Results 1 to 9 of 9

Thread: em3rgency update MITM script version 1.1

  1. #1
    Just burned their ISO em3rgency's Avatar
    Join Date
    Nov 2012
    Posts
    16

    Default em3rgency update MITM script version 1.1

    Hey all,

    I just updated My MITM script.



    Here is the download link.

    https://docs.google.com/open?id=0ByU...WE3bElnT1JqdlE


    VISIT http://em3rgency.com for script updates.

    Again make sure you are using the correct dhcp3-server 3.1.

    It should be fully functional. The script has everything you need on a fresh install of BT5r3 to make it compatible and ready to run.

    1. Prerequsites and Updates
    2. Run FAKE AP Static
    3. Run EVIL TWIN AP
    4. Run Standard ARP poison
    5. Netdiscover connected clients
    6. EXIT

    It will not work with ISC_DHCP_SERVER. You will need to do the following.

    THIS IS FOR any other OS besides BT5
    apt-get purge dhcp3-server
    apt-get purge dhcp3-common

    You will need to use this version of DHCP3 server
    http://www.mediafire.com/?oxgkgdio8ndjq5l
    http://www.mediafire.com/?p3g4maize6p60dy

    tar xzvf <FILENAME>
    tar xzvf <FILENAME>

    Enjoy!!! you can seriously pwn anyone on a network with this script. IT is fast!!! and reliable, I have had my FAKE_AP running for days without a crash!!!

    CHANGELOG,

    I added an option to edit etter.conf under prerequisites.

    I added an options to add your tunnel interface under prerequisites.

    Improved logging, this script Will save all of your ettercap, urlsnarf, and ssltrip logs to a folder in your root directory.

  2. #2
    Junior Member
    Join Date
    Jun 2011
    Location
    UK
    Posts
    45

    Default Re: em3rgency update MITM script version 1.1

    Very very nice script, i really like it, keep up the good work em3rgency

  3. #3
    Member m0j4h3d's Avatar
    Join Date
    Jan 2010
    Posts
    84

    Default Re: em3rgency update MITM script version 1.1

    nice one
    i use another scripts
    keep it boy
    ---> 3v3RY D4y P4ss3S 1 f0uNd N3W th1NGs <---
    Knowing how 2 use BT dsnt mean that u r hacker

  4. #4
    Just burned their ISO
    Join Date
    Dec 2012
    Posts
    2

    Default router ip and connected nic retrieval code

    Nice script man, loving the versatility of it.
    I have some bash code that I wrote that determines the users IP, nic and the router IP to variables.
    Maybe you would find it useful in this code
    cheers

    #!/bin/bash

    IPNUMF=$(ifconfig | grep Bcast)
    IPNUM=${IPNUMF:20:14} ###define the ip address
    #echo $IPNUM

    DECCOUNT="0"
    CHARPLACE="0"
    DECPLACE="1"

    while [ $DECCOUNT != "3" ] ###define the last decimal place
    do
    CHARPLACE=$(expr $CHARPLACE + 1)
    DECPLACE=$(expr $DECPLACE + 1)
    IPCHAR=${IPNUM:$CHARPLACE:1} ###this is the char by char scan code

    if [ $IPCHAR = "." ] ###define the decimal places
    then
    DECCOUNT=$(expr $DECCOUNT + 1)
    fi
    done
    ENET=${IPNUM:0:$DECPLACE} ###define the numbers up to the last decimal
    #echo "your network is: $ENET"
    NODENUM=${IPNUM:$CHARPLACE:3} ###define the numbers after last decimal
    #echo "your node is: $NODENUM"
    #NICF=$(/pentest/sniffers/intercepter-ng/intercepter_linux -h | grep "IP2" -B 2)
    #echo $NICF
    #NIC=${NICF:0:6}
    NICF=$(ifconfig | grep Bcast -B 1) ###define the connected interface
    NIC=${NICF:0:8}
    #echo $NIC

    AROUTR=$(route -n | grep $NIC)
    NODER=$(expr $DECPLACE + 3)
    ROUTRF=${AROUTR:16:$NODER}
    ROUTR=${ROUTRF:$DECPLACE:3}
    ROUTR=$(expr $ROUTR + 1)
    ROUTR=$(expr $ROUTR - 1)
    ROUTR=$ENET$ROUTR ###define the router ip

  5. #5
    Junior Member
    Join Date
    Jun 2011
    Location
    UK
    Posts
    45

    Default Re: em3rgency update MITM script version 1.1

    very nice script matty, works like a charm here, so thank you for the scrip em3rgency :-)

    keep the good work,

  6. #6
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: router ip and connected nic retrieval code

    Quote Originally Posted by badacid View Post
    Nice script man, loving the versatility of it.
    I have some bash code that I wrote that determines the users IP, nic and the router IP to variables.
    Maybe you would find it useful in this code
    cheers
    Code:
    #!/bin/bash
    
    IPNUMF=$(ifconfig | grep Bcast)                                 
        IPNUM=${IPNUMF:20:14}                                                               ###define the ip address
    #echo $IPNUM
                                                                        
