-
Notifications
You must be signed in to change notification settings - Fork 1
/
ppdron.py
executable file
·219 lines (190 loc) · 7.27 KB
/
ppdron.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# ## LIBRARIES ##
import os
import re
import time
import socket
import subprocess
import src.settings as settings
import src.tools.wash as wash
import src.tools.airodump as airodump
import src.utils.sys_check as checks
import src.utils.lan_manager as lan_mgr
import src.utils.device_manager as device_mgr
from os import listdir
from poormanslogging import info, warn, error
import src.utils.report as report
def import_module(module):
p = re.compile('class (.+)\({}\):'.format('BaseAttack'))
module_file = os.path.join(settings.OS_PATH,'src','attacks',module+'.py')
with open(module_file) as f:
for l in f.readlines():
sintaxis_ok = re.match(p, l)
if sintaxis_ok is not None:
classname_start = 'class ';
classname_end = l.find('(')
classname = l[len(classname_start):classname_end].strip()
f.close()
break
if classname is not None:
import importlib
m = importlib.import_module('src.attacks.'+module)
return getattr(m, classname)(None)
def find_modules(attack):
modules = []
path = os.path.join(settings.OS_PATH,'src','attacks')
for module in listdir(path):
if attack in module:
modules.append(module)
priorities = []
var_priority = '__PRIORITY__'
for module in modules:
with open(os.path.join(path,module)) as file:
for line in file.readlines():
if var_priority in line:
priorities.append([module.replace('.py',''),line[len(var_priority):].strip()]) # module list and its priorities.
break
priorities = sorted(priorities,key = lambda x: x[1]) # sort by priority (0 = high priority)
return priorities
def parse_args():
import argparse
parser = argparse.ArgumentParser()
parser.add_argument('-e', '--essid', type=str, help='ESSID to target. Surround in quotes if it has spaces!')
parser.add_argument('-k', '--key', type=str, help='Key to use for connect to ESSID')
parser.add_argument('-i', '--interface', type=str, help='Interface to use for attacks/connecting')
parser.add_argument('-D', '--delay', type=str, help='Time to wait before starting (minutes)')
return parser.parse_args()
def generateReport():
report.TARGET_ESSID = settings.TARGET_ESSID
report.TARGET_CHANNEL = settings.TARGET_CHANNEL
report.TARGET_PRIVACY = settings.TARGET_PRIVACY
report.TARGET_KEY = settings.TARGET_KEY
report.generateReport()
def banner():
global version
from pyfiglet import figlet_format
b = figlet_format(' PPDRON') + \
''' Diego Sierra - Gerente - SQA
Andrea Velandia - Analista - Tester
Larry Portocarrero - Diseñador - Programador
'''
report.saveLog('PPDRON')
report.saveLog('Diego Sierra - Gerente - SQA')
report.saveLog('Andrea Velandia - Analista - Tester')
report.saveLog('Larry Portocarrero - Diseñador - Programador')
print(b)
def main():
banner()
report.initLog()
report.initReport()
if not checks.check_root():
error('You need root privileges to run PPDRON!\n')
report.saveLog('You need root privileges to run PPDRON!\n')
generateReport()
exit(1)
if not checks.check_wlan_tools_dependencies():
generateReport()
exit(1)
args = parse_args()
settings.OS_PATH = os.getcwd()
settings.INTERFACE = args.interface if args.interface is not None else settings.INTERFACE
settings.INTERFACE = device_mgr.get_ifaces()[0] if settings.INTERFACE is None else settings.INTERFACE
settings.DELAY = args.delay if args.delay is not None else settings.DELAY
settings.TARGET_ESSID = args.essid if args.essid is not None else settings.TARGET_ESSID
settings.TARGET_KEY = args.key if args.key is not None else settings.TARGET_KEY
delay = float(settings.DELAY) * 60
time.sleep(delay)
report.saveLog('PPDRON running...')
info('PPDRON running...')
