 4.1.18-g6bbdebf.
DKMS will not replace this module.
You may override by specifying --force.

depmod...
Running in chroot, ignoring request: restart

DKMS: install completed.
root@kali:~/linux-4.1.18/master# ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 477087  bytes 647574319 (617.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 477087  bytes 647574319 (617.5 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

p2p0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet6 fe80::a4ca:a0ff:fe5f:f435  prefixlen 64  scopeid 0x20<link>
        ether a6:ca:a0:5f:f4:35  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8  bytes 648 (648.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=81<UP,POINTOPOINT,RUNNING>  mtu 1500
        inet 26.26.26.1  netmask 255.255.255.0  destination 26.26.26.1
        inet6 fdfe:dcba:9876::1  prefixlen 126  scopeid 0x0<global>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 22869  bytes 29297448 (27.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13150  bytes 803855 (785.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1400
        inet 192.168.1.2  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::a6ca:a0ff:fe5f:f435  prefixlen 64  scopeid 0x20<link>
        ether a4:ca:a0:5f:f4:35  txqueuelen 1000  (Ethernet)
        RX packets 135315  bytes 170754497 (162.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 77144  bytes 7459020 (7.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
kimocoder commented 6 years ago

The rtl8188eu(s) driver doesn't support injection.

kimocoder commented 6 years ago

You may try the https://github.com/kimocoder/rtl8188eus driver, I've added injection bit don't know if it's working yet, will do more work to it later. Anyway, the lwfinger 8188eu driver doesn't support monitor either.. so it's useless inn terms of penetration testing. Mine at least got monitor mode working

wangmu0579 commented 6 years ago

Thanks @kimocoder for your information. My first problem should be bring the rtl8188eus UP for the NetHunter whether your's driver or iwfinger's. I think I need goto NetHunter git/wiki to find my rtl8188eus UP. Or do you have any idea how to bring the rtl8188eus UP for NetHunter? Thanks.

wangmu0579 commented 6 years ago

more info here: root@kali:/# airmon-ng start wlan0

Found phy0 with no interfaces assigned, would you like to assign one to it? [y/n] y

ERROR adding monitor mode interface: command failed: Operation not supported (-95)

Found 1 processes that could cause trouble. If airodump-ng, aireplay-ng or airtun-ng stops working after a short period of time, you may want to run 'airmon-ng check kill'

PID Name 25223 wpasupplicant

PHY Interface Driver Chipset

ethtool failed... Only mac80211 devices on kernel 2.6.33 or higher are officially supported by airmon-ng. root@kali:/#

kimocoder commented 6 years ago

what is the output of "airmon-ng" ? I have to say it one more time perhaps.. the 8188eu driver from lwfinger does NOT support monitor mode

wangmu0579 commented 6 years ago

Put cmd reault following. For me, first problem was bring 8188eu wlan up which means ifconfig can see the new wifi interface when plugin the wifi adapter for my phone.

Do you know how to do it?

8eus# airmon-ng

Found phy0 with no interfaces assigned, would you like to assign one to it? [y/n] y
ERROR adding monitor mode interface: command failed: Operation not supported (-95)

PHY     Interface       Driver          Chipset
ethtool failed...
Only mac80211 devices on kernel 2.6.33 or higher are officially supported by airmon-ng.

Compile error for your rtl driver and i can not create issue at your address. Put to here .Hope owner not mind.

ARCH=arm changed.

os_dep/linux/ioctl_cfg80211.c:993:4: error: too many arguments to function 'cfg80211_disconnected'
    cfg80211_disconnected(padapter->pnetdev, 0, NULL, 0, 0, GFP_ATOMIC);
    ^
wangmu0579 commented 6 years ago

The compiler problem solved os_dep/linux/ioctl_cfg80211.c:993:4: error: too many arguments to function 'cfg80211_disconnected' cfg80211_disconnected(padapter->pnetdev, 0, NULL, 0, 0, GFP_ATOMIC); after remove GFP_ATOMIC on above; Now @kimocoder's driver installed success using following: sudo dkms add ./rtl8188eu sudo dkms build 8188eu/1.0 sudo dkms install 8188eu/1.0

But new interface still not be found using ifconfig which like previous. So my question still be how to bring new WIFI adapter UP for Android Phone. Any ideas?

