search

kimocoder / wifite2

Rewrite of the popular wireless network auditor, "wifite" - original by @derv82
https://github.com/derv82/wifite2
GNU General Public License v2.0
955 stars 164 forks source link

TODO v2.7.1 #97

Open kimocoder opened 2 years ago

kimocoder commented 2 years ago
kimocoder commented 1 year ago

Pushed a lot of fixes and various stuff the past two days, but it's one thing I don't seem to figure out that easily... As for now, passing hashes through "john" isn't working, so I ran through it all to see everything and this is the case, not sure if it was because of the change from HcxPcapTool to Hcxpcapngtool and updates to "john" (possibly both);

kimocoder commented 1 year ago

wifite_1

wifite_2

kimocoder commented 1 year ago

Have to find a new way to parse this both for "john" and "cowpatty" has the same problem. Changes was when we moved from deprecated HcxPcapTool to HcxPcapngTool, but I have a real time struggle with it at the moment, however I prepared everything else besides this issue. @ZerBea I noticed that two of them wasn't working, props for some time :1st_place_medal:

The passwotd is there in plain sight, it's just the parsing through python that need an update. split and lines section :100:

The fancy section over at and below. It all seems good, but it's not. https://github.com/kimocoder/wifite2/blob/c01b4b1b8d844eda40013a232bbaf6ccce1eb6ec/wifite/tools/john.py#L47

ZerBea commented 1 year ago

Beside this fixed issue https://github.com/openwall/john/issues/5205 john is working as expected here. The issue is still open on Arch Linux: https://bugs.archlinux.org/task/76252?project=5&string=john

The same applies to --john output of hcxpcapngtool and hcxhashtool. Status of cowpatty is not known here, because I don't use it. If I need to calculate a rainbow table (for some reasons to verify a large number of PMKs) I use hcxkeys (GPU) which is much faster.

BTW: Arch Linux moved to OpenSSL 3.0.x https://archlinux.org/packages/core/x86_64/openssl/ We'll get some warnings until I adapt the code from 1.1 to 3.0 (EVP functions are faster on 3.0).

ZerBea commented 1 year ago

Forgot to mention that dwpa is using hashcat and john, too: https://github.com/RealEnder/dwpa As far as I know without problems: https://wpa-sec.stanev.org/

kimocoder commented 1 year ago

I will dig deeper, because it seems that the check in stdout isn't working anymore, I did extensive tests and see the problem. I will setup a test network and show exact, but from our side it looks good and all :+1:

kimocoder commented 1 year ago

Updated the parsing of password which happens at https://github.com/kimocoder/wifite2/blob/c01b4b1b8d844eda40013a232bbaf6ccce1eb6ec/wifite/tools/john.py#L47

And below

ZerBea commented 1 year ago

BTW: There is a plan to adopt hcxtools' (and hashcat's) new unified WPA input line format to JtR: https://github.com/openwall/john/issues/4183

ZerBea commented 1 year ago

I finished the refactoring of hcxlabtool. Nearly everything is improved, now. I removed WIRELESS EXTENSIONS and ioctl() calls (except that one that detect presence of WIRELESS EXTENSIONS) completely. The interface is now controlled via NL80211 and RTNETLINK which offer a lot more options than WIRELESS EXTENSION ever do. NL80211 drivers should work out of the box. I tested (successfully) rtl88xxau and I got the first responses regarding iwlwifi: https://github.com/ZerBea/hcxdumptool/issues/245#issuecomment-1445521370 https://github.com/ZerBea/hcxdumptool/issues/186#issuecomment-1445396333

Maybe hcxlabtool will be a better solution to run in background of WiFite2 than the WIRELESS EXTENSION dinosaur hcxdumptool. Less unnecessary features and less status messages but much faster and more effective than hcxdumptool.

kimocoder commented 1 year ago

TODO updated. Added support for latest hcxdumptool and cowpatty is working again.

kimocoder commented 9 months ago
olumolu commented 3 months ago

Provide a better wordlist as most systems are more powerful even integrated gpus are lot better so having larger base of wordlist makes it better.