| English | Español |
|---|
| ❗ Disclaimer |
|---|
| Using this tool in real environments is completely illegal without the necessary authorization. You are responsible for any trouble you may cause by using this tool. |
git clone https://github.com/Kidd3n/WifiPwnedd.git
cd WifiPwnedd
chmod 755 wifipwnedd.sh
sudo ./wifipwnedd.sh
-
Configure the specified card to be in monitor mode (required)
-
The MAC address is changed with Macchanger to be even more anonymous
-
An airodump-ng window will appear with all the available networks and their channels. We must correctly indicate the name of the network and its channel.
-
Next a similar window will appear, but now filtered by the name (essid) and the channel that we have previously provided
-
We wait a few seconds and the deauthentication attack with aireplay-ng will start.
-
After a few seconds, we will get the necessary packet with the encrypted password (Handshake).
-
It will then perform a brute force attack with the dictionary we provided (it will take a while depending on your computer and the password)
-
It will wait for the requested packet with hcxdumptool for the number of seconds you specify (recommended 600).
-
If it captures it, it will proceed to the brute force phase with hashcat.
-
If it does not capture it, the attack will be closed and we will return to the attack menu.
-
It will ask us which network we want to attack
-
Then it will ask us for the channels, the recommended ones are 1, 6, 11 but you can put all of them from 1 to 12 or whatever you prefer.
-
The network can change channels to avoid this attack.
-
You can close the window when you want the attack to end.
- The packet rate is 1000 packets per second, but it depends on your network card the speed.
- You can monitor all traffic and parcels that travel
-
will reboot the entire network card to be able to reconnect to a network.
-
It will then search for the devices on our network and display them on the screen with their IP addresses.
-
After hitting enter it will put our card in monitor mode
-
This module is used to remove internet access to a client in our network using ARP packets with arpspoof.
-
We must be on a private network before entering this module.
-
We will be asked for an ip address, we must enter the one of our victim.
-
Then we will set in seconds the time we want to take away the access
-
Credits: The creator of this script was @PinguinodeMario, Thank you for allowing it to be in this tool.
-
Script Video: https://youtu.be/MbB0XRjFS_Y?si=1i1ajq_NEBHYmH-8 (Spanish)
-
You must choose a network to which global deauthentication packets will be sent (All MAC'S), this so that users do not have the network available and connect to our network.
-
The network name is the same as the network we want to clone.
-
It will generate the hostapd and dnsmasq configuration files, and will also configure that when a device connects it will be assigned an IP address and a NetMask.
-
Then we can choose a login to use
-
We wait for the credentials of the victims
-
Create a fake network with the name of your choice.
-
It will generate the hostapd and dnsmasq configuration files with the name and channel we gave earlier, and also configure that when a device is connected it is assigned an IP address and a NetMask.
-
Then we can choose a login to use
-
We wait for the credentials of the victims
- Brute-force the dictionary we pass to a .cap file.
- Convert your hash or .cap file to hccapx
- It is a precomputed dictionary used for brute-forcing hashes. This will help speed up the process (depending on the passwords)
-
❕ This option cannot be done in a virtual machine, it will only work when the OS is directly installed.
-
It will ask for a hash, either .cap or hccapx, if it is .cap it will be automatically converted to hccapx format with the name you want.
-
Then a menu will pop up where we will see our Hardware and we can select our GPU (If you put a CPU, the brute force will not be done).
-
It will automatically brute force the process with our preferred dictionary to the hash and with the GPU of your pc.