latest

.flake8

@@ -0,0 +1,2 @@
+[flake8]
+max-line-length = 120

.gitignore

@@ -0,0 +1,6 @@
+__pycache__/
+*.py[cod]
+*$py.class
+
+reports/
+

README.md

@@ -0,0 +1,154 @@
+
+# Overview
+**OneShot** performs [Pixie Dust attack](https://forums.kali.org/showthread.php?24286-WPS-Pixie-Dust-Attack-Offline-WPS-Attack) without having to switch to monitor mode.
+# Features
+ - [Pixie Dust attack](https://forums.kali.org/showthread.php?24286-WPS-Pixie-Dust-Attack-Offline-WPS-Attack);
+ - integrated [3WiFi offline WPS PIN generator](https://3wifi.stascorp.com/wpspin);
+ - [online WPS bruteforce](https://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf);
+ - Wi-Fi scanner with highlighting based on iw;
+# Requirements
+ - Python 3.6 and above;
+ - [Wpa supplicant](https://www.w1.fi/wpa_supplicant/);
+ - [Pixiewps](https://github.com/wiire-a/pixiewps);
+ - [iw](https://wireless.wiki.kernel.org/en/users/documentation/iw).
+# Setup
+## Debian/Ubuntu
+**Installing requirements**
+ ```
+ sudo apt install -y python3 wpasupplicant iw wget
+ ```
+**Installing Pixiewps**
+
+***Ubuntu 18.04 and above or Debian 10 and above***
+ ```
+ sudo apt install -y pixiewps
+ ```
+ 
+***Other versions***
+ ```
+ sudo apt install -y build-essential unzip
+ wget https://github.com/wiire-a/pixiewps/archive/master.zip && unzip master.zip
+ cd pixiewps*/
+ make
+ sudo make install
+ ```
+**Getting OneShot**
+ ```
+ cd ~
+ wget https://raw.githubusercontent.com/drygdryg/OneShot/master/oneshot.py
+ ```
+Optional: getting a list of vulnerable to pixie dust devices for highlighting in scan results:
+ ```
+ wget https://raw.githubusercontent.com/drygdryg/OneShot/master/vulnwsc.txt
+ ```
+## Arch Linux
+**Installing requirements**
+ ```
+ sudo pacman -S wpa_supplicant pixiewps wget python
+ ```
+**Getting OneShot**
+ ```
+ wget https://raw.githubusercontent.com/drygdryg/OneShot/master/oneshot.py
+ ```
+Optional: getting a list of vulnerable to pixie dust devices for highlighting in scan results:
+ ```
+ wget https://raw.githubusercontent.com/drygdryg/OneShot/master/vulnwsc.txt
+ ```
+## Alpine Linux
+It can also be used to run on Android devices using [Linux Deploy](https://play.google.com/store/apps/details?id=ru.meefik.linuxdeploy)
+
+**Installing requirements**  
+Adding the testing repository:
+ ```
+ sudo sh -c 'echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories'
+ ```
+ ```
+ sudo apk add python3 wpa_supplicant pixiewps iw
+ ```
+ **Getting OneShot**
+ ```
+ sudo wget https://raw.githubusercontent.com/drygdryg/OneShot/master/oneshot.py
+ ```
+Optional: getting a list of vulnerable to pixie dust devices for highlighting in scan results:
+ ```
+ sudo wget https://raw.githubusercontent.com/drygdryg/OneShot/master/vulnwsc.txt
+ ```
+## [Termux](https://termux.com/)
+Please note that root access is required.  
+
+#### Using installer
+ ```
+ curl -sSf https://raw.githubusercontent.com/drygdryg/OneShot_Termux_installer/master/installer.sh | bash
+ ```
+#### Manually
+**Installing requirements**
+ ```
+ pkg install -y root-repo
+ pkg install -y git tsu python wpa-supplicant pixiewps iw openssl
+ ```
+**Getting OneShot**
+ ```
