Exemple #1
0
    def _restore_deauthor_state(self):
        card = NetworkCard(self.running_interface)
        if card.get_mode() != self._previous_mode:
            card.set_mode(self._previous_mode)
            self._previous_mode = None

        self.running_interface = None
Exemple #2
0
    def start_sniffer(self, interface):
        """
        This method launches the necessary threads for the sniffing process.
        """
        self.running_interface = interface
        SessionManager().log_event(NeutralEvent("Starting AirScanner module."))
        try:
            card = NetworkCard(interface)
            if card.get_mode().lower() != 'monitor':
                card.set_mode('monitor')
        except:
            print "[-] Could not set card to monitor mode. Card might be busy."
            SessionManager().log_event(
                UnsuccessfulEvent(
                    "AirScanner start was aborted, unable to set card to monitor mode."
                ))
            return

        for plugin in self.plugins:
            plugin.pre_scanning()

        self.sniffer_running = True
        self.sniffing_thread = Thread(target=self.sniff_packets)
        self.sniffing_thread.start()

        hopper_thread = Thread(target=self.hop_channels)
        hopper_thread.start()
Exemple #3
0
    def start_sniffer(self, plugins = []):
        """
        This method starts the AirScanner sniffing service.
        """
        # Sniffing options
        if not self.air_scanner.sniffer_running:
            self.add_plugins(plugins, self.air_scanner, AirScannerPlugin)
            card = NetworkCard(self.configs["airscanner"]["sniffing_interface"])
            try:
                fixed_sniffing_channel = int(self.configs["airscanner"]["fixed_sniffing_channel"])
                if fixed_sniffing_channel not in card.get_available_channels():
                    raise
            except:
                print "Chosen operating channel is not supported by the Wi-Fi card.\n"
                return

            sniffing_interface = self.configs["airscanner"]["sniffing_interface"]
            if  sniffing_interface not in winterfaces():
                print "[-] sniffing_interface '{}' does not exist".format(sniffing_interface)
                return

            if not self.network_manager.set_mac_and_unmanage(sniffing_interface, card.get_mac(), retry = True):
                print "[-] Unable to set mac and unmanage, resetting interface and retrying."
                print "[-] Sniffer will probably crash."

            self.air_scanner.start_sniffer(sniffing_interface)

        else:
            print "[-] Sniffer already running"
Exemple #4
0
    def start_sniffer(self, plugins=[]):
        """
        This method starts the AirScanner sniffing service.
        """
        # Sniffing options
        if not self.air_scanner.sniffer_running:
            self.add_plugins(plugins, self.air_scanner, AirScannerPlugin)
            card = NetworkCard(
                self.configs["airscanner"]["sniffing_interface"])
            try:
                fixed_sniffing_channel = int(
                    self.configs["airscanner"]["fixed_sniffing_channel"])
                if fixed_sniffing_channel not in card.get_available_channels():
                    raise
            except:
                print "Chosen operating channel is not supported by the Wi-Fi card.\n"
                return

            sniffing_interface = self.configs["airscanner"][
                "sniffing_interface"]
            if sniffing_interface not in winterfaces():
                print "[-] sniffing_interface '{}' does not exist".format(
                    sniffing_interface)
                return

            if not self.network_manager.set_mac_and_unmanage(
                    sniffing_interface, card.get_mac(), retry=True):
                print "[-] Unable to set mac and unmanage, resetting interface and retrying."
                print "[-] Sniffer will probably crash."

            self.air_scanner.start_sniffer(sniffing_interface)

        else:
            print "[-] Sniffer already running"
Exemple #5
0
    def _restore_injection_state(self):
        try:
            card = NetworkCard(self.injection_interface)
            if card.get_mode().lower() != self._previous_mode:
                card.set_mode(self._previous_mode)
                self._previous_mode = None
        except: pass

        self.injection_interface = None
Exemple #6
0
    def _restore_injection_state(self):
        try:
            card = NetworkCard(self.running_interface)
            if card.get_mode().lower() != self._previous_mode:
                card.set_mode(self._previous_mode)
                self._previous_mode = None
        except:
            pass

        self.running_interface = None
Exemple #7
0
    def hop_channels(self):
        """
        Hops through the available channels to find more access points.
        """
        try:
            card = NetworkCard(self.running_interface)
            available_channels = card.get_available_channels()
            n_available_channels = len(available_channels)
            current_channel_index = 0
            while self.sniffer_running:
                try:
                    if self.configs["hop_channels"].lower() == "true":
                        if current_channel_index < n_available_channels:
                            card.set_channel(
                                available_channels[current_channel_index])
                        else:
                            card.set_channel(1)
                            current_channel_index = 0
                    else:
                        card.set_channel(
                            int(self.configs["fixed_sniffing_channel"]))

