Page 3 of 8 FirstFirst 12345 ... LastLast
Results 21 to 30 of 73

Thread: quickset.sh Released!

  1. #21
    Senior Member
    Join Date
    Jul 2011
    Posts
    236

    Default Re: melissabubble

    melissabubble,

    Glad to hear it worked for ya!

    Regarding the Alfa card..... I love my awus036h. I use it in windows and *nix, and it works perfecto. I would say to make sure you take real good care of the antenna, I had to purchase a 2nd one after I broke my first one by stepping on it (They are somewhat easy to break). If you broke it, you would definitely see a loss of packets and such. Regarding the Alfa:
    1) What antenna type do you have
    2) What connector are you using to connect the Alfa to the laptop?
    3) Do you have a good RSSI vs your signal strength?
    4) What is the distance between you and the access pt?
    5) Are you on a channel that has a lot of interference

    So much goes into getting good wIfI signal strength =)
    V/r,
    Snafu
    Pffbt..[quote]I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass.. [/quote]

  2. #22
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: quickset.sh Released!

    Hi snafu,

    Great script - I'm learning a lot from it.

    Suggestions

    Use a consistent symbol for the "proceed" menu option (currently every number from 3 to 9 is used!).

    Use airmon-zc. This will fix existing problems with airmon-ng for certain NICs, especially Intel. I don't think it introduces any new problems.

    For "Blackhole", its useful to default to something tempting when no probes are received eg
    Code:
     xterm -bg black -fg grey -sb -rightbar -title "Blackhole AP" -e airbase-ng -v -e "Free Public WiFi" -c $sac -P -C 60 $pii &
    With "Wireless Vacuum", I believe we will always enable kernel forwarding. Therefore this should be set automatically by the script, so the user doesn't need to navigate to a different menu.

    With ARPSpoof, it would be handy to see the routing info before filling in the variables eg ip route show.

    Ferret doesn't execute, needs the absolute path (/pentest/sniffers/hamster/ferret) adding to the script.

    There's a lot of mess (processes, interfaces etc) left behind after exit. Both yamas and easy-creds clean up nicely.

    Observations

    I do not see segmentation faults with airbase BT5R1 gnome 32, although it very occasionally stops responding. I have even successfully run SSLStrip through at0!

    Nmap 5.61-bt0 does not work:

    Code:
    rooroot@bt:~# nmap -T4 -F 192.168.10.100
    Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2011-12-23 23:00 EST
    route_dst_netlink: can't find interface "at0"
    
    root@bt:~# nmap -T4 -F 192.168.10.100 -e at0
    Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2011-12-23 20:43 EST
    I cannot figure out what source address to use for device at0, does it even exist?
    QUITTING!
    Fortunately autoscan, netifera, p0f, metasploit scanners and nessus all work perfectly on at0.

    I'm a long way behind you on the Bash learning curve. You have probably already considered all the above, but it would be interesting to hear your thoughts.

    Regards,
    Vulpi

  3. #23
    Senior Member
    Join Date
    Jul 2011
    Posts
    236

    Default Re: VulpiArgenti && Version 2.1 Release

    Ladies/Gents,

    First up ~~~~>Version 2.1 is out, grab a copy =)
    Changes added are things like:
    - Added DNSspoof'ing capabilities
    - Rearranged Quick Attack Menu
    - Changed "Proceed" option to "Continue" for usability. Prior method was a numbered system to where the higher decimal number would be the option to continue on. It was decided to use a constant variable as a method versus a changing number.
    - Exchange of backquotes for $() to prevent the user from seeing certain outputs

    VulpiArgenti,

    Thank you for taking the time to give me your thoughts on my script. I really appreciate the work you put into the post.

