How to Install Airgeddon | Wireless Security Testing

How to Install Airgeddon

Airgeddon is a multi-use bash script for Linux systems to wireless security testing. On this article i will explain how to install it and how to use it.

Install Airgeddon
Install Airgeddon

Install Airgeddon

git clone --depth 1 https://github.com/v1s1t0r1sh3r3/airgeddon.git
cd airgeddon

Execute Airgeddon

sudo bash airgeddon.sh

Install Airgeddon Missing Dependencies

In order to use airgeddon functionalities s necessary to install some missing dependencies.

apt install isc-dhcp-server hostapd lighttpd bettercap

Install SSLstrip

git clone https://github.com/moxie0/sslstrip.git
sudo python setup.py install

Wireless penetration test

Airgeddon Features

Airgeddon have a lot of features, here i will list a few of them:

  • Evil Twin attacks (Rogue AP)
  • WPS attacks
  • PMKID Crack
  • Enterprise networks attack
  • WEP All-in-One attack
  • Full support for 2.4Ghz and 5Ghz
  • DoS over wireless networks
  • WPA/WPA2 Cracking

Evil Twin attacks – Rogue AP

  • Only Rogue/Fake AP mode to sniff using external sniffer (Hostapd + DHCP + DoS)
  • Simple integrated sniffing (Hostapd + DHCP + DoS + Ettercap)
  • Integrated sniffing, sslstrip2 (Hostapd + DHCP + DoS + Bettercap)
  • Integrated sniffing, sslstrip2 and BeEF Browser Exploitation Framework (Hostapd + DHCP + DoS + Bettercap + BeEF)
  • Captive portal with “DNS blackhole” to capture wifi passwords (Hostapd + DHCP + DoS + Dnsspoff + Lighttpd)
  • Optional MAC spoofing for all Evil Twin attacks

WPS attacks

  • WPS scanning (wash). Self parameterization to avoid “bad fcs” problem
  • Custom PIN association (bully and reaver)
  • Pixie Dust attacks (bully and reaver)
  • Bruteforce PIN attacks (bully and reaver)
  • Null PIN attack (reaver)
  • Known WPS PINs attack (bully and reaver), based on online PIN database with auto-update
  • Integration of the most common PIN generation algorithms (ComputePIN, EasyBox, Arcadyan, etc.)
  • Offline PIN generation and the possibility to search PIN results on database for a target
  • Parameterizable timeouts for all attacks

Enterprise networks attacks

  • Fake AP using “smooth” and “noisy” modes capturing enterprise hashes and plain passwords
  • Custom certificates creation

Essential Tools

The script doesn’t work if you don’t have installed all of them

CommandPossible package nameCommandPossible package name
iwiwawkawk | gawk
airmon-ngaircrack-ngairodump-ngaircrack-ng
aircrack-ngaircrack-ngxtermxterm
ipiproute2tmuxtmux
lspcipciutilspsprocps | procps-ng
airgeddon essential tools

References

Absolutely Kali Pi Headless – Learn how to configure it on 64-bit

Git Hub Project