From eb38dc481e5d9d9af53491a29bc1dd88d58060ba Mon Sep 17 00:00:00 2001 From: David Dworken Date: Sun, 9 Nov 2014 16:48:32 -0500 Subject: [PATCH 1/4] Fix misasignment of variables --- LANs.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/LANs.py b/LANs.py index 00fc44d..6730141 100755 --- a/LANs.py +++ b/LANs.py @@ -671,8 +671,8 @@ class Parser(): if self.args.urlspy: tempURL = url - tempURL.split("?")[0] #Strip all data (e.g. www.google.com/?g=5 goes to www.google.com/) - tempURL.strip("/") #Strip all / + tempURL = tempURL.split("?")[0] #Strip all data (e.g. www.google.com/?g=5 goes to www.google.com/) + tempURL = tempURL.strip("/") #Strip all / fileFilterList = ['.jpg', '.jpeg', '.gif', '.png', '.css', '.ico', '.js', '.svg', '.woff'] printURL = True # default to printing URL for fileType in fileFilterList: From 59ffefbccbfd16171b103053f66cc7e7763f3203 Mon Sep 17 00:00:00 2001 From: David Dworken Date: Sun, 9 Nov 2014 17:13:17 -0500 Subject: [PATCH 2/4] Filter out ad domains for URLSpy Final fix for #47 --- LANs.py | 40 ++++++++++++++++++++++------------------ 1 file changed, 22 insertions(+), 18 deletions(-) diff --git a/LANs.py b/LANs.py index 6730141..f3bdb34 100755 --- a/LANs.py +++ b/LANs.py @@ -126,19 +126,19 @@ def parse_args(): ############################### parser.add_argument("-s", "--skip", help="Skip deauthing this MAC address. Example: -s 00:11:BB:33:44:AA") parser.add_argument("-ch", "--channel", - help="Listen on and deauth only clients on the specified channel. Example: -ch 6") + help="Listen on and deauth only clients on the specified channel. Example: -ch 6") parser.add_argument("-m", "--maximum", help="Choose the maximum number of clients to deauth. List of clients will be emptied and repopulated after hitting the limit. Example: -m 5") parser.add_argument("-no", "--noupdate", help="Do not clear the deauth list when the maximum (-m) number of client/AP combos is reached. Must be used in conjunction with -m. Example: -m 10 -n", - action='store_true') + action='store_true') parser.add_argument("-t", "--timeinterval", help="Choose the time interval between packets being sent. Default is as fast as possible. If you see scapy errors like 'no buffer space' try: -t .00001") parser.add_argument("--packets", - help="Choose the number of packets to send in each deauth burst. Default value is 1; 1 packet to the client and 1 packet to the AP. Send 2 deauth packets to the client and 2 deauth packets to the AP: -p 2") + help="Choose the number of packets to send in each deauth burst. Default value is 1; 1 packet to the client and 1 packet to the AP. Send 2 deauth packets to the client and 2 deauth packets to the AP: -p 2") parser.add_argument("--directedonly", help="Skip the deauthentication packets to the broadcast address of the access points and only send them to client/AP pairs", - action='store_true') + action='store_true') parser.add_argument("--accesspoint", help="Enter the MAC address of a specific access point to target") return parser.parse_args() @@ -166,23 +166,24 @@ def LANsMain(args): ipr = Popen(['/sbin/ip', 'route'], stdout=PIPE, stderr=DN) ipr = ipr.communicate()[0] iprs = ipr.split('\n') - routerIP = None + ipr = ipr.split() + if args.routerip: + routerIP = args.routerip + else: + try: + routerIP = ipr[2] + except: + exit("You must be connected to the internet to use this.") for r in iprs: if '/' in r: IPprefix = r.split()[0] - if r.startswith('default'): - if not args.interface: - interface = r.split()[4] - if not args.routerip: - routerIP = r.split()[2] - if args.routerip: - routerIP = args.routerip - if not routerIP: - exit("[-] You must be connected to the internet to use this.") if args.interface: interface = args.interface + else: + interface = ipr[4] if 'eth' in interface or 'p3p' in interface: - exit('[-] Wired interface found as default route, please connect wirelessly and retry, or specify the active interface with the -i [interface] option. See active interfaces with [ip addr] or [ifconfig].') + exit( + '[-] Wired interface found as default route, please connect wirelessly and retry, or specify the active interface with the -i [interface] option. See active interfaces with [ip addr] or [ifconfig].') if args.ipaddress: victimIP = args.ipaddress else: @@ -670,14 +671,18 @@ class Parser(): logger.write('[*] ' + url + '\n') if self.args.urlspy: + fileFilterList = ['.jpg', '.jpeg', '.gif', '.png', '.css', '.ico', '.js', '.svg', '.woff'] + domainFilterList = ['adzerk.net', 'adwords.google.com', 'googleads.g.doubleclick.net', 'pagead2.googlesyndication.com'] tempURL = url tempURL = tempURL.split("?")[0] #Strip all data (e.g. www.google.com/?g=5 goes to www.google.com/) tempURL = tempURL.strip("/") #Strip all / - fileFilterList = ['.jpg', '.jpeg', '.gif', '.png', '.css', '.ico', '.js', '.svg', '.woff'] printURL = True # default to printing URL - for fileType in fileFilterList: + for fileType in fileFilterList: #Used to check if it is one of the blacklisted file types if tempURL.endswith(fileType): printURL = False #Don't print if it is one of the bad file types + for blockedDomain in domainFilterList: + if blockedDomain in tempURL: + printURL = False #Don't print if it is one of the blocked domains if printURL: if len(url) > 146: print '[*] ' + url[:145] @@ -1275,7 +1280,6 @@ def iwconfig(): DN = open(os.devnull, 'w') proc = Popen(['iwconfig'], stdout=PIPE, stderr=DN) for line in proc.communicate()[0].split('\n'): - print line if len(line) == 0: continue # Isn't an empty string if line[0] != ' ': # Doesn't start with space wired_search = re.search('eth[0-9]|em[0-9]|p[1-9]p[1-9]', line) From 64c37bcdca07b0f7b8dfbf1c7dd7e95bea69de5f Mon Sep 17 00:00:00 2001 From: David Dworken Date: Sun, 9 Nov 2014 17:18:29 -0500 Subject: [PATCH 3/4] Added tcpdump to dependency list --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 26021a2..6bf7c4d 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ LANs.py * Also can be used to continuously jam nearby WiFi networks. This has an approximate range of a 1 block radius, but this can vary based off of the strength of your WiFi card. This can be fine-tuned to allow jamming of everyone or even just one client. Cannot jam WiFi and spy simultaneously. -Prerequisites: Linux, python-scapy, python-nfqueue (nfqueue-bindings 0.4-3), aircrack-ng, python-twisted, BeEF (optional), nmap, nbtscan, and a wireless card capable of promiscuous mode if you don't know the IP of your target. +Prerequisites: Linux, python-scapy, python-nfqueue (nfqueue-bindings 0.4-3), aircrack-ng, python-twisted, BeEF (optional), nmap, nbtscan, tcpdump, and a wireless card capable of promiscuous mode if you don't know the IP of your target. Tested on Kali. In the following examples 192.168.0.5 will be the attacking machine and 192.168.0.10 will be the victim. From 51c467a97fd72e81a28ec8d8d6e1aa2d97c9ba3c Mon Sep 17 00:00:00 2001 From: David Dworken Date: Sun, 9 Nov 2014 17:39:19 -0500 Subject: [PATCH 4/4] Removed duplicate dependency --- LANs.py | 1 - 1 file changed, 1 deletion(-) diff --git a/LANs.py b/LANs.py index f3bdb34..b19af4f 100755 --- a/LANs.py +++ b/LANs.py @@ -64,7 +64,6 @@ from twisted.internet.protocol import Protocol, Factory from sys import exit from threading import Thread, Lock import argparse -import signal from base64 import b64decode from subprocess import * from zlib import decompressobj, decompress