SniffAir-开源的无线安全框架
2023-8-27 14:41:46 Author: 网络安全交流圈(查看原文) 阅读量:15 收藏

介绍:

SniffAir是一个开源的无线安全框架,它提供了轻松解析被动收集的无线数据以及发起复杂无线攻击的能力。SniffAir负责处理与管理大型或多个pcap文件相关的麻烦,同时彻底交叉检查和分析流量,寻找潜在的安全漏洞。除了预构建的查询外,SniffAir还允许用户创建自定义查询,以分析存储在后端SQL数据库中的无线数据。SniffAir建立在使用这些查询为无线渗透测试报告提取数据的概念之上。这些数据还可用于设置SniffAir中包含的复杂无线攻击作为模块。

安装:

SniffAir是用Python版本2.7开发的
在 Kali Linux、Debian 和 Ubuntu 上测试和支持。
要安装,请运行 setup.sh 脚本
$./setup.sh

                                                                     % *        ., %                                                                                             % ( ,#     (..# %                            /@@@@@&,    *@@%        &@,    @@#    /@@@@@@@@@   [email protected]@@@@@@@@. ,/ # # (%%%* % (.(.  [email protected]@     &@@@@@@%.      [email protected]@&   *&@    %@@@@.      &@,    @@%    %@@,,,,,,,   ,@@,,,,,,,  .( % %  %%#  # % #   ,@@     @@(,,,#@@@.    %@%           %@@(@@.     &@,    @@%    %@@          ,@@          /* #   /*,   %.,,   ,@@     @@*     #@@    ,@@&          %@@ ,@@*    &@,    @@%    %@@          ,@@           .#   //#(,   (,    ,@@     @@*     &@%     [email protected]@@@@.      %@@  [email protected]@(   &@,    @@%    %@@%%%%%%*   ,@@%%%%%%#         (# ##.        ,@@     @@&%%%@@@%          *@@@@    %@@   [email protected]@/  &@,    @@%    %@@,,,,,,    ,@@,,,,,,.        %#####%        ,@@     @@(,,%@@%              @@%   %@@     @@( &@,    @@%    %@@          ,@@              %  (*/  #       ,@@     @@*    @@@             %@%   %@@      @@&&@,    @@%    %@@          ,@@             %  #  .# .#      ,@@     @@*     @@%   [email protected]@&/,,#@@@    %@@       &@@@,    @@%    %@@          ,@@            /(*       /(#     ,@@     @@*      @@#    *%@@@&*      *%#        ,%#     #%/    *%#           %%            #############.    .%#     #%.      .%%                                                                   (@Tyl0us & @theDarracott)
 >>  [default]# helpCommands========workspace                Manages workspaces (create, list, load, delete)live_capture             Initiates a valid wireless interface to collect wireless packets to be parsed (requires the interface name)offline_capture          Begins parsing wireless packets using a pcap file-kismet .pcapdump work best (requires the full path)offline_capture_list     Begins parsing wireless packets using a list of pcap file-kismet .pcapdump work best (requires the full path)query                    Executes a query on the contents of the acitve workspacehelp                     Displays this help menuclear                    Clears the screenshow                     Shows the contents of a table, specific information across all tables or the available modulesinscope                  Add ESSID to scope. inscope [ESSID]SSID_Info                Displays all information (i.e all BSSID, Channels and Encrpytion) related to the inscope SSIDSuse                      Use a SniffAir moduleinfo                     Displays all variable information regarding the selected moduleset                      Sets a variable in moduleexploit                  Runs the loaded modulerun                      Runs the loaded moduleexit                     Exit SniffAir >>  [default]#

模块:
模块可用于分析工作区中包含的数据或使用  use <module name> 命令。对于某些模块,可能需要设置其他变量。可以使用 set 命令设置它们  set <variable name> <variable value>
 >>  [demo]# show modulesAvailable Modules=================[+] Auto EAP - Automated Brute-Force Login Attack Against EAP Networks[+] Auto PSK - Automated Brute-Force Passphrase Attack Against PSK Networks[+] AP Hunter - Discover Access Point Within  a Certain Range Using a Specific Type of Encrpytion[+] Captive Portal - Web Based Login Portal to Capture User Entered Credentials (Runs as an OPEN Network)[+] Certificate Generator - Generates a Certificate Used by Evil Twin Attacks[+] Exporter - Exports Data Stored in a Workspace to a CSV File[+] Evil Twin - Creates a Fake Access Point, Clients Connect to Divulging MSCHAP Hashes or Cleartext Passwords[+] Handshaker - Parses Database or .pcapdump Files Extracting the Pre-Shared Handshake for Password Guessing (Hashcat or JTR Format)[+] Mac Changer - Changes The Mac Address of an Interface[+] Probe Packet - Sends Out Deauth Packets Targeting SSID(s)[+] Proof Packet - Parses Database or .pcapdump Files Extracting all Packets Related to the Inscope SSDIS[+] Hidden SSID - Discovers the Names of HIDDEN SSIDS[+] Suspicious AP - Looks for Access Points that: Is On Different Channel, use a Different Vendor or Encrpytion Type Then the Rest of The Network[+] Wigle Search SSID - Queries wigle for SSID (i.e. Bob's wifi)[+] Wigle Search MAC - Queries wigle for all observations of a single mac address >>  [demo]#  >>  [demo]# use Captive Portal >>  [demo][Captive Portal]# infoGlobally Set Varibles===================== Module: Captive Portal Interface:  SSID:  Channel:  Template: Cisco (More to be added soon) >>  [demo][Captive Portal]# set Interface wlan0 >>  [demo][Captive Portal]# set SSID demo >>  [demo][Captive Portal]# set Channel 1 >>  [demo][Captive Portal]# infoGlobally Set Varibles===================== Module: Captive Portal Interface: wlan0 SSID: demo Channel: 1 Template: Cisco (More to be added soon) >>  [demo][Captive Portal]#

下载地址:https://github.com/Tylous/SniffAir

文章来源: http://mp.weixin.qq.com/s?__biz=MzI1MDk3NDc5Mg==&mid=2247485054&idx=1&sn=7e9729ef3ebc9a2315c71fa10618eac5&chksm=e9fb4159de8cc84fa02479f93900ce641a3e84a4fc04af117306e1866f5ecf92edc2335df55f&scene=0&xtrack=1#rd
如有侵权请联系:admin#unsafe.sh