Git Product home page Git Product logo

hashcatch's Introduction

hashcatch

Hashcatch deauthenticates clients connected to all nearby WiFi networks and tries to capture the handshakes. It can be used in any linux device including Raspberry Pi and Nethunter devices so that you can capture handshakes while walking your dog

Written by @SivaneshAshok

PoC of hashcatch (running with a couple of WiFi networks within range)

hashcatch PoC

Prerequisites

The following packages are necessary for hashcatch to work

  • aircrack-ng
  • hashcat-utils
  • hcxtools
  • jq

Setting up

  1. ./setup.sh
  2. Enter the interface that can be switched to monitor mode
  3. The script will create the required files
  4. The script will also check if prerequisites are installed, in Arch and Debian based distributions

Usage

sudo ./hashcatch.sh

  • The script runs indefinitely until keyboard interrupt
  • If you're targeting a wifi network, spend around 20 to 30 seconds within the wifi's range to ensure handshake capture
  • Handshakes captured will be stored in handshakes/ directory
  • The captured WiFi network's BSSID and ESSID will be stored in db file
  • [Experimental] If you are connected to the internet while capturing, the following data will also be added to the db file
    • latitude
    • longitude
    • signal radius
    • time of record
    • Note: Kudos to Alexander Mylnikov for the API he's running that returns the location details of a router's MAC address using public databases

The "config" file

  • The config file will be generated by the setup.sh script
  • You can later edit the "interface" field to set the interface of your choice
  • You can also add an "ignore" field to mention the WiFi networks you want hashcatch to ignore while running
  • Refer the example given below to know about the format in which entries should be added to config file

Format of config file

option name=option1,option2,option3

No space in between option name, equal sign and options

Example

interface=wlan0
ignore=Google Starbucks,AndroidAP

Features to be added

  • PMKID attack
  • Pixiedust attack for WPS enabled networks
  • More location features
  • Automatically check handshakes with a rainbow table

PS: Even though I was working on this script few days before @evilsocket posted about his pwnagotchi, his work has definitely been an inspiration for this project!

hashcatch's People

Contributors

staz0t avatar 6661620a avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.