Best Telegram Programming Groups For Coders &Developers   It Wasn’t Me - Secure Your Account   Mr.Robot All Seasons 1,2,3 Full | Free Torrent Download   Mr.Robot All Seasons 1,2,3,4 Full | Watch Online [FREE]   5 Tips Will Keep You Safe During Christmas Holiday’s Online Shopping   You Can Get All Adobe Apps For $30 a Month Right Now   How To Wipe An iPhone Clean (ERASE) Before Selling?   Programming Languages To Learn To Be An Expert Hacker!   Cybercriminals exchange tips on underground forums about avoiding arrests   A comprehensive look into emerging Signal encrypted messaging application   A Detailed Comparison of WhatsApp, Telegram & Signal   How Telegram End-to-end Encryption Works To Provide Security ?   Flubot Malware is Spreading Quickly Through Android Devices   WhatsApp End-to-End Encryption and its Privacy Importance - Alternatives,Signal & Telegram   What is Credit Card Skimming And How To Protect Yourself From it ?   Where to hire react programmer and 3 essential skills to look for   Top 8 Basic Google Search Dorks [Live Examples]   [Penetration Testing] Top 70 Most Interview Questions   Why VPN Is Necessary ? [Detailed Guide]   Top 10 Dangerous Viruses Of All Times   List Of Common HTTP Error Status Codes   “Hello World!” Program In Different Programming Languages   100 Basic Computer Related G.K. Questions   Email Security - Tips And Tricks   Fonts Hub Collection (Free Design Resources)   Top 8 Softwares Free Download - No Credit Card Needed [2022 Update]   Shortcomings That Leads An Entrepreneur Towards Failure   5 Basic Steps To Protect Your Personal Data Online   What is Intel SGX and What are the Benefits ?   15 Things You Need to Know About Maintaining The Logs   How to think like a programmer - lessons in problem solving   How To Get Voice Like Anonymous Voice   Life Story of Microsoft Founder Bill Gates - Documentary   Own Private Search Engine in Linux Will Save Our Privacy   Best Etcher alternatives to Create Bootable USB   Music For Programming - Coding Music / Hacking Music   School Management Software v3.1 Premium + Crack   JavaFX Chat Client/Server + Source Code   Top 25 Keyword Research Tools [Search Engine Optimization]   A Quick SEO Checklist - 2023 Update   Online Domain Authority (DA) Rank Checker Websites   33 Things In SEO For Which Google Will Give Your Student Blog High Positions   How to Close the Site from indexing using robots.txt   10 SEO Tools all Small Businesses Need in 2023   Earth Rise Application + Code   Animation along a path + Code   Zen Pong Game in Java Language + Code   Simple Flying Bird Game + Code Files   Game Snake Simple + Code Files   The Space 'Sun & Earth' | HTML,CSS,JavaScript   File System in Web (Explorer in Windows and Finder in OSX)   Admin Dashboard Template built using Bootstrap + Code   Website Template For Admin Dashboard + Code   Youtube Playlist Downloader Script   How To Create A Stopwatch In Python   Python TicTacToe with Tk and minimax AI   Deskreen turns any device with a web browser into a secondary screen for your computer   Download Algorithms Book | Dummies Store   OSI Model And TCP/IP Model   How to Fix SSH Failed Permission Denied (publickey,gssapi-keyex,gssapi-with-mic)   What Is Load Balancing? Definition and How It Works   How to Setup FTP Server on Your Raspberry Pi   Download Windows 10 Lite Edition x64 | Direct Link   How To Recover Permanently Deleted Files In Windows 10 ?   How to make Fake Error Message Script in Windows   20 Essential Windows keyboard Shortcuts that will make you forget your mouse   How To Fix The DLL Missing Error In Windows 7 ?   Create Hotspot on Windows 10 in 6 steps   Download Microsoft Office Professional Plus 2016   Download DriverPack Solution Offline | Full   How To Create Simple And Password Protected ZIP File in Linux   2 Ways To Save Terminal Output of a Command in Linux   6 Best Tools to Monitor Disk IO Performance in Linux   Top 15 Best Websites (Blogs) to Learn Linux Online   How to Delete files older than 30 Days in Linux   What is the difference between apt and apt-get command   Fail2Ban Installation & Setup: Ubuntu, CentOS, Fedora & Debian   How to List Running Processes in Linux   How to Use the who Command in Linux with Examples   FOREMOST - Recover Permanently Deleted Files Easily in Kali Linux   Funny Linux Commands to Try   Command line interface guidelines, to help you write better command-line programs ...   