github/LANs.py
1
0
Fork 0
mirror of https://github.com/DanMcInerney/LANs.py.git synced 2025-08-20 21:43:26 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

nmap scanning and bug fixes

Browse source
This commit is contained in:
DanMcInerney 2013-10-31 15:00:34 -06:00
commit 364082c330
2 changed files with 229 additions and 99 deletions
Download patch file Download diff file Expand all files Collapse all files

28
README.md
View file

@ -3,36 +3,37 @@ intercept
Individually arpspoofs the target box, router and DNS server if necessary. Displays all most the interesting bits of their traffic. Cleans up after itself.
Example usage:
python intercept.py -u -p -d -w -ip 192.168.0.10
Example usage as root:
python intercept.py -u -p -d -ip 192.168.0.10
Output:
-u, URLs visited; truncates at 150 characters and filters image urls since they spam the output
-p, username/passwords for FTP/IMAP/POP/IRC/HTTP, POSTs made, all searches made
-p, username/passwords for FTP/IMAP/POP/IRC/HTTP, POSTs made, all searches made, and incoming/outgoing email and IRC messages sent
-d, see all images they view with driftnet
-w, writes the output to the running directory in intercept.log.txt
-ip, target this IP address
Running just intercept.py without -ip argument will arp scan the network and give you a choice of targets although my wifi-monitor.py script additionally shows data usage on the LAN allowing you to pick the most active target.
Running just intercept.py without -ip argument will display all the machines on the network and show how many data packets they're sending. This is highly dependant on your wireless card and your proximity to the other machines for the data packet accuracy.
All options:
python intercept.py -h
-s, strip SSL from sites with SSLstrip
-v, show verbose URLs which do not truncate at 150 characters like -u
-i INTERFACE, specify interface; default is first interface in `ip route`, eg: -i wlan0
-dns DOMAIN, DNS spoofing; race condition with router, will fix eventually, eg: -dns google.com
-dns DOMAIN, spoof the DNS of DOMAIN. e.g. -dns facebook.com will DNS spoof every DNS request to facebook.com or subdomain.facebook.com
-n, performs a quick nmap scan of the target
-na, performs an aggressive nmap scan in the background and outputs to [victim IP address].nmap.txt
Cleans the following on Ctrl-C:
@ -45,12 +46,5 @@ Cleans the following on Ctrl-C:
To do:
integrate https://github.com/DanMcInerney/wifi-monitor
change packet input from scapy to iptables' nfqueue like https://github.com/DanMcInerney/dnsspoof
integrate this project with wifite?
use twisted so we can use nfqueue as pkt input
add ability to read from pcap
Add ability to read from pcap file