kimocoder commented 6 years ago

Ask in the NetHunter repo @ https://github.com/offensive-security/kali-nethunter

DroidKali commented 6 years ago

Are you sure your phone has kernel support that can use extra wifi card?The NetHunter official support phones have the kernel support that can use extra wifi card to crack wifi !The official supported phones list can be found on there https://github.com/offensive-security/nethunter-devices/blob/master/devices.cfg

FaLC10 commented 4 years ago

I have same issue.. Wifite2 get stucked on Nethunter

I tryed this versions > 2.2.3, 2.2.5 , 2.5.0 My wifi adapter chipset " Atheros Communications, Inc. AR9271 802.11n"

Note1: Good working Wifite v2 r87,r85,r89

-vv output>

root@kali:~/wifite2-2.2.3# ./Wifite.py -vv . . .´ · . . · . wifite 2.2.3 : : : (¯) : : : automated wireless auditor . · /¯\ ´ · .´ https://github.com/derv82/wifite2 /¯¯¯\ ´

[+] option: verbosity level 2

[?] Executing: which aircrack-ng [stdout] /usr/bin/aircrack-ng

[?] Executing: which iwconfig [stdout] /sbin/iwconfig

[?] Executing: which ifconfig [stdout] /sbin/ifconfig

[?] Executing: which reaver [stdout] /usr/bin/reaver

[?] Executing: which bully [!] Warning: Recommended app bully was not found. install @ https://github.com/aanarchyy/bully

[?] Executing: which pyrit [stdout] /usr/bin/pyrit

[?] Executing: which tshark [stdout] /usr/bin/tshark

[?] Executing: which hashcat [!] Warning: Recommended app hashcat was not found. install @ https://hashcat.net/hashcat/

[?] Executing: which hcxdumptool [!] Warning: Recommended app hcxdumptool was not found. install @ https://github.com/ZerBea/hcxdumptool

[?] Executing: which hcxpcaptool [!] Warning: Recommended app hcxpcaptool was not found. install @ https://github.com/ZerBea/hcxtools

[?] Executing: which macchanger [stdout] /usr/bin/macchanger

[?] Executing: airmon-ng check

kimocoder commented 4 years ago

This is due to a bug in the ifconfig/iwconfig migration to ip/iw.

Can you try my fork at https://github.com/kimocoder/wifite2

And report back?

FaLC10 commented 4 years ago

stucked again. by the way, i didn't setup

root@kali:~# cd wifite2-kimcoder/ root@kali:~/wifite2-kimcoder# ls CHANGELOG EVILTWIN.md MANIFEST.in README.md Wifite.py ieee-oui.txt setup.cfg tests wordlist-probable.txt Dockerfile LICENSE PMKID.md TODO.md bin runtests.sh setup.py wifite root@kali:~/wifite2-kimcoder# chmod +x Wifite.py root@kali:~/wifite2-kimcoder# ./Wifite.py . . .´ · . . · . wifite2 2.5.0 : : : (¯) : : : an automated wireless auditor forked from @derv82 . · /¯\ ´ · .´ https://github.com/kimocoder/wifite2 /¯¯¯\ ´

[!] Warning: Recommended app bully was not found. install @ https://github.com/aanarchyy/bully [!] Warning: Recommended app hashcat was not found. install @ https://hashcat.net/hashcat/ [!] Warning: Recommended app hcxdumptool was not found. install @ https://github.com/ZerBea/hcxdumptool [!] Warning: Recommended app hcxpcaptool was not found. install @ https://github.com/ZerBea/hcxtools

FaLC10 commented 4 years ago

same problem :/

deduble commented 4 years ago

@kimocoder Nope, still getting stuck.

eliddell1 commented 2 years ago

So the problem is that its waiting for you to type Y/n for the last command:

Found phy0 with no interfaces assigned, would you like to assign one to it? [y/n] y

I am having the same problem. I wonder if there is a way to stop airmon-ng from always asking?

i thought maybe ifconfig wlan0 down would help but no... still asks about phy0

eliddell1 commented 2 years ago

changing the wifite command params helps. turns out that it is getting stick on your phy0 in the check, but if you put a usb wifi adapter into monitor mode manually and then run wifite with the "-i [that_interface] it will work.

for me, i put wlan1 into monitor mode and told wifite to use it like so:

$ airmon-ng start wlan1
$ wifite -i wlan1mon

and it works