Thank you for the script.
Thank you for the script.
Ok thx comaX. I have the 0.9v but the errors still exists. I dont currently have any BT4 install to check if they exists there also, so we can see if its the sslstrip problem or something else.Quote:
Yup, those are sslstrip/python errors, they're not from my script, and I can't do anything about that. Did you update to sslstrip 0.9 ? It's less buggy.
All I can try to do is to shut verbosity of error output... I didn't think about that, I'll do that too !
[Edit] Status : DONE
Yup, now it's all quiet ! I just had to add "2> /dev/null". But errors still happen. Anyway, since they are not fatal, nor disrupt anything... It's all good !
A day later than expected, v0.7.4 is out ! I will also probably do a demo video in the next few days. Stay tuned, and as always, please give feedback !
(About urlsnarff, and url parsing, I didn't have much time to look into it... Maybe later !)
I don't think I mentioned it yet, but great script and I appreciate the work you are putting into it.
Problem with Line 88: "chmod +x /usr/bin/mitm #make newly installed script executable" mitm is missing the ".sh" and is throwing an error when running the update option.
Also, at the end of the script, after the parser is launched, the script is just waiting to be killed. Could you make a loop at the end to accept several options instead?
1. Re-scan network. This would be to find new targets that may have joined.
2. Add a new target for arpspoof (e.g. "a 192.168.1.106")
A new single target doesn't make much since if you are already spoofing the whole subnet. I don't know that it's possible to have an option to kill an existing single arpspoof instance, but as long as you can get to the window you can ctrl+c any existing instance to shut it down without the scripts help. Can the title of the arpspoof windows include the IP address?
With a chose list like this it may make more since to start sslstrip and parsing first and then just drop the user into the choice list.
Sorry if I'm suggesting something too complex. I'm not familiar at all with the scripting.
Those are pretty good ideas !
the problem at line 88 might already have been corrected, but I'll check, thanks for reporting ;)
EDIT : I tried updating, and I had no problem... But I changed it to $0 anyway, just to make sure !
At the end, no need for a "loop". I think, waiting for something to do is fine ! And instead of waiting for "quit" it could wait for different things ;)
Scanning the network could become a function like scan() [by the way, I should really get a better way of scanning... That was early quick-fix, but I find it a little bit barbarian !].
Adding a target to arpspoof shouldn't be a problem either, another function to be called, that would launch another xterm arpspoof window. Killing them from the script (apart from final cleanup) would be too complex I think, and since there is no automation to be done here (I won't read arpspoof's output to know if target is still reachable... You still have to do two-three things, on purpose !), I don't see any purpose in doing that :P
With that said, if you are already targeting the whole network, the later option would be useless... But, that's doable !
And then, quitting, of course !
Yeah, I like it ! I'll work on that when I have time (this is much bigger than anything else I was suggested !).
I also have been suggested to make default option for the ports for instance. What do you think I should do about that ? It makes sense since it's an automation tool, but it's also a learning tool, so typing in a few ports, knowing why you choose them is to me a good thing. I'm really hesitating here, so just tell me what you people would rather like !
Thanks again for the feedback !
The script is already hiding a lot of the complexity of the process. I don't think that people will be missing out on much more knowledge by defaulting ports. Also you can implement it in a way where the user will at least see what the default port is. For example "Choose a port for sslstrip (Enter = 10000)".
The suggestion of the loop was so that you wouldn't have to write a limited number of prompts for the user to respond to. In the existing script its 4 occurrences of mostly the same prompt at the end. If you put a big decision prompt with all options in a loop you could write it once and the user wouldn't be limited to the number of times they could choose one of the options. Again if you are coming from the stance of spoofing the entire network, there's not much use. If you are instead isolating to just a few targets and looking for others to add then it makes more since.
Of course the user can have the exact same functionality by just opening another terminal and running the additional arpspoof commands there. All logs still go to the same sslstrip log and still get parsed by the same process.
Also for target discovery I see a lot of suggestions for nmap. I usually use "nmap -sn 192.168.1.*" for a very quick discovery of hosts in the subnet. I'm sure there are much better methods.
OPTIMUS! script !thanks a lot! work perfect in bt5!!!:rolleyes:
Edit : finally it was pretty simple, and I like the result ! There are the 3 choices you proposed, which seem enough, but if anyone has more suggestion, let them come ! I also changed the host discovery feature too something way better. It should have been done a long time ago too, I guess more people using it and giving feedback helps rethinking things :)
Thanks again ;)
Ps : current version is v0.7.5 !
I've never tried to write bash, so please forgive any formatting errors or any misunderstandings of what limitations you are working under. Here is a rough flow I was thinking of:
1. IP Tables Cleanup
2. Start sslstrip
3. Start loop parse
4. Decision loop:
The idea is to setup and kick off all the necessary stuff first. Then execute the more detailed work based on user input. I do understand this may be going beyond your intentions for the script.Code:
echo "What now? (q = quit, s = scan for hosts, a = arpspoof full network, t <ip> = arpsoof single ip)
read -e decision
if [[decision = "q"]] ; then
elif [[decision = "s"]] ; then
call to scan method here
elif [[decision = "a"]] ; then
call to arpspoof full network here
elif [[decision = "t"]] ; then
call to arpspoof single ip here
statement about bad command entry here
I did a pretty major update this morning, so if you are using the script on a regular basis, I suggest you check it !
I also did a demonstration video, but it's fast and short. I will maybe try to make a better one when I have more time, with music and all.
(How about some portal 2 song ? Or maybe I'll stick to death metal. Tell me what you'd rather like !)
Keep the feedback coming !
[version on 29/05/11 : 0.7.7]