Permalink
Switch branches/tags
Nothing to show
Find file
Fetching contributors…
Cannot retrieve contributors at this time
executable file 149 lines (122 sloc) 3.6 KB
#!/usr/bin/env ksh
#`--------------------------------------------
#
# (W|H)all of Lame
#
#,-------------------------------------------
IFACE='wlan0'
DIR='/tmp'
FIFO='whol_pipe'
DSNIFF_FIFO='whol_dsniff_pipe'
VERBOSE=0
CHANNEL=0
PREF=$(iwconfig 2>/dev/null | egrep '^mon[0-9]+' | wc -l)
DPREFIX=/tmp/whol_tdump$PREF
destruct() {
if [[ "$STATUS" -gt 0 ]] ; then return; fi
echo "exitting.."
R=0
STATUS=$((STATUS+1))
[[ $1 ]] && kill $1
airmon-ng stop mon$PREF 2>/dev/null
rm $DIR/$FIFO$PREF
[[ $DSNIFF ]] && rm $DIR/$DSNIFF_FIFO$PREF
# TODO more sophisticated destruction..
[[ $DSNIFF ]] && pkill dsniff
}
usage() {
echo "(W|H)all of lame"
[[ $1 ]] && echo "[E] Error occured: $1"
echo -e "
Usage:
whol -c [wireless channel] <options>
Options:
-c, --channel <int> : Channel of open wifi networks
-i, --interface <str> : Wireless interface name
-f, --filter <str> : Pcap filter expression
-r, --relevance <float> : Filter output (default is 10)
-w, --write <str> : Write the original sniffed traffic to file (pcap format)
-t, --tmp-dest <str> : Destination of the temporary files generated by tcpdump - it is useful
when more than one whols running - default is /tmp/whol_tdump
-d, --dsniff : Enable dsniff
-v, --verbose : Verbose mode
-h, --help : Displays this
"
}
quit() {
usage "$1"
destruct $3
exit $2
}
ARGS=$(getopt -n whol -u -l \
channel:,\
help,\
verbose,\
interface:,\
tmp-dest:,\
write-file:,\
filter:,\
relevance:,\
dsniff \
c:s:r:t:f:i:w:hvd $*)
[[ $? != 0 ]] && {
usage
exit 1
}
set -- $ARGS
for i
do
case "$i" in
-c|--channel ) shift; CHANNEL=$1; shift;;
-v|--verbose ) shift; QUIET=1;;
-i|--interface ) shift; IFACE=$1; shift;;
-f|--filter ) shift; FILTER=$1; shift;;
-w|--write ) shift; W_FILE=$1; shift;;
-t|--tmp-dest ) shift; DPREFIX=$1$PREF; shift;;
-d|--dsniff ) shift; DSNIFF=1;;
-r|--relevance ) shift; RELEVANCE='-r '$1; shift;;
-h|--help ) shift; usage; exit 1;;
esac
done
redirect_stderr() {
# write your test however you want; this just tests if SILENT is non-empty
if [ "$VERBOSE" -eq 0 ]; then
"$@" > /dev/null
else
"$@"
fi
}
redirect_stderr airmon-ng start $IFACE $PREF
SNIFF_IFACE='mon'$PREF
mkfifo $DIR/$FIFO$PREF
[[ $(iwconfig 2>/dev/null | fgrep -c $SNIFF_IFACE) -eq 1 ]] || quit "interface not found" 2
[[ $CHANNEL -eq 0 ]] || iwconfig $IFACE channel $CHANNEL
tcpdump -w $DIR/$FIFO$PREF -i mon$PREF &
APID=$!
trap "destruct $APID" INT
#ettercap -T -d -m ettertest.log -r $FIFO
[[ $DSNIFF ]] && mkfifo $DIR/$DSNIFF_FIFO$PREF && dsniff -m -p $DIR/$DSNIFF_FIFO$PREF &
(cat $DIR/$FIFO$PREF |\
tee $([[ $DSNIFF ]] && echo -n $DIR/$DSNIFF_FIFO$PREF) $W_FILE | \
tcpdump -r - -C 1 -w $DPREFIX)&
# python ./splitpcap.20051126.py | \
TC=1
R=1
redirect_stderr rm $DPREFIX*
FILTERPREF=$(./tshark_parser.py -f)
while [ $R == 1 ] ; do
[[ ! -f "$DPREFIX$TC" ]] && { sleep 1; continue; }
if [[ $TC -eq 1 ]]; then
F=$DPREFIX
else
F=$DPREFIX$(( TC-1 ))
fi
[[ -f $F ]] && {
tshark -r $F -R \
"$FILTERPREF $([[ $FILTER ]] && echo -n ' and ('$FILTER')')" \
-T pdml 2>/dev/null && rm $F
}
TC=$(( $TC+1 ))
done | ./tshark_parser.py $RELEVANCE
R=0
destruct $APID