WiFite
To attack multiple WEP, WPA, and WPS encrypted networks in a row. This tool is customizable to be automated with only a few arguments. Wifite aims to be the “set it and forget it” wireless auditing tool.
┌─[✗]─[steve@parrot]─[~]
└──╼ $wifite -h
. .
.´ · . . · `. wifite2 2.5.5
: : : (¯) : : : a wireless auditor by @derv82
`. · ` /¯\ ´ · .´ maintained by kimocoder
` /¯¯¯\ ´ https://github.com/kimocoder/wifite2
optional arguments:
-h, --help show this help message and exit
SETTINGS:
-v, --verbose Shows more options (-h -v). Prints commands and outputs. (default:
quiet)
-i [interface] Wireless interface to use, e.g. wlan0mon (default: ask)
-c [channel] Wireless channel to scan e.g. 1,3-6 (default: all 2Ghz channels)
-inf, --infinite Enable infinite attack mode. Modify scanning time with -p (default:
off)
-mac, --random-mac Randomize wireless card MAC address (default: off)
-p [scan_time] Pillage: Attack all targets after scan_time (seconds)
--kill Kill processes that conflict with Airmon/Airodump (default: off)
-pow [min_power], --power [min_power] Attacks any targets with at least min_power signal strength
--skip-crack Skip cracking captured handshakes/pmkid (default: off)
-first [attack_max], --first [attack_max] Attacks the first attack_max targets
--clients-only Only show targets that have associated clients (default: off)
--nodeauths Passive mode: Never deauthenticates clients (default: deauth targets)
--daemon Puts device back in managed mode after quitting (default: off)
WEP:
--wep Show only WEP-encrypted networks
--require-fakeauth Fails attacks if fake-auth fails (default: off)
--keep-ivs Retain .IVS files and reuse when cracking (default: off)
WPA:
--wpa Show only WPA-encrypted networks (includes WPS)
--new-hs Captures new handshakes, ignores existing handshakes in hs (default:
off)
--dict [file] File containing passwords for cracking (default: /usr/share/dict/wordlist-
probable.txt)
WPS:
--wps Show only WPS-enabled networks
--wps-only Only use WPS PIN & Pixie-Dust attacks (default:
off)
--bully Use bully program for WPS PIN & Pixie-Dust attacks (default:
reaver)
--reaver Use reaver program for WPS PIN & Pixie-Dust attacks (default:
reaver)
--ignore-locks Do not stop WPS PIN attack if AP becomes locked (default:
stop)
PMKID:
--pmkid Only use PMKID capture, avoids other WPS & WPA attacks (default:
off)
--no-pmkid Don't use PMKID capture (default: off)
--pmkid-timeout [sec] Time to wait for PMKID capture (default: 120 seconds)
COMMANDS:
--cracked Print previously-cracked access points
--check [file] Check a .cap file (or all hs/*.cap files) for WPA handshakes
--crack Show commands to crack a captured handshake