AirStrike is a tool that automates cracking of WPA-2 Wi-Fi credentials using client-server architecture.
Requirements
Airstrike uses Hashcat Brain Architecture, aircrack-ng suite, entr utility and some helper scripts.
You can use install.sh script to download all dependencies (if you’re on system which has an access to apt or pacman, but if you’re using Gentoo, you’d have to install hcxtools by hand, they’re not available in their repos, or maybe I’ve missed something. Some other uncommon distros are not included, for example Alpine doesn’t have hashcat package, but if you’re distro is exotic, you can use Nix on that, all needed packages are in nixpkgs.)
If you’re using Nix/NixOS, you can jump into Nix-Shell with needed dependencies with: nix-shell -p hashcat hashcat-utils aircrack-ng entr hcxtools
Run aircrack_server.sh on the machine on which you want to crack passwords. This script builds aircrack_client.sh file, which can be executed on any Linux host that is able to connect with the server started earlier. Upon execution, the client automatically captures handshakes, connects with the server and sends captured data.
Whenever a password is successfully cracked by the server, the watcher.sh script prints it out to terminal on the server side.
The only required option flag for airstrike_client.sh is the -w flag: it specifies the wordlist that should be used by the server. Listening interface can be specified with -i flag. By default, a current wireless interface is automatically selected. Additionally, airstrike_client.sh listens for WPA-2 data without any filter, so it will capture and crack all of the passwords of all Wi-Fi networks in range (whenever handshakes are exchanged).
Ctrl + S will send captured assets (Wi-Fi handshakes in .hccapx form) to the server. Ctrl + I displays information about capture progress.
Above shortcuts can be used inside a running instance of airstrike_client.sh
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…