r00kie-kr00kie is a PoC exploit for the CVE-2019-15126 kr00k vulnerability.
This project is intended for educational purposes only and cannot be used for law violations or personal gain. The author of this project is not responsible for any possible harm caused by the materials.
Requirements
To use these scripts, you will need a WiFi card supporting the active monitor mode with frame injection. We recommend the Atheros AR9280 chip (IEEE 802.11n) we used to develop and test the code. We have tested this PoC on Kali Linux
Installation
# clone main repo
git clone https://github.com/hexway/r00kie-kr00kie.git && cd ./r00kie-kr00kie
# install dependencies
sudo pip3 install -r requirements.txt
How to use
r00kie-kr00kie.py
Script:This is the main exploit file that implements the kr00k attack
->~:python3 r00kie-kr00kie.py -h
usage: r00kie-kr00kie.py [-h] [-i INTERFACE] [-l CHANNEL] [-b BSSID]
[-c CLIENT] [-n DEAUTH_NUMBER] [-d DEAUTH_DELAY]
[-p PCAP_PATH_READ] [-r PCAP_PATH_RESULT] [-q]
PoC of CVE-2019-15126 kr00k vulnerability
optional arguments:
-h, --help show this help message and exit
-i INTERFACE, --interface INTERFACE
Set wireless interface name for listen packets
-l CHANNEL, --channel CHANNEL
Set channel for wireless interface (default: 1)
-b BSSID, --bssid BSSID
Set WiFi AP BSSID (example: "01:23:45:67:89:0a")
-c CLIENT, --client....
Author
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
- NewOctober 31, 2024Building a Simple Python C2C System with GPT Guidance
- NewOctober 31, 2024ChatGPT vs Phishing: Unmasking Automated Mass Phishing Campaigns
- NewOctober 31, 2024Choosing Your Cyber Ally: ChatGPT vs. WhiteRabbitNeo for Ethical Hackers
- NewOctober 31, 2024Leveraging ChatGPT and APIs for Enhanced Ethical Hacking
Subscribe
0 Comments
Newest