WOL-E is a suite of tools for Wake on LAN security testing related to the WOL features of network attached computers, this is now enabled by default on many Apple computers.
This allows you to easily scan for Apple devices on a network (based on their MAC addresses).
These tools include:
- Bruteforcing the MAC address to wake up clients
- Sniffing WOL attempts on the network and saving them to disk
- Sniffing WOL passwords on the network and saving them to disk
- Waking up single clients (post sniffing attack)
- Scanning for Apple devices on the network for WOL enabling
- Sending bulk WOL requests to all detected Apple clients
root@kali:~# wol-e -h
[*] WOL-E 1.0
[*] Wake on LAN Explorer - A collection a WOL tools.
[*] by Nathaniel Carew
Waking up single computers.
If a password is required use the -k 00:12:34:56:78:90 at the end of the above command.
wol-e -m 00:12:34:56:78:90 -b 192.168.1.255 -p <port> -k <pass>
Sniffing the network for WOL requests and passwords.
All captured WOL requests will be displayed on screen and written to /usr/share/wol-e/WOLClients.txt.
wol-e -s -i eth0
Bruteforce powering on WOL clients.
wol-e -a -p <port>
Place the address ranges into the bfmac.lst that you wish to bruteforce.
They should be in the following format:
Default port: 9
Detecting Apple devices on the network for WOL enabling.
This will output to the screen and write to /usr/share/wol-e/AppleTargets.txt for detected Apple MAC's.
Attempt to wake all detected Apple targets in /usr/share/wol-e/AppleTargets.txt.
This will send a single WOL packet to each client in the list and tell you how many clients were attempted.
You can download WOL-E here:
Or read more here.