This is a Python tool for uploading .pcap handshake files to the WPA-SEC service. It validates, uploads, and manages handshakes efficiently, with features like Dry Run mode, Force upload, and Validation checks.
Before running the script, ensure that Python 3 is installed on your system, and verify that the required libraries are available.
This script requires requests and scapy. If they are missing, install them using the following commands:
sudo apt install python3-requests python3-scapyNote:
scapyis essential for validating.pcapfiles, as it is used to parse and verify the presence of EAPOL packets.
Note:
requestsis installed with pwnagotchi but it is there if someone is doing this from scratch.
Clone this repository to your desired directory:
git clone https://github.com/fernstedt/gotchipush.git
cd gotchipushEdit the gotchipush.py file and set your API Key in this line:
API_KEY = "your_api_key_here"The only required configuration is the API Key, which you can retrieve from your WPA-SEC account.
By default, the /root/handshakes directory may not be accessible to a normal user. You need to provide appropriate permissions to ensure the script works.
Switch to the root user and run the script:
sudo su
python gotchipush.pyTo allow the default pi user to run the script, change the permissions of the /root/handshakes directory:
sudo chmod -R 770 /root/handshakes
sudo chown -R pi:pi /root/handshakes770grants full access to the directory owner and group but restricts others.- This allows the
piuser to read, write, and execute files in the directory.
Upload all valid .pcap handshakes from the handshakes directory:
python gotchipush.pySimulate the upload process without sending any files:
python gotchipush.py --dry-runForce upload all .pcap files, even if they were previously uploaded:
python gotchipush.py --forceValidate the .pcap files in the handshakes directory and check their upload status:
python gotchipush.py --validate-upload- Dry Run + Force Upload (Simulates forced uploads):
python gotchipush.py --dry-run --force
/root/
│
├── handshakes/ # Directory containing .pcap files
│ ├── handshake1.pcap
│ ├── handshake2.pcap
│ └── ...
│
├── gotchipush.py # The main upload script
└── uploaded_handshakes.json # Auto-generated file tracking uploaded handshakesThe tool validates .pcap files using the following checks:
-
File Size Check:
Ensures the file is not empty. -
Magic Digits Check:
Verifies the file starts with correct magic bytes for.pcapfiles:d4 c3 b2 a1(Little Endian)a1 b2 c3 d4(Big Endian)
These bytes confirm the file format conforms to the
.pcapstandard. -
EAPOL Packet Check:
Scans the file for EAPOL (Extensible Authentication Protocol over LAN) packets, which indicate the presence of a valid WPA/WPA2 handshake.
If any of these checks fail, the file will be marked as invalid and skipped during the upload process.
The tool logs all actions (validation, uploads, skips, etc.) in real-time to the console. If you need persistent logs, redirect output to a file:
python gotchipush.py > upload.log 2>&1- Handshake files that are invalid or missing EAPOL packets will be skipped.
- If
uploaded_handshakes.jsonbecomes corrupted, it will automatically reset to avoid issues.
Contributions are welcome! Please submit a pull request or open an issue to suggest improvements.
This project is licensed under the MIT License.