+ git clone --depth 1 https://github.com/drygdryg/OneShot OneShot
+ ```
+#### Running
+ ```
+ sudo python OneShot/oneshot.py -i wlan0 --iface-down -K
+ ```
+
+# Usage
+```
+ oneshot.py <arguments>
+ Required arguments:
+     -i, --interface=<wlan0>  : Name of the interface to use
+
+ Optional arguments:
+     -b, --bssid=<mac>        : BSSID of the target AP
+     -p, --pin=<wps pin>      : Use the specified pin (arbitrary string or 4/8 digit pin)
+     -K, --pixie-dust         : Run Pixie Dust attack
+     -B, --bruteforce         : Run online bruteforce attack
+     --push-button-connect    : Run WPS push button connection
+
+ Advanced arguments:
+     -d, --delay=<n>          : Set the delay between pin attempts [0]
+     -w, --write              : Write AP credentials to the file on success
+     -F, --pixie-force        : Run Pixiewps with --force option (bruteforce full range)
+     -X, --show-pixie-cmd     : Alway print Pixiewps command
+     --vuln-list=<filename>   : Use custom file with vulnerable devices list ['vulnwsc.txt']
+     --iface-down             : Down network interface when the work is finished
+     -l, --loop               : Run in a loop
+     -r, --reverse-scan       : Reverse order of networks in the list of networks. Useful on small displays
+     --mtk-wifi               : Activate MediaTek Wi-Fi interface driver on startup and deactivate it on exit
+                                (for internal Wi-Fi adapters implemented in MediaTek SoCs). Turn off Wi-Fi in the system settings before using this.
+     -v, --verbose            : Verbose output
+ ```
+
+## Usage examples
+Start Pixie Dust attack on a specified BSSID:
+ ```
+ sudo python3 oneshot.py -i wlan0 -b 00:90:4C:C1:AC:21 -K
+ ```
+Show avaliable networks and start Pixie Dust attack on a specified network:
+ ```
+ sudo python3 oneshot.py -i wlan0 -K
+ ```
+Launch online WPS bruteforce with the specified first half of the PIN:
+ ```
+ sudo python3 oneshot.py -i wlan0 -b 00:90:4C:C1:AC:21 -B -p 1234
+ ```
+ Start WPS push button connection:s
+ ```
+ sudo python3 oneshot.py -i wlan0 --pbc
+ ```
+## Troubleshooting
+#### "RTNETLINK answers: Operation not possible due to RF-kill"
+ Just run:
+```sudo rfkill unblock wifi```
+#### "Device or resource busy (-16)"
+ Try disabling Wi-Fi in the system settings and kill the Network manager. Alternatively, you can try running OneShot with ```--iface-down``` argument.
+#### The wlan0 interface disappears when Wi-Fi is disabled on Android devices with MediaTek SoC
+ Try running OneShot with the `--mtk-wifi` flag to initialize Wi-Fi device driver.
+# Acknowledgements
+## Special Thanks
+* `rofl0r` for initial implementation;
+* `Monohrom` for testing, help in catching bugs, some ideas;
+* `Wiire` for developing Pixiewps.

vulnwsc.txt

@@ -0,0 +1,158 @@
+ADSL Router EV-2006-07-27
+ADSL RT2860
+AIR3G WSC Wireless Access Point AIR3G WSC Device
+AirLive Wireless Gigabit AP AirLive Wireless Gigabit AP
+Archer_A9 1.0
+ArcherC20i 1.0
+Archer A2 5.0
+Archer A5 4.0
+Archer C2 1.0
+Archer C2 3.0
+Archer C5 4.0
+Archer C6 3.20
+Archer C6U 1.0.0
+Archer C20 1.0
+Archer C20 4.0
+Archer C20 5.0
+Archer C50 1.0
+Archer C50 3.0
+Archer C50 4.0
