#airgeddon 
#Features
- Interface mode switcher (Monitor-Managed) keeping selection even on interface name changing.
- DoS over wireless networks using different methods.
- Assisted Handshake file capturing.
- Cleaning and optimizing Handshake captured files.
- Offline password decrypting on WPA/WPA2 captured files (dictionary, bruteforce and rule based).
- Evil Twin attacks (Rogue AP):
- Only Rogue/Fake AP version to sniff using external sniffer (Hostapd + DHCP + DoS).
- Simple integrated sniffing (Hostapd + DHCP + DoS + ettercap).
- Integrated sniffing, sslstrip (Hostapd + DHCP + DoS + Ettercap + Sslstrip).
- Integrated sniffing, sslstrip2 and BeEF browser exploitation framework (Hostapd + DHCP + DoS + Bettercap + BeEF).
- Captive portal with "DNS blackhole" to capture wifi passwords (Hostapd + DHCP + DoS + Dnsspoff + Lighttpd).
- WPS features:
- WPS scanning (wash). Self parameterization to avoid "bad fcs" problem.
- Custom PIN association (bully and reaver).
- Pixie Dust attacks (bully and reaver).
- Bruteforce PIN attacks (bully and reaver).
- Parameterizable timeouts.
- Known WPS PINs attack (bully and reaver), based on online PIN database with auto-update.
- Integration of the most common PIN generation algorithms.
- Compatibility with many Linux distros (see requirements section).
- Easy targeting and selection in every section.
- Drag and drop files on console window for entering file paths.
- Dynamic screen resolution detection and windows auto-sizing for optimal viewing.
- Controlled Exit. Cleaning tasks and temp files. Option to keep monitor mode if desired.
- Multilanguage support and autodetect OS language feature (see supported languages section).
- Help hints in every zone/menu for easy use.
- Auto-update. Script checks for newer version if possible.
#Requirements Bash version 4.2 or later needed.
Compatibility with any Linux which have installed the tools what script needs. The script checks for them at the beginning.
Tested on these compatible Linux distros:
-Kali 2.0, 2016.1, 2016.2 and arm versions (Raspberry Pi)
-Wifislax 4.11.1, 4.12 and 64-1.0
-Backbox 4.5.1 and 4.6
-Parrot 2.2.1 to 3.4.1 and arm versions (Raspberry Pi)
-BlackArch 2016.01.10 to 2016.12.29
-Cyborg Hawk 1.1
-Debian 7 (Wheezy) and 8 (Jessie)
-Ubuntu/Xubuntu 15.10, 16.04 and 16.04.1
-OpenSUSE Leap 42.1 and 42.2
-CentOS 6 and 7
-Gentoo 20160514 and 20160704
-Fedora 24
-Red Hat 7 (Maipo)
-Arch 4.6.2-1 to 4.8.13-1
-Raspbian 7 (Wheezy) and 8 (Jessie) (Raspberry Pi)
-OpenMandriva LX3
airgeddon is already included in some Linux distros and repositories:
- Wifislax 4.12, 64-1.0 or higher.
- BlackArch first 2017 release or later.
- ArchStrike repository.
We will enumerate the categories and tools. The command can be included in different packages depending of the distro.
Essential tools: <- the script doesn't work if you don't have installed all of them
| Command | Possible package name | // | Command | Possible package name |
|---|---|---|---|---|
| ifconfig | net-tools | // | iwconfig | wireless-tools |
| iw | iw | // | awk | awk / gawk |
| airmon-ng | aircrack-ng | // | airodump-ng | aircrack-ng |
| aircrack-ng | aircrack-ng | // | xterm | xterm |
Optional tools: <- not necessary to work, only needed for some features
| Command | Possible package name | // | Command | Possible package name |
|---|---|---|---|---|
| wpaclean | aircrack-ng | // | ettercap | ettercap / ettercap-text-only / ettercap-graphical |
| crunch | crunch | // | etterlog | ettercap / ettercap-text-only / ettercap-graphical |
| aireplay-ng | aircrack-ng | // | sslstrip | sslstrip |
| mdk3 | mdk3 | // | dhcpd | isc-dhcp-server / dhcp-server / dhcp |
| hashcat | hashcat | // | dnsspoof | dsniff |
| hostapd | hostapd | // | wash | reaver |
| lighttpd | lighttpd | // | reaver | reaver |
| iptables | iptables | // | bully | bully |
| bettercap | bettercap | // | pixiewps | pixiewps |
| beef | beef / beef-xss | // | unbuffer | expect / expect-dev |
Important tips about BeEF
- The beef software you must install is BeEF (Browser Exploitation Framework). Be careful, don't confuse with beef (Flexible Brainfuck interpreter). This package has on some distros the same name, same executable file name and can lead into confusion. Anyway, airgeddon is able to detect this and show you a warning if needed. Here is a link to the right BeEF installation's page: BeEF Installation.
