kimocoder
diff --git a/‎README.md‎
Lines changed: 7 additions & 0 deletions b/‎README.md‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎tests/test_hcxdumptool.py‎
Lines changed: 149 additions & 1 deletion b/‎tests/test_hcxdumptool.py‎
Lines changed: 149 additions & 1 deletion
diff --git a/‎wifite/args.py‎
Lines changed: 108 additions & 0 deletions b/‎wifite/args.py‎
Lines changed: 108 additions & 0 deletions
diff --git a/‎wifite/attack/pmkid.py‎
Lines changed: 22 additions & 0 deletions b/‎wifite/attack/pmkid.py‎
Lines changed: 22 additions & 0 deletions
@@ -188,6 +188,7 @@ Features
 
 ### Attack Methods
 * **[PMKID hash capture](https://hashcat.net/forum/thread-7717.html)** - Fast, clientless WPA/WPA2 attack (enabled by default)
+* **Passive PMKID Sniffing** - Continuous, untargeted PMKID capture from all nearby networks (use with: `--pmkid-passive`)
 * **WPS Pixie-Dust Attack** - Offline WPS PIN recovery (enabled by default, force with: `--wps-only --pixie`)
 * **WPS PIN Attack** - Online WPS brute-force (enabled by default, force with: `--wps-only --no-pixie`)
 * **WPA/WPA2 Handshake Capture** - Traditional 4-way handshake attack (enabled by default, force with: `--no-wps`)
@@ -359,6 +360,7 @@ sudo wifite -vv
 - Use GPU acceleration (CUDA/OpenCL) for best performance
 - Consider using cloud-based cracking services for large wordlists
 
+
 ### Resume Feature
 
 Wifite automatically saves your attack progress and allows you to resume interrupted sessions:
@@ -558,6 +560,11 @@ For Dual Interface specific help:
 sudo wifite -h -v | grep -A 20 "DUAL INTERFACE"
 ```
 
+For Passive PMKID specific help:
+```bash
+sudo wifite -h -v | grep -A 10 "PMKID"
+```
+
 
 Credits & Acknowledgments
 -------------------------
 
@@ -7,7 +7,7 @@
 
 sys.path.insert(0, '..')
 
-from wifite.tools.hcxdumptool import HcxDumpTool
+from wifite.tools.hcxdumptool import HcxDumpTool, HcxDumpToolPassive
 from wifite.config import Configuration
 
 
@@ -165,5 +165,153 @@ def test_command_building_triple_interface(self, mock_process, mock_config_init)
             self.assertEqual(call_args[i_indices[2] + 1], 'wlan2')
 
 
+class TestHcxDumpToolPassive(unittest.TestCase):
+    """Test suite for HcxDumpToolPassive class"""
+
+    def setUp(self):
+        """Set up test fixtures"""
+        Configuration.interface = None
+
+    @patch('wifite.tools.hcxdumptool.Configuration.initialize')
+    def test_initialization_with_interface(self, mock_config_init):
+        """Test initialization with explicit interface"""
+        tool = HcxDumpToolPassive(interface='wlan0', output_file='/tmp/passive.pcapng')
+        
+        self.assertEqual(tool.interface, 'wlan0')
+        self.assertEqual(tool.output_file, '/tmp/passive.pcapng')
+        self.assertIsNone(tool.pid)
+        self.assertIsNone(tool.proc)
+
+    @patch('wifite.tools.hcxdumptool.Configuration.initialize')
+    @patch('wifite.tools.hcxdumptool.Configuration.temp')
+    def test_initialization_with_defaults(self, mock_temp, mock_config_init):
+        """Test initialization with default output file"""
+        mock_temp.return_value = '/tmp/wifite_'
+        Configuration.interface = 'wlan0'
+        
+        tool = HcxDumpToolPassive()
+        
+        self.assertEqual(tool.interface, 'wlan0')
+        self.assertEqual(tool.output_file, '/tmp/wifite_passive_pmkid.pcapng')
+
+    @patch('wifite.tools.hcxdumptool.Configuration.initialize')
+    def test_initialization_no_interface_raises_error(self, mock_config_init):
+        """Test that missing interface raises exception"""
+        Configuration.interface = None
+        
+        with self.assertRaises(Exception) as context:
+            HcxDumpToolPassive()
+        
+        self.assertIn('must be defined', str(context.exception))
+
