WiFiCrackPy demonstrates some of the security flaws associated with WPA(2) networks by performing simple and efficient cracking. The tool is for educational purposes and should not be misused.

The script captures the necessary Wi-Fi packets associated with WPA(2) handshakes using zizzania, processes them with hcxpcapngtool, and then utilises hashcat to extract the hashed passkey.

You must have python3 installed. You will need to install any other outstanding requirements:

Clone the repository:

git clone https://github.com/phenotypic/WiFiCrackPy.git

Change to the project directory:

cd WiFiCrackPy

Install dependencies:

pip3 install -r requirements.txt

Run the script:

python3 WiFiCrackPy.py

The script is fairly easy to use, simply run it using the command above and enter your sudo password when prompted. The script also requires authorisaiton for location services in order to perform Wi-Fi scanning.

Here are some flags you can add:

After running the script, you will be asked to choose a network to crack

Following the selection of a network, you may have to wait for a while for a handshake to occur naturally on the target network (i.e. for a device to (re)connect to the network) unless you are using the -d flag which will force a handshake to hasten the process.

Once a handshake is captured, hashcat can be used to crack the Wi-Fi password. This step may take quite a while depending on several factors including your Mac's processing power and the attack method chosen. If successfull, you will be presented with the password for the target network.

WiFiCrackPy retains the handshake in its directory if you would like to perform another type of attack against the capture.

• zizzania has the ability to send deauthentication frames to force a handshake. This feature is disabled by default as frame injection is not possible from macOS 12 (Monterey) onwards.