Hi guys!

I am utterly new here on this forum (sorry if this is the wrong place) but I figured this would be a good place to share some interesting ideas of mine, so I thought I'd register.

You see I wrote this python program http://code.google.com/p/sapphi-re/ (it's called Sapphire, sorry if I stole an existing name but I liked it too much )

what it does it automates some everyday exploiting tasks allowing you to do a few things very quickly:

1) Create a wireless access point (airbase-ng) with specific ESSID, channel and other options WITH the option to route traffic from the virtual interface to another interface. This combined with (ip_forward) and the integration of (isc-)dhcp-server turns Sapphire into a - real access point! Basically a one line command to share your network to other people around.

2) Now the functionality of number 1) is probably implemented by someone somewhere already but wait, there's more! Sapphire has built-in DNS server so you can easily enable DNS spoofing on your newly created AP. No need to edit hosts file to mix up your own connections. The sapphire.dns file will hold the A records you wish to spoof and it can be updated realtime. Yes, Ettercap can already do this, but afaik it cannot redirect network reliably (it turns off ip_forward) and your DNS queries are actually only sent to Sapphire so no need to "send spoofed packets faster" than any real DNS server around. It is also more lightweight and doesn't need additional third party dns spoofing plugins (like ettercap) be present on the system.

3) Still not impressed? Well Sapphire can also work as an HTTP server. You can select the directory you wish the HTTP server to be run in (where you have your cloned websites) and maybe combine DNS spoofing with this attack. Or you can use the iptables routing function also implemented in Sapphire. This could also be achieved with SET but Sapphire is more lightweight and allows you to work with the index files. So you can custom edit your site to best fit your needs.

4) Other options include (if you have macchanger) mac cloning, so you can clone mac address for your wlan0 and mon0 should you not want to show your permanent MAC to the public.

It's written in Python so it's quite portable a wrapper program for all these different functionalities. With Sapphire and in one command you can basically:

*) Steal an existing ESSID and
*) Set up an access point that routes internet traffic and steals the clients of the AP making them connect to your computer instead (need to be closer to them than the AP though)
*) Send poisoned DNS replies to make connecting clients see whatever you want
*) Set up an HTTP server (to steal their credentials - ha!)

I hope you find it useful! I personally like it because it removes all the fuzz of working with .conf files and separate shells from the equation setting up everything automatically.