Jump to content
Hak5 Forums


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


1 Follower

About vailixi

  • Rank
    Hak5 Pirate

Recent Profile Visitors

2,856 profile views
  1. vailixi

    Help with PMKID cracking script? BASH

    Also on Ubuntu there is a daemon you have to uninstall to get aircrack suite to work now. I can't remember the name of it right off hand.
  2. I have a hypothetical. I was running a script as system service . The script makes calls to networking tools. Some of those tools are getting no route to host errors. I'm pretty sure the network is up. I can login on all of the test machines and scan them. There's definitely network services on all of the machines. I think the problem is with the service having permissions on certain ports or systemd not allowing services to use certain ports or services. But I'm not really sure I haven't ran into this problem before. What are some possible problems systemd services can have with permissions on networking services and how do I fix? Besides the unit file (.service) are there some other configuration files I need to edit to make networking services available to my script? Sorry if this is a little vague. What are some good references on system services and networking permissions?
  3. vailixi

    Help with PMKID cracking script? BASH

    I was grabing the MAC addresses from airodump's output.
  4. I was working on a script that would get MAC addresses from a text file then indentify their make. I ran into a problem with grep while trying to use a variable for pattern matching. Firstly I was getting the MACs from a file and save them to a separate file. #I suck at regular expressions so you know a shorter way to write this please tell me. grep -io '[A-Z0-9]\{2\}:[A-Z0-9]\{2\}:[A-Z0-9]\{2\}:[A-Z0-9]\{2\}:[A-Z0-9]\{2\}:[A-Z0-9]\{2\}' /root/air/NPC-01.csv | sort -u > /root/air/macs.txt The following statement works if I want to retrieve a single manufacturer. grep $(echo 00:20:8C:30:40:60 | cut -d ':' -f 1,2,3 | sed 's/:/-/g') /etc/unicornscan/oui.txt | cut -d ':' -f 2 But really I want to to something like this. The problem is I'm not sure if grep will even work like this. Basically I want to take $line from mac.txt (where macs.txt is simply a list of MAC addresses) and get the first three hexadecimal pairs and check them against oui.txt cat /root/air/macs.txt | while read line; do grep $(echo $line | cut -d ':' -f 1,2,3 | sed 's/:/-/g') /etc/unicornscan/oui.txt | cut -d ':' -f 2; done I tried this a couple of different ways. I wasn't sure how to make grep or egrep take variables. Basically the problem I've been having is grep will want to puke out the entire contents of oui.txt or nothing at all.
  5. You can get MAC addresses from a file with a statement like this. grep -io '[A-Z0-9]\{2\}:[A-Z0-9]\{2\}:[A-Z0-9]\{2\}:[A-Z0-9]\{2\}:[A-Z0-9]\{2\}:[A-Z0-9]\{2\}' /root/air/NPC-01.csv | sort -u > /root/air/NPC.txt And you can get the manufacturer information with a statement like. grep $(echo 00:20:8C:30:40:60 | cut -d ':' -f 1,2,3 | sed 's/:/-/g') /etc/unicornscan/oui.txt | cut -d ':' -f 2 I was trying to figure out a way to loop through the text file containing the MACs and grepping each line from oui.txt. But I can't figure out a way to get grep to play nice with variables and loops.
  6. Can anyone suggest a command line tool to convert any calendar date to an epoch time? I don't want current time as epoch. I want to be able to input a calender date and get epoch. I noticed there are a lot of Javascript tools that do this but I was wonder if there is a command line tool. I'll code it if I have to, but time would be better spent elsewhere if it already exists. I noticed date time groups are easiest to work with as epoch time. At least for doing comparison operators. Here's a python snippet that essentially does what I'm looking for. Is there a native Linux application that does this? #!/usr/bin/python import datetime import calendar aprilFirst=datetime.datetime(2012, 11, 12, 0, 0) print(calendar.timegm(aprilFirst.timetuple())) This works for now. #!/usr/bin/python import sys from sys import argv import datetime import calendar year = int(argv[1]) month = int(argv[2]) day = int(argv[3]) minute = int(argv[4]) second = int(argv[5]) aprilFirst=datetime.datetime(year, month, day, minute, second) #usage py_epoch.py year month day minute second print(calendar.timegm(aprilFirst.timetuple()))
  7. iw dev |grep -i interface | cut -d ' ' -f 2 Perfect. Thanks. Actually there are plenty of automated wireless attack scripts available already. I'm trying to learn how to code deeper system automation. I need to be able to deal with outputs. I started working with python because python is easy compared to other languages. I'll probably port some of my BASH scripts over to python once I get a better handle on that. It seems to be what the cool kids are doing.
