介绍:
SniffAir是一个开源的无线安全框架,它提供了轻松解析被动收集的无线数据以及发起复杂无线攻击的能力。SniffAir负责处理与管理大型或多个pcap文件相关的麻烦,同时彻底交叉检查和分析流量,寻找潜在的安全漏洞。除了预构建的查询外,SniffAir还允许用户创建自定义查询,以分析存储在后端SQL数据库中的无线数据。SniffAir建立在使用这些查询为无线渗透测试报告提取数据的概念之上。这些数据还可用于设置SniffAir中包含的复杂无线攻击作为模块。
安装:
$./setup.sh% * ., %% ( ,# (..# %/@@@@@&, *@@% &@, @@# /@@@@@@@@@ .@@@@@@@@@. ,/ # # (%%%* % (.(. .@@ &@@@@@@%..@@& *&@ %@@@@. &@, @@% %@@,,,,,,, ,@@,,,,,,, .( % % %%# # % # ,@@ @@(,,,#@@@.%@% %@@(@@. &@, @@% %@@ ,@@ /* # /*, %.,, ,@@ @@* #@@,@@& %@@ ,@@* &@, @@% %@@ ,@@ .# //#(, (, ,@@ @@* &@%.@@@@@. %@@ .@@( &@, @@% %@@%%%%%%* ,@@%%%%%%# (# ##. ,@@ @@&%%%@@@%*@@@@ %@@ .@@/ &@, @@% %@@,,,,,, ,@@,,,,,,. %#####% ,@@ @@(,,%@@%@@% %@@ @@( &@, @@% %@@ ,@@ % (*/ # ,@@ @@* @@@%@% %@@ @@&&@, @@% %@@ ,@@ % # .# .# ,@@ @@* @@%.@@&/,,#@@@ %@@ &@@@, @@% %@@ ,@@ /(* /(# ,@@ @@* @@#*%@@@&* *%# ,%# #%/ *%# %% #############. .%# #%. .%%(@Tyl0us & @theDarracott)>> [default]# helpCommands========workspace Manages workspaces (create, list, load, delete)live_capture Initiates a valid wireless interface to collect wireless packets to be parsed (requires the interface name)offline_capture Begins parsing wireless packets using a pcap file-kismet .pcapdump work best (requires the full path)offline_capture_list Begins parsing wireless packets using a list of pcap file-kismet .pcapdump work best (requires the full path)query Executes a query on the contents of the acitve workspacehelp Displays this help menuclear Clears the screenshow Shows the contents of a table, specific information across all tables or the available modulesinscope Add ESSID to scope. inscope [ESSID]SSID_Info Displays all information (i.e all BSSID, Channels and Encrpytion) related to the inscope SSIDSuse Use a SniffAir moduleinfo Displays all variable information regarding the selected moduleset Sets a variable in moduleexploit Runs the loaded modulerun Runs the loaded moduleexit Exit SniffAir>> [default]#
模块可用于分析工作区中包含的数据或使用
use <module name> 命令。对于某些模块,可能需要设置其他变量。可以使用 set 命令设置它们 set <variable name> <variable value>:>> [demo]# show modulesAvailable Modules=================[+] Auto EAP - Automated Brute-Force Login Attack Against EAP Networks[+] Auto PSK - Automated Brute-Force Passphrase Attack Against PSK Networks[+] AP Hunter - Discover Access Point Within a Certain Range Using a Specific Type of Encrpytion[+] Captive Portal - Web Based Login Portal to Capture User Entered Credentials (Runs as an OPEN Network)[+] Certificate Generator - Generates a Certificate Used by Evil Twin Attacks[+] Exporter - Exports Data Stored in a Workspace to a CSV File[+] Evil Twin - Creates a Fake Access Point, Clients Connect to Divulging MSCHAP Hashes or Cleartext Passwords[+] Handshaker - Parses Database or .pcapdump Files Extracting the Pre-Shared Handshake for Password Guessing (Hashcat or JTR Format)[+] Mac Changer - Changes The Mac Address of an Interface[+] Probe Packet - Sends Out Deauth Packets Targeting SSID(s)[+] Proof Packet - Parses Database or .pcapdump Files Extracting all Packets Related to the Inscope SSDIS[+] Hidden SSID - Discovers the Names of HIDDEN SSIDS[+] Suspicious AP - Looks for Access Points that: Is On Different Channel, use a Different Vendor or Encrpytion Type Then the Rest of The Network[+] Wigle Search SSID - Queries wigle for SSID (i.e. Bob's wifi)[+] Wigle Search MAC - Queries wigle for all observations of a single mac address>> [demo]#>> [demo]# use Captive Portal>> [demo][Captive Portal]# infoGlobally Set Varibles=====================Module: Captive PortalInterface:SSID:Channel:Template: Cisco (More to be added soon)>> [demo][Captive Portal]# set Interface wlan0>> [demo][Captive Portal]# set SSID demo>> [demo][Captive Portal]# set Channel 1>> [demo][Captive Portal]# infoGlobally Set Varibles=====================Module: Captive PortalInterface: wlan0SSID: demoChannel: 1Template: Cisco (More to be added soon)>> [demo][Captive Portal]#
下载地址:https://github.com/Tylous/SniffAir
推荐站内搜索:最好用的开发软件、免费开源系统、渗透测试工具云盘下载、最新渗透测试资料、最新黑客工具下载……
还没有评论,来说两句吧...