zizzania: Automated DeAuth attack – Penetration Testing

zizzania sniffs wireless traffic listening for WPA handshakes and dumping only those frames suitable to be decrypted (one beacon + EAPOL frames + data). In order to speed up the process, zizzania sends IEEE 802.11 DeAuth frames to the stations whose handshake is needed, properly handling retransmissions and reassociations and trying to limit the number of DeAuth frames sent to each station.

Installation

sudo apt-get install scons libpcap-dev uthash-dev
mkdir -p deps/uthash/
pushd deps/uthash/
wget http://ift.tt/23hI4l9
popd

Usage

zizzania (-r | -i [-c ]
([-n] | [-d ] [-a ] [-t ]))
[-b

…] [-x
…] [-2 | -3]
[-w [-g]] [-v]

-i Use for both capture and injection
-c Set to RFMON mode on
-n Passively wait for WPA handshakes
-d Send groups of deauthentication frames
-a Perform deauthentications before giving up
-t Time to wait between two deauthentication attempts
-r Read packets from (- for stdin)
-b

Limit the operations to the given BSS
-x
Exclude the given station from the operations
-2 Settle for the first two handshake messages
-3 Settle for the first three handshake messages
-w Write packets to (- for stdout)
-g Also dump multicast and broadcast traffic
-v Print verbose messages to stderr (toggle with SIGUSR1)

Examples

Put the network interface in RFMON mode on channel 6 and save the traffic gathered from the stations associated to a specific access point:

zizzania -i wlan0 -c 6 -b AA:BB:CC:DD:EE:FF -w out.pcap

Passively analyze the traffic generated by any station on the current channel assuming that the network interface is already RFMON mode:

zizzania -i wlan0 -n
Strip unnecessary frames from a pcap file (excluding altogether the traffic generated by one particular station) considering an handshake complete after just the first two messages (which should be enough for unicast traffic decryption):

zizzania -r in.pcap -x 00:11:22:33:44:55 -w out.pcap

Use airdecap-ng to decrypt a pcap file created by zizzania:

airdecap-ng -b AA:BB:CC:DD:EE:FF -e SSID -p passphrase out.pcap

Source: Github

The post zizzania: Automated DeAuth attack appeared first on Penetration Testing.

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s