Skip to content

Commit

Permalink
Merge pull request #20 from InfamousSYN/develop
Browse files Browse the repository at this point in the history 
v2.0.0 update
  • Loading branch information
@InfamousSYN
InfamousSYN committed Jan 15, 2019
2 parents 05244d3 + 0bb5fab commit a97d013
Show file tree
Hide file tree
Showing 6 changed files with 3,257 additions and 1,455 deletions.
52 changes: 30 additions & 22 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ Usage
-----

```
usage: python rogue.py -I wlan0 -H g -C 6 --auth open --internet
usage: python rogue.py -i wlan0 -h g -c 6 -e rogue --auth open --internet
The Rogue Toolkit is an extensible toolkit aimed at providing penetration
testers an easy-to-use platform to deploy software-defined Access Points (AP)
Expand All @@ -30,16 +30,18 @@ using Rogue, penetration testers can easily perform targeted evil twin attacks
against a variety of wireless network types.
optional arguments:
-h, --help show this help message and exit
-w PCAP_FILENAME, --write PCAP_FILENAME
Write all collected wireless frames to a pcap file.
-m HOSTAPD_MANUAL_CONF, --manual HOSTAPD_MANUAL_CONF
Loads a custom hostapd config file instead of
dynamically generating a file
--internet Provide network access
--auth {open,wep,wpa-personal,wpa-enterprise}
Specify auth type. (Default: open)
--cert-wizard Use this flag to create a new RADIUS cert for your AP
--clone-wizard Used to clone a target website
--show-options Display configured options.
-I INTERFACE, --interface INTERFACE
-i INTERFACE, --interface INTERFACE
The phy interface on which to create the AP
hostapd configuration:
Expand Down Expand Up @@ -78,31 +80,33 @@ Attack Arguments:
file
IEEE 802.11 related configuration:
-B BSSID, --bssid BSSID
Specify access point BSSID
-E ESSID, --essid ESSID
Specify access point ESSID
-H {a,b,g,n,ac}, --hw-mode {a,b,g,n,ac}
-b BSSID, --bssid BSSID
Specify access point BSSID (Default:
00:11:22:33:44:00)
-e ESSID, --essid ESSID
Specify access point ESSID (Default: rogue)
-h {a,b,g,n,ac}, --hw-mode {a,b,g,n,ac}
Specify access point hardware mode (Default: g).
--freq {2,5} Specify the radio band to use (Default: 2GHz).
-C CHANNEL, --channel CHANNEL
-c CHANNEL, --channel CHANNEL
Specify access point channel. (Default: 0 - with ACS
to find an unused channel)
--country {AU,US} Configures of country of operation
--country {AD,AE,AF,AG,AI,AL,AM,AO,AQ,AR,AS,AT,AU,AW,AX,AZ,BA,BB,BD,BE,BF,BG,BH,BI,BJ,BL,BM,BN,BO,BQ,BQ,BR,BS,BT,BV,BW,BY,BZ,CA,CC,CD,CF,CG,CH,CI,CK,CL,CM,CN,CO,CR,CU,CV,CW,CX,CY,CZ,DE,DJ,DK,DM,DO,DZ,EC,EE,EG,EH,ER,ES,ET,FI,FJ,FK,FM,FO,FR,GA,GB,GD,GE,GF,GG,GH,GI,GL,GM,GN,GP,GQ,GR,GS,GT,GU,GW,GY,HK,HM,HN,HR,HT,HU,ID,IE,IL,IM,IN,IO,IQ,IR,IS,IT,JE,JM,JO,JP,KE,KG,KH,KI,KM,KN,KP,KR,KW,KY,KZ,LA,LB,LC,LI,LK,LR,LS,LT,LU,LV,LY,MA,MC,MD,ME,MF,MG,MH,MK,ML,MM,MN,MO,MP,MQ,MR,MS,MT,MU,MV,MW,MX,MY,MZ,NA,NC,NE,NF,NG,NI,NL,NO,NP,NR,NU,NZ,OM,PA,PE,PF,PG,PH,PK,PL,PM,PN,PR,PS,PT,PW,PY,QA,RE,RO,RS,RU,RW,SA,SB,SC,SD,SE,SG,SH,SI,SJ,SK,SL,SM,SN,SO,SR,SS,ST,SV,SX,SY,SZ,TC,TD,TF,TG,TH,TJ,TK,TL,TM,TN,TO,TR,TT,TV,TW,TZ,UA,UG,UM,US,UY,UZ,VA,VC,VE,VG,VI,VN,VU,WF,WS,YE,YT,ZA,ZM,ZW}
Configures of country of operation
--macaddr-acl {0,1,2}
Station MAC address -based authentication 0 = accept
unless in deny list 1 = deny unless in accept list 2 =
use external RADIUS (accept/deny will be searched
first) (Default: 0)
--mac-accept-file MACADDR_ACCEPT_FILE
Location of hostapd-wpe macaddr_acl accept file
(Default: rogue/tmp/hostapd.accept)
(Default: /home/rogue/tmp/hostapd.accept)
--mac-deny-file MACADDR_DENY_FILE
Location of hostapd-wpe macaddr_acl deny file
(Default: rogue/tmp/hostapd.accept)
(Default: /home/rogue/tmp/hostapd.accept)
--auth-algs {1,2,3} IEEE 802.11 specifies two authentication algorithms. 1
allows only WPA2 authentication algorithms. 2 is WEP.
3 allows both.
3 allows both. (Default: 3)
--wmm-enabled Enable Wireless Multimedia Extensions
--ieee80211d Enabling IEEE 802.11d advertises the country_code and
the set of allowed channels and transmit power levels
Expand All @@ -129,9 +133,9 @@ IEEE 802.11ac related configuration:
--vht-width {0,1,2,3}
VHT channel width (Default: 1).
--vht-operation {0,1}
Enable toggling between vht_oper_centr_freq_seg0_idx
and vht_oper_centr_freq_seg1_idx (Default: 1 for
vht_oper_centr_freq_seg0_idx).
Enable toggling between 0 for
vht_oper_centr_freq_seg0_idx and 1 for
vht_oper_centr_freq_seg1_idx (Default: 0).
--vht-index VHT_INDEX
Enables control of vht_oper_centr_freq_seg[0/1]_idx
index value (Default: 42).
Expand All @@ -155,13 +159,13 @@ WEP authentication configuration:
IEEE 802.1X-2004 configuration:
--ieee8021x Enable 802.1x
--eapol-version {1,2}
IEEE 802.1X/EAPOL version
IEEE 802.1X/EAPOL version (Default: 2)
--eapol-workaround EAPOL-Key index workaround (set bit7) for WinXP
Supplicant
RADIUS client configuration:
--log-badpass logs password if it's rejected
--log-goodpass logs password if it's correct
--no-log-badpass When set, incorrect passwords will not be logged
--no-log-goodpass When set, valid passwords will not be logged
--own-address OWN_IP_ADDR
The own IP address of the access point (Default:
127.0.0.1)
Expand All @@ -184,8 +188,12 @@ RADIUS client configuration:
1813)
--radius-proto {udp,tcp,*}
(Default: *)
--eap-type {fast,peap,ttls,tls,leap,pwd,md5,gtc}
(Default: md5)
--default-eap {fast,peap,ttls,tls,leap,pwd,md5,gtc}
Specify the default EAP method used in RADIUS
authentication. (Default: md5)
-E {all,fast,peap,ttls,tls,leap,pwd,md5,gtc}, --supported-eap {all,fast,peap,ttls,tls,leap,pwd,md5,gtc}
Specify the default EAP method used in RADIUS
authentication. (Default: md5)
--print-creds Print intercepted credentials
External DHCP configuration:
Expand All @@ -206,7 +214,7 @@ External DHCP configuration:
(Default: 10.254.239.1)
--secondary-interface SECONDARY_INTERFACE
Used to specify the second phy interface used to
bridge the hostapd-wpe interface (-I) with another
bridge the hostapd-wpe interface (-i) with another
network (Default: eth0)
--pool-start DHCP_POOL_START
(Default: 10.254.239.10)
