WeakNet Code Paste Repository

1. #!/usr/bin/perl

2. # 2010 WeakNet Labs

3. # Coded by Trevelyn

4. # Douglas [at] WeakNetLabs [dot] com

5. #

6. # Depends on Aircrack-ng Suite and TCPDump

7. # This application will deauthenticate all MAC addresses that are ARP flooding

8. # via WiFi. It will attack multiple attackers at once, spoofed MAC addresses,

9. # and stops the ARP attack almost instantly.

10. #

11. # This is a "proof of concept application, which does not come with any warranty.

12. # It is free and can be modified and redistributed.

13. # WeakNetLabs is not responsible for an damage or downtime caused by the

14. # use of this application, please use at your own risk.

15. # It does not make the WEP encryption "stronger" It simply acts as a WIDS.

16. #

17. # You also need a wireless card that supports injection, with patched drivers.

18. # If support is needed please contact us on the WeakNet Linux Forums @

19. # http://www.weaknetlabs.com/forums in the "HELP!?" section.

20. #

21. #

22. use strict;

23. # stuff your stack with some stuff:

24. my $bssid = $ARGV[0];

25. my $essid = $ARGV[1];

26. my $device = $ARGV[2];

27. my $file = $ARGV[3];

28. my $fn = 0;

29. my $fna;

30. my $file_grab;

31. my $essid_grab;

32. my $bssid_grab;

33. my $device_grab;

34. my $ans0;

35. my $m;

36. my @ATK;

37. my $attacker;

38. my @MACs;

39. my @MACz;

40. my %h;

41.

42. # no arguments:

43. if ($ARGV[0] eq '') { print "Please run with \"--help\" or \"-h\" for syntax.\n"; exit; }

44. # help is on the way!

45. elsif ($ARGV[0] eq '--help' || $ARGV[0] eq '-h') { print "Catchme-NG(WEPprotect) - 2010 WeakNetLabs.com\n [ ^.^ ] Usage:\n";

46. print " -i\tWireless Device\n -f\tTCPDump output file\n -b\tBSSID (MAC address of your AP)\n -e\tESSID (Broadcast name of your AP)\n\n";

47. exit;

48.

49. }

50.

51. # proper syntax given: (there should be a Perl module made for this, using @ARGV?)

52. # i do all of this so you can specify the arguments in whichever order.

53. else {

54. foreach (@ARGV) { if ($_ =~ '-f') { $fna = $fn + 1; $file_grab = $ARGV[$fna]; } $fn++; }

55. $fn = 0;

56. foreach (@ARGV) { if ($_ =~ '-b') { $fna = $fn + 1; $bssid_grab = $ARGV[$fna]; } $fn++; }

57. $fn = 0;

58. foreach (@ARGV) { if ($_ =~ '-i') { $fna = $fn + 1; $device_grab = $ARGV[$fna]; } $fn++; }

59. $fn = 0;

60. foreach (@ARGV) { if ($_ =~ '-e') { $fna = $fn + 1; $essid_grab = $ARGV[$fna]; } $fn++; }

61. $fn = 0;

62. }

63. # check for all componenets:

64. if (!grep(/-f/, @ARGV)) {print "You forgot to specify a dump file!\n [ ^.^ ] Try catchme-ng_wep --help for usage.\n"; exit;}

65. if (!grep(/-b/, @ARGV)) {print "You forgot to specify the BSSID of the AP!\n [ ^.^ ] Try catchme-ng_wep --help for usage.\n"; exit;}

66. if (!grep(/-i/, @ARGV)) {print "You forgot to specify the WiFi device!\n [ ^.^ ] Try catchme-ng_wep --help for usage.\n"; exit;}

67. if (!grep(/-e/, @ARGV)) {print "You forgot to specify the ESSID of the AP!\n [ ^.^ ] Try catchme-ng_wep --help for usage.\n"; exit;}

68.

69. print "Using DEVICE: $device_grab, BSSID: $bssid_grab, ESSID: $essid_grab, and FILE: $file_grab\n";

70. print "is this okay [y/n]? ";

71. $ans0 = <STDIN>; chomp $ans0; $ans0 =~ tr/A-Z/a-z/;

72. if ($ans0 eq 'n') { print "\nTry again... \n\n"; exit; }

73. elsif ($ans0 eq 'y') { print "[ ^.^ ] Starting up... \n"; open (FLE, $file_grab) or die "[ x_x ] Cannot open tcpdump file!!\n[ ^.^ ] Make sure you have the FULL pathname if not in current directory!\n"; close FLE;}

74. else { print "Just a \"y\" or \"n\" please.\n"; exit; }

75.

76. # start up already:

77. &start;

78.

79. sub start { sleep 2;

80. open (FLE, $file_grab);

81. print "[ ^.^ ] Checking dump file...\n";

82. # slurp the # of lines in $file_grab into $m:

83. $m++ while <FLE>;

84. close FLE; open (FLE, "$file_grab");

85. if ($m > 10) {

86. print "[ \@_\@ ] Your airspace is polluted! [ $m lines ]\n";

87. while (<FLE>) { @ATK = split(/\s/, $_); chomp $ATK[1]; push(@MACs, $ATK[1]); } # <-- Slurp all MAC addresses into @MACs

88. @MACz = grep { !$h{$_}++ } @MACs; # <-- deduplicate MAC addresses (found syntax by googling)

89. # Deauth ALL attackers MACs:

90. foreach (@MACz) {

91. if ($_ ne '') {

92. print "[ \>_\< ] Deauthenticating attacker: $attacker!!\n";

93. # The Deauth process is forked, incase of multiple attackers.

94. system "aireplay-ng -0 5 -a $bssid_grab -e $essid_grab -c $_ $device_grab \&"; } } # <-- Deauth attack.

95.

96. close FLE;

97. open (FLE, ">$file_grab"); # <-- open and clear out tcpdump file.

98. print FLE "\n";

99. close FLE;

100. $m = 0; # <-- reset lines counter.

101. &start; } # <-- start over.

102.

103. else { close FLE; open (FLE, ">$file_grab"); print FLE "$m\n"; close (FLE); print "[ ^.~ ] Airways clean... \n"; $m = 0; &start; }

104.

105. }