if settings.TARGET_ESSID is not None:
if settings.TARGET_KEY is not None:
ap_target = None
else:
device_mgr.hardware_setup()
ap_target = airodump.scan_targets()
else:
device_mgr.hardware_setup()
ap_target = airodump.scan_targets()
# -------------------- Infiltrate wifi ------------------------------------------------
if ap_target is not None:
settings.TARGET_ESSID = ap_target.get('ESSID').strip()
settings.TARGET_BSSID = ap_target.get('BSSID').strip()
settings.TARGET_CHANNEL = ap_target.get('channel').strip()
settings.TARGET_PRIVACY = ap_target.get('Privacy').strip()
info('Target selected: ' + settings.TARGET_ESSID + ' Channel: ' + settings.TARGET_CHANNEL + ' Privacy: ' + settings.TARGET_PRIVACY)
report.saveLog('Target selected: ' + settings.TARGET_ESSID + ' Channel: ' + settings.TARGET_CHANNEL + ' Privacy: ' + settings.TARGET_PRIVACY)
if settings.TARGET_PRIVACY == 'WEP':
report.TARGET_ATTACK = 'Fuerza bruta'
info('Cracking {e} access point with WEP privacy...'.format(e=settings.TARGET_ESSID))
report.saveLog('Cracking {e} access point with WEP privacy...'.format(e=settings.TARGET_ESSID))
wep_modules = find_modules('wep')
for wep_module in wep_modules:
attack = import_module(wep_module[0])
if attack.check():
attack.setup()
attack.run()
if settings.TARGET_KEY is not None:
info('Key found!: {k} '.format(k=settings.TARGET_KEY))
report.saveLog('Key found!: {k} '.format(k=settings.TARGET_KEY))
lan_mgr.save_key()
break
else:
pass
if settings.TARGET_KEY is None:
error('Key not found! :-(')
report.saveLog('Key found!: {k} '.format(k=settings.TARGET_KEY))
generateReport()
exit(0)
elif settings.TARGET_PRIVACY == 'WPA' or settings.TARGET_PRIVACY == 'WPA2' or settings.TARGET_PRIVACY == 'WPA2WPA' or settings.TARGET_PRIVACY == 'WPA2 WPA':
info('Cracking {e} access point with {p} privacy...'.format(e=settings.TARGET_ESSID, p=settings.TARGET_PRIVACY))
report.saveLog('Cracking {e} access point with {p} privacy...'.format(e=settings.TARGET_ESSID, p=settings.TARGET_PRIVACY))
wps = wash.wash_scan()
if wps:
info('WPS is enabled')
report.saveLog('WPS is enabled')
wps_modules = find_modules('wps')
for wps_module in wps_modules:
attack = import_module(wps_module[0])
if attack.check():
attack.setup()
attack.run()
if settings.TARGET_KEY is not None:
report.TARGET_ATTACK = 'Ataque al WPS'
info('Key found!: {k} '.format(k=settings.TARGET_KEY))
report.saveLog('Key found!: {k} '.format(k=settings.TARGET_KEY))
break
else:
pass
if settings.TARGET_KEY is None:
if wps:
warn('PIN not found! :-( Running WPA/WPA2 attack modules...')
report.saveLog('PIN not found! :-( Running WPA/WPA2 attack modules...')
wpa_modules = find_modules('wpa')
for wpa_module in wpa_modules:
attack = import_module(wpa_module[0])
if attack.check():
attack.setup()
attack.run()
if settings.TARGET_KEY is not None:
info('Key found!: {k} '.format(k=settings.TARGET_KEY))
report.saveLog('Key found!: {k} '.format(k=settings.TARGET_KEY))
report.TARGET_ATTACK = 'Ataque de diccionario'
break
else:
pass
if settings.TARGET_KEY is None: # still...
error('Key not found! :-(')
report.saveLog('Key not found! :-(')
generateReport()
exit(0)
else:
lan_mgr.save_key()
else:
info('Open network!')
report.saveLog('Open network!')
report.TARGET_ATTACK = 'Ninguno'
info('PPDRON has finished! Good bye! ;)')
report.saveLog('PPDRON has finished! Good bye! ;)')
generateReport()
main()