                    sleep(.25)
                except Exception:
                    pass

                current_channel_index += 1
        except Exception:
            pass  # The sniffer has already been aborted
Exemple #8
0
    def start_injection_attack(self, interface):
        self.injection_interface = interface
        card = NetworkCard(interface)
        current_mode = card.get_mode().lower()
        self._previous_mode = current_mode
        if not (current_mode == 'monitor' or current_mode == 'ap'):
            card.set_mode('monitor')

        self.injection_running = True
        injection_thread = Thread(target=self.injection_attack)
        injection_thread.start()
Exemple #9
0
    def post_scanning_configurations(self):
        # Escrever num ficheiro depois ler se for chamado no airhost
        card = NetworkCard(self.ap_interface)
        max_supported_access_points = card.get_number_of_supported_aps()
        print "Max aps: ", max_supported_access_points
        if self.max_access_points > max_supported_access_points:
            print "[-] max_access_points is higher than what card supports. Setting to {}".format(
                max_supported_access_points)
            self.max_access_points = max_supported_access_points

        self.aplauncher = APLauncher(self.hostapd_conf)
        self.dnsmasqhandler = DNSMasqHandler(self.dnsmasq_conf)
        rand_mac = "52:54:00:%02x:%02x:%02x" % (randint(0, 255), randint(
            0, 255), randint(0, 255))
        final_list = []
        if len(self.lonely_probes) < self.max_access_points:
            print "[+] Adding all requested ssids to hostapd configuration."
            for probe in self.lonely_probes:
                print "[+] Adding '{}' with hit_count '{}' to hostapd configuration".format(
                    probe, self.hit_count[probe])
            final_list = list(self.lonely_probes)
            SessionManager().log_event(
                NeutralEvent("Added all found probes to Karma list."))
        else:
            inverted_popular_ssids = {
                hit_count: ssid
                for ssid, hit_count in self.hit_count.iteritems()
            }
            ordered_popularity = sorted(inverted_popular_ssids.keys())[::-1]
            for i in ordered_popularity:
                popular_ssid = inverted_popular_ssids[i]
                final_list.append(popular_ssid)
                print "[+] Adding '{}' with hit_count '{}' to hostapd configuration".format(
                    popular_ssid, self.hit_count[popular_ssid])
                SessionManager().log_event(
                    NeutralEvent(
                        "Added '{}' to Karma list.".format(popular_ssid)))
                if len(final_list) == self.max_access_points:
                    break

        self.number_of_configured_nets = len(final_list)
        NetworkManager().set_mac_and_unmanage(self.ap_interface, rand_mac,
                                              True,
                                              self.number_of_configured_nets)

        self.dnsmasqhandler.set_captive_portal_mode(self.captive_portal)
        self.dnsmasqhandler.write_dnsmasq_configurations(
            self.ap_interface, card.get_ip(), [
                ".".join(card.get_ip().split(".")[:3] + ["2"]),
                ".".join(card.get_ip().split(".")[:3] + ["254"])
            ], ["8.8.8.8", "8.8.4.4"], len(final_list))

        self.aplauncher.write_hostapd_configurations(self.ap_interface,
                                                     final_list, rand_mac)
Exemple #10
0
    def start_sniffer(self, interface):
        self.running_interface = interface
        card = NetworkCard(interface)
        if card.get_mode() != 'monitor':
            card.set_mode('monitor')
        self.sniffing_thread = Thread( target=self.sniff_packets)
        self.sniffer_running = True
        self.sniffing_thread.start()

        hopper_thread = Thread( target=self.hop_channels)
        hopper_thread.start()
Exemple #11
0
    def start_deauthentication_attack(self, interface):
        # Restart services to avoid conflicts

        self.running_interface = interface
        card = NetworkCard(interface)
        current_mode = card.get_mode()
        self._previous_mode = current_mode
        if current_mode != 'monitor':
            card.set_mode('monitor')

        self.deauth_running = True
        deauth_thread = Thread(target=self.deauthentication_attack)
        deauth_thread.start()
Exemple #12
0
    def post_scanning_configurations(self):
        # Escrever num ficheiro depois ler se for chamado no airhost
        card = NetworkCard(self.ap_interface)
        max_supported_access_points = card.get_number_of_supported_aps()
        print "Max aps: ", max_supported_access_points
        if self.max_access_points > max_supported_access_points:
            print "[-] max_access_points is higher than what card supports. Setting to {}".format(max_supported_access_points)
            self.max_access_points = max_supported_access_points