+    @patch('wifite.tools.hcxdumptool.Configuration.initialize')
+    @patch('wifite.tools.hcxdumptool.Process')
+    @patch('wifite.tools.hcxdumptool.time.sleep')
+    def test_enter_starts_process(self, mock_sleep, mock_process, mock_config_init):
+        """Test that __enter__ starts hcxdumptool with correct flags"""
+        mock_proc_instance = MagicMock()
+        mock_proc_instance.pid.pid = 12345
+        mock_proc_instance.poll.return_value = None
+        mock_process.return_value = mock_proc_instance
+        
+        tool = HcxDumpToolPassive(interface='wlan0', output_file='/tmp/passive.pcapng')
+        
+        with tool:
+            # Verify Process was called
+            mock_process.assert_called_once()
+            
+            # Get the command that was passed to Process
+            call_args = mock_process.call_args[0][0]
+            
+            # Verify command structure
+            self.assertEqual(call_args[0], 'hcxdumptool')
+            self.assertIn('-i', call_args)
+            self.assertIn('wlan0', call_args)
+            self.assertIn('--rds=3', call_args)
+            self.assertIn('-w', call_args)
+            self.assertIn('/tmp/passive.pcapng', call_args)
+            self.assertIn('--enable_status=15', call_args)
+            
+            # Verify PID was set
+            self.assertEqual(tool.pid, 12345)
+            self.assertIsNotNone(tool.proc)
+
+    @patch('wifite.tools.hcxdumptool.Configuration.initialize')
+    @patch('wifite.tools.hcxdumptool.Process')
+    @patch('wifite.tools.hcxdumptool.time.sleep')
+    def test_is_running_when_active(self, mock_sleep, mock_process, mock_config_init):
+        """Test is_running returns True when process is active"""
+        mock_proc_instance = MagicMock()
+        mock_proc_instance.pid.pid = 12345
+        mock_proc_instance.poll.return_value = None  # Process is running
+        mock_process.return_value = mock_proc_instance
+        
+        tool = HcxDumpToolPassive(interface='wlan0', output_file='/tmp/passive.pcapng')
+        
+        with tool:
+            self.assertTrue(tool.is_running())
+
+    @patch('wifite.tools.hcxdumptool.Configuration.initialize')
+    @patch('wifite.tools.hcxdumptool.Process')
+    @patch('wifite.tools.hcxdumptool.time.sleep')
+    def test_is_running_when_stopped(self, mock_sleep, mock_process, mock_config_init):
+        """Test is_running returns False when process has stopped"""
+        mock_proc_instance = MagicMock()
+        mock_proc_instance.pid.pid = 12345
+        mock_proc_instance.poll.return_value = 0  # Process has exited
+        mock_process.return_value = mock_proc_instance
+        
+        tool = HcxDumpToolPassive(interface='wlan0', output_file='/tmp/passive.pcapng')
+        
+        with tool:
+            self.assertFalse(tool.is_running())
+
+    @patch('wifite.tools.hcxdumptool.Configuration.initialize')
+    @patch('wifite.tools.hcxdumptool.os.path.exists')
+    @patch('wifite.tools.hcxdumptool.os.path.getsize')
+    def test_get_capture_size_file_exists(self, mock_getsize, mock_exists, mock_config_init):
+        """Test get_capture_size returns file size when file exists"""
+        mock_exists.return_value = True
+        mock_getsize.return_value = 1024000  # 1MB
+        
+        tool = HcxDumpToolPassive(interface='wlan0', output_file='/tmp/passive.pcapng')
+        
+        size = tool.get_capture_size()
+        self.assertEqual(size, 1024000)
+        mock_exists.assert_called_once_with('/tmp/passive.pcapng')
+        mock_getsize.assert_called_once_with('/tmp/passive.pcapng')
+
+    @patch('wifite.tools.hcxdumptool.Configuration.initialize')
+    @patch('wifite.tools.hcxdumptool.os.path.exists')
+    def test_get_capture_size_file_not_exists(self, mock_exists, mock_config_init):
+        """Test get_capture_size returns 0 when file doesn't exist"""
+        mock_exists.return_value = False
+        
+        tool = HcxDumpToolPassive(interface='wlan0', output_file='/tmp/passive.pcapng')
+        
+        size = tool.get_capture_size()
+        self.assertEqual(size, 0)
+        mock_exists.assert_called_once_with('/tmp/passive.pcapng')
+
+    @patch('wifite.tools.hcxdumptool.Configuration.initialize')
+    @patch('wifite.tools.hcxdumptool.Process')
+    @patch('wifite.tools.hcxdumptool.time.sleep')
+    @patch('wifite.tools.hcxdumptool.os.kill')
+    def test_exit_stops_process(self, mock_kill, mock_sleep, mock_process, mock_config_init):
+        """Test that __exit__ stops the process gracefully"""
+        mock_proc_instance = MagicMock()
+        mock_proc_instance.pid.pid = 12345
+        mock_proc_instance.poll.return_value = None  # Process is running
+        mock_process.return_value = mock_proc_instance
+        
+        tool = HcxDumpToolPassive(interface='wlan0', output_file='/tmp/passive.pcapng')
+        
+        with tool:
+            pass  # Exit the context
+        
+        # Verify interrupt was called
+        mock_proc_instance.interrupt.assert_called_once()
+
+
 if __name__ == '__main__':
     unittest.main()
@@ -239,6 +239,7 @@ def get_arguments(self):
         self._add_wps_args(parser.add_argument_group(Color.s('{C}WPS{W}')))
         self._add_pmkid_args(parser.add_argument_group(Color.s('{C}PMKID{W}')))
         self._add_eviltwin_args(parser.add_argument_group(Color.s('{C}EVIL TWIN{W}')))
+        self._add_wpasec_args(parser.add_argument_group(Color.s('{C}WPA-SEC UPLOAD{W}')))
         self._add_command_args(parser.add_argument_group(Color.s('{C}COMMANDS{W}')))
 
         return parser.parse_args()
@@ -830,6 +831,113 @@ def _add_pmkid_args(self, pmkid):
                            type=int,
                            help=Color.s('Time to wait for PMKID capture (default: {G}%d{W} seconds)'
                                         % self.config.pmkid_timeout))
+        
+        # Passive PMKID capture arguments
+        pmkid.add_argument('--pmkid-passive',
+                           action='store_true',
+                           dest='pmkid_passive',
+                           help=Color.s('Passive PMKID capture mode: Sniff all networks '
+                                       'without deauth. {R}WARNING:{W} Requires authorization. '
+                                       '(default: {G}off{W})'))
+        
+        pmkid.add_argument('--pmkid-sniff',
+                           action='store_true',
+                           dest='pmkid_passive',
+                           help=argparse.SUPPRESS)  # Alias for --pmkid-passive
+        
+        pmkid.add_argument('--pmkid-passive-duration',
+                           action='store',
+                           dest='pmkid_passive_duration',
+                           metavar='[seconds]',
+                           type=int,
+                           help=self._verbose('Duration for passive capture in seconds '
+                                             '(default: {G}infinite{W})'))
+        
+        pmkid.add_argument('--pmkid-passive-interval',
+                           action='store',
+                           dest='pmkid_passive_interval',
+                           metavar='[seconds]',
+                           type=int,
+                           help=self._verbose('Interval between hash extractions '
+                                             '(default: {G}%d{W} seconds)' 
+                                             % self.config.pmkid_passive_interval))
+
+    def _add_wpasec_args(self, wpasec):
+        """
+        Add wpa-sec upload command-line arguments to argument parser.
+        
+        Defines all wpa-sec related arguments including:
+        - --wpasec: Enable upload functionality
+        - --wpasec-key: API key for authentication
+        - --wpasec-auto: Automatic upload mode
+        - --wpasec-url: Custom server URL
+        - --wpasec-timeout: Connection timeout
+        - --wpasec-email: Notification email
+        - --wpasec-remove: Remove files after upload
+        
+        Args:
+            wpasec: Argument group for wpa-sec options
+            
+        Example:
+            >>> wpasec_group = parser.add_argument_group('WPA-SEC UPLOAD')
+            >>> self._add_wpasec_args(wpasec_group)
+        """
+        wpasec.add_argument('--wpasec',
+                            action='store_true',
+                            dest='wpasec_enabled',
+                            help=Color.s('Enable {C}wpa-sec.stanev.org{W} upload functionality. '
+                                        'Uploads captured handshakes to online cracking service. '
+                                        'Requires API key from wpa-sec.stanev.org (default: {G}off{W})'))
+
+        wpasec.add_argument('--wpasec-key',
+                            action='store',
+                            dest='wpasec_api_key',
+                            metavar='[key]',
+                            type=str,
+                            help=Color.s('API key for {C}wpa-sec.stanev.org{W}. '
+                                        'Register at wpa-sec.stanev.org to obtain your key. '
+                                        'Required for uploading captures.'))
+
+        wpasec.add_argument('--wpasec-auto',
+                            action='store_true',
+                            dest='wpasec_auto_upload',
+                            help=Color.s('Automatically upload all captured handshakes without prompting. '
+                                        'When disabled, you will be asked before each upload. '
+                                        '(default: {G}off{W})'))
+
+        wpasec.add_argument('--wpasec-url',
+                            action='store',
+                            dest='wpasec_url',
+                            metavar='[url]',
+                            type=str,
+                            help=self._verbose('Custom wpa-sec server URL. '
+                                              'Use this to upload to alternative wpa-sec instances. '
+                                              '(default: {G}https://wpa-sec.stanev.org{W})'))
+
+        wpasec.add_argument('--wpasec-timeout',
+                            action='store',
+                            dest='wpasec_timeout',
+                            metavar='[seconds]',
+                            type=int,
+                            help=self._verbose('Connection timeout for uploads in seconds. '
+                                              'Increase if you have a slow connection. '
+                                              '(default: {G}30{W} seconds)'))
+
+        wpasec.add_argument('--wpasec-email',
+                            action='store',
+                            dest='wpasec_email',
+                            metavar='[email]',
+                            type=str,
+                            help=self._verbose('Email address for wpa-sec notifications. '
+                                              'Receive alerts when passwords are cracked. '
+                                              '(default: {G}none{W})'))
+
+        wpasec.add_argument('--wpasec-remove',
+                            action='store_true',
+                            dest='wpasec_remove_after_upload',
+                            help=self._verbose('Remove capture files after successful upload. '
+                                              'Saves disk space but prevents local cracking. '
+                                              '(default: {G}off{W})'))
 
     @staticmethod
     def _add_command_args(commands):
 
@@ -9,6 +9,7 @@
 from ..util.output import OutputManager
 from ..model.pmkid_result import CrackResultPMKID
 from ..tools.airodump import Airodump
+from ..util.wpasec_uploader import WpaSecUploader
 from threading import Thread, active_count
 import os
 import time
@@ -162,6 +163,27 @@ def run_hashcat(self):
             self.view.add_log(f"PMKID hash ready: {os.path.basename(pmkid_file)}")
             self.view.add_log("Proceeding to crack phase...")
 
+        # Upload to wpa-sec if configured
+        # Note: wpa-sec only accepts pcap/pcapng files, not .22000 hash files
+        # Upload the original pcapng capture file instead of the hash file
+        if WpaSecUploader.should_upload():
+            if self.view:
+                self.view.add_log("Checking wpa-sec upload configuration...")
+            
+            # Use the pcapng file if it exists, otherwise skip upload
+            if os.path.exists(self.pcapng_file):
+                WpaSecUploader.upload_capture(
+                    self.pcapng_file,
+                    self.target.bssid,
+                    self.target.essid,
+                    capture_type='pmkid',
+                    view=self.view
+                )
+            else:
+                Color.pl('{!} {O}wpa-sec upload skipped: pcapng file not found{W}')
+                if self.view:
+                    self.view.add_log("wpa-sec upload skipped: pcapng file not found")
+
         # Check for the --skip-crack flag
         if Configuration.skip_crack:
             if self.view: