rajuk- / grimwepa Goto Github PK

I use/used BT2/BT3/BT4/FRHack (mod BBT4)
But I'm also interested in the minimalist Linux distro Slitaz.

There is a version of Slitaz with Aircrack-ng included.
Would it be possible to add GrimWEPA to that distro (shortcut on the
desktop would be ideal)?

Two additional, helpful features might be:
- check box to select all visible AP's (either WEP, or WPA, or both) for
sequential cracking
- output SSID, MAC, channel, and resolved key to text in same directory
(desktop of above Slitaz distro).

Just ideas.  Thanks for your efforts! 

What steps will reproduce the problem?
1.
2.
3.

What is the expected output? What do you see instead?


What version of the product are you using? On what operating system?


Please provide any additional information below.

Reproduction:
1. Click Refresh Targets, wait for access points

Expected: THE POWER!

Instead: No Power :[

I have gotten requests to implement this feature.  I want it too1

What steps will reproduce the problem?
1. when use the refresh targets
2.
3.

What is the expected output? What do you see instead?
on the count down on number 3 my pc frozzes

What version of the product are you using? On what operating system?
grimwepa 1.0 on BT Final

Please provide any additional information below.

root@bt:~# java.io.FileNotFoundException: /etc/grimwepa.conf (No such file or 
directory)
        at java.io.FileInputStream.open(Native Method)
        at java.io.FileInputStream.<init>(FileInputStream.java:106)
        at java.io.FileInputStream.<init>(FileInputStream.java:66)
        at java.io.FileReader.<init>(FileReader.java:41)
        at test2.loadSettings(test2.java:588)
        at test2.<init>(test2.java:580)
        at test2.<clinit>(test2.java:139)
java.lang.NullPointerException
        at test2.loadSettings(test2.java:634)
        at test2.<init>(test2.java:580)
        at test2.<clinit>(test2.java:139)

What steps will reproduce the problem?
1.
2.
3.

What is the expected output? What do you see instead?


What version of the product are you using? On what operating system?


Please provide any additional information below.

Reproduction:
1. After getting handshake, attempt to crack

Expected: Crack using wordlist file in textbox.

Instead: Doesn't work well with spaces or with removable media!  This is a
big bug, since most of my own wordlists are on a USB drive!

Someone suggested a 'browse' button, and I've already implemented it. Right
now I'm just waiting to figure out the 'spaces' issues.

EXAMPLE:
If we have:         /mnt/usb/Password\ Lists/pw.txt

Java views it as:   /mnt/usb/Password Lists/pw.txt
But Aircrack needs: /mnt/usb/Password\ Lists/pw.txt

For some reason, aircrack isn't accepting either forms!

What steps will reproduce the problem?
1. java -jar grimwepa1.10a6.jar 
2. refresh targets
3. no access point available

What is the expected output? What do you see instead?
The target list should refresh after timeout (3s).

When there is no access point, the "waiting for 3 seconds..." stays on the HMI 
untill user's interuption.

What version of the product are you using? On what operating system?
V1.10 Alpha6, bt4(2.6.34)

Please provide any additional information below.
This is a great tool, but Chinese ID is not properly displayed. -:)

What steps will reproduce the problem?
1. On Ubuntu 10.04.1 follow post 1 install instructions
2. adjust file install location accordingly
3. grimwepa will not install.  works uninstalled only

What is the expected output? What do you see instead?
no installed grimwepa


What version of the product are you using? On what operating system?
latest version

Please provide any additional information below.

What version of Grim Wepa are you using?
What version of aircrack-ng are you using?
What version of Backtrack are you using?

This was a common problem for users of grimwepa1.0 using older versions of
aircrack-ng ( < 1.0 ).  Old aircrack-ng's don't have the '--output-format' 
option,
which is what causes this error.  

I fixed this in the newer alpha versions (1.1 b 1 and above should solve this
problem).  Check the downloads section for newer versions.

What steps will reproduce the problem?
1. Click Refresh Targets, wait for access points to appear.
2. Click Stop Refreshing.
3. Click on a WPA access point.
4. Click 'Start Deauth + Handshake Capture'.

Expected: No output at command-line; airodump-ng capturing packets,
checking for handshake using aircrack-ng, stopping when handshake is captured.

Instead: Exception in thread "WPA Handshake Listener"
java.lang.NullPointerException
        at scripter.run(scripter.java:69)
        at java.lang.Thread.run(Thread.java:619)


This was found on a VMWare install of BT4.  No other complaints or
reproductions have been reported, but this still needs to be taken care of.

mixit on BT4 forums suggested this; said it was difficult to implement.

Remote Exploit covered this flaw in the iwl4965 chipset in depth (15 pages
long) at this link:
[http://forums.remote-exploit.org/bt4beta-working-hardware/20119-4965-agn.html
http://forums.remote-exploit.org/bt4beta-working-hardware/20119-4965-agn.html].