        self.aplauncher         = APLauncher(self.hostapd_conf)
        self.dnsmasqhandler     = DNSMasqHandler(self.dnsmasq_conf)
        rand_mac = "52:54:00:%02x:%02x:%02x" % (randint(0, 255),
                                                randint(0, 255),
                                                randint(0, 255))
        final_list = []
        if len(self.lonely_probes) < self.max_access_points:
            print "[+] Adding all requested ssids to hostapd configuration."
            for probe in self.lonely_probes:
                print "[+] Adding '{}' with hit_count '{}' to hostapd configuration".format(probe,
                                                                                            self.hit_count[probe])
            final_list = list(self.lonely_probes)
            SessionManager().log_event(NeutralEvent("Added all found probes to Karma list."))
        else:
            inverted_popular_ssids = { hit_count : ssid for ssid, hit_count in self.hit_count.iteritems() }
            ordered_popularity = sorted(inverted_popular_ssids.keys())[::-1]
            for i in ordered_popularity:
                popular_ssid = inverted_popular_ssids[i]
                final_list.append(popular_ssid)
                print "[+] Adding '{}' with hit_count '{}' to hostapd configuration".format(popular_ssid,
                                                                                            self.hit_count[popular_ssid])
                SessionManager().log_event(NeutralEvent("Added '{}' to Karma list.".format(popular_ssid)))
                if len(final_list) == self.max_access_points:
                    break

        self.number_of_configured_nets = len(final_list)
        NetworkManager().set_mac_and_unmanage(  self.ap_interface,
                                                rand_mac,
                                                True,
                                                self.number_of_configured_nets)

        self.dnsmasqhandler.set_captive_portal_mode(self.captive_portal)
        self.dnsmasqhandler.write_dnsmasq_configurations(self.ap_interface,
                                                    card.get_ip(),
                                                    [   ".".join(card.get_ip().split(".")[:3] + ["2"]),
                                                        ".".join(card.get_ip().split(".")[:3] + ["254"])    ],
                                                    ["8.8.8.8", "8.8.4.4"],
                                                    len(final_list))

        self.aplauncher.write_hostapd_configurations(   self.ap_interface,
                                                        final_list,
                                                        rand_mac)
Exemple #13
0
 def post_start(self):
     # Wait for hostapd to setup all the access points
     sleep(1)
     card = NetworkCard(self.ap_interface)
     if card is not None:
         gateway = card.get_ip()
         for i in range(self.number_of_configured_nets - 1):
             interface_name = "{}_{}".format(self.ap_interface, i)
             if interface_name in pyw.winterfaces():
                 gateway = ".".join(gateway.split(".")[0:2] + [str(int(gateway.split(".")[2]) + 1)] + [gateway.split(".")[3]])
                 NetUtils().interface_config(interface_name, card.get_ip())
                 NetUtils().set_interface_mtu(interface_name, 1800)
                 NetUtils().accept_forwarding(interface_name)
     self.dnsmasqhandler.start_dnsmasq()
Exemple #14
0
    def hop_channels(self):
        """
        Hops through the available channels to find more access points.
        """
        try:
            card = NetworkCard(self.running_interface)
            available_channels = card.get_available_channels()
            n_available_channels = len(available_channels)
            current_channel_index = 0
            while self.sniffer_running:
                try:
                    if self.configs["hop_channels"].lower() == "true":
                        if current_channel_index < n_available_channels:
                            card.set_channel(available_channels[current_channel_index])
                        else:
                            card.set_channel(1)
                            current_channel_index = 0
                    else:
                        card.set_channel(int(self.configs["fixed_sniffing_channel"]))

                    sleep(.25)
                except Exception:
                    pass

                current_channel_index += 1
        except Exception:
            pass  # The sniffer has already been aborted
Exemple #15
0
    def _clean_quit(self, wait = True):
        self.sniffer_running = False
        for plugin in self.plugins:
            plugin.restore()
        del self.plugins[:]
        
        if wait:
            self.sniffing_thread.join() # The sniffing_thread will stop once it receives the next packet

