ak47suk1

make your own ap

Oct 13th, 2011
132
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. #y0-
  3.  
  4. # dependencies
  5. # sudo apt-get install dnsmasq hostapd dhcp3-server
  6.  
  7. version=0.1
  8. show_help(){
  9.         echo "A rogue AP setup utility v$version inspired from Airsnarf Shmoo. "
  10.     echo "Copyright (c) 2011 USIM Student Batch 2007-2011. All rights reserved"
  11.     echo
  12.         echo "Usage:    $0  [options]"
  13.         echo "Options:"
  14.         echo "-s    : show config"
  15.         echo "-r    : run this config"
  16.         echo "-h    : show this help message and exit"
  17. }
  18. show_config(){
  19. head -n 68 $0
  20. }
  21.  
  22. while [[ $# != 0 ]]; do
  23.     arg_name=$1; shift
  24.     case "$arg_name" in
  25.       -h) show_help; exit 0;;
  26.       -s) show_config; exit 0;;
  27.       -r) t=$arg_name;break;;
  28.       *) echo "invalid option: $1"; show_help;exit 1;;
  29.     esac
  30. done
  31. [ "$t" != "-r" ] && { show_help; exit 1; }
  32.  
  33.  
  34. ################################################
  35. # Here are some variables you may want to edit
  36. ################################################
  37. BMODE="non-bridge" #
  38. MODE="simple" #
  39.  
  40. INET_IFACE="ppp0" #ppp0 #tun0 kalau lalu openvpn
  41. HOSTAP_WIFI_IFACE="wlan0" # Tested on ath5k/ath9k/rt73usb based cards
  42. # broadcom card majority tak support
  43. BRIDGE_IFACE="br0"
  44. CHAN="7" # channel wifi, berbeza ikut card
  45. SSID="mysabily.blogspot.com" # Boleh tukar SSID kepada nama lain
  46.  
  47. INET_GW="113.211.116.196" #10.8.0.6 # Set external IP di sini check guna whatismyipaddress.com
  48. LAN_IP="192.168.2.1"
  49. NETMASK="255.255.255.0"
  50. NETWORK="192.168.2.0/24"
  51. BROADCAST_IP="192.168.2.255"
  52. SUBNET="192.168.2.0"
  53. RANGE_IP="192.168.2.3 192.168.2.254"
  54. DHCP_MIN="192.168.2.3"
  55. DHCP_MAX="192.168.2.254"
  56. DOMAIN="usim.edu.my"
  57. OPTION_NETBIOS_NAME_SERVERS="192.168.2.252"
  58. ACL_LOCALNET_SRC="192.168.0.0/16"
  59. #OPDNS="208.67.222.220, 208.67.222.222, 4.2.2.1, 4.2.2.2, 208.67.216.132, 208.67.216.132"
  60. #OPDNS="8.8.8.8,8.8.4.4"
  61. OPDNS="58.71.136.10,58.71.132.10" # Set DNS di sini, boleh tukar ikut contoh di atas.
  62. DNS="$INET_GW, $OPDNS" ##DNSpppX = "YOUR ISP DNS SERVER, $OPDNS"
  63. #DNS="$OPDNS"
  64.  
  65. #payload="" # payload can be : sbd/vnc/wkv/other (what to upload to the user). vnc=remote desktop, sbd=shell, wkv=View WiFi keys. (/path/to/file), only used if payload is "other"
  66. #backdoorPath="/tmp/backdoor.exe"
  67. #port=$(shuf -i 2000-65000 -n 1)
  68.  
  69.  
  70.  
  71.  
  72.  
  73.  
  74.  
  75.  
  76.  
  77.  
  78. echo "----------------------------------------------------------------------"
  79. echo "A rogue AP setup utility v$version inspired from Airsnarf Shmoo. "
  80. echo "Copyright (c) 2011 USIM Student Batch 2007-2011. All rights reserved"
  81. echo "----------------------------------------------------------------------"
  82.  
  83. echo  "[*] Testing internet connection...";
  84. command=$(ping -I $INET_IFACE -c 1 google.com |grep "64 bytes from" |cut -d' ' -f 4);
  85. if [ -z $command ] ; then echo "[!] Internet access failed. "; exit 1 ; else echo "[-] Got internet access..." ; fi;
  86.  
  87. mkdir -p "$(pwd)/tmp/"
  88. HOME_DIR="$(pwd)/tmp"
  89.  
  90. # Create the hostapd.conf
  91. mkdir -p /tmp/hostapd > /dev/null 2>&1
  92. rm /tmp/hostapd/hostapd.conf > /dev/null 2>&1
  93. rm /tmp/hostapd/hostapd.pid > /dev/null 2>&1
  94.  
  95. cat > /tmp/hostapd/hostapd.conf << EOF
  96. driver=nl80211
  97. logger_syslog=-1
  98. logger_syslog_level=2
  99. logger_stdout=-1
  100. logger_stdout_level=1
  101. ssid=$SSID
  102. hw_mode=g
  103. channel=$CHAN
  104. beacon_int=100
  105. dtim_period=2
  106. max_num_sta=255
  107. rts_threshold=2347
  108. fragm_threshold=2346
  109. macaddr_acl=0
  110. auth_algs=3
  111. ignore_broadcast_ssid=0
  112. #wmm_enabled=1
  113. eapol_key_index_workaround=0
  114. eap_server=0
  115. own_ip_addr=127.0.0.1
  116. # WPA settings. We'll use stronger WPA2
  117. # bit0 = WPA
  118. # bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
  119. wpa=2
  120.  