A work-around would require (upon failed fake-authentication):

 - check to see if chipset is iwl4965 (via airmon-ng)

 - creation of conf file (fake.conf) containing:

network={
ssid="NAME_OF_AP"
key_mgmt=NONE
wep_key0="fakeauth"
}

   where "NAME_OF_AP" is the name of the access point in quotes.

 - running wpa_supplicant with this conf file.

Further steps will be covered once they are reached.

0

What steps will reproduce the problem?
1. Any attacks started (fragment, chop chop etc)
2. Airodump and aireplay start as normal
3. Wait for IVs

What is the expected output? What do you see instead?
Airodump and Aireplay start as you would expect but no injection happens 
so no IVs collected

What version of the product are you using? On what operating system?
1.10a5
BT4 (fully up to date)

Please provide any additional information below.

Using Alfa Awus035hcard (RTL8187) so injection does work (It works at 
1000pps during ARP replay with client and AP.)
I have not succesfully used Grimwepa in any other mode with any success 
(sorry - passive works fine).
In addition - the IVs in ARP replay climb - but are not displayed in 
Grimwepa console - so manual crack is required (already dealt with in 
another thread - not a major problem)

What steps will reproduce the problem?
1. Clicked keytank
2. Selected Access Point
3. Click Sign on
4. Selected interface (wlan0 in my case )

What is the expected output? What do you see instead?
Connect to the selected ap with key that is found

See attached screen shot > unable to connect; out of range / invalid password?

What version of the product are you using? On what operating system?
BT4 LiveDVD 4 Final

alpha 6

Please provide any additional information below.

I noticed that is hasn't worked since it was implemented

What steps will reproduce the problem?
1. install
2.
3.

What is the expected output? What do you see instead?
display iv capture, see none

solution:?

run direct: java -jar grimwepa*.jar
it will display ivs captrured


What version of the product are you using? On what operating system?
v1.10 apha5, ubuntu 10.04


Please provide any additional information below.

Hi
I think it would be great to use a random mac for the attacks and  also being 
able to use the mac of a specific client for AP that permit only specific mac 
addresses.
This can be done using macchanger -m XX:XX:XX:XX:XX:XX (which may be not 
installed in some OS) or ifconfig INTERFACE hw ether XX:XX:XX:XX:XX:XX but you 
must dissable the interface first.
It's probably easier to use the "-h" parameter of airplay, for example

aireplay-ng -1 0 -a BSSID -h FAKEMAC INTERFACE
aireplay-ng -2 -b BSSID -h FAKEMAC -c FF:FF:FF:FF:FF:FF -p 0841 INTERFACE  
aireplay-ng -3 -b BSSID -h FAKEMAC INTERFACE

Thank you
Alex

What steps will reproduce the problem?
1. Start grimwepa1.10a5 from terminal "java -jar grimwepa1.10a5.jar
2. Click okay to put wlan0 into monitor mode
3. Click "refresh targets"

What is the expected output? What do you see instead?

In terminal window, I receive the following message at regular intervals:

Exception in thread "AWT-EventQueue-0" java.lang.NullPointerException
    at
javax.swing.DefaultRowSorter.convertRowIndexToModel(DefaultRowSorter.java:501)
    at javax.swing.JTable.convertRowIndexToModel(JTable.java:2611)
    at javax.swing.JTable.getValueAt(JTable.java:2686)
    at javax.swing.JTable.prepareRenderer(JTable.java:5703)
    at javax.swing.plaf.basic.BasicTableUI.paintCell(BasicTableUI.java:2072)
    at javax.swing.plaf.basic.BasicTableUI.paintCells(BasicTableUI.java:1974)
    at javax.swing.plaf.basic.BasicTableUI.paint(BasicTableUI.java:1770)
    at javax.swing.plaf.ComponentUI.update(ComponentUI.java:143)
    at javax.swing.JComponent.paintComponent(JComponent.java:752)
    at javax.swing.JComponent.paint(JComponent.java:1029)
    at javax.swing.JComponent._paintImmediately(JComponent.java:5084)
    at javax.swing.JComponent.paintImmediately(JComponent.java:4882)
    at javax.swing.RepaintManager.paintDirtyRegions(RepaintManager.java:785)
    at javax.swing.RepaintManager.paintDirtyRegions(RepaintManager.java:713)
    at javax.swing.RepaintManager.seqPaintDirtyRegions(RepaintManager.java:693)
    at
javax.swing.SystemEventQueueUtilities$ComponentWorkRequest.run(SystemEventQueueU
tilities.java:125)
    at java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:209)
    at java.awt.EventQueue.dispatchEvent(EventQueue.java:597)
    at
java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:269
)
    at
java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:184)
    at
java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:174
)
    at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:169)
    at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:161)
    at java.awt.EventDispatchThread.run(EventDispatchThread.java:122)



This message stops repeating when I stop scanning for targets.

What version of the product are you using? On what operating system?