How to Install Google Chrome Web Browser on Ubuntu 20.04   Learn Adobe Photoshop | 33 Episode Course   Window Privilege Escalation: Automated Script   Linux Privilege Escalation: Automated Script   How To Retrieve & Decrypt Stored Passwords in Firefox & Chrome Remotely   ACLight: An Advanced Privileged Account Discovery Tool   How to change Lock Screen Background on Kali Linux XFCE   Best 20 Kali Linux Tools For Hacking And Penetration Testing   How to Run Windows Application and Games on Kali Linux   How to run C and C++ programs in Kali Linux   Control Kali Linux PC From any Mobile or Tablet   How to Enable root User Account in Kali Linux   How to Configure Static IP address in Kali Linux   Bash vs ZSH in Kali Linux   [Solved] E: Unable to locate package in Kali Linux   Hosting a Local Website with Domain Name on Kali Linux over WiFi   Install Docker in Kali Linux and Run Other OS   How to Install Kali Linux | A Total Guide to Install Kali Linux   NetHunter Rootless - Official Kali NetHunter for non rooted phones   How to set up own VPN server in 10 minutes on Kali Linux using OpenVPN   Configuring The ProxyChains   Install Python3 in Kali Linux   TempoMail - Command Line Temporary Email in Linux   NIPE - Fully Anonymize Total Kali Linux System   How to Install Google Chrome & Chromium on Kali Linux [Official Method]   15 Best Laptops For Kali Linux & Cyber Security - Check This Before Buy   Volatolity - Digial Forensic Testing of RAM on Kali Linux   Limit the Internet Speed of LAN Users [Evil Limiter]   Find Virtual Machine IP Through Kali Linux - 3 Methods   Privilege Escalation with PowerShell Empire and SETOOLKIT [Kali Linux]   How to use kill, pkill and killall Commands to Kill any Linux Process   20 Useful Tar Commands For Extraction and Compression   Create a Fake AP with DNSMASQ and HOSTAPD [Kali Linux]   How to Fully Anonymize Your Linux System with Tor using Nipe   Hack Windows/Linux using ARCANUS Framework – 100% FUD   Simple and Target Mac Flooding - Kali Linux   Get Free Kali Linux on AWS with Public IP - Real Time Penetration Testing   What’s the difference Between Tails and Tor browser?   Does Tor Hide you From Your ISP? Should I surf internet using Tor ?   Wireshark for Pentester: Decrypting RDP Traffic   Exploit Wi-Fi Vulnerabilities with Routersploit on Termux and Linux   Man in The Middle Attack & How To Prevent it   Masscan - 1000 Times Faster Than NMAP   Wireshark - Shark in Wires | Network Protocol Analyzer in Kali Linux   Wifite - Easy Automated Wireless Attack   WiFi-Pumpkin 3 - Dangerous Access Point   Evil Twin Attack with DNSMASQ - Wireless WPA2-PSK Cracking   Sniffing with Rogue Access Point [DNSMASQ and TCPFLOW]   Hack Wi-Fi Settings of Windows Machine Remotely [After Meterpreter]   Wi-Fi deauthentication attack against 802.11 protocol   Bypass Hidden SSID in a Wireless Network [Full Proof Method]   Crack WPA/WPA2-PSK using Aircrack-ng and Hashcat   Crack WPA2-PSK Wi-Fi with automated python script - FLUXION PART 1   Set Default Version of Python : [SOLVED] update-alternatives: error: no alternatives for p   Python Scripting: Information Gathering and Automating Ethical Hacking   15 Essential Meterpreter Commands Everyone Should Know   Find Vulnerable Webcams with Shodan [Metasploit Framework]   TCP & SYN Scanning with Metasploit Framework without NMAP   Meterpreter Useful Top 60 Commands List   The Web Application Hacker's Handbook 2   Hacking GPS Book   MadCam - Termux Hack Front camera by Sending link   How to Download Files In Termux   IPdrone Termux - Find Location of Person it IP in Termux   ReconDog Termux - Best Reconnaissance Tool For Termux   Termux SSH: Use Termux in Windows Using SSH Server   How to Install and Use Fsociety-Tool In Termux   Termux-YTD : Download Youtube Videos with Termux   Use CMatrix Package Like a Pro   L3MON - Access Android Devices Remotely   Hack Android using Metasploit over LAN/WAN   Ghost Framework - Control Android Devices Remotely   Top 10 Vulnerable Android Applications [Penetration Testing]   Find Hidden Subdomains on Any Website with Subfinder   Blind Sql Injection with Regular Expressions Attack   Useful Google Dorks For Bug Bounty Hunters   HTML5 Security CheatSheet - What your browser does when you look away...   30,000 Sites Is In RISK, The Plus Addons For Elementor WordPress Plugin Hacked   WPScan - Find Vulnerabilities in WordPress Websites on Kali Linux   Wapiti - Automated Vulnerability Scanner   Generate 100% FUD Backdoor with TheFatRat - Windows 10 Exploitation   TheFatRat hacking tool to create undetectable backdoors   How to Make a Keylogger in Python + Code   How to create a keylogger in PowerShell ?   Backdoor Program using Python (Remote Access Explain)   Man in the Middle Attack with Websploit Framework   Hack Windows 10 Remotely over WAN with Metasploit [No Port Forwarding]   15 Powerful Gadgets For Ethical Hackers | Hardware Tools for Hackers   Find Vulnerabilities using NMAP Scripts (NSE)   Free Vulnerability Database And Resources   Firefox Browser Vulnerable to (MITM) Man-in-the-Middle Attack   Find Vulnerabilities in Military Networks By Participating Hack The Army Bug Bounty Progr. 

