search

derv82 / wifite2

Rewrite of the popular wireless network auditor, "wifite"
GNU General Public License v2.0
6.45k stars 1.32k forks source link

broadcast mac could not find target #32

Closed MisterBianco closed 7 years ago

MisterBianco commented 7 years ago

While doing an area scan I got this stack trace:

[+] (1/30) starting attacks against 00:00:00:00:00:00 (Seegmiller) [+] Seegmiller (00:00:00:00:00:00 @ 99db) WPS Pixie-Dust: Waiting for target to appear...
[!] Error: Could not find target (00:00:00:00:00:00) in airodump

[!] Full stack trace below

[!] Traceback (most recent call last): [!] File "/usr/local/bin/wifite2", line 105, in run [!] result = attack.run() [!] File "/usr/share/wifite/py/AttackWPS.py", line 27, in run [!] bully = Bully(self.target, pixie=True) [!] File "/usr/share/wifite/py/Bully.py", line 44, in init [!] self.run() [!] File "/usr/share/wifite/py/Bully.py", line 61, in run [!] self.target = self.wait_for_target(airodump) [!] File "/usr/share/wifite/py/Attack.py", line 44, in wait_for_target [!] 'Could not find target (%s) in airodump' % self.target.bssid) [!] Exception: Could not find target (00:00:00:00:00:00) in airodump [+] Seegmiller (00:00:00:00:00:00 @ 99db) WPA Handshake capture: Waiting for target to appear...
[!] Error: Could not find target (00:00:00:00:00:00) in airodump

That mac is a broadcast mac address, these addresses need to be filtered out.

These addresses are as follows: ff:ff:ff:ff:ff:ff 00:00:00:00:00:00

Any address that starts with any in this list: ["01:00", "01:80:c2", "33:33"] are multicast addresses and should also be filtered out.

You could create a function like 

def check_valid (mac):
    '''
        This function takes a mac address and checks that it is valid before using it.
    '''
    if mac in ["ff:ff:ff:ff:ff:ff", "00:00:00:00:00:00"]:
        return False

    for item in  ["01:00", "01:80:c2", "33:33"]:
        if mac.startswith(item):
            return False
    return True

Or you could possibly find a better way.

The command I used btw was: sudo wifite2 on kali linux 2017.1

derv82 commented 7 years ago

Interesting, I'm wondering why broadcast MACs are appearing as Access Points in the airodump output...

Anyway, I'll include a "MAC Filter" to only consider Access Points & to ignore the broadcast/multicast MACs.

From https://en.wikipedia.org/wiki/Multicast_address#802.11 :

802.11 wireless networks use the same 01:00:5E:xx:xx:xx and 33:33:xx:xx:xx:xx MAC addresses for multicasting as Ethernet.

Which is similar to the 01:00 MAC you mentioned.

Assuming Wikipedia is right, like the script should filter multicast MACs that stat with:

["01:00:5e", "01:80:c2", "33:33"]
MisterBianco commented 7 years ago

That's sounds right. Awesome

On Sun, Jun 11, 2017, 2:23 PM derv notifications@github.com wrote:

Interesting, I'm wondering why broadcast MACs are appearing as Access Points in the airodump output...

Anyway, I'll include a "MAC Filter" to only consider Access Points & to ignore the broadcast/multicast MACs.

From https://en.wikipedia.org/wiki/Multicast_address#802.11 :

802.11 wireless networks use the same 01:00:5E:xx:xx:xx and 33:33:xx:xx:xx:xx MAC addresses for multicasting as Ethernet.

Which is similar to the 01:00 MAC you mentioned.

Assuming Wikipedia is right, like the script should filter multicast MACs that stat with:

["01:00:5e", "01:80:c2", "33:33"]

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/derv82/wifite2/issues/32#issuecomment-307654346, or mute the thread https://github.com/notifications/unsubscribe-auth/AbIiUYXZ7hi4pudErg_iOTIkFnpZdvtkks5sDEzYgaJpZM4N2RoO .

derv82 commented 7 years ago

Reopening: The regex needs the ignore case flag, otherwise is probably won't work...