refactored to copy pcap files
refactored to copy pcap files to a directory if it contains a handshake/PMKID. I did this since never could get the os.remove(filename) to work for me.
This commit is contained in:
parent
67479d6b86
commit
a97f19b3f4
@ -1,68 +1,53 @@
|
|||||||
import pwnagotchi.plugins as plugins
|
import pwnagotchi.plugins as plugins
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
import subprocess
|
import subprocess
|
||||||
import string
|
|
||||||
import os
|
import os
|
||||||
|
import shutil
|
||||||
'''
|
|
||||||
Aircrack-ng needed, to install:
|
|
||||||
> apt-get install aircrack-ng
|
|
||||||
'''
|
|
||||||
|
|
||||||
|
|
||||||
class AircrackOnly(plugins.Plugin):
|
class AircrackOnly(plugins.Plugin):
|
||||||
__author__ = 'pwnagotchi [at] rossmarks [dot] uk'
|
__author__ = 'pwnagotchi [at] rossmarks [dot] uk'
|
||||||
__version__ = '1.0.1'
|
__version__ = '1.0.1'
|
||||||
__license__ = 'GPL3'
|
__license__ = 'GPL3'
|
||||||
__description__ = 'confirm pcap contains handshake/PMKID or delete it'
|
__description__ = 'Confirm pcap contains a handshake/PMKID and copy it to a directory'
|
||||||
|
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
self.text_to_set = ""
|
self.directory = '/home/pi'
|
||||||
|
|
||||||
def on_loaded(self):
|
def on_loaded(self):
|
||||||
logging.info("aircrackonly plugin loaded")
|
logging.info("AircrackOnly plugin loaded")
|
||||||
|
aircrack_installed = self.check_aircrack_installed()
|
||||||
if 'face' not in self.options:
|
if aircrack_installed:
|
||||||
self.options['face'] = '(>.<)'
|
logging.info(f"AircrackOnly: Found {aircrack_installed}")
|
||||||
|
|
||||||
check = subprocess.run(
|
|
||||||
('/usr/bin/dpkg -l aircrack-ng | grep aircrack-ng | awk \'{print $2, $3}\''), shell=True, stdout=subprocess.PIPE)
|
|
||||||
check = check.stdout.decode('utf-8').strip()
|
|
||||||
if check != "aircrack-ng <none>":
|
|
||||||
logging.info("aircrackonly: Found " + check)
|
|
||||||
else:
|
else:
|
||||||
logging.warning("aircrack-ng is not installed!")
|
logging.warning("Aircrack-ng is not installed!")
|
||||||
|
|
||||||
|
def check_aircrack_installed(self):
|
||||||
|
check = subprocess.run(
|
||||||
|
'/usr/bin/dpkg -l aircrack-ng | grep aircrack-ng | awk \'{print $2, $3}\'',
|
||||||
|
shell=True,
|
||||||
|
stdout=subprocess.PIPE,
|
||||||
|
text=True
|
||||||
|
)
|
||||||
|
return check.stdout.strip()
|
||||||
|
|
||||||
|
def is_handshake_present(self, filename, keyword):
|
||||||
|
result = subprocess.run(
|
||||||
|
f'/usr/bin/aircrack-ng {filename} | grep "{keyword}"',
|
||||||
|
shell=True,
|
||||||
|
stdout=subprocess.PIPE,
|
||||||
|
text=True
|
||||||
|
)
|
||||||
|
return result.returncode == 0
|
||||||
|
|
||||||
def on_handshake(self, agent, filename, access_point, client_station):
|
def on_handshake(self, agent, filename, access_point, client_station):
|
||||||
display = agent._view
|
handshake_found = self.is_handshake_present(filename, "WPA (1 handshake)")
|
||||||
todelete = 0
|
pmkid_found = self.is_handshake_present(filename, "WPA (1 handshake, with PMKID)")
|
||||||
handshakeFound = 0
|
|
||||||
|
|
||||||
result = subprocess.run(('/usr/bin/aircrack-ng ' + filename + ' | grep "1 handshake" | awk \'{print $2}\''),
|
if handshake_found or pmkid_found:
|
||||||
shell=True, stdout=subprocess.PIPE)
|
new_file = os.path.join(self.directory, os.path.basename(filename))
|
||||||
result = result.stdout.decode('utf-8').translate({ord(c): None for c in string.whitespace})
|
shutil.copy(filename, new_file)
|
||||||
if result:
|
logging.info(f"AircrackOnly: Copied {filename} to {new_file}")
|
||||||
handshakeFound = 1
|
|
||||||
logging.info("[AircrackOnly] contains handshake")
|
|
||||||
|
|
||||||
if handshakeFound == 0:
|
def on_options_update(self, agent, interface, options):
|
||||||
result = subprocess.run(('/usr/bin/aircrack-ng ' + filename + ' | grep "PMKID" | awk \'{print $2}\''),
|
self.directory = options.get('directory', self.directory)
|
||||||
shell=True, stdout=subprocess.PIPE)
|
logging.info(f"AircrackOnly: Using directory: {self.directory}")
|
||||||
result = result.stdout.decode('utf-8').translate({ord(c): None for c in string.whitespace})
|
|
||||||
if result:
|
|
||||||
logging.info("[AircrackOnly] contains PMKID")
|
|
||||||
else:
|
|
||||||
todelete = 1
|
|
||||||
|
|
||||||
if todelete == 1:
|
|
||||||
os.remove(filename)
|
|
||||||
self.text_to_set = "Removed an uncrackable pcap"
|
|
||||||
logging.warning("Removed uncrackable pcap " + filename)
|
|
||||||
display.update(force=True)
|
|
||||||
|
|
||||||
def on_ui_update(self, ui):
|
|
||||||
if self.text_to_set:
|
|
||||||
ui.set('face', self.options['face'])
|
|
||||||
ui.set('status', self.text_to_set)
|
|
||||||
self.text_to_set = ""
|
|
||||||
|
|||||||
@ -1,3 +1,2 @@
|
|||||||
aircrackonly:
|
aircrackonly:
|
||||||
enabled: false
|
enabled: false
|
||||||
face: '(>.<)'
|
|
||||||
Loading…
x
Reference in New Issue
Block a user