Login/Register
C# output string to aircrack-ng
Asked Answered
c#c++caircrack-ngcrunch
S

1

0

I'm doing some tests related to information security, and I came across the following situation, I apologize if I'm posting this in the wrong place, any problems let me know and I'll fix it!

Researching about cracking WIFI passwords, I found the aircrack-ng suite of applications, and, after some time of study, I managed to complete the mission of finding the wifi password of my house xD

without further ado, below I detail my problem:

aircrack-ng manages to receive the password to be tested by parameter, my question is:

How to pass this parameter from a C# console application

I tried several ways but without success.

In my last attempt, out of desperation I used the sendmessage function, available in the user32.dll library of windows.

Obs: I'm using the compiled aircrack binaries for windows, available at the link: aircrack-ng for windows

class Program
{
    public const Int32 WM_COPYDATA = 0x4A;

    [DllImport("user32.dll")]
    static extern long SendMessage(IntPtr hWnd, uint Msg, IntPtr wParam, IntPtr lParam);
    [DllImport("user32.dll", CharSet = CharSet.Unicode)]
    static extern IntPtr FindWindow(string classname, string windowname);

    public static IntPtr IntPtrAlloc<T>(T param)
    {
        IntPtr retval = Marshal.AllocHGlobal(Marshal.SizeOf(param));
        Marshal.StructureToPtr(param, retval, false);
        return (retval);
    }

    public static void IntPtrFree(IntPtr preAllocated)
    {
        if (IntPtr.Zero == preAllocated) throw (new Exception("Go Home"));
        Marshal.FreeHGlobal(preAllocated); preAllocated = IntPtr.Zero;
    }

    public struct COPYDATASTRUCT
    {
        public IntPtr dwData;
        public int cbData;
        [MarshalAs(UnmanagedType.LPStr)]
        public string lpData;
    }


    static void Main()
    {
        string msg = "123456";
        var cds = new COPYDATASTRUCT
        {
            dwData = new IntPtr(3),
            cbData = msg.Length + 1,
            lpData = msg
        };
        IntPtr hWnd = FindWindow("ConsoleWindowClass", @"C:\WINDOWS\system32\cmd.exe aircrack-ng");
        IntPtr cdsBuffer = IntPtrAlloc(cds);
        SendMessage(hWnd, WM_COPYDATA, IntPtr.Zero, cdsBuffer);
    }
}

There is an application that currently does this, it's called crunch, it's basically a word generator. And can send this parameter to aircrack using the following command from the console:

crunch 8 8 0123456789 | aircrack-ng -a 2 my-handshake-capture.cap -b my-router-mac-addres -w -

where the last - is replaced in aircrack, by the parameter coming from crunch.

I searched about it in Crunch project available on github, but it's written on c language, and is more complexity for me. Can anyone help me? Thank you very much in advance!

Salop answered 21/1, 2022 at 23:51 Comment(2)
Take a look at this answer, it's in C using Windows API but with the help of pinvoke.net you can get the C# versionGodin
@Godin Thanks for the help, but unfortunately it didn't work as that's not what aircrack expects as a parameter. I posted this same question on the official aircrack-ng forum and I'm waiting, as this is just for study purposes, I don't have much prey. Anyway thank you!Salop
S
0

I followed advice at this link: How to write to the stdin of another app? and I got the horizon I needed!

Well, in the end, the code to work was basically like this:

    public static void WriteWord(string word)
    {
        using (System.Diagnostics.Process airNgProcess = new System.Diagnostics.Process())
        {
            airNgProcess.StartInfo.FileName = @"D:\aircrack-ng-1.6-win\bin\aircrack-ng.exe";
            airNgProcess.StartInfo.Arguments = "francos.cap -b 38:BC:01:D1:A2:64 -w -";
            airNgProcess.StartInfo.UseShellExecute = false;
            airNgProcess.StartInfo.RedirectStandardInput = true;
            airNgProcess.StartInfo.RedirectStandardOutput = true;
            airNgProcess.StartInfo.WorkingDirectory = @"D:\aircrack-ng-1.6-win\bin";
            airNgProcess.Start();

            StreamWriter airNgWriter = airNgProcess.StandardInput;
            StreamReader airNgReader = airNgProcess.StandardOutput;

            airNgWriter.WriteLine(word);
            airNgWriter.Close();
            airNgProcess.WaitForExit();

            String airNgOutput = airNgReader.ReadToEnd();
            Console.WriteLine($"Testing Key: {word}");

            if (airNgOutput.IndexOf("KEY FOUND!") > -1)
            {
                Console.WriteLine($"Wifi password is: {word}");
            }
        }
    }

In the real world, it has no applicability, because, with the junction of the C# application with aircrack-ng, the number of attempts per second has been greatly reduced, it is around 8 thousand attempts per second. This I my computer with a core i9, and 32Gb of memory.

However, by way of study and learning, for me it was very good

Salop answered 26/1, 2022 at 2:23 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.