+Archer C50 5.0
+Archer C50 6.0
+Archer MR200 1.0
+Archer MR200 4.0
+Archer MR400 4.2
+Archer MR200 5.0
+Archer VR300 1.20
+Archer VR400 3.0
+Archer VR2100 1.0
+B-LINK 123456
+Belkin AP EV-2012-09-01
+DAP-1360 DAP-1360
+DIR-635 B3
+DIR-819 v1.0.1
+DIR-842 DIR-842
+DWR-921C3 WBR-0001
+D-Link N Router GO-RT-N150
+D-Link Router DIR-605L
+D-Link Router DIR-615H1
+D-Link Router DIR-655
+D-Link Router DIR-809
+D-Link Router GO-RT-N150
+Edimax Edimax
+EC120-F5 1.0
+EC220-G5 2.0
+EV-2009-02-06
+Enhanced Wireless Router F6D4230-4 v1
+Home Internet Center KEENETIC series
+Home Internet Center Keenetic series
+Huawei Wireless Access Point RT2860
+JWNR2000v2(Wireless AP) JWNR2000v2
+Keenetic Keenetic series
+Linksys Wireless Access Point EA7500
+Linksys Wireless Router WRT110
+NBG-419N NBG-419N
+Netgear AP EV-2012-08-04
+NETGEAR Wireless Access Point NETGEAR
+NETGEAR Wireless Access Point R6220
+NETGEAR Wireless Access Point R6260
+N/A EV-2010-09-20
+Ralink Wireless Access Point RT2860
+Ralink Wireless Access Point WR-AC1210
+RTL8196E
+RTL8xxx EV-2009-02-06
+RTL8xxx EV-2010-09-20
+RTL8xxx RTK_ECOS
+RT-G32 1234
+Sitecom Wireless Router 300N X2 300N
+Smart Router R3 RT2860
+Tenda 123456
+Timo RA300R4 Timo RA300R4
+TD-W8151N RT2860
+TD-W8901N RT2860
+TD-W8951ND RT2860
+TD-W9960 1.0
+TD-W9960 1.20
+TD-W9960v 1.0
+TD-W8968 2.0
+TEW-731BR TEW-731BR
+TL-MR100 1.0
+TL-MR3020 3.0
+TL-MR3420 5.0
+TL-MR6400 3.0
+TL-MR6400 4.0
+TL-WA855RE 4.0
+TL-WR840N 4.0
+TL-WR840N 5.0
+TL-WR840N 6.0
+TL-WR841N 13.0
+TL-WR841N 14.0
+TL-WR841HP 5.0
+TL-WR842N 5.0
+TL-WR845N 3.0
+TL-WR845N 4.0
+TL-WR850N 1.0
+TL-WR850N 2.0
+TL-WR850N 3.0
+TL-WR1042N EV-2010-09-20
+Trendnet router TEW-625br
+Trendnet router TEW-651br
+VN020-F3 1.0
+VMG3312-T20A RT2860
+VMG8623-T50A RT2860
+WAP300N WAP300N
+WAP3205 WAP3205
+Wi-Fi Protected Setup Router RT-AC1200G+
+Wi-Fi Protected Setup Router RT-AX55
+Wi-Fi Protected Setup Router RT-N10U
+Wi-Fi Protected Setup Router RT-N12
+Wi-Fi Protected Setup Router RT-N12D1
+Wi-Fi Protected Setup Router RT-N12VP
+Wireless Access Point .
+Wireless Router 123456
+Wireless Router RTL8xxx EV-2009-02-06
+Wireless Router Wireless Router
+Wireless WPS Router <#ZVMODELVZ#>
+Wireless WPS Router RT-N10E
+Wireless WPS Router RT-N10LX
+Wireless WPS Router RT-N12E
+Wireless WPS Router RT-N12LX
+WN3000RP V3
+WN-200R WN-200R
+WPS Router (5G) RT-N65U
+WPS Router DSL-AC51
+WPS Router DSL-AC52U
+WPS Router DSL-AC55U
+WPS Router DSL-N14U-B1
+WPS Router DSL-N16
+WPS Router DSL-N17U
+WPS Router RT-AC750
+WPS Router RT-AC1200
+WPS Router RT-AC1200_V2
+WPS Router RT-AC1750
+WPS Router RT-AC750L
+WPS Router RT-AC1750U
+WPS Router RT-AC51
+WPS Router RT-AC51U
+WPS Router RT-AC52U
+WPS Router RT-AC52U_B1
+WPS Router RT-AC53
+WPS Router RT-AC57U
+WPS Router RT-AC65P
+WPS Router RT-AC85P
+WPS Router RT-N11P
+WPS Router RT-N12E
+WPS Router RT-N12E_B1
+WPS Router RT-N12 VP
+WPS Router RT-N12+
+WPS Router RT-N14U
+WPS Router RT-N56U
+WPS Router RT-N56UB1
+WPS Router RT-N65U
+WPS Router RT-N300
+WR5570 2011-05-13
+ZyXEL NBG-416N AP Router
+ZyXEL NBG-416N AP Router NBG-416N
+ZyXEL NBG-418N AP Router
+ZyXEL NBG-418N AP Router NBG-418N
+ZyXEL Wireless AP Router NBG-417N