Expand Down
25 changes: 23 additions & 2 deletions config.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
import argparse

# application version
__version__ = "1.1.3"
__version__ = "2.0.0"

# directory mapping
root_dir, conf_file = os.path.split(os.path.abspath(__file__))
Expand Down Expand Up @@ -33,6 +33,28 @@
private_pem = certs_dir + "/server.pem"
dh_file = certs_dir + "/dh"

# rogue options default values
rogue_bssid = "00:11:22:33:44:00"
rogue_essid = "rogue"
rogue_auth = "open"
rogue_hw_mode = "g"
rogue_channel = 0
rogue_default_frequency = 2
rogue_ht_mode = 0
rogue_auth_algs = 3
rogue_macaddr_acl = 0
rogue_default_eap_type = "md5"
rogue_default_eap_types = ['fast','peap','ttls','tls','leap','pwd','md5','gtc']
rogue_supported_eap_type = "md5"
rogue_supported_eap_types = ['all','fast','peap','ttls','tls','leap','pwd','md5','gtc']
rogue_country_options = ["AD", "AE", "AF", "AG", "AI", "AL", "AM", "AO", "AQ", "AR", "AS", "AT", "AU", "AW", "AX", "AZ", "BA", "BB", "BD", "BE", "BF", "BG", "BH", "BI", "BJ", "BL", "BM", "BN", "BO", "BQ", "BQ", "BR", "BS", "BT", "BV", "BW", "BY", "BZ", "CA", "CC", "CD", "CF", "CG", "CH", "CI", "CK", "CL", "CM", "CN", "CO", "CR", "CU", "CV", "CW", "CX", "CY", "CZ", "DE", "DJ", "DK", "DM", "DO", "DZ", "EC", "EE", "EG", "EH", "ER", "ES", "ET", "FI", "FJ", "FK", "FM", "FO", "FR", "GA", "GB", "GD", "GE", "GF", "GG", "GH", "GI", "GL", "GM", "GN", "GP", "GQ", "GR", "GS", "GT", "GU", "GW", "GY", "HK", "HM", "HN", "HR", "HT", "HU", "ID", "IE", "IL", "IM", "IN", "IO", "IQ", "IR", "IS", "IT", "JE", "JM", "JO", "JP", "KE", "KG", "KH", "KI", "KM", "KN", "KP", "KR", "KW", "KY", "KZ", "LA", "LB", "LC", "LI", "LK", "LR", "LS", "LT", "LU", "LV", "LY", "MA", "MC", "MD", "ME", "MF", "MG", "MH", "MK", "ML", "MM", "MN", "MO", "MP", "MQ", "MR", "MS", "MT", "MU", "MV", "MW", "MX", "MY", "MZ", "NA", "NC", "NE", "NF", "NG", "NI", "NL", "NO", "NP", "NR", "NU", "NZ", "OM", "PA", "PE", "PF", "PG", "PH", "PK", "PL", "PM", "PN", "PR", "PS", "PT", "PW", "PY", "QA", "RE", "RO", "RS", "RU", "RW", "SA", "SB", "SC", "SD", "SE", "SG", "SH", "SI", "SJ", "SK", "SL", "SM", "SN", "SO", "SR", "SS", "ST", "SV", "SX", "SY", "SZ", "TC", "TD", "TF", "TG", "TH", "TJ", "TK", "TL", "TM", "TN", "TO", "TR", "TT", "TV", "TW", "TZ", "UA", "UG", "UM", "US", "UY", "UZ", "VA", "VC", "VE", "VG", "VI", "VN", "VU", "WF", "WS", "YE", "YT", "ZA", "ZM", "ZW"]
rogue_vht_index = 1
rogue_vht_operations = 0
rogue_vht_index_options = 42
rogue_wpa_version = 2
rogue_eapol_version = 2
rogue_essid_mask = 0

# hostapd-wpe settings
hostapd_conf_file = "/hostapd-wpe.conf"
hostapd_conf_full = working_dir + hostapd_conf_file
Expand All @@ -48,7 +70,6 @@
hostapd_accept_file_full = working_dir + hostapd_accept_file
hostapd_deny_file = "/hostapd.deny"
hostapd_deny_file_full = working_dir + hostapd_deny_file
