eliddell1 / fistbump Goto Github PK

Hi Eric,

First of all, thank you for all this stuff.
Your project looks very nice and i will probably buy all items of the parts list in order to assembly my own FistBump for Christmas...

By the way, i wonder if theses extra features should be useful for a next release:

• it seems that you 've already add a whitelist target (through "targets.txt" file) but maybe a blacklist target (all SSID except these ones) could be helpful (eg. : a new file called "blacklist.txt")
• encrypt all the data of the removable USB drive. The cryptographic key could be loaded through a first dedicated USB device at each startup. If the key is successfully loaded inside Raspbian memory (green light for example), the user can insert another USB storage to collect all the encrypted data. By this way, if the device is lost and checked by another people, data collected won't be revealed.
• collect not only hashes, but also client/AP MAC Address and geoloc if possible (if GPS antenna inserted), like wardriving app
• giving the opportunity to the user to deauth all clients of the SSID. Not for collecting hash but in order to denial the WIFI service.

What do you think about these ideas?

Of course, it will maybe take time to develop these kind of features and i want to thank you again to share this project. Next mission for me : find a 3d printer...

Mera

Is there a way we can revamp a small arm device that uses a 4g Broadcom card and a separate internal adapter and run a light version of nethunter on it to make this work? There cactus 2 made a storm when they created a back pack with 22 pinnacle nanos to scan every channel independently with 42 antennas rear mounted in a special back pack.

https://youtu.be/3II3K44rQx4

I think you could run a light stripper down version or Kali for arm devices now using the new repository setup with just tools we need (tshark, pyrit, John, hashcrack, aircrack-ng suite, cowpatty, reaver, etc) and it’s dependencies using the built in hooks and build the exact metapackages needed to run it and have a light weight low power consumption device that could capture pmkid, and handshakes and use the built in api for onlinehashcrack.com (wlancap2wpasec -u https://api.onlinehashcrack.com -e [email protected] handshake_ATT2V4y9Wg_14-ED-BB-CD-22-41_2019-12-30T17-49-26.cap handshake_MySpectrumWiFi362G_58-90-43-DD-A2-3C_2019-11-26T10-17-35.cap
handshake_RobertsWiFiNetwork_7C-D1-C3-CA-6C-94_2019-12-30T16-20-18.cap )

...using the Broadcom 3f/4g services to upload them to the cloud free where it can crack them using AWS servers using Highpowered NVDIA GPU processors to run the cracks against them. The only issue would be that wifite would need to reconfigured in python3 to allow hashcat handle the dump. If hcxdumptool does not handle the process itself it pollutes the handshake and will lead to a 99% failure rate. Now that I’m thinking of it, I can probably write this in a few days and make a distro avail online for pi users and we can run that on a 20k mil amp battery pack and carry it in a small backpack with 4 9db antennas to catch 2 and 5g and all you would have to do is use realVNC to remotely access the device in your back pack while walking using a cheap android tablet while walking using the untouched 4g while management the mostly automated wifite transactions while in monitor mode. If anyone is interested please let me know. The WHID pro elite uses a 3g/4g sim and create a wireless AP on airgapped systems and more to run cracks similar to this including
remotely inject keystrokes, bypass air-gapped systems, conduct mousejacking attacks, do acoustic surveillance, RF replay attacks and much more.

https://github.com/whid-injector/whid-31337

https://github.com/eliddell1/FistBump/issues/new