        # Reset card operaing state to 'managed'
        if self.running_interface != None:
            card = NetworkCard(self.running_interface)
            if card.get_mode() != 'managed':
                card.set_mode('managed')

        self.running_interface = None
Exemple #16
0
 def post_start(self):
     # Wait for hostapd to setup all the access points
     sleep(1)
     card = NetworkCard(self.ap_interface)
     if card is not None:
         gateway = card.get_ip()
         for i in range(self.number_of_configured_nets - 1):
             interface_name = "{}_{}".format(self.ap_interface, i)
             if interface_name in pyw.winterfaces():
                 gateway = ".".join(
                     gateway.split(".")[0:2] +
                     [str(int(gateway.split(".")[2]) + 1)] +
                     [gateway.split(".")[3]])
                 NetUtils().interface_config(interface_name, card.get_ip())
                 NetUtils().set_interface_mtu(interface_name, 1800)
                 NetUtils().accept_forwarding(interface_name)
     self.dnsmasqhandler.start_dnsmasq()
Exemple #17
0
    def start_injection_attack(self, interface):
        SessionManager().log_event(NeutralEvent("Starting AirInjector module."))
        self.injection_interface = interface
        card = NetworkCard(interface)
        current_mode = card.get_mode().lower()
        self._previous_mode = current_mode
        if not (current_mode == 'monitor' or current_mode == 'ap'):
            try:
                card.set_mode('monitor')
            except:
                SessionManager().log_event(UnsuccessfulEvent("AirInjector start was aborted,"
                                                             " cannot set card to monitor mode."))
                return

        self.injection_running = True
        injection_thread = Thread(target=self.injection_attack)
        injection_thread.start()
Exemple #18
0
    def start_injection_attack(self, interface):
        SessionManager().log_event(
            NeutralEvent("Starting AirInjector module."))
        self.injection_interface = interface
        card = NetworkCard(interface)
        current_mode = card.get_mode().lower()
        self._previous_mode = current_mode
        if not (current_mode == 'monitor' or current_mode == 'ap'):
            try:
                card.set_mode('monitor')
            except:
                SessionManager().log_event(
                    UnsuccessfulEvent("AirInjector start was aborted,"
                                      " cannot set card to monitor mode."))
                return

        self.injection_running = True
        injection_thread = Thread(target=self.injection_attack)
        injection_thread.start()
Exemple #19
0
    def _clean_quit(self, wait = True):
        self.sniffer_running = False
        for plugin in self.plugins:
            plugin.post_scanning()
            plugin.restore()
        del self.plugins[:]

        if wait:
            self.sniffing_thread.join()  # The sniffing_thread will stop once it receives the next packet

        # Reset card operaing state to 'managed'
        if self.running_interface is not None:
            try:
                card = NetworkCard(self.running_interface)
                if card.get_mode().lower() != 'managed':
                    card.set_mode('managed')
            except: pass

        self.running_interface = None
Exemple #20
0
	def start_sniffer(self, interface, hop_channels=True, fixed_channel=7):
		self.running_interface = interface
		card = NetworkCard(interface)
		if card.get_mode() != 'monitor':
			card.set_mode('monitor')

		for plugin in self.plugins:
			plugin.pre_scanning()

		self.sniffer_running = True
		self.sniffing_thread = Thread( target=self.sniff_packets)
		self.sniffing_thread.start()

		if hop_channels:
			hopper_thread = Thread( target=self.hop_channels)
			hopper_thread.start()
		else:
			card = NetworkCard(interface)
			card.set_channel(fixed_channel)
Exemple #21
0
 def sniff_packets(self):
     card = NetworkCard(self.ap_interface)
     if card.get_mode() != "monitor":
         card.set_mode("monitor")
     try:
         sniff(iface=self.ap_interface, store=0, prn=self.handle_packet, stop_filter= (lambda pkt: self.should_stop))
     except Exception as e:
         print e
         print "[-] Exception occurred while sniffing on interface '{}'".format(self.ap_interface)
     self.should_stop = False
     if card.get_mode() != "managed":
         card.set_mode("managed")
Exemple #22
0
 def sniff_packets(self):
     card = NetworkCard(self.ap_interface)
     if card.get_mode() != "monitor":
         card.set_mode("monitor")
     try:
         sniff(iface=self.ap_interface,
               store=0,
               prn=self.handle_packet,
               stop_filter=(lambda pkt: self.should_stop))
     except Exception as e:
         print e
         print "[-] Exception occurred while sniffing on interface '{}'".format(
             self.ap_interface)
     self.should_stop = False
     if card.get_mode() != "managed":
         card.set_mode("managed")
Exemple #23
0
    def start_sniffer(self, interface):
        """
        This method launches the necessary threads for the sniffing process.
        """
        self.running_interface = interface
        SessionManager().log_event(NeutralEvent("Starting AirScanner module."))
        try:
            card = NetworkCard(interface)
            if card.get_mode().lower() != 'monitor':
                card.set_mode('monitor')
        except:
            print "[-] Could not set card to monitor mode. Card might be busy."
            SessionManager().log_event(UnsuccessfulEvent("AirScanner start was aborted, unable to set card to monitor mode."))
            return