hostapd_country_options = ["AD", "AE", "AF", "AG", "AI", "AL", "AM", "AO", "AQ", "AR", "AS", "AT", "AU", "AW", "AX", "AZ", "BA", "BB", "BD", "BE", "BF", "BG", "BH", "BI", "BJ", "BL", "BM", "BN", "BO", "BQ", "BQ", "BR", "BS", "BT", "BV", "BW", "BY", "BZ", "CA", "CC", "CD", "CF", "CG", "CH", "CI", "CK", "CL", "CM", "CN", "CO", "CR", "CU", "CV", "CW", "CX", "CY", "CZ", "DE", "DJ", "DK", "DM", "DO", "DZ", "EC", "EE", "EG", "EH", "ER", "ES", "ET", "FI", "FJ", "FK", "FM", "FO", "FR", "GA", "GB", "GD", "GE", "GF", "GG", "GH", "GI", "GL", "GM", "GN", "GP", "GQ", "GR", "GS", "GT", "GU", "GW", "GY", "HK", "HM", "HN", "HR", "HT", "HU", "ID", "IE", "IL", "IM", "IN", "IO", "IQ", "IR", "IS", "IT", "JE", "JM", "JO", "JP", "KE", "KG", "KH", "KI", "KM", "KN", "KP", "KR", "KW", "KY", "KZ", "LA", "LB", "LC", "LI", "LK", "LR", "LS", "LT", "LU", "LV", "LY", "MA", "MC", "MD", "ME", "MF", "MG", "MH", "MK", "ML", "MM", "MN", "MO", "MP", "MQ", "MR", "MS", "MT", "MU", "MV", "MW", "MX", "MY", "MZ", "NA", "NC", "NE", "NF", "NG", "NI", "NL", "NO", "NP", "NR", "NU", "NZ", "OM", "PA", "PE", "PF", "PG", "PH", "PK", "PL", "PM", "PN", "PR", "PS", "PT", "PW", "PY", "QA", "RE", "RO", "RS", "RU", "RW", "SA", "SB", "SC", "SD", "SE", "SG", "SH", "SI", "SJ", "SK", "SL", "SM", "SN", "SO", "SR", "SS", "ST", "SV", "SX", "SY", "SZ", "TC", "TD", "TF", "TG", "TH", "TJ", "TK", "TL", "TM", "TN", "TO", "TR", "TT", "TV", "TW", "TZ", "UA", "UG", "UM", "US", "UY", "UZ", "VA", "VC", "VE", "VG", "VI", "VN", "VU", "WF", "WS", "YE", "YT", "ZA", "ZM", "ZW"]

# freeradius-wpe settings
freeradius_dir = "/usr/sbin"
Expand Down
184 changes: 184 additions & 0 deletions core/libs/conf_manager.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -199,6 +199,111 @@ class freeradius_eap_fast_conf(object):
path = config.freeradius_mods_dir_eap_full
template = freeradius_cnf.freeradius_eap_fast_conf

@classmethod
def configure(cls,
default_eap_type=None
):

assert default_eap_type is not None

try:
print("[+] Creating eap.conf file: %s" % cls.path)
with open(cls.path, 'w') as fd:
fd.write(cls.template %\
(default_eap_type))
except Exception as e:
print("[!] Error: %s" % e)
return 1

class freeradius_eap_md5_conf(object):

path = config.freeradius_mods_dir_eap_full
template = freeradius_cnf.freeradius_eap_md5_conf

@classmethod
def configure(cls,
default_eap_type=None
):

assert default_eap_type is not None

try:
print("[+] Creating eap.conf file: %s" % cls.path)
with open(cls.path, 'w') as fd:
fd.write(cls.template %\
(default_eap_type))
except Exception as e:
print("[!] Error: %s" % e)
return 1

class freeradius_eap_pwd_conf(object):

path = config.freeradius_mods_dir_eap_full
template = freeradius_cnf.freeradius_eap_pwd_conf

@classmethod
def configure(cls,
default_eap_type=None
):

assert default_eap_type is not None

try:
print("[+] Creating eap.conf file: %s" % cls.path)
with open(cls.path, 'w') as fd:
fd.write(cls.template %\
(default_eap_type))
except Exception as e:
print("[!] Error: %s" % e)
return 1

class freeradius_eap_leap_conf(object):

path = config.freeradius_mods_dir_eap_full
template = freeradius_cnf.freeradius_eap_leap_conf

@classmethod
def configure(cls,
default_eap_type=None
):

assert default_eap_type is not None

try:
print("[+] Creating eap.conf file: %s" % cls.path)
with open(cls.path, 'w') as fd:
fd.write(cls.template %\
(default_eap_type))
except Exception as e:
print("[!] Error: %s" % e)
return 1

class freeradius_eap_gtc_conf(object):

path = config.freeradius_mods_dir_eap_full
template = freeradius_cnf.freeradius_eap_gtc_conf

@classmethod
def configure(cls,
default_eap_type=None
):

assert default_eap_type is not None

try:
print("[+] Creating eap.conf file: %s" % cls.path)
with open(cls.path, 'w') as fd:
fd.write(cls.template %\
(default_eap_type))
except Exception as e:
print("[!] Error: %s" % e)
return 1

class freeradius_eap_peap_conf(object):

path = config.freeradius_mods_dir_eap_full
template = freeradius_cnf.freeradius_eap_peap_conf

@classmethod
def configure(cls,
default_eap_type=None,
Expand All @@ -225,6 +330,67 @@ def configure(cls,
print("[!] Error: %s" % e)
return 1

class freeradius_eap_ttls_conf(object):

path = config.freeradius_mods_dir_eap_full
template = freeradius_cnf.freeradius_eap_ttls_conf

@classmethod
def configure(cls,
default_eap_type=None,
private_key_file=None,
certificate_file=None,
ca_file=None,
dh_file=None,
ca_path=None
):

assert default_eap_type is not None
assert private_key_file is not None
assert certificate_file is not None
assert ca_file is not None
assert dh_file is not None
assert ca_path is not None

try:
print("[+] Creating eap.conf file: %s" % cls.path)
with open(cls.path, 'w') as fd:
fd.write(cls.template %\
(default_eap_type, private_key_file, certificate_file, ca_file, dh_file, ca_path))
except Exception as e:
print("[!] Error: %s" % e)
return 1

class freeradius_eap_tls_conf(object):

path = config.freeradius_mods_dir_eap_full
template = freeradius_cnf.freeradius_eap_tls_conf

@classmethod
def configure(cls,
default_eap_type=None,
private_key_file=None,
certificate_file=None,
ca_file=None,
dh_file=None,
ca_path=None
):

assert default_eap_type is not None
assert private_key_file is not None
assert certificate_file is not None
assert ca_file is not None
assert dh_file is not None
assert ca_path is not None

try:
print("[+] Creating eap.conf file: %s" % cls.path)
with open(cls.path, 'w') as fd:
fd.write(cls.template %\
(default_eap_type, private_key_file, certificate_file, ca_file, dh_file, ca_path))
except Exception as e:
print("[!] Error: %s" % e)
return 1

class hostapd_open_cnf(object):

Expand Down Expand Up @@ -534,6 +700,24 @@ def configure(cls,
print("[!] Error: %s" % e)
return 1

class hostapd_custom_cnf(object):
path = config.hostapd_conf_full

@classmethod
def configure(cls,
hostapd_location=None
):

assert hostapd_location is not None

try:
print("[+] Copying custom hostapd-wpe.conf file to default rogue hostapd-wpe.conf file:\r\n %s -> %s" % (hostapd_location, cls.path))
os.system('cp %s %s' % (hostapd_location, cls.path))
except Exception as e:
print("[!] Error: %s" % e)
return 1


class http_cnf(object):

path = config.http_conf_full
Expand Down
Loading

0 comments on commit a97d013

Please sign in to comment.