scifijunkie/pwnagotchi-plugins-contrib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactored to copy pcap files

Browse Source 
refactored to copy pcap files to a directory if it contains a handshake/PMKID.

I did this since never could get the os.remove(filename) to work for me.
This commit is contained in:
scifijunkie 2024-03-09 10:06:31 -06:00
parent 67479d6b86
commit a97f19b3f4
2 changed files with 35 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
aircrackonly.py
View File

@ -1,68 +1,53 @@
import pwnagotchi.plugins as plugins
import logging
import subprocess
import string
import os
'''
Aircrack-ng needed, to install:
> apt-get install aircrack-ng
'''
import shutil
class AircrackOnly(plugins.Plugin):
__author__ = 'pwnagotchi [at] rossmarks [dot] uk'
__version__ = '1.0.1'
__license__ = 'GPL3'
__description__ = 'confirm pcap contains handshake/PMKID or delete it'
__description__ = 'Confirm pcap contains a handshake/PMKID and copy it to a directory'
def __init__(self):
self.text_to_set = ""
self.directory = '/home/pi'
def on_loaded(self):
logging.info("aircrackonly plugin loaded")
if 'face' not in self.options:
self.options['face'] = '(>.<)'
check = subprocess.run(
('/usr/bin/dpkg -l aircrack-ng | grep aircrack-ng | awk \'{print $2, $3}\''), shell=True, stdout=subprocess.PIPE)
check = check.stdout.decode('utf-8').strip()
if check != "aircrack-ng <none>":
logging.info("aircrackonly: Found " + check)
logging.info("AircrackOnly plugin loaded")
aircrack_installed = self.check_aircrack_installed()
if aircrack_installed:
logging.info(f"AircrackOnly: Found {aircrack_installed}")
else:
logging.warning("aircrack-ng is not installed!")
logging.warning("Aircrack-ng is not installed!")
def check_aircrack_installed(self):
check = subprocess.run(
'/usr/bin/dpkg -l aircrack-ng | grep aircrack-ng | awk \'{print $2, $3}\'',
shell=True,
stdout=subprocess.PIPE,
text=True
)
return check.stdout.strip()
def is_handshake_present(self, filename, keyword):
result = subprocess.run(
f'/usr/bin/aircrack-ng {filename} | grep "{keyword}"',
shell=True,
stdout=subprocess.PIPE,
text=True
)
return result.returncode == 0
def on_handshake(self, agent, filename, access_point, client_station):
display = agent._view
todelete = 0
handshakeFound = 0
handshake_found = self.is_handshake_present(filename, "WPA (1 handshake)")
pmkid_found = self.is_handshake_present(filename, "WPA (1 handshake, with PMKID)")
result = subprocess.run(('/usr/bin/aircrack-ng ' + filename + ' | grep "1 handshake" | awk \'{print $2}\''),
shell=True, stdout=subprocess.PIPE)
result = result.stdout.decode('utf-8').translate({ord(c): None for c in string.whitespace})
if result:
handshakeFound = 1
logging.info("[AircrackOnly] contains handshake")
if handshake_found or pmkid_found:
new_file = os.path.join(self.directory, os.path.basename(filename))
shutil.copy(filename, new_file)
logging.info(f"AircrackOnly: Copied {filename} to {new_file}")
if handshakeFound == 0:
result = subprocess.run(('/usr/bin/aircrack-ng ' + filename + ' | grep "PMKID" | awk \'{print $2}\''),
shell=True, stdout=subprocess.PIPE)
result = result.stdout.decode('utf-8').translate({ord(c): None for c in string.whitespace})
if result:
logging.info("[AircrackOnly] contains PMKID")
else:
todelete = 1
if todelete == 1:
os.remove(filename)
self.text_to_set = "Removed an uncrackable pcap"
logging.warning("Removed uncrackable pcap " + filename)
display.update(force=True)
def on_ui_update(self, ui):
if self.text_to_set:
ui.set('face', self.options['face'])
ui.set('status', self.text_to_set)
self.text_to_set = ""
def on_options_update(self, agent, interface, options):
self.directory = options.get('directory', self.directory)
logging.info(f"AircrackOnly: Using directory: {self.directory}")

1
aircrackonly.yml
View File

@ -1,3 +1,2 @@
aircrackonly:
enabled: false
face: '(>.<)'