- If you use a distro which already comes with BeEF installed like Kali, BlackArch or Wifislax, you will have no problems. If you install BeEF manually, airgeddon is able to manage the integration asking you for the path where it's installed, even modifying its own code in order to make updates-proof persistent changes.
Update tools: <- not necessary to work, only used for auto-update
| Command | Possible package name |
|---|---|
| curl | curl |
Internal tools: <- these are internally checked. Not necessary to work, good to have
| Command | Possible package name |
|---|---|
| xdpyinfo | x11-utils / xdpyinfo / xorg-xdpyinfo |
| ethtool | ethtool |
| lspci | pciutils |
| rfkill | rfkill |
| Is highly recommended to have the internal tools installed. They improve functionality and performance. For example, xdpyinfo allow the script to detect the desktop resolution in order to print windows in a better way (size and position). |
Of course, the script also uses many standard basic commands that are understood to come with any Linux distro, so they are not checked (cp, rm, grep, pgrep, egrep, md5sum, uname, echo, hash, cat, sed, etc.).
#Known incompatibilities
Impossible compatibility for Mac OSX at the moment. Some reasons:
-Bash version <- it can be avoided upgrading to 4 or later, this is not the real problem 😄
-Aircrack suite <- this suite for OSX doesn't support airodump and aireplay
-Wireless tools <- iwconfig doesn't exists for OSX, and airport command can't be used. It generates very different outputs
Incompatible with OpenBSD and FreeBSD. They are Unix systems but they have some differences with Linux:
-Bash <- They have no bash. It can be installed, this is not the real problem again 😅
-Wireless tools <- iwconfig doesn't exists for these systems, they use ifconfig instead and it generates very different outputs
#Disclaimer & License
This script must be used only for educational purposes and pentesting.
Use it only on your own networks or with the network's owner appropriate permission during a penstest.
airgeddon staff is not responsible of its use in any case.
This script is under GPLv3 (or later) License.
#Use
Must be launched only using bash (not sh). Example bash /path/to/airgeddon.sh
If you launch the script using sh and a "Syntax error" appears, launch it with bash instead of sh. Even with no initial error, maybe you'll have it later. Use bash always!
#Supported Languages
English
Spanish
French
Catalan
Portuguese
Russian
Greek
#Project Collaboration You can join the project:
- Translations to other languages are welcome.
- More distros support compatibility.
- New features.
- More WPS pins for the database.
- Testing and feedback is needed too.
For collaborating translators:
You can take the strings to translate from the code. All the stuff to translate is in "language_strings" function. Ask by mail if you have any doubt. You'll be informed about you how to proceed, you can be added as a collaborator on the project.
For collaborating developers:
Debug mode was implemented for faster development skipping intro and initial checks. Use it setting var "debug_mode" to 1
Please, respect the tab indentation, code style and the UTF-8 files format only using at the end of the lines LF (not CRLF).
Direct push on master is not allowed, and pull requests require revision and approvement.
airgeddon code is 100% clean of warnings. Use Shellcheck to search for errors and warnings on code. <- Thanks xtonousou for the tip 😉
For beta testers:
You can download the master version or the beta testing version from the development branch called dev. Sometimes there are other temporary branches for specific features that can be tested too.
For WPS PIN database collaborators:
The pins must be strictly ordered by key in the array. Keys are the first 6 bssid digits. After updating the "known_pins.db" file, you must update too "pindb_checksum.txt" with the calculated checksum of the database file. This checksum is calculated using md5sum tool.
#Changelog See Changelog file to review changes.
#Credits & Special Thanks Thank you to:
Kcdtv for French translations, beta testing, suggestions about new features and support received since the beginning.
USUARIONUEVO for helping me to improve the script, suggestions about new features and for the support received.
El padrino and cLn for Catalan translations.
Luan for Portuguese translations.
MiAl for Russian translations.
xtonousou for Greek translations, beta testing, suggestions, the help received fixing code warnings and other stuff.
Thanks to the "Spanish pentesting crew", the Wifislax staff, the BlackArch community, the Seguridadwireless.net, Wifi-libre.com and Lampiweb.com forum people that helped me.
Thanks to the Hackware.ru admins. Thanks to all the people who helped me building the online PIN database for WPS. Thank you to Dominique Bongard for bringing to us Pixie Dust attacks. Thanks to Zhao Chunsheng and Stefan Viehböck for their wonderful algorithms.
I want to thank you too, to all developers who made and designed the third-party tools airgeddon uses.
Thank you too to other authors who inspired me with their scripts:
vk496 -> Linset
MI1 -> Airstorm
MatToufoutu -> Ap-fucker
Coeman76 -> Handshaker
Goyfilms -> Goyscript
Kcdtv -> WPSPin
#Donate
If you enjoyed the script, feel free to give a donation. Invite me to a coffee through Paypal or send me a fraction of a bitcoin:
Paypal: v1s1t0r.1s.h3r3@gmail.com
Bitcoin: 1AKnTXbomtwUzrm81FRzi5acSSXxGteGTH