  8. I'm trying to get the output of a command as a variable and use it for a system call. Mostly I'm trying to get the concept of this by doing something easy like changing a MAC address. Firstly I want to get the wireless interface. I know I can make <iface> a command line option and I'm sure that's a better way to go but it's not really the point. There are several ways to get the wireless interface. Some of the stuff I tried. cat /proc/net/wireless | tail -n 1 | cut -d ' ' -f 2 | tr -d ':' | sed '/^\s*$/d' #this method is completely unreliable ifconfig | tail | head -2 | sed '/^\s*$/d' | cut -d ":" -f 1 #this seems to work ip link show | tail -n 2 | head -n 1 | cut -d ':' -f 2 | cut -d ' ' -f 2 #maybe Then I tried iwfconfig I think it is several outputs instead of one. So head, tail, and grep don't seem to work on it. I tried readarray as well. I didn't want to write to a file then cat the file into read array or read the file from the python script because usually there is a more elegant way of doing things. I just don't know how to do it. Question is there a more elegant way of doing this stuff? import subprocess from subprocess import call batcmd="cat /proc/net/wireless | tail -n 1 | cut -d ' ' -f 2 | tr -d ':'" wlan = subprocess.check_output(batcmd.strip(), shell=True) print(wlan).strip() call(["ifconfig", wlan.strip(), "down"]) call(["macchanger", "-r", wlan.strip()]) call(["ifconfig", wlan.strip(), "up"]) I tried this and it works sometimes. But sometimes fails because cat fails to return the wireless interface. import subprocess from subprocess import call batcmd="ifconfig | tail | head -2 | sed '/^\s*$/d' | cut -d ':' -f 1" wlan = subprocess.check_output(batcmd.strip(), shell=True) print(wlan).strip() call(["ifconfig", wlan.strip(), "down"]) call(["macchanger", "-r", wlan.strip()]) call(["ifconfig", wlan.strip(), "up"]) I wasn't sure if subprocess is the best of way of doing this. What I really need is ways to get stdout and use it in a system call.
  9. For whatever reason the text file I ended up with had some extra carriage return or newline characters and crunch was counting some of those as extra characters so crunch was throwing errors. So I wrote a quick python script to write out all of the digits. #!/usr/bin/python import sys l = ["0", "1", "2", "3", "4", "5", "6", "7", "8", "9"] for a in range(0, 9): for b in range(0, 9): for c in range(0, 9): for d in range(0, 9): with open("/root/Desktop/areacodes/one.txt") as f: for line in f: i=(line.strip())+(l[a])+(l[b])+(l[c])+(l[d]) print i It took about 11 minutes to generate the list. 1,090,503,810 lines and a little under 12GB which is about 11% of the 10,000,000,000 lines and 102 GB that crunch would have produced. At any rate generating a rainbow table that size would probably take months so splitting it into lists with local numbers then generating the tables would probably be the way to go. I'll put the list of up for download like with my other wordlists because it took a little bit of work to put together.
  10. Kinda seems like the information would be out there already and readily available. It's weird, you used to be able to find this stuff easily. Seems there more websites there are the harder it is to find useful information. your suggestion on scripting seems to be right course of action. Maybe something like this: #!/bin/bash SITE="https://www.allareacodes.com/" cat /root/Desktop/areacodes.txt | while read line; do URL=$SITE$line sleep 15 wget $URL; done grep -o '([0-9]\{3\})[^\s][0-9]\{3\}' /root/Desktop/areacodes/ > areaprefix.txt
  11. This is pretty much what I'm doing. Say there are 53 valid prefixes in Seattle. I would put those into prefixes.txt read through the list and call crunch with the area code and prefix. The wordlist it will generate is 530,000 lines rather than 10,000,000. The rainbow table takes 23 minutes to generate rather than 7 hours. #!/bin/bash touch seattlenumbers.txt AREACODE="206" DIGITS="%%%%" cat /root/prefixes.txt | while read line; do NUMBER=$AREACODE$line$DIGITS crunch 10 10 -t $NUMBER >> seattlenumbers.txt; done
  12. I was hoping find a good list of possible US phone numbers. Back in the day I had a database of all of the cities, zip codes, area codes, prefixes etc, but I can't remember what it was called or where I got it from. Basically I was going to use all of the possible valid area codes and phone numbers for some NETGEARXX rainbow tables. But I really didn't want to generate a 102 GB wordlist when only a fraction of the words are going to be possible valid numbers. Anybody know where I can find a file with valid area code and prefix information? Is it in one of the geolocation databases?
  13. vailixi

    Wireless hotspot or router as service? Linux

    I thought this would be easier. I'm going to have to do more scripting when I have time.