Alfredo Casanova atcasanova

## wifi-cheatsheet.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                atcasanova
                / wifi-cheatsheet.md
            
            
              Created
              May 23, 2023 12:56
            
              
                wifi pentest cheatsheet
              
          
    Step-by-Step Guide for WEP, WPA, PMKID, ARP Request Replay, WPS PIN, HITRE, and Evil Twin Attacks
WiFi penetration testing is a critical component of network security, aiming to identify vulnerabilities in wireless networks and implement appropriate security measures.
Our WiFi penetration testing cheatsheet covers various techniques and methodologies targeting WEP, WPA, WPA2, and WPA3 encryption standards.
Essential Tools for WiFi Penetration Testing

Here are some popular automated tools for WiFi penetration testing that will be invaluable for your WiFi penetration testing cheatsheet:

Aircrack-ng Suite: https://www.aircrack-ng.org/
Wireshark: https://www.wireshark.org/


## blasty-vs-pkexec.c
/*
 * blasty-vs-pkexec.c -- by blasty <peter@haxx.in>
 * ------------------------------------------------
 * PoC for CVE-2021-4034, shout out to Qualys
 *
 * ctf quality exploit
 *
 * bla bla irresponsible disclosure
 *
 * -- blasty // 2022-01-25

## disable webcam
for device in $(ls /sys/bus/usb/devices/*/product); do
  echo "$device: "| cut -f6 -d/ | tr '\n' ' '; cat $device;
done

locate the identifier for your device and:

echo '1-5' | sudo tee /sys/bus/usb/drivers/usb/unbind
where 1-5 is the identifier

to enable it again:

## final_xargs.sh
#!/bin/bash
IFS=\; read nome email empresa telefone <<< "$1"
filename="$(sha256sum <<< "$email"| cut -f1 -d" ").txt"
echo "Nome: $nome
E-Mail: $email
Empresa: $empresa
Telefone: $telefone" > $filename

## secundario.sh
#!/bin/bash
while IFS=\; read nome email empresa telefone; do
    filename="$(sha256sum <<< "$email"| cut -f1 -d" ").txt"

    # montar o arquivo
    echo "Nome: $nome
E-Mail: $email
Empresa: $empresa
Telefone: $telefone" > $filename
done < data.csv

## primario.sh
#!/bin/bash
while read line; do
    # atribuir dados às variáveis
    nome=$(echo "$line" | cut -f1 -d";")
    email=$(echo "$line" | cut -f2 -d";")
    empresa=$(echo "$line" | cut -f3 -d";")
    telefone=$(echo "$line" | cut -f4 -d";")
    filename="$(echo -n "$email" | sha256sum | cut -f1 -d" ").txt"

    # montar o arquivo

## checksubnet.sh
#!/bin/bash
(( $# != 2 )) && {
    echo "uso: ./$0 10.0.0.0/8 10.10.10.10/24"
    exit 1
}
IFS="/" read ip1 mask1 <<< $1
IFS="/" read ip2 mask2 <<< $2
size=$mask1
readarray -d'.' -t first <<< $ip1
readarray -d'.' -t second <<< $ip2

## keylogger.sh
#!/bin/bash
# you'll have to get your keyboard id from xinput --list
# then start it like nohup ./keyboard.sh & and write down the pid
# shown. When you're done, just kill $pid and it will print the recorded
# keystrokes

handler(){
  killall -9 xinput
  while read line; do
    sed "s|$line|${mapa[$line]}|" <<< $line

## 1-2-3.sh
#!/bin/bash
# this bot will put your name in izabera's 1-2-3 ranking
# https://github.com/izabera/1-2-3
# run it with socat like:
# socat TCP4:arin.ga:44444 EXEC:/full/path/to/record.sh,fdin=3,fdout=3,sigint
read -n4 line <&3
echo "a">&3
ans=0
score=0 ct=0
trap errar INT

## record.sh
#!/bin/bash
# this bot will put your name in izabera's 1-2-3 ranking
# https://github.com/izabera/1-2-3
# run it with socat like:
# socat TCP4:arin.ga:44444 EXEC:/full/path/to/record.sh,fdin=3,fdout=4
#
read -n4 line <&3
echo "a">&4
ans=0
score=0
	/*
	* blasty-vs-pkexec.c -- by blasty <peter@haxx.in>
	* ------------------------------------------------
	* PoC for CVE-2021-4034, shout out to Qualys
	*
	* ctf quality exploit
	*
	* bla bla irresponsible disclosure
	*
	* -- blasty // 2022-01-25
	for device in $(ls /sys/bus/usb/devices/*/product); do
	echo "$device: "\| cut -f6 -d/ \| tr '\n' ' '; cat $device;
	done

	locate the identifier for your device and:

	echo '1-5' \| sudo tee /sys/bus/usb/drivers/usb/unbind
	where 1-5 is the identifier

	to enable it again:
	#!/bin/bash
	IFS=\; read nome email empresa telefone <<< "$1"
	filename="$(sha256sum <<< "$email"\| cut -f1 -d" ").txt"
	echo "Nome: $nome
	E-Mail: $email
	Empresa: $empresa
	Telefone: $telefone" > $filename
	#!/bin/bash
	while IFS=\; read nome email empresa telefone; do
	filename="$(sha256sum <<< "$email"\| cut -f1 -d" ").txt"

	# montar o arquivo
	echo "Nome: $nome
	E-Mail: $email
	Empresa: $empresa
	Telefone: $telefone" > $filename
	done < data.csv
	#!/bin/bash
	while read line; do
	# atribuir dados às variáveis
	nome=$(echo "$line" \| cut -f1 -d";")
	email=$(echo "$line" \| cut -f2 -d";")
	empresa=$(echo "$line" \| cut -f3 -d";")
	telefone=$(echo "$line" \| cut -f4 -d";")
	filename="$(echo -n "$email" \| sha256sum \| cut -f1 -d" ").txt"

	# montar o arquivo
	#!/bin/bash
	(( $# != 2 )) && {
	echo "uso: ./$0 10.0.0.0/8 10.10.10.10/24"
	exit 1
	}
	IFS="/" read ip1 mask1 <<< $1
	IFS="/" read ip2 mask2 <<< $2
	size=$mask1
	readarray -d'.' -t first <<< $ip1
	readarray -d'.' -t second <<< $ip2
	#!/bin/bash
	# you'll have to get your keyboard id from xinput --list
	# then start it like nohup ./keyboard.sh & and write down the pid
	# shown. When you're done, just kill $pid and it will print the recorded
	# keystrokes

	handler(){
	killall -9 xinput
	while read line; do
	sed "s\|$line\|${mapa[$line]}\|" <<< $line
	#!/bin/bash
	# this bot will put your name in izabera's 1-2-3 ranking
	# https://github.com/izabera/1-2-3
	# run it with socat like:
	# socat TCP4:arin.ga:44444 EXEC:/full/path/to/record.sh,fdin=3,fdout=3,sigint
	read -n4 line <&3
	echo "a">&3
	ans=0
	score=0 ct=0
	trap errar INT