Automated Wireless Penetration Testing: Wi-fEye
Wi-fEye is an automated wireless penetration testing tool written in python , its designed to simplify common attacks that can be performed on wifi networks so that they can be executed quickly and easily.
Wifi has three main menus :
- Cracking menu: contains attacks that could allow us to crack wifi passwords weather is WEP , WPA or WPA2:
- Enable monitor mode
- View avalale Wireless Networks
- Launch Airodump-ng on a specific AP
- WEP cracking: here you can perform a number of attacks to crack WEP passwords :
- Interactive packet replay.
- Fake Authentication Attack.
- Korek Chopchop Attack.
- Fragmentation Attack.
- Hirte Attack (cfrag attack).
- WPA Cracking: here you can perform a number of attacks to crack WPA passwords :
- launch a brute force attack against a WPS-enabled network to crack WPA/WPA2 without a dictionary.
- Obtain handshake: This will automatically attempt to obtain the handshake
- Cracking: After obtaining the handshake or if you have the handshake ready then you can attempt to crack it in this section , you can choose to use you wordlist straight away with aircrack-ng or you can add to a table and then crack the password.
- MITM: this menu will allow you to do the following Automatically:
- Enable IP forwarding.
- ARP Spoof.
- Launch ettercap (Text mode).
- Sniff SSL/HTTPS traffic.
- Sniff URLs and send them to browser.
- Sniff images.
- DNS Spoof.
- HTTP Session Hijacking (using Hamster).
- Others: this menu will allow you to o the following automatically:
- Change MAC Address.
- Create a fake access point.
- Hijack software updates (using Evilgrade).
- Many bugs fixed
- Compatability issues fixed.
- Changed the way Wi-fEye scans for networks.
- Added module to crack WPS-enabled networks.
- Added ability to add wordlist to a database before cracking the handshake.
- Using socket to scan for connected devices (improves speed and efficiency).
- Added a new module to cut the interenet connection of any connected device.
- Compatibility fix for isr-evilgrade-2.0.
- More modules are now available for software hijacking.
- Added a module to create a fake access point.
Automated Wireless Penetration Testing
First of all Download Wi-fEye:
tar xvfz Wi-fEye-v*.tar.gz -C Wi-fEye
Before using Wi-fEye there is a number of programs that you need to install , here is a list of each program and why its needed:
- Aircrack-ng is needed for all the attacks in the cracking menu.
- Ettercap is needed for all the attacks in the MITM menu , its also needed to hikack software updates.
- Hamseter for HTTP session Hijacking.
- Scapy module is needed to scan for connected devices
- pexpect module and Evilgrade for software hijacking.
After installing the relevant programs , install wifi by running the following command :
Now wifi will attempt to find the paths of the needed programs , and will ask you to enter it manually if it fails.
The usage of Wi-fEye is fairly easy all you have to do is execute
Choose your network interface , select the attack you want to perform, select your target and Wi-fEye will do the rest.
Source && Download