x32x01

ADMINISTRATOR
Introduction
Wifite is a wireless auditing tool developed by Derv82 and maintained by kimocoder. You can find the original repository here. In the latest Kali Linux, it comes pre-installed. It’s a great alternative to the more tedious to use wireless auditing tools and provides simple CLI to interact and perform wireless attacks. It has great features like 5GHz support, Pixie Dust attack, WPA/WPA2 handshake capture attack and PMKID attack as well.

Table of Content
Basic Filters
ARP Replay Attack against WEP protocol
WPA/WPA2 handshake capture
Some useful options

  • Filtering Attacks
  • Scan Delay
  • PMKID timeout
  • Stop deauthentication on a particular ESSID
  • Targeting only WPA networks
  • Ignore present handshakes
  • Supplying custom dictionary
  • Display cracked APs
  • Validating handshakes
  • Cracking handshake file
  • Killing conflicting processes
  • MAC Spoofing
  • Power filter
Conclusion

Basic Filters

We can launch this tool by simply typing the name of the tool. To view the help page we have a -h flag

1.png

As you can see there are various options in the help menu here. We’ll try a few of these in this article.
Let’s first see which wireless network I’m connected to currently
Code:
wifite -i wlan0

2.png

My access point is on channel 10. Let’s see what all access points are operating on the same channel
Code:
wifite -c 10

3.png

Here, you can see that monitor mode is being auto-enabled while scanning. Wifite has detected two more networks on channel 10.
Let’s try to add one more channel to the scanning list
Code:
wifite -c 10,6

4.png

Ahh, the results have increased now. Now let’s filter out only the access points with clients connected.
Code:
wifite --clients-only

5.png

You can see that wifite has detected 2 APs with clients connected.

ARP Replay Attack against WEP protocol
Now let’s say we have done whatever we wanted to with our wifi adapter and we want to change it from monitor mode to managed mode (default mode) after we stop using wifite. We can do this by:
Code:
wifite --daemon

6.png

The next filter is to find all the networks around me that are running on WEP protocol and perform a quick Replay Attack against them.

Replay attack: In this attack, the tool tries to listen for an ARP packet and sends it back to the access point. This way AP will be forced to create a new packet with new initialization vector (IV – starting variable to encrypt something). And now the tool would repeat the same process again till the time data is enough to crack the WEP key.

This can be done by:
Code:
wifite --wep
Then,
ctrl+c to stop scanning

choose target. Here, 1

7.png

As you can see that after 20 thousand plus replay packets, the tool has found the key successfully and saved it in a JSON file.

Please note that WPA implements a sequence counter to protect against replay attacks. Hence, it is recommended not to use WEP.

WPA/WPA2 Handshake Capture
We have talked about handshakes in detail in our previous article. Let’s see how we can capture handshakes using wifite.

Here, we’ll simply type in the name of the tool since the default function is to scan the networks.

But we’ll add the –skip-crack option here which will stop the tool to crack any handshake that it captures
Code:
wifite --skip-crack

8.png

How tool works – As you might have observed in the screenshot that the tool is automatically trying all the attacks against a specified target. Here, I specified target “1” for my AP (”raaj”) and you can see that it has tried for PMKID attack first, been unsuccessful and then launched handshake capture. This process will be the same for any target. The tool will automatically determine which attack works. Quite simple and hassle-free!

