OneShot-Extended performs the Pixie Dust attack without special card or monitor mode.
- Pixie Dust attack
- Offline WPS PIN generating algorithm
- Online WPS bruteforce
- Wi-Fi scanner with highlighting based on iw;
- Ability to save upon success
- Python 3.8 and above
- WPA Supplicant
- Pixiewps
- iw
Required arguments:
-i, --interface INTERFACE : Name of the interface to use
Optional arguments:
-b, --bssid BSSID : BSSID of the target AP
-p, --pin PIN : Use the specified pin (arbitrary string or 4/8 digit pin)
-K, --pixie-dust : Run Pixie Dust attack
-F, --pixie-force : Run Pixiewps with --force option (bruteforce full range)
-B, --bruteforce : Run online bruteforce attack
--pbc, --push-button-connect : Run WPS push button connection
Advanced arguments:
-d, --delay <n> : Set the delay between pin attempts
--vuln-list VULN_LIST : Use custom file with vulnerable devices list
-X, --show-pixie-cmd : Always print Pixiewps command
-w, --write : Write credentials to the file on success
-s, --save : Save the AP to network manager on success
-l, --loop : Run in a loop
-c, --clear : Clear the screen on every wi-fi scan
-r, --reverse-scan : Reverse order of networks in the list of networks. Useful on small displays
--mtk-wifi : Activate MediaTek Wi-Fi interface driver on startup and deactivate it on exit (for internal Wi-Fi adapters implemented in MediaTek SoCs).
: Turn off Wi-Fi in the system settings before using this.
--iface-down : Down network interface when the work is finished
-v, --verbose : Verbose output
-h, --help : show this help message and exit
Please note that root access is required.
Installing requirements
pkg install -y root-repo
pkg install -y git tsu python wpa-supplicant pixiewps iw opensslGetting OneShot
cd ~
git clone --depth 1 https://github.com/chickendrop89/OneShot-Extended OneShotRunning
sudo python OneShot/oneshot.py -i wlan0Install these packages through your distro's package manager:
python3 wpa-supplicant iw wget pixiewpsGetting OneShot
cd ~
git clone https://github.com/chickendrop89/OneShot-Extended OneShotRunning
sudo python OneShot/oneshot.py -i wlan0Start Pixie Dust attack on a specified BSSID:
sudo python3 oneshot.py -i wlan0 -b 00:90:4C:C1:AC:21 -KShow avaliable networks and start Pixie Dust attack on a specified network:
sudo python3 oneshot.py -i wlan0 -KLaunch online WPS bruteforce with the specified first half of the PIN:
sudo python3 oneshot.py -i wlan0 -b 00:90:4C:C1:AC:21 -B -p 1234Start WPS push button connection:s
sudo python3 oneshot.py -i wlan0 --pbc"RTNETLINK answers: Operation not possible due to RF-kill" Just run:
sudo rfkill unblock wifi
"Device or resource busy (-16)"
- Try disabling Wi-Fi in the system settings and kill the Network manager. Alternatively, you can try running OneShot with
--iface-downargument.
The wlan0 interface disappears when Wi-Fi is disabled on Android devices with MediaTek SoC
- Try running OneShot with the
--mtk-wififlag to initialize Wi-Fi device driver.
kimocoder, drygdryg, chickendrop89for extended implementationrofl0rfor initial implementation;Monohromfor testing, help in catching bugs, some ideas;Wiirefor developing Pixiewps.
Warning
This tool is intended for educational and authorized penetration testing purposes only. It is not designed for, and must not be used for, illegal activities such as hacking, unauthorized access, or causing damage to systems or networks. By using this tool, you agree to use it responsibly and ethically, and to comply with all applicable laws and regulations. The developer assumes no responsibility for any misuse of this tool.
