def add_vic():
"""this connects up another victim to the '1st' net so we can do things like dhcp/DNS spoofing"""
if w4sp.c('vic2'):
return 'ERROR'
NSROOT.register_ns('vic2', 'w4sp/labs:victims')
w4sp.c('vic2').connect(w4sp.c('sw1'))
return 'ok'
def wifi():
"""this sets up and configures the wireless docker
we are going to explicitly ignore the iw help and
screenscrape the output to get our interface names
this function is going to make a lot of assumptions
thar be dragons"""
#check if the wifi docker is already running
if w4sp.c('wifi'):
#if it check if the cleartext hostapd is running
if psef('hostapd_clear'):
return 'wifi already running', 404
#if hostapd isn't running lets start it
else:
w4sp.c('wifi').dexec('hostapd /hostapd_clear.conf')
return 'ok1'
#count of interfaces discovered and var for nic name
count = 0
phy = False
#our regex to find phy%d
match = re.compile('phy\d')
#get iw output
iwo = subprocess.check_output(['iw', 'list'])
for line in iwo.split():
#find they phy interface number
if match.search(line):
count += 1
phy = line.strip()
#check that we got one and only one phy
if count >= 2:
return 'got more than one phy interface, remove one wireless device', 500
if not phy:
return 'didn' 't find a valid phy, please check wifi device connection', 500
#we get here we should have a valid phy name
#we are going to spin up the wireless container
NSROOT.register_ns('wifi', 'w4sp/labs:wireless')
#connect wifi container to sw2
w4sp.c('wifi').connect(w4sp.c('sw2'))
#no we need to move our wifi nic into the container
cmd = 'iw phy %s set netns %s' % (phy, w4sp.c('wifi').pid)
try:
subprocess.call(cmd.split(' '))
#ugh, delaying so setup_wifi.py can catch the new interface :/
time.sleep(0.01)
w4sp.c('wifi').dexec('hostapd /hostapd_clear.conf')
return 'ok'
except:
return 'error moving wireless device to container', 500
def sploit():
"""this starts up and connects the sploitable instance"""
#if sploit is already created, just bail
if w4sp.c('sploit'):
return 'error', 404
#create the sploitable container and connect to sw2
NSROOT.register_ns('sploit', 'w4sp/labs:sploitable')
w4sp.c('sploit').connect(w4sp.c('sw2'))
return 'ok'
def elk():
"""this is just to start up ELK if we want to run it without the IPS"""
#if elk already exists, bail
if w4sp.c('elk'):
return 'error', 404
#other create and connect up elk
NSROOT.register_ns('elk', 'w4sp/labs:elk')
#connect elk container to sw2 container
w4sp.c('elk').connect(w4sp.c('sw2'))
return 'ok'
def mitm():
"""this connects vic3 to the root ns so we can mitm it"""
#should add a check to see if vic3 already exists
if w4sp.c('vic3'):
return 'ERROR'
NSROOT.register_ns('vic3', 'w4sp/labs:victims')
w4sp.c('vic3').connect(w4sp.ns_root)
for nic in netifaces.interfaces():
if 'root' in nic:
w4sp.r('ip link set $nic down')
w4sp.r('ip link set $nic name vic3')
w4sp.r('ip link set vic3 up')
return 'ok'
def ips():
"""this starts suricata if it isn't running"""
if psef('suricata'):
return 'error', 404
#if sw2 isn't even up then we need to bail
if not w4sp.c('sw2'):
return 'error', 404
#here I need to start up ELK, then suricata, then logstash
#check if ELK is running and if not start it
if not w4sp.c('elk'):
NSROOT.register_ns('elk', 'w4sp/labs:elk')
#connect elk container to sw2 container
w4sp.c('elk').connect(w4sp.c('sw2'))
#now start suricata on sw1
w4sp.c('sw1').dexec('suricata -i br0')
#also start up logstash
w4sp.c('sw1').dexec(
'/opt/logstash/bin/logstash -f /etc/logstash/conf.d/logstash.conf')
return 'ok'