Here, we have successfully captured a handshake and saved it in a location: /root/hs/<name>.cap

Now, if we don’t use the skip-crack flag along with the command, the chain would look something like this:
Code:
wifite
Target: 1

9.png

Chain:
  • Identify APs
  • Check protocol
  • Attempt PMKID attack
  • Attempt handshake attack
  • If handshake found -> crack
And very evidently so, you can see that it has cracked the handshake file and given out the password as “raj12345

It uses aircrack-ng’s dictionary attack module in the background.

Some useful options
Filtering Attacks:
What if I want to skip out the PMKID step from the chain above? We can do this by:
Code:
wifite --no-pmkid

10.png

Scan Delay: Another useful option is to give a scan time delay. This may be used in parallel to other options to evade security devices that have set a timeout for unauthenticated packets.
Code:
wifite -p 10

Here, the tool will put a delay of 10 seconds before attacking the targets

11.png

And now the tool is putting a delay of 10 seconds after every target

PMKID timeout: This flag would enable us to set a timeout delay between each successful RSN packet request to the access point
Code:
wifite --pmkid-timeout 130

12.png

Observe how there is a timeout of 130 seconds. I’ve been interrupted before 130 seconds by C TRL+C to stop the attack. Note how it says ”waiting for PMKID (1m 23s)”
13.png

Stop deauthentication on a particular ESSID: This flag will stop the tool from conducting client deauthentication (often used in handshake captures). In a list of targets I want to stop preventing my tool to conduct deauthentication, this would yield useful
Code:
wifite -e raaj --nodeauths
-e : ESSID (name of AP)

14.png

Targeting only WPA networks: This flag helps us identify WPA only and attack the targets
Code:
wifite --wpa

15.png

Ignore present handshakes: Oftentimes we want a fresh start or our handshakes are just not behaving the way we want. For those times, we have a handy feature of ignoring the existing handshakes and capturing rather fresh or new ones.
Code:
wifite --new-hs

16.png

Supplying custom dictionary: For our dictionary attacks, if we want to supply a custom wordlist we can do that within the tool’s interface too. This is done by the “dict” flag
Code:
wifite --dict /root/dict.txt

17.png

Now, setting the target as above, we see that dictionary infact works
18.png

Display cracked APs: To display a complete list of already cracked targets fetched from the tool’s database, we have the command:
Code:
wifite --cracked

19.png

Validating handshakes: Now, if we want to verify the existing handshakes that we have already captured against a wide variety of Wireless Auditing tools we can do so by:
Code:
wifite --check

20.png

Great, now I can proceed with tshark now!

Cracking handshake file: The list of handshake files we have captured is with us now. What if I want to modify the cracking tool and not use the default one. It can be done using:
Code:
wifite --cracked

Choose target and tool afterwards

21.png

And as you can see that aircrack has cracked password “raj12345”

Killing conflicting processes: This flag helps us kill all the jobs that may conflict with the working of the tool. It’s a great little cleanup technique before starting the tool
Code:
wifite --kill

22.png

MAC Spoofing: MAC Address spoofing is a great technique to evade analyst’s vision and avoid getting caught by supplying the real MAC ID of your Wi-Fi adapter. First, we see our wifi card’s MAC ID by ifconfig
24.png

Note this MAC ID ends in 5C. That’s all we need to visualize if MAC is being spoofed or not.
Now we spoof this MAC ID by wifite command:
Code:
wifite --random-mac

25.png

Observe how this new MAC ID ends in 09. This means that spoofing has been done successfully and a random MAC has been put on the interface.

Now, after our job is done, this option will automatically reset the MAC ID too. Very efficient.

26.png

Power filter: Access Points that are far away often don’t behave well while being attacked. There’s a lot of noise, attenuated signals and obviously packet drops while communicating. So to be safe we’ll set a power threshold so that we can only scan WiFis closer to us and whose power is enough to be communicated with without any errors like in WiFis that are attenuated.

Note that this value is in decibels. Let’s set a threshold of 35db.
Code:
wifite --power 35

27.png
Now only the APs with 35db or more strength will be visible.

Conclusion
We discussed various features of another handy tool in this article when we talk about wireless auditing. This discussion was intended to rationalize and be pragmatic about the arsenal of tools you create while auditing wireless networks. Sometimes we have to reduce our workload and can’t remember all the lengthy commands in traditional tools and in such scenarios, tools like wifite fit perfectly for our cause. Hope this helped. Thanks for reading.
 
Top