当我在公共场合时,我想上网,所以我已经写了一段时间的脚本来查找wifi密码。我发现了一种我不喜欢的“字典攻击”方法。 我在互联网上找到了一个使用python连接wifi的脚本:
import os
import platform
import getpass
y = "y"
Y = "Y"
n = "n"
N = "N"
def createNewConnection(name, SSID, key):
config = """<?xml version=\"1.0\"?>
<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
<name>"""+name+"""</name>
<SSIDConfig>
<SSID>
<name>"""+SSID+"""</name>
</SSID>
</SSIDConfig>
<connectionType>ESS</connectionType>
<connectionMode>auto</connectionMode>
<MSM>
<security>
<authEncryption>
<authentication>WPA2PSK</authentication>
<encryption>AES</encryption>
<useOneX>false</useOneX>
</authEncryption>
<sharedKey>
<keyType>passPhrase</keyType>
<protected>false</protected>
<keyMaterial>"""+key+"""</keyMaterial>
</sharedKey>
</security>
</MSM>
</WLANProfile>"""
if platform.system() == "Windows":
command = "netsh wlan add profile filename=\""+name+".xml\""+" interface=Wi-Fi"
with open(name+".xml", 'w') as file:
file.write(config)
elif platform.system() == "Linux":
command = "nmcli dev wifi connect '"+SSID+"' password '"+key+"'"
os.system(command)
if platform.system() == "Windows":
os.remove(name+".xml")
def connect(name, SSID):
if platform.system() == "Windows":
command = "netsh wlan connect name=\""+name+"\" ssid=\""+SSID+"\" interface=Wi-Fi"
elif platform.system() == "Linux":
command = "nmcli con up "+SSID
os.system(command)
def displayAvailableNetworks():
if platform.system() == "Windows":
command = "netsh wlan show networks interface=Wi-Fi"
elif platform.system() == "Linux":
command = "nmcli dev wifi list"
os.system(command)
try:
displayAvailableNetworks()
option = input("New connection (y/N)? ")
if option == n or option == N:
name = input("Name: ")
connect(name, name)
print("If you aren't connected to this network, try connecting with correct credentials")
elif option == y or option == Y:
name = input("Name: ")
key = getpass.getpass("Password: ")
createNewConnection(name, name, key)
connect(name, name)
print("If you aren't connected to this network, try connecting with correct credentials")
except KeyboardInterrupt as e:
print("\nExiting...")
您必须自己在此脚本中输入密码。
在这行中
key = getpass.getpass ("Password:")
我应该切换“Password:”和脚本将尝试搜索的变量,直到搜索成功…
我找到了一个脚本来查找密码并完成了它。唯一的问题是,在这个脚本中,程序知道密码的值。每次尝试时,他都可以检查密码是否匹配正确。
import itertools
import string
def guess_password(real):
chars = string.ascii_lowercase + string.digits
attempts = 0
for password_length in range(8, 9):
for guess in itertools.product(chars, repeat=password_length):
attempts += 1
guess = ''.join(guess)
if guess == real:
return 'password is {}. found in {} guesses.'.format(guess, attempts)
print(guess, attempts)
print(guess_password('abc'))
我应该连接这两个脚本,但我不知道如何连接。我不清楚如何找到未知变量的值-(密码)。
如果有人能向我解释上述问题,我将非常高兴。我对这些东西不熟悉,它们对我来说不是最清楚的。谢谢你的回复
我们的想法并不总是正确的。已经上市的攻击工具使用完全不同的方法进行攻击并获得访问权。它们使用握手将通行证与实际的通行证匹配,这就是它们验证其是否正确的方式。 您使用的是一种非常简单的方法,这很难奏效。看看这个程序的复杂性,让我们假设您尝试1000000个不同的密钥。代码将永远运行
研究更多关于握手解密的信息。
相关问题 更多 >
编程相关推荐