  121. # Preshared key of between 8-63 ASCII characters.
  122. # If you define the key in here, make sure that the file is not readable
  123. # by anyone but root. Alternatively you can use a separate file for the
  124. # key; see original hostapd.conf for more information.
  125. # Set WPA key di sini
  126. wpa_passphrase=passwordaku
  127.  
  128. # Key management algorithm. In this case, a simple pre-shared key (PSK)
  129. wpa_key_mgmt=WPA-PSK
  130.  
  131. # The cipher suite to use. We want to use stronger CCMP cipher.
  132. wpa_pairwise=CCMP
  133.  
  134. # Change the broadcasted/multicasted keys after this many seconds.
  135. wpa_group_rekey=600
  136.  
  137. # Change the master key after this many seconds. Master key is used as a basis
  138. # (source) for the encryption keys.
  139. wpa_gmk_rekey=86400
  140.  
  141. EOF
  142.  
  143. echo "interface=$HOSTAP_WIFI_IFACE" >> /tmp/hostapd/hostapd.conf
  144.  
  145. echo "INTERFACES=\"\"" > /etc/default/dhcp3-server
  146.  
  147. if [ "$BMODE" == "non-bridge" ]; then
  148. ifconfig $HOSTAP_WIFI_IFACE down && sleep 2
  149. ifconfig $HOSTAP_WIFI_IFACE up && sleep 2
  150. ifconfig $HOSTAP_WIFI_IFACE $LAN_IP netmask $NETMASK
  151. route add -net $SUBNET netmask $NETMASK gw $LAN_IP
  152.  
  153. echo -e "[*] Starting DHCP Server.. "
  154.  
  155. # Create custom dhcpd.conf
  156. path="$HOME_DIR/dhcpd.conf"
  157. if [ -e "$path" ] ; then rm "$path"; fi
  158. echo -e "#
  159. ddns-update-style none;
  160. ignore client-updates; # Ignore all client requests for DDNS update
  161. authoritative;
  162. default-lease-time 86400; # 24 hours
  163. max-lease-time 172800;    # 48 hours
  164. log-facility local7;\n
  165. subnet $SUBNET netmask $NETMASK {
  166. range $RANGE_IP;
  167. option routers $LAN_IP;
  168. option subnet-mask $NETMASK;
  169. option broadcast-address  $BROADCAST_IP;
  170. option domain-name \"$DOMAIN\"; " >> $path
  171.  
  172. echo " option domain-name-servers $DNS;" >> $path
  173. #echo " option domain-name-servers $LAN_IP;" >> $path #non tranparant
  174.  
  175. echo -e " option netbios-name-servers $OPTION_NETBIOS_NAME_SERVERS;\n}" >> $path
  176.  
  177. cp $HOME_DIR/dhcpd.conf /etc/dhcp3/dhcpd.conf
  178. rm /var/run/dhcpd.pid
  179. ln -s /var/run/dhcp3-server/dhcpd.pid /var/run/dhcpd.pid
  180. dhcpd3 -cf /etc/dhcp3/dhcpd.conf $HOSTAP_WIFI_IFACE -pf /var/run/dhcpd.pid
  181.  
  182. echo -e "[*] Starting DNS forwarder... "
  183.  
  184. path="$HOME_DIR/dnsmasq.conf"
  185. if [ -e "$path" ] ; then rm "$path" ; fi
  186. echo -e "#
  187. interface=$LAN_IFACE
  188. domain=$DOMAIN
  189. #dhcp-range=$DHCP_MIN,$DHCP_MAX,24h
  190. #dhcp-authoritative
  191. #dhcp-option=3,$LAN_IP # Gateway" >> $path
  192. #echo -e "dhcp-option=6,$LAN_IP # DNS" >> $path #non tranparant
  193. echo -e "dhcp-option=6,$DNS # DNS" >> $path ; fi
  194. echo -e "log-queries
  195. #log-dhcp
  196. log-facility="$HOME_DIR/dnsmasq.log"" >> $path
  197.  
  198. # Solve our DNS Forwarder
  199. dnsmasq -C $HOME_DIR/dnsmasq.conf&
  200.  
  201. ##########################################################################
  202. # Simple WLAN setup (clients can access Internet)
  203. if [ $MODE = "simple" ];then echo -e "[*] Starting simple WLAN setup...."
  204. iptables --flush
  205. iptables --table nat --flush
  206. iptables --delete-chain
  207. iptables --table nat --delete-chain
  208.  
  209. iptables -t nat -A POSTROUTING -o $INET_IFACE -j MASQUERADE
  210. iptables -A FORWARD -i $HOSTAP_WIFI_IFACE -j ACCEPT
  211. iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to $INET_GW
  212.  
  213. echo 1 > /proc/sys/net/ipv4/ip_forward
  214. sleep 1
  215.  
  216. /etc/init.d/dhcp3-server restart > /dev/null 2>&1
  217. sleep 1
  218.  
  219. echo "Starting AP..."
  220. hostapd -dd -P /tmp/hostapd/hostapd.pid /tmp/hostapd/hostapd.conf
  221.  
  222.  
RAW Paste Data