GithubHelp home page GithubHelp logo

intek13x / oneshot Goto Github PK

View Code? Open in Web Editor NEW

This project forked from rofl0r/oneshot

0.0 0.0 0.0 90 KB

Run WPS PIN attacks (Pixie Dust, online bruteforce, PIN prediction) without monitor mode with the wpa_supplicant

Python 100.00%

oneshot's Introduction

Overview

OneShot performs Pixie Dust attack without having to switch to monitor mode.

Features

Requirements

Setup

Debian/Ubuntu

Installing requirements

sudo apt install -y python3 wpasupplicant iw wget

Installing Pixiewps

Ubuntu 18.04 and above or Debian 10 and above

sudo apt install -y pixiewps

Other versions

sudo apt install -y build-essential unzip
wget https://github.com/wiire-a/pixiewps/archive/master.zip && unzip master.zip
cd pixiewps*/
make
sudo make install

Getting OneShot

cd ~
wget https://raw.githubusercontent.com/drygdryg/OneShot/master/oneshot.py

Optional: getting a list of vulnerable to pixie dust devices for highlighting in scan results:

wget https://raw.githubusercontent.com/drygdryg/OneShot/master/vulnwsc.txt

Arch Linux

Installing requirements

sudo pacman -S wpa_supplicant pixiewps wget python

Getting OneShot

wget https://raw.githubusercontent.com/drygdryg/OneShot/master/oneshot.py

Optional: getting a list of vulnerable to pixie dust devices for highlighting in scan results:

wget https://raw.githubusercontent.com/drygdryg/OneShot/master/vulnwsc.txt

Alpine Linux

It can also be used to run on Android devices using Linux Deploy

Installing requirements
Adding the testing repository:

sudo sh -c 'echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories'

sudo apk add python3 wpa_supplicant pixiewps iw

Getting OneShot

sudo wget https://raw.githubusercontent.com/drygdryg/OneShot/master/oneshot.py

Optional: getting a list of vulnerable to pixie dust devices for highlighting in scan results:

sudo wget https://raw.githubusercontent.com/drygdryg/OneShot/master/vulnwsc.txt

Termux

Please note that root access is required.

Using installer

curl -sSf https://raw.githubusercontent.com/drygdryg/OneShot_Termux_installer/master/installer.sh | bash

Manually

Installing requirements

pkg install -y root-repo
pkg install -y git tsu python wpa-supplicant pixiewps iw openssl

Getting OneShot

git clone --depth 1 https://github.com/drygdryg/OneShot OneShot

Running

sudo python OneShot/oneshot.py -i wlan0 --iface-down -K

Usage

 oneshot.py <arguments>
 Required arguments:
     -i, --interface=<wlan0>  : Name of the interface to use

 Optional arguments:
     -b, --bssid=<mac>        : BSSID of the target AP
     -p, --pin=<wps pin>      : Use the specified pin (arbitrary string or 4/8 digit pin)
     -K, --pixie-dust         : Run Pixie Dust attack
     -B, --bruteforce         : Run online bruteforce attack
     --push-button-connect    : Run WPS push button connection

 Advanced arguments:
     -d, --delay=<n>          : Set the delay between pin attempts [0]
     -w, --write              : Write AP credentials to the file on success
     -F, --pixie-force        : Run Pixiewps with --force option (bruteforce full range)
     -X, --show-pixie-cmd     : Alway print Pixiewps command
     --vuln-list=<filename>   : Use custom file with vulnerable devices list ['vulnwsc.txt']
     --iface-down             : Down network interface when the work is finished
     -l, --loop               : Run in a loop
     -r, --reverse-scan       : Reverse order of networks in the list of networks. Useful on small displays
     --mtk-wifi               : Activate MediaTek Wi-Fi interface driver on startup and deactivate it on exit
                                (for internal Wi-Fi adapters implemented in MediaTek SoCs). Turn off Wi-Fi in the system settings before using this.
     -v, --verbose            : Verbose output

Usage examples

Start Pixie Dust attack on a specified BSSID:

sudo python3 oneshot.py -i wlan0 -b 00:90:4C:C1:AC:21 -K

Show avaliable networks and start Pixie Dust attack on a specified network:

sudo python3 oneshot.py -i wlan0 -K

Launch online WPS bruteforce with the specified first half of the PIN:

sudo python3 oneshot.py -i wlan0 -b 00:90:4C:C1:AC:21 -B -p 1234

Start WPS push button connection:s

sudo python3 oneshot.py -i wlan0 --pbc

Troubleshooting

"RTNETLINK answers: Operation not possible due to RF-kill"

Just run: sudo rfkill unblock wifi

"Device or resource busy (-16)"

Try disabling Wi-Fi in the system settings and kill the Network manager. Alternatively, you can try running OneShot with --iface-down argument.

The wlan0 interface disappears when Wi-Fi is disabled on Android devices with MediaTek SoC

Try running OneShot with the --mtk-wifi flag to initialize Wi-Fi device driver.

Acknowledgements

Special Thanks

  • rofl0r for initial implementation;
  • Monohrom for testing, help in catching bugs, some ideas;
  • Wiire for developing Pixiewps.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.