Guide for Grey Hack – Automate Wi-Fi Hacking
We all have to do it each time we start the game – hack a wi-fi for an internet connection – here we take it a step further and write a beginner friendly script for it.
Each block of code is broken in separate sections and each line is commented (anything after "//" is a comment) so you can follow along and understand the step by step process of the script line by line, block by block, you can take the code blocks and paste them into your code editor (it will display the code better than steam does and make it easier to read and understand) to piece together the whole script, then you can save the whole script and run it in your terminal and it will do what is shown in the example images.
I recommend you have the manual open and any line of the script you don’t understand you can search and get some more explanation. In the example we want to know what the "current_path" part of the script means, it’s all in the manual. Good luck and keep learning.
Airmon is the first step, we run it to see devices capable of monitoring, which is required to capture packets which are in turn used to piece the password together.
cryptools = include_lib("/lib/crypto.so") // import library containing all the "air" tools. // airmon get_shell.launch("/bin/airmon") // list all monitor capable device states device = user_input("[+]Choose Interface: ") // ask for user to pick device if not device[0:4] == "wlan" then exit end if // check they at least chose a wireless Interface using slice print("\n[-]New State...\n") cryptools.airmon("start", device) // start the device in monitor mode get_shell.launch("/bin/airmon") // show new state
iwlist shows all available wireless networks with all the required information; the BSSID & ESSID & PWR (the strength of the signal) realistically, higher % is a stronger faster connection. We find the highest PWR (76%, nice) and target it by entering the details.
The number of ACKs to capture has to be at least 7000, however more gives a higher chance to successfully collect the whole password, we input 8000 in the example.
// iwlist print("[-]Choose BSSID & ESSID (more PWR% is better)\n") get_shell.launch("/bin/iwlist", device) // list detected wireless networks b = user_input("\n[+]BSSID: ") // ask for BSSID e = user_input("\n[+]ESSID: ") // ask for corrisponding ESSID acks = user_input("\n[+]ACKs (>7000): ").to_int // ask for ACK count to aim for, and convert to int print("\n") if acks < 7000 then acks = 7000 end if // if user enters less than 7000 (the minimum for success) then set it to 7000
Aireplay takes our input from iwlist and starts capturing those packets, when it has the required amount (we chose 8000) it stops capturing and saves the capture in a file called "file.cap".
// aireplay cryptools.aireplay(b, e, acks) // run aireplay with the user input from above print("\n[-]Got Required amount of ACKs...") print("[-]Waiting for file.cap to be written...\n") wait(5) // without this aircrack runs immediately and file.cap isnt written yet print("[-]Cracking...\n")
aircrack takes the "file.cap" aireplay created and cracks it, it could fail without enough ACKs, 7000 is the minimum but it could take much more, in this case our 8000 was enough and so it displays the key (the wireless password) and now we can connect to that wireless router with that key.
// aircrack capfile = current_path + "/file.cap" // set file.cap path get_shell.launch("/bin/aircrack", capfile) // aircrack the file and display result print("\n[-]Stopping device monitoring...\n")
The same way we enabled monitor mode on the device, we can now disable it and stop monitoring as we are done capturing packets.
// airmon cryptools.airmon("stop", device) // turn off monitor mode get_shell.launch("/bin/airmon") // show new state
Covering your tracks is an important step, we offer the user to delete the evidence (the "file.cap"). In the example we chose to keep the file because the rules are made to be broken, Goodbye… 🙂
// clean up capfile = get_shell.host_computer.File(current_path + "/file.cap") // prep capfile for potential deletion confirm = user_input("Destroy file.cap (y/N): ") if confirm == "Y" or confirm == "y" or confirm == "Yes" or confirm == "yes" then capfile.delete end if // delete capfile if user input is yes print("\n[-]Goodbye...\n")
Thanks for checking our blog. I hope the information you found about Grey Hack – Automate Wi-Fi Hacking helped you somehow. If you believe we forget to add something or update the post with more information, please let us know via comment below! See you soon!
- Check All Grey Hack Posts List