1.10a5, ubuntu 10.04

What steps will reproduce the problem?
1. Attempt a passive attack
2. Fail fake authentication
3.

What is the expected output? What do you see instead?
Warning regarding failed authentication similar to report on arp-replay
attack
What version of the product are you using? On what operating system?
Grim Wepa v1.10a6
BT4final
Please provide any additional information below.
Not really a bug just a usability issue. Passive still works but much slower
so a warning exactly like the other one is all that's needed

launching thru the menu Applications-Others-GrimWepa displays some errors: asks 
as root

grimwepa1.10a6.jar
ubuntu 10.04.1

editing the launcher adding Exec=gksudo grimwepa launches grimwepa and prompts 
for a password. this is the same issues as before do we have some remedy on 
this?

What steps will reproduce the problem?
1.
2.
3.

What is the expected output? What do you see instead?

when i search the wifi network i see it on the windows that the grimwepa open 
but i don't see it on grim wepa
What version of the product are you using? On what operating system?
the last on the backtrack5

Please provide any additional information below.

What steps will reproduce the problem?
1.select wlan0 as wifi card (rt73) 
2. click refresh targets
3. await inactive message (shows error in console)

What is the expected output? What do you see instead?
Expected output is to show list of APS in vicinity. instead the following is 
shown in terminal instead:

Error: FileNotFoundException: File: /pentest/wireless/grimwepa/targets-01.csv
airodump-ng csv file was not found. The command GrimWepa used was:
[Ljava.lang.String;@124111a
xterm -fg green -bg black -bd green -geom 100x15+0+0 -T GrimWepa-TargetScan 
-iconic -e airodump-ng -w /pentest/wireless/grimwepa/targets --output-format 
csv mon0
If this command does not create a file 'targets.csv' when YOU run it, then 
there must be a problem with your airodump-ng, your user permissions in linux, 
or something else out of my control!


I have reinstalled airodump-ng, and im running as root


What version of the product are you using? On what operating system?
Using the latest version as of today (1.1 alpha 6?) on backtrack 4

Please provide any additional information below.

Feature request

Expected: A single file containing all called WEP's and WPA's, with SSID
next to Key.

Instead: a single file called 'wepcracked.txt' or 'wpacracked.txt' with
only the key.  Gets re-written every crack.


This is unacceptable.

hmanxx recommended this option, and I'm shocked I haven't implemented it yet!

What steps will reproduce the problem?

1. Install the APP
2. Try to execute it by the menu icon
3. Nothing happens

What is the expected output? What do you see instead?

It is espected to execute, but there is some issue with permisions (sudo?)
or java. If I run from console with "sudo grimwepa" I get this error:

"Unable to access jarfile /pentest/wireless/grimwepa/grimwepa1.10a5.jar"

What version of the product are you using? On what operating system?

1.10 alpha 5

Please provide any additional information below.

I can only run the app with "java -jar grimwepa1.10a5.jar"

What steps will reproduce the problem?
1. Using Aircrack-ng 1.1 Rev 1704
2. Select any of the attack methods ( happens more on the fragmentation
attack )
3. Click test injection

What is the expected output? What do you see instead?

essid name

<length: 0>

What version of the product are you using? On what operating system?

v1.10 Alpha 2

Backtack 4 install in a Virtual Machine

Please provide any additional information below.

:-)

What steps will reproduce the problem?

1. The GUI feels buggy
2. I cant see the complete number of IVs recollected (cut out because of
the GUI
3. I feel like there are options on the button I cant see because of the GUI

What is the expected output? What do you see instead?

Improve the GUI, make possible to edit the size of the windows

What version of the product are you using? On what operating system?

1.10 Alpha 5

Please provide any additional information below.

Nothin else, the program is improving a lot, thanks for your work.

Client-based WEP attack should change MAC address automatically ; and
change back after the attack is complete.

What steps will reproduce the problem?
1. Select any attack mode
2. Begin attack

What is the expected output? What do you see instead?
ivs captured > 0 : ivs captured = 0

auto crack never starts I am guessing this is because the ivs are updating

What version of the product are you using? On what operating system?

v1.10 Alpha 2

Backtrack 4 usb live disk

Aircrack-ng v 1.1 r.1704

Please provide any additional information below.

IVS are getting update in main interface of program

Reproduction:
1. Click Refresh Targets, wait for errors to come rolling in.

Expected: No output.  Program filters out targets-01.csv (created by
airodump-ng) for Access Point information (ssid, bssid, channel, power, enc).

Instead: Program freezes.  Output: "Error: FileNotFoundException: File:
/root/targets.csv".


This is a known issue since first public release.

Most common cause of this issue is user error : i.e. the user selected a
wireless card that cannot go into monitor mode; or airodump-ng cannot scan
with the selected card.

Unable to fix, since everyone's wireless card is different.

v0.1 : If this issue happens, GrimWepa displays output asking user to try
typing airodump-ng command themselves, and if an output file is not
created, to troubleshoot with airodump-ng.