    Regarding your suggestions:
    • I have implemented your idea of using a consistent symbol for proceeding. It is now "C)ontinue"
    • I have not played with airmon-zc as of yet. I will look into this matter and address it at a later date. Are you saying that airmon-ng has issues kicking a NIC into monitor mode with some cards such as intel? I've never had a problem with airmon-ng myself, so I'd be curious to know. I always switch out the chipsets with appropriate atheros ones.
    • While I understand the idea of "defaulting" to an essid with probes and all, the idea behind having nothing selected was to cut down on the amount of management frames being sent out. The less traffic the better when it comes to using other proggies such as ngrep, tcpdump, nmap in addition to airbase-ng. Though I am now using a much more powerful box than I was when I designed quickset.sh (Originally designed with a netbook, if you look at the menus, you will notice they all fit nicely, even on an 8 inch screen....), I'd like to keep the memory usage as low as possible...
    • Your kernel forwarding idea was taken into consideration, and I met you halfway. quickset.sh will now ask the user if they would like to enable certain settings, if it finds that something is not setup ideally for a situation. This was a pretty big deal to me; users (myself included) have quick fingers, and with this being a pure text script, sometimes we tend to get ahead of ourselves and not have everything setup right. Eventually I will incorporate the check feature into all of the programs within quickset.sh. Thank you very much for that idea.
    • For arpspoof and the like, why would it be nice to display the routing information? Shouldn't the user already know that? I need more on your thoughts as to why it should be implemented please.
    • Regarding absolute paths... It is mentioned right up front. When you launch quickset.sh in bold green it says "Read Comments Prior to Usage". As such, if you read the comments you will find that there is a whole paragraph regarding the programs that should be in the users path. [i]I do not use absolute paths.[/] This is done due to the nature that other users might have a different setup than my own. I would rather them add a program to their path via .bashrc or the like, versus having them have to dig into the script to find all the instances of (and believe me, there are a lot) programs being called, and having to change them....
    • As far as the leftovers remaining behind, this was also done on purpose. A user might want to kill quickset.sh, but leave airodump-ng running in the background. If I instituted what you recommended, it goes against the idea of quickset.sh as a launching point. However, when the script was initially designed, this thought was taken into consideration and you will notice if you exit the script properly, it asks you if you would like to kill hidden processes. Right now the only hidden process that really occurs is the dhcp server. If your thoughts are things such as reverting IP tables or kernel forwarding back to what they were prior to launch, it is pretty impossible to do, too many variables to take into account on that, and when exiting quickset.sh, once again it would kill the launchpad idea.


    Regarding your observations:
    • Heh, I'm glad you didn't have any issues with Seg Faults. It bewildered the heck out of me for the longest time. Lucky for me when I switched to 64-bit, the problem went away.
    • Yep, SSLstrip rocks.... It will work though any interface as long as your packet forwarding is proper =)
    • NMAP.... hehe.. It took me some time to address this issue. It seems that the newer versions of nmap as found in the Back|Track repositories do not like "Virtual Interfaces". This was a big deal as well. It was also brought up in my latest post on this thread: http://www.backtrack-linux.org/forums/showthread.php?t=46090 The only solution I have found to this problem is to do
      Code:
      apt-get install nmap=5.51-bt8
      It is the newest version of nmap that still worked with virtual interfaces...


    And no my friend. I have definitely NOT considered all the above. It is only through the work of users like yourself and the diligent feedback that you provide that makes the "community" what it is. So thank you =)

    Oh yeah, Read the comments.... You've been kudo'd.

    Hmm. This might be a dilemma, I'm guessing here that perhaps comments is not the proper word to use... To me, how I was taught, a comment is a part of any program that is # out or -- or whatever syntax is used for incorporating words into a script without executing them. What I mean by comment usage is that the user open quickset.sh in a text editor and read all the parts that have #s. This was not to insult your intelligence by the way, I am just curious if you failed to read the comments, or did not know what I mean by reading the comments. Let me know, eh? It will help me to determine if I need to change the wording when quickset.sh launches, so that people know exactly what I mean..

    Cheers!
    Last edited by snafu777; 01-03-2012 at 06:53 PM. Reason: Wording Change
    V/r,
    Snafu
    Pffbt..[quote]I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass.. [/quote]

  4. #24
    Member melissabubble's Avatar
    Join Date
    Aug 2011
    Location
    c:\
    Posts
    85

    Default Re: quickset.sh Released!

    hey snafu777, there's a little boo boo on your script when you try to change your mac address. you have two (M) options. one for mac change and another for Main menu.

  5. #25
    Senior Member
    Join Date
    Jul 2011
    Posts
    236

    Default Re: melissabubble

    melissabubble,

    Nice catch, thank you !!!!!
    V/r,
    Snafu
    Pffbt..[quote]I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass.. [/quote]

  6. #26
    Senior Member
    Join Date
    Jul 2011
    Posts
    236

    Default Patch

    Version 2.1.1 is out. The problem was with the MAC change menu. See changes.txt for info.

    Thanks melissabubble.
    V/r,
    Snafu
    Pffbt..[quote]I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass.. [/quote]

  7. #27
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: quickset.sh Released!

