OpenWifiPass open source implementation of the grantor role in Apple’s Wi-Fi Password Sharing protocol.
Requirements
bluepy
dependency)Install
Clone this repository and install it:
git clone git@github.com/seemoo-lab/openwifipass.git
pip3 install ./openwifipass
Run
Run openwifipass
to share Wi-Fi credentials (SSID
and PSK
) with any requestor (we need super user privileges to use the Bluetooth subsystem):
sudo -E python3 -m openwifipass –ssid <SSID> –psk <PSK>
Use quoting of your shell to remove special meaning of certain characters in SSID
/PSK
. In the example below, we use single quotes ('
) to prevent shell expansion of the $
character in the PSK.
A successful run of the protocol would look as follows:
pi@raspberrypi:~/openwifipass $ sudo -E python3 -m openwifipass –ssid OWL –psk ‘$uper$ecretPassword’
Start scanning…
SSID match in PWS advertisement from aa:bb:cc:dd:ee:ff
Connect to device aa:bb:cc:dd:ee:ff
Send PWS1
Receive PWS2
Send M1
Receive M2
Send M3
Receive M4
Send PWS3
Receive PWS4
Wi-Fi Password Sharing completed
OPACK
This projects contains a reusable OPACK (de)serializer. Read OPACK.md for more information.
Authors
Publications
Disclaimer
OpenWifiPass is experimental software and is the result of reverse engineering efforts by the Open Wireless Link project. The code serves solely documentary and educational purposes. It is untested and incomplete. For example, the code does not verify the identity of the requestor. So, do not use this implementation with sensitive Wi-Fi credentials. OpenWifiPass is not affiliated with or endorsed by Apple Inc.
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…