    DECCOUNT="0"
    CHARPLACE="0"
    DECPLACE="1"
    
    while [ $DECCOUNT != "3" ]                                                              ###define the last decimal place
    do                                     
        CHARPLACE=$(expr $CHARPLACE + 1)
        DECPLACE=$(expr $DECPLACE + 1)
        IPCHAR=${IPNUM:$CHARPLACE:1}                                                        ###this is the char by char scan code
        
    	if [ $IPCHAR = "." ]                                                                ###define the decimal places
    		then
    		    DECCOUNT=$(expr $DECCOUNT + 1)
    	fi
    done
    ENET=${IPNUM:0:$DECPLACE}                                                               ###define the numbers up to the last decimal          
    #echo "your network is: $ENET"
    NODENUM=${IPNUM:$CHARPLACE:3}                                                           ###define the numbers after last decimal
    #echo "your node is: $NODENUM"
    #NICF=$(/pentest/sniffers/intercepter-ng/intercepter_linux -h | grep "IP2" -B 2)
    #echo $NICF
    #NIC=${NICF:0:6}   
    NICF=$(ifconfig | grep Bcast -B 1)                                                      ###define the connected interface
    NIC=${NICF:0:8}
    #echo $NIC  
                                               
    AROUTR=$(route -n | grep $NIC)
    NODER=$(expr $DECPLACE + 3)
    ROUTRF=${AROUTR:16:$NODER}
    ROUTR=${ROUTRF:$DECPLACE:3}
    ROUTR=$(expr $ROUTR + 1)
    ROUTR=$(expr $ROUTR - 1)
    ROUTR=$ENET$ROUTR                                                                       ###define the router ip
    You should chmod +x intercepter_linux, prior to running this.
    Also, this seems a bit overkill just to get those info ; i use
    Code:
    ip route show
    and then pipe it to awk according to what I need.

    em3rgency ; you don't need to use sudo in BackTrack.
    For you menu option, instead of using nested ifs, you should use case in. Here's an example from one of my scripts :
    Code:
    misc()
    {
    echo -e "\nHere are the miscellanous features.
    1. Image sniffing
    2. DNS spoofing
    3. Previous menu."
    read misc
    case $misc in
    	1) image_menu
    	   final ;;
    	2) choose_dns ;;
    	3) final ;;
    	*) echo "bad choice"
    	  misc ;;
    esac
    }
    Also, you reload the script from the begining with ./script.sh, which is not very recommendable. You should use a function like menu() and call it instead.
    It ressembles killadaninja's Airssl, but I guess there aren't infinite ways to do this. Yet, you use the same way of outputing everything to xterm with coloration, which is twice not necessary and the same way of storing PID to variables : & urlsnarfid=$!. If you did use some of his work, you should give him some credit.
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  7. #7
    Just burned their ISO em3rgency's Avatar
    Join Date
    Nov 2012
    Posts
    16

    Default Re: router ip and connected nic retrieval code

    thanks comaX I will see what I can do with what you recommended. I am new to bash scripting, I know its kinda sloppy. I am just happy is working at this point, I will clean it up later on.

    thanks for all the kind words guys. I hope to keep learning and sharing with the community.

    I think I did use killadaninja's airssl PID to variables, to test them out. I liked that functionality, as you can see i used killall a couple different ways in the script.

    merry christmas everyone!

  8. #8
    Just burned his ISO
    Join Date
    Feb 2011
    Posts
    4

    Default Re: em3rgency update MITM script version 1.1

    Em3rgency-
    I posted a thread in the general topics section about this, but since it pertains to your script, I thought I'd post it here. Hopefully you or someone may have an answer --

    I have a MITM attack set up in my lab using the Em3rgency 1.1 script.

    The attack runs fine for a couple minutes. I signed on with my iPhone and was able to test a login or two, which showed up in the log as it should. But after a little bit of activity, I get this error in my sslstrip window:

    http://i.imgur.com/5bZkTW7.jpg

    After which, the AP is no longer visible, and traffic no longer flows through the fake AP (webpages won't load, no more data is logged).

    I spent a fair amount of time googling this, and so far, I found mention that this error may refer to when a user forcibly terminates their connection on their end; that it's nothing to worry about. That doesn't appear to be the case here. I'm all ears(eyes) if anyone has any suggestions.

    This is a stock install of BT5r3 KDE x32 on a VM. I have run apt-get update/upgrade, (followed the setup directions in the thread) and that's about it. Any ideas? Thanks.

  9. #9
    Just burned their ISO em3rgency's Avatar
    Join Date
    Nov 2012
    Posts
    16

    Default Re: em3rgency update MITM script version 1.1

    Its really hard to tell, make sure sslstrip is installed. that error message happens sometimes.. but hasnt had any impact as far as I am aware. If it is a problem with the AP disappearing, then make sure aircrack-ng is updated! if it is a dhcp issue, make sure dhcp3 is running correctly or reinstall.

    Can A mod please add me to the forums, I have been here for 3 months, and I still cannot post without mod allowing it... its annoying.. I am trying to contribute to the community.
    Last edited by sickness; 01-30-2013 at 03:48 AM.

Similar Threads

  1. Backtrack 5 r3 Fake-AP MITM script! 100% working v1.0
    By em3rgency in forum BackTrack 5 Experts Section
    Replies: 26
    Last Post: 03-18-2013, 11:33 AM
  2. Building a script to update the version of snort on the system
    By da667 in forum BackTrack 5 Beginners Section
    Replies: 4
    Last Post: 08-31-2012, 03:29 PM
  3. Ettercap MiTM image replacement SCRIPT
    By akuj1n in forum BackTrack Howtos
    Replies: 0
    Last Post: 03-30-2011, 01:14 AM
  4. Another-other-other.... sslstrip mitm script
    By ro1ri in forum Beginners Forum
    Replies: 0
    Last Post: 02-07-2011, 07:09 AM
  5. Replies: 10
    Last Post: 07-12-2010, 03:04 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •