How to Use FARHAN-Shot in Termux for Wi-Fi Security Testing

Did you know that your Wi-Fi could be the weakest point in your entire home network?

Hackers have many ways to break into a home network, and the most common method is through Wi-Fi.

Once a malicious actor gains access to your WiFi, they can scan connected devices and access them. This can allow them to spy on your activity, steal sensitive data like login credentials and credit-card details, or even install malware on your devices, putting your personal information at serious risk.

If you’re looking to improve your home cybersecurity, testing your Wi-Fi’s security should be the very first step.

Luckily, there’s an easy way to do this using FARHAN-Shot in Termux. This tool lets you test the security of WPS-enabled Wi-Fi networks directly from your Android phone.

What is FARHAN-Shot

FARHAN-Shot is a tool designed to test the security of Wi-Fi networks that use Wi-Fi Protected Setup (WPS). WPS is a feature that allows you to connect to a router using an 8-digit PIN or by pressing a button, instead of typing a long password.

However, many routers have weaknesses in their WPS implementation, which can make them vulnerable. FARHAN-Shot helps you check the security of these WPS-enabled networks by running ethical tests such as Pixie Dust attacks or PIN brute-force attacks.

• Pixie Dust Attack: This attack exploits weaknesses in the WPS PIN process to calculate the PIN offline. Because it doesn’t rely on guessing randomly, it is much faster than a brute-force attack.
• Brute-Force Attack: This method tries every possible combination of the WPS PIN until the correct one is found. It is slower than Pixie Dust because many routers may slow down or lock after multiple failed attempts.

By using FARHAN-Shot, you can identify vulnerabilities in your WPS-enabled Wi-Fi and take steps to secure your network before attackers do. Luckily you can run it directly on your Android device using Termux.

Important warning: Test only your Wi-Fi or networks you have permission from the owner. Using this tool to access someone else’s network is illegal and can lead you to serious trouble. Stay ethical and use these skills responsibly.

Requirements to Run FARHAN-Shot in Termux

Before you start the installation process, make sure your Android device meets the requirements mentioned below to run FARHAN-Shot smoothly:

1. Sufficient Hardware

Your Android phone should be capable to run FARHAN-Shot in Termux efficiently. I recommend devices with at least 4 GB of RAM and 32 GB of storage or higher for better performance.

2. A Compatible Wi-Fi Chipset

Your device needs to have a Wi-Fi chipset that supports monitor mode which is used by FARHAN-Shot to scan and test networks. Phones with Qualcomm or Broadcom chipsets usually work best.

3. Root access

Root access is required for FARHAN-Shot to control Wi-Fi chipset in your Android phone. Without root, the tool won’t work. Also keep in mind that rooting your phone carries risks, so it’s best to use a spare device, not your main phone.

4. Termux:API

FARHAN-Shot uses commands from Termux:API, for example, to fetch system information like battery status. Don’t worry I’ll guide you through installing this in the installation section.

5. Internet Connection

You’ll need an internet connection to install packages in Termux, such as Python, Git, wpa_supplicant, pixiewps, and iw. Since you’re reading this online, you probably have it, but make sure your connection is stable during installation.

How to Install FARHAN-Shot in Termux

If your Android device meets all the requirements and you’ve agreed to use this guide only on your own Wi-Fi network or networks you have permission to test, you’re ready to install FARHAN-Shot in Termux.

Important: Make sure to use the correct version of Termux. The Play Store version is outdated, so download it from the official Termux website or follow this step by step installation guide.

1. Update and Upgrade Termux Packages

Open Termux and run the following command:

pkg update && pkg upgrade -y

This updates Termux and all installed packages to the latest versions, helping prevent errors during installation.

2. Install Required Packages

FARHAN-Shot needs several packages to work properly. Install them by running:

pkg install root-repo -y
pkg install git python wpa-supplicant pixiewps iw -y
termux-setup-storage

Here is the overview of each package:

• root-repo – enables packages that require root access
• git — downloads the FARHAN-Shot code from GitHub.
• python — runs the tool’s Python scripts.
• wpa-supplicant — talks to Wi-Fi interfaces and helps test WPA/WPS.
• pixiewps — is used for the Pixie Dust attack checks.
• iw — a tool to scan and work with wireless interfaces.
• termux-setup-storage – allows Termux to access storage; accept the permission prompt

Note: if any package fails to install, re-run pkg update and try again or try installing packages one by one.

3. Install Termux:API

First, install the Termux:API app from F-Droid, and then install its package in Termux:

pkg install termux-api

FARHAN-Shot uses Termux:API for some system info (battery, etc.).

4. Install Root Helper (tsu or sudo)

FARHAN-Shot requires root privileges. Install tsu (preferred) or sudo if tsu isn’t available:

pkg install tsu -y || pkg install sudo -y

After installation is complete, you can test root by running tsu followed by whoami. The output should be root.

5. Download the FARHAN-Shot code

Finally, download FARHAN-Shot from GitHub and move into its folder:

git clone https://github.com/Gtajisan/FARHAN-Shot
cd FARHAN-Shot

This copies FARHAN-Shot to your device and moves you into its directory, where you can begin your Wi-Fi security testing.

How to Use FARHAN-Shot

Once you’ve successfully installed FARHAN-Shot in Termux, it’s time to test the security of your WPS-enabled Wi-Fi network.

1. Scan for Nearby Networks

First, you need to scan the Wi-Fi networks around you. To do this, you should know your wireless interface name. Run iw dev to know youse. 

Most Android phones use wlan0. To scan networks, run:

sudo python FARHAN-Shot.py -i wlan0

If sudo isn’t available, become root first with tsu and then run the same command.

2. Run a Pixie Dust attack

The below command automatically scan nearby WPS-enabled networks and run a Pixie Dust attack when it found one:

sudo python FARHAN-Shot.py -i wlan0 -K

If you want to target a specific router to scan and run pixie Dust attack, use the following command:

sudo python FARHAN-Shot.py -i wlan0 -b <BSSID> -K

Note: Replace <BSSID> with the router’s BSSID to be tested, which looks like 00:90:4C:C1:AC:21. This focuses FARHAN-Shot on one router instead of scanning randomly.

3. Try a WPS Brute-Force Attack

If your WiFi survives the Pixie Dust attack, you can test it with a brute-force attack. Use this command:

sudo python FARHAN-Shot.py -i wlan0 -b <BSSID> -B

To speed up testing process, you can provide a PIN prefix using -p argument. For example:

sudo python FARHAN-Shot.py -i wlan0 -b <BSSID> -B -p 1234

This tells FARHAN-Shot to try only PINs starting with 1234, hence reducing testing time.

Because brute-force tries many combinations, routers may slow down or lock after repeated attempts. You can set a delay between tries using the -d argument. For example:

sudo python FARHAN-Shot.py -i wlan0 -b <BSSID> -B -d 5

This waits 5 seconds between attempts to prevent router lockouts.

4. Use the offline WPS PIN generator (3WiFi database)

The 3WiFi database contains a list of commonly used WPS PINs offline. To test your Wi-Fi network with this database, add the --3wifi argument:

sudo python FARHAN-Shot.py -i wlan0 -b <BSSID> --3wifi

That’s it! Remember, only test your own Wi-Fi network or networks you have explicit permission to test.

If you face any errors during installation or usage, feel free to leave a comment, I enjoy helping my readers troubleshoot.

What to Do if Your Wi-Fi Can Be Cracked

If your WiFi was cracked during the testing, it means your WiFi network is vulnerable. unauthorized users near you could connect to your Wi-Fi and access your devices. So you need to fix it quickly.

Below are the steps to secure your Wi-Fi network:

1. Turn off WPS and Disable WEP: go to your router settings (usually at 192.168.1.1 in a browser, but it varies according to manufacturers.) and disable WPS. While you are there, also ensure that your network is not using WEP encryption. These feature are outdated and make it easy for hackers to break into your WiFi network.
2. Use WPA2/WPA3 and change your Wi-Fi password: make sure your router is using WPA2 or WPA3 (I highly recommend WPA3 because is the latest and most secure option). Then set a new, strong password with at least 12 characters mixing letters, numbers, and symbols. Avoid using common names or your personal info.
3. Change the admin login password: Change the default router login (like “admin/admin”). Use a strong, unique password. Also disable features you don’t need, like remote management or UPnP.
4. Update your router’s firmware: Always check for updates in your router’s admin panel or on the manufacturer’s website. Installing the latest security firmware is crucial for protecting against new attacks.
5. Consider upgrading your router: If your router is old and still relies on vulnerable features like WPS, it’s time to consider a new router that supports WPA2 or WPA3. While it may seem costly, a secure router is a small price to pay compared to the potential damage a Malicious actors could cause.

Here are some reliable routers to consider. Investing in a quality router now can save you from much bigger losses later.

Testing your Wi-Fi with FARHAN-Shot in Termux shows you if your network is really safe or not. If it can be cracked, don’t panic, just take the steps we covered above.

Keeping your Wi-Fi secure is not a one-time task. Regularly check and test your router, update it, and stay aware of new security threats. A little effort today can protect all your devices and personal data tomorrow.