Program crashes when dealing with hidden SSID's about wifite HOT 14 CLOSED

What do hidden SSIDs look like? Are they blank ("") or do they say something 
else ("<hidden>")? Could you copy/paste the output?

Sorry, I don't have any hidden SSIDs where I am.

Empty strings "".

18. ""                                  (28dB  WPA) *CLIENT*

I think I was able to fix this bug in revision 17. I have no way of testing 
this, so please let me know if hidden SSIDs still appear.

I'll test it tomorrow and let you know.

It's still including the hidden SSIDs in the attack. No change.

WEP ATTACK

[+] attacking ""...
[0:09:56] attempting fake-authentication (attempt 3/3)
[0:09:55] fake authentication unsuccessful :(
[0:09:55] exiting attack...

----------------------------------------------------------------

WPA ATTACK

[+] attacking ""...
[0:01:00] starting wpa handshake capture
[0:00:54] sent 3 deauth packets;
Traceback (most recent call last):
  File "./wifite.py", line 2749, in <module>
    main() # launch the main method
  File "./wifite.py", line 712, in main
    attack(x - 1) # subtract one because arrays start at 0
  File "./wifite.py", line 1436, in attack
    attack_wpa(index)
  File "./wifite.py", line 2225, in attack_wpa
    proc_crack = subprocess.Popen(crack, stdout=subprocess.PIPE, stderr=open(os.devnull, 'w'), shell=True)
  File "/usr/lib/python2.5/subprocess.py", line 594, in __init__
    errread, errwrite)
  File "/usr/lib/python2.5/subprocess.py", line 1153, in _execute_child
    raise child_exception
TypeError: execv() arg 2 must contain only strings

----------------------------------------------------------------

It would be great if the program could try to deauth a client if it's on a 
hidden AP to try and uncloack the SSID before quiting out.

Sorry.  I did not know that airodump-ng outputs a null character for hidden 
SSIDs (one nullchar for each letter of the hidden network).

SSIDs are required for cracking WPA (it is needed to check for a proper 
handshake), so I will have Wifite remove hidden networks from the targets list.

This was (hopefully) fixed in revision 20.

I will look into deauthing clients when hidden networks are found, but this may 
be a bit too advanced for me.  Don't hold your breath.

Cool, that's sorted hidden networks showing for now.

Good luck with the uncloaking of SSIDs :), it would make a great feature to an 
already awesome tool!

I think i got it... I whipped up a ghetto deauther, but it works (for me).

It only attempts to deauth if it's on a fixed channel (because deauthing while 
channel-hopping is useless).
And it only deauths if it finds another client.

Let me know if you think it should deauth the entire router (not just the 
client).

Also, should it not print out when it tries deauthing? Mine prints like 10 
lines in a row before it's able to grab the SSID...

Updated in revision 21

I think that just deauthing a client is enough. I'll setup something here to 
test fully on the weekend.

I'd hoped to be able to test this out more today, but as I'm away and the AP 
here does not support hidden SSID (?!) I can't. I'll be back at my place on 
Monday and I'll setup an OpenWRT AP with 1 hidden WEP and 1 hidden WPA.

Thanks for testing.  I tested it here and it worked, so I think it will work 
for you, but I'll leave the issue Open until I get a confirmation.