    Hi snafu777,

    Thanks for the pointer about Nmap. I can confirm that after downgrading to 5.51-bt8, Nmap now works through at0.


    bold green it says "Read Comments Prior to Usage'
    Yes, these instructions are clear enough - I don't think you need to change it. I only mentioned ferret because all the other programs called are on the path of a standard BT install (I think. My installation is now not very standard!). It therefore seems "neat" to have the only outstanding program work by default, without the user modifying the script or their path. Absolutely not a big deal though.


    Are you saying that airmon-ng has issues kicking a NIC into monitor mode with some cards such as intel?
    Yes airmon-ng hangs with some of the newer Intel cards (which are otherwise very good). There are quite a few posts on this. Again, no biggie - any affected user can easily change the script to -zc for themselves.


    I take your point about "quickset" being a launching script, hence it makes sense not to close everything down on exit.


    Thanks for the kudos.
    Looking forward to future versions!
    Vulpi

  8. #28
    Senior Member
    Join Date
    Jul 2011
    Posts
    236

    Default Version 2.3

    Ladies/Gents,

    I'm proud to announce the newest release of quickset.sh, version 2.3!

    svn and Grab yerself a copy
    Code:
    svn checkout http://quickset.googlecode.com/svn/trunk/ quickset
    The new version includes some pretty cool changes and one or two tweaks:
    - Eterm has replaced xterm....Much more fancy and pretty
    - Fixed stickypot bug caused by lack of "if statement", which would automatically run no_dev--() without comparing it against $pii being null or not

    cheers!
    V/r,
    Snafu
    Pffbt..[quote]I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass.. [/quote]

  9. #29
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: quickset.sh Released!

    Hi snafu777,

    Adding dnsspoof is a great idea, although I think there are a couple of problems:
    Small boo-boo on line 1107, should perhaps read
    Code:
    dnsspoof_II--;;
    There seems to be no way to add the custom host file. This could be done by adding another variable for its location, or even write it to /temp from the script.

    Have you considered adding Reaver to the WPA attack tools (although must admit I haven't had much success with it)?

    Once the script has been completed, it will be ported over to a GUI via qt4-python as the interface.
    I presume you've looked at ghostphisher? I actually prefer a bash script so I can modify it myself. I suspect there are others who feel the same way.

  10. #30
    Senior Member
    Join Date
    Jul 2011
    Posts
    236

    Default Re: quickset.sh Released!

    VulpiArgenti,
    Adding dnsspoof is a great idea, although I think there are a couple of problems:
    Small boo-boo on line 1107, should perhaps read
    Code:

    dnsspoof_II--;;
    Fixed. Thank you for pointing it out.

    There seems to be no way to add the custom host file. This could be done by adding another variable for its location, or even write it to /temp from the script.
    As of now, there is not yet a custom host file function. I haven't gotten around to adding one in, if you come up with a cool way to do it, let me know and I'll throw it in, other than that it will have to wait till I can get around to it. Keep in mind, I do prefer not creating files of any kind, unless absolutely necessary, the preferable way would be to use a variable for the custom hosts file somehow.....

    Have you considered adding Reaver to the WPA attack tools (although must admit I haven't had much success with it)?
    I have not yet played with Reaver.. I will check into it when I can

    Once the script has been completed, it will be ported over to a GUI via qt4-python as the interface.
    I presume you've looked at ghostphisher? I actually prefer a bash script so I can modify it myself. I suspect there are others who feel the same way.
    That's an interesting take on it my friend. I figured most people wanted a GUI version of things. Perhaps I might keep it text-based....I'll see what the community would like...


    Cheers!
    V/r,
    Snafu
    Pffbt..[quote]I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass.. [/quote]

Page 3 of 8 FirstFirst 12345 ... LastLast

Similar Threads

  1. nmap 5.0 released
    By enonym in forum OLD Specialist Topics
    Replies: 7
    Last Post: 07-21-2009, 08:34 AM
  2. airoscript-2.0.11 released
    By msenoz in forum OLD Programming
    Replies: 6
    Last Post: 01-16-2009, 03:59 AM
  3. Slax 6 Now Released!
    By Re@lity in forum OLD Announcements
    Replies: 5
    Last Post: 04-04-2008, 10:03 PM
  4. NMAP 4.60 released
    By purehate in forum OLD Pentesting
    Replies: 8
    Last Post: 03-22-2008, 01:22 PM
  5. DNSenum v1.1 released
    By barbsie in forum OLD Programming
    Replies: 0
    Last Post: 03-03-2008, 09:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •