Airba.sh - A POSIX-compliant, Fully Automated WPA PSK Handshake Capture Script Aimed At Penetration Testing

Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing. It is compatible with Bash and Android Shell (tested on Kali Linux and Cyanogenmod 10.2) and uses aircrack-ng to scan for clients that are currently connected to access points (AP). Those clients are then deauthenticated in order to capture the handshake when attempting to reconnect to the AP. Verification of a captured handshake is done using aircrack-ng. If one or more handshakes are captured, they are entered into an SQLite3 database, along with the time of capture and current GPS data (if properly configured).

After capture, the database can be tested for vulnerable router models using crackdefault.sh. It will search for entries that match the implemented modules, which currently include algorithms to compute default keys for Speedport 500-700 series, Thomson/SpeedTouch and UPC 7 digits (UPC1234567) routers.

Requirements
WiFi interface in monitor mode aircrack-ng SQLite3 openssl for compilation of modules (optional) wlanhc2hcx from hcxtools
In order to log GPS coordinates of handshakes, configure your coordinate logging software to log to .loc/*.txt (the filename can be chosen as desired). Airbash will always use the output of cat "$path$loc"*.txt 2>/dev/null | awk 'NR==0; END{print}', which equals to reading all .txt files in .loc/ and picking the second line. The reason for this way of implementation is the functionality of GPSLogger, which was used on the development device.

Calculating default keys
After capturing a new handshake, the database can be queried for vulnerable router models. If a module applies, the default keys for this router series are calculated and used as input for aircrack-ng to try and recover the passphrase.

Compiling Modules
The modules for calculating Thomson/SpeedTouch and UPC1234567 (7 random digits) default keys are included in src/
Credits for the code go to the authors Kevin Devine and [peter@haxx.in].

On Linux:
gcc -fomit-frame-pointer -O3 -funroll-all-loops -o modules/st modules/stkeys.c -lcrypto
gcc -O2 -o modules/upckeys modules/upc_keys.c -lcrypto

If on Android, you may need to copy the binaries to /system/xbin/ or to another directory where binary execution is allowed.

Usage
Running install.sh will create the database, prepare the folder structure and create shortlinks to both scripts which can be moved to a directory that is on $PATH to allow execution from any location.
After installation, you may need to manually adjust INTERFACE on line 46 in airba.sh. This will later be determined automatically, but for now the default is set to wlan0, to allow out of the box compatibility with bcmon on Android.
./airba.sh starts the script, automatically scanning and attacking targets that are not found in the database. ./crackdefault.sh attempts to break known default key algorithms.
To view the database contents, run sqlite3 .db.sqlite3 "SELECT * FROM hs" in the main directory.

Update (Linux only ... for now):
Airbash can be updated by executing update.sh. This will clone the master branch into /tmp/ and overwrite the local files.

Output
_n: number of access points found
__c/m: represents client number and maximum number of clients found, respectively
-: access point is blacklisted
x: access point already in database
?: access point out of range (not visible to airodump anymore)

The Database
The database contains a table called hs with seven columns.
id: incrementing counter of table entries
lat and lon: GPS coordinates of the handshake (if available)
bssid: MAC address of the access point
essid: Name identifier
psk: WPA Passphrase, if known
prcsd: Flag that gets set by crackdefault.sh to prevent duplicate calculation of default keys if a custom passphrase was used.
Currently, the SQLite3 database is not password-protected.

Download Airbash

More info

1. Hacker Tools Github
2. Hacker Tools For Windows
3. Physical Pentest Tools
4. Pentest Tools Download
5. Hacking Tools For Games
6. Hack And Tools
7. Pentest Recon Tools
8. New Hacker Tools
9. Hacking Tools Mac
10. Hacker Tools For Mac
11. World No 1 Hacker Software
12. Pentest Tools Alternative
13. Hacker Search Tools
14. Nsa Hacker Tools
15. Hacker Search Tools
16. Hackers Toolbox
17. Hack Rom Tools
18. Pentest Automation Tools
19. Hacker Search Tools
20. How To Install Pentest Tools In Ubuntu
21. Hacks And Tools
22. Pentest Reporting Tools
23. Hack Tools For Ubuntu
24. Pentest Tools Framework
25. Ethical Hacker Tools
26. What Are Hacking Tools
27. Hacker Tools Mac
28. Hacker Tools List
29. Hacking Tools For Windows Free Download
30. Pentest Tools Alternative
31. Hacker Tools Apk Download
32. Hack Tool Apk
33. Best Pentesting Tools 2018
34. Hacking Tools And Software
35. Hacker Tools Hardware
36. Hack Tool Apk
37. Pentest Tools Website
38. Pentest Tools Free
39. Pentest Tools For Windows
40. Hackrf Tools
41. Hack Tools For Games
42. Termux Hacking Tools 2019
43. Hacking Tools 2019
44. Hacking Tools For Windows Free Download
45. Pentest Tools Kali Linux
46. Hack Tool Apk
47. Hack Tools Pc
48. Pentest Tools Free
49. How To Hack
50. Hack Tools
51. Hack Tools For Games
52. Hacks And Tools
53. Hacker Tools List
54. Pentest Tools Alternative
55. Hacking Tools 2019
56. Hacking Tools Hardware
57. Pentest Recon Tools
58. Hacking Tools And Software
59. Hacker Hardware Tools
60. Pentest Tools Download
61. Hak5 Tools
62. New Hack Tools
63. Hacker Tool Kit
64. Pentest Tools For Ubuntu
65. Pentest Tools Review
66. Top Pentest Tools
67. Hack Tools
68. Computer Hacker
69. Hacker Tools Github
70. Black Hat Hacker Tools
71. How To Install Pentest Tools In Ubuntu
72. Hacker Tools Mac
73. Pentest Tools Github
74. Hacker Tools For Pc
75. Hack Tools Online
76. Pentest Tools Windows
77. Pentest Automation Tools
78. Hacking Tools
79. Pentest Tools Github
80. Hack Apps
81. Pentest Tools Online
82. Pentest Tools Nmap
83. How To Make Hacking Tools
84. Hacker Tools 2020
85. Hack Tools For Mac
86. Hacker Tools Software
87. Pentest Tools Url Fuzzer
88. Pentest Tools
89. Hacker Tools For Windows
90. Hacking Tools Name
91. Hacking Tools For Pc
92. Hacking Tools For Windows
93. Pentest Tools For Mac
94. Hacker Tools Apk Download
95. Pentest Tools Linux
96. Best Hacking Tools 2020
97. Pentest Tools Open Source
98. Hacking Tools For Pc
99. Hacker Tools Hardware
100. Pentest Tools Review
101. Usb Pentest Tools
102. Best Pentesting Tools 2018
103. Hacker Tools Linux
104. New Hack Tools
105. Pentest Tools Windows
106. Best Hacking Tools 2020
107. Pentest Tools Subdomain
108. Pentest Tools Kali Linux
109. Best Hacking Tools 2019
110. Pentest Automation Tools
111. Hacker Tools For Mac
112. Pentest Tools Website
113. Hacking Tools Usb
114. Growth Hacker Tools
115. Tools 4 Hack
116. Nsa Hack Tools Download
117. Wifi Hacker Tools For Windows
118. Best Pentesting Tools 2018
119. Hacker Search Tools
120. Physical Pentest Tools
121. Pentest Tools Windows
122. Hacking Tools For Pc
123. Hacking Tools Hardware
124. Hacker Tools Linux
125. Hacking Tools For Windows 7
126. Hacking Tools Windows 10
127. Tools Used For Hacking
128. Pentest Tools Android
129. Hacker Tools
130. Pentest Tools Bluekeep
131. Pentest Tools Website
132. Hacker Tools Apk
133. Hack Website Online Tool
134. Hack Apps
135. Hacker Tools Linux
136. Hacker Tools 2019
137. Hacking Tools Pc
138. Pentest Box Tools Download
139. Ethical Hacker Tools
140. Game Hacking
141. Hacker Tools Linux
142. Bluetooth Hacking Tools Kali
143. Hacking Tools For Pc
144. Hack Tools For Ubuntu
145. Pentest Tools For Android
146. Hacking Tools Windows 10
147. New Hacker Tools