        for plugin in self.plugins:
            plugin.pre_scanning()

        self.sniffer_running = True
        self.sniffing_thread = Thread( target=self.sniff_packets)
        self.sniffing_thread.start()

        hopper_thread = Thread( target=self.hop_channels)
        hopper_thread.start()
Exemple #24
0
	def __init__(self, ssid, running_interface, internet_interface, ignore_clients = []):
		super(SelfishWiFi, self).__init__()
		self.running_interface = running_interface
		self.ignore_clients = ignore_clients + ["ff:ff:ff:ff:ff:ff"]
		internet_interface_mac = NetworkCard(internet_interface).get_mac()
		if internet_interface_mac is not None:
			self.ignore_clients.append(internet_interface_mac)

		self.is_running = True
		self.general_deauth_attack_completed = False
		self.deauth_ssid = ssid
		self.deauth_bssids = set()
		self.clients_to_deauth = set()

		self.periodic_deauthenticator = Thread(target = self.periodic_attack)
		self.periodic_deauthenticator.start()
Exemple #25
0
    def hop_channels(self):
        # Hop through channels to get find more beacons
        try:
            card = NetworkCard(self.running_interface)
            while self.sniffer_running:
                current_channel = card.get_channel()
                if current_channel <= 12:
                    card.set_channel(current_channel + 1)
                else:
                    card.set_channel(1)

                sleep(1)
        except Exception as e:
            pass # The sniffer has already been aborted
Exemple #26
0
    def __init__(self, config):
        super(SelfishWiFi, self).__init__(config, "selfishwifi")
        self.running_interface = self.config["sniffing_interface"]
        self.ignore_clients = self.config["ignore_clients"] + ["ff:ff:ff:ff:ff:ff"]
        internet_interface_mac = NetworkCard(self.config["internet_interface"]).get_mac()
        if internet_interface_mac is not None:
            self.ignore_clients.append(internet_interface_mac)

        self.is_running = True
        self.general_deauth_attack_completed = False
        self.deauth_ssid = self.config["connected_network"]
        self.deauth_bssids = set()
        self.clients_to_deauth = set()

        self.periodic_deauthenticator = Thread(target = self.periodic_attack)
        self.periodic_deauthenticator.start()
Exemple #27
0
	def hop_channels(self):
		# Hop through channels to get find more beacons
		try:
			card = NetworkCard(self.running_interface)
			available_channels = card.get_available_channels()
			n_available_channels = len(available_channels)
			current_channel_index = 0
			while self.sniffer_running:
				try:

					if current_channel_index < n_available_channels:
						card.set_channel(available_channels[current_channel_index])
					else:
						card.set_channel(1)
						current_channel_index = 0

					sleep(.25)
				except Exception as e:
					pass

				current_channel_index += 1
		except Exception as e:
			pass # The sniffer has already been aborted
Exemple #28
0
 def pre_injection(self):
     card = NetworkCard(self.running_interface)
     card.set_channel(self.fixed_channel)
Exemple #29
0
 def start(self):
     card = NetworkCard(self.running_interface)
     #if card.get_mode() != 'monitor':
     #	card.set_mode('monitor')
     self.sniffer_thread = Thread(target=self.start_credential_sniffing)
     self.sniffer_thread.start()
Exemple #30
0
 def pre_injection(self):
     card = NetworkCard(self.running_interface)
     card.set_channel(self.fixed_channel)
Exemple #31
0
 def pre_deauth(self):
     card = NetworkCard(self.running_interface)
     card.set_channel(self.fixed_channel)
Exemple #32
0
    def start_sniffer(self, interface, hop_channels=True, fixed_channel=7):
        self.running_interface = interface
        try:
            card = NetworkCard(interface)
            if card.get_mode().lower() != 'monitor':
                card.set_mode('monitor')
        except:
            print "[-] Could not set card to monitor mode. Card might be busy."
            return

        for plugin in self.plugins:
            plugin.pre_scanning()

        self.sniffer_running = True
        self.sniffing_thread = Thread( target=self.sniff_packets)
        self.sniffing_thread.start()

        if hop_channels:
            hopper_thread = Thread( target=self.hop_channels)
            hopper_thread.start()
        else:
            try:
                card = NetworkCard(interface)
                card.set_channel(fixed_channel)
                if card.get_channel() == fixed_channel:
                    print "[+] Set fixed channel to {}".format(fixed_channel)
                else:
                    print "[-] Could not change channel, try unplugging your interface."
                    print "[/] Channel is on {}".format(card.get_channel())
            except:
                print "[-] Cannot set channel at the moment."