-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Usage
huitc edited this page Apr 13, 2019
·
1 revision
. .
.´ · . . · `. wifite
: : : (¯) : : : automated wireless auditor
`. · ` /¯\ ´ · .´ https://github.com/derv82/wifite2
` /¯¯¯\ ´
optional arguments:
-h, --help show this help message and exit
SETTINGS:
-v, --verbose Shows more options (-h -v). Prints commands and outputs. (default: quiet)
-i [interface] Wireless interface to use, e.g. wlan0mon (default: ask)
-c [channel] Wireless channel to scan (default: all 2Ghz channels)
-5, --5ghz Include 5Ghz channels (default: off)
-mac, --random-mac Randomize wireless card MAC address (default: off)
-p [scan_time] Pillage: Attack all targets after scan_time (seconds)
--kill Kill processes that conflict with Airmon/Airodump (default: off)
-b [bssid] BSSID (e.g. AA:BB:CC:DD:EE:FF) of access point to attack
-e [essid] ESSID (e.g. NETGEAR07) of access point to attack
-E [text] Hides targets with ESSIDs that match the given text
--clients-only Only show targets that have associated clients (default: off)
--showb Show BSSIDs of targets while scanning
--nodeauths Passive mode: Never deauthenticates clients (default: deauth targets)
--num-deauths [num] Number of deauth packets to send (default: 1)
WEP:
--wep Show only WEP-encrypted networks
--require-fakeauth Fails attacks if fake-auth fails (default: off)
--keep-ivs Retain .IVS files and reuse when cracking (default: off)
--pps [pps] Packets-per-second to replay (default: 600 pps)
--wept [seconds] Seconds to wait before failing (default: 600 sec)
--wepca [ivs] Start cracking at this many IVs (default: 10000 ivs)
--weprs [seconds] Restart aireplay if no new IVs appear (default: 11 sec)
--weprc [seconds] Restart aircrack after this delay (default: 30 sec)
--arpreplay Use ARP-replay WEP attack (default: on)
--fragment Use fragmentation WEP attack (default: on)
--chopchop Use chop-chop WEP attack (default: on)
--caffelatte Use caffe-latte WEP attack (default: on)
--p0841 Use p0841 WEP attack (default: on)
--hirte Use hirte WEP attack (default: on)
WPA:
--wpa Show only WPA-encrypted networks (includes WPS)
--hs-dir [dir] Directory to store handshake files (default: hs)
--new-hs Captures new handshakes, ignores existing handshakes in hs (default: off)
--dict [file] File containing passwords for cracking (default: /usr/share/dict/wordlist-top4800-probable.txt)
--wpadt [seconds] Time to wait between sending Deauths (default: 15 sec)
--wpat [seconds] Time to wait before failing WPA attack (default: 500 sec)
WPS:
--wps Show only WPS-enabled networks
--no-wps Never use WPS PIN & Pixie-Dustattacks on targets (default: off)
--wps-only Only use WPS PIN & Pixie-Dust attacks (default: off)
--pixie Only use WPS Pixie-Dust attack (do not use PIN attack)
--no-pixie Never use WPS Pixie-Dust attack (use PIN attack)
--bully Use bully program for WPS PIN & Pixie-Dust attacks (default: reaver)
--ignore-locks Do not stop WPS PIN attack if AP becomes locked (default: stop)
--wps-time [sec] Total time to wait before failing PixieDust attack (default: 300 sec)
--wps-fails [num] Maximum number of WPSFail/NoAssoc errors before failing (default: 100)
--wps-timeouts [num] Maximum number of Timeouts before failing (default: 100)
PMKID:
--pmkid Only use PMKID capture, avoids other WPS & WPA attacks (default: off)
--pmkid-timeout [sec] Time to wait for PMKID capture (default: 30 seconds)
COMMANDS:
--cracked Print previously-cracked access points
--check [file] Check a .cap file (or all hs/*.cap files) for WPA handshakes
--crack Show commands to crack a captured handshake