mirror of
https://github.com/DanMcInerney/LANs.py.git
synced 2025-07-06 13:02:20 -07:00
updated to-do list, fixed minor stuff
This commit is contained in:
DanMcInerney
parent
ffd811048c
commit
c636b06b16
2 changed files with 28 additions and 27 deletions
45
LANs.py
45
LANs.py
|
|
@ -12,50 +12,53 @@ Prerequisites: Linux
|
||||||
|
|
||||||
Note: This script flushes iptables before and after usage.
|
Note: This script flushes iptables before and after usage.
|
||||||
|
|
||||||
To do: Add karma MITM technique
|
To do: 1. Rogue DHCP server
|
||||||
|
Refactor with lots of smaller functions
|
||||||
|
Mass wifi jammer
|
||||||
|
Cookie saver so you can browse using their cookies (how to use nfqueue with multiple queues?)
|
||||||
|
Add karma MITM technique
|
||||||
Add SSL proxy for self-signed cert, and make the script force a single JS popup saying there's a temporary problem with SSL validation and to just click through
|
Add SSL proxy for self-signed cert, and make the script force a single JS popup saying there's a temporary problem with SSL validation and to just click through
|
||||||
Add anticaching (just edit the headers)
|
Integrate with wifite
|
||||||
Ability to add option which will add a delay, allowing user to modify HTML/email/irc/usernames and passwords on the fly (how much interest is there in this?)
|
|
||||||
|
|
||||||
'''
|
'''
|
||||||
__author__ = 'Dan McInerney'
|
__author__ = 'Dan McInerney'
|
||||||
__license__ = 'BSD'
|
__license__ = 'BSD'
|
||||||
__contact__ = 'danhmcinerney with gmail'
|
__contact__ = 'danhmcinerney with gmail'
|
||||||
__version__ = 1.0
|
__version__ = 1.1
|
||||||
|
|
||||||
|
|
||||||
|
def module_check(module):
|
||||||
|
'''
|
||||||
|
Just for debian-based systems like Kali
|
||||||
|
'''
|
||||||
|
print module
|
||||||
|
ri = raw_input('[-] python-%s not installed, would you like to install now? (apt-get install -y python-%s will be run if yes) [y/n]: ' % (module, module))
|
||||||
|
if ri == 'y':
|
||||||
|
os.system('apt-get install -y python-%s' % module)
|
||||||
|
else:
|
||||||
|
exit('[-] Exiting due to missing dependency')
|
||||||
|
|
||||||
import os
|
import os
|
||||||
try:
|
try:
|
||||||
import nfqueue
|
import nfqueue
|
||||||
except Exception:
|
except Exception:
|
||||||
nfq = raw_input('[-] python-nfqueue not installed, would you like to install now? (apt-get install -y python-nfqueue will be run if yes) [y/n]: ')
|
module_check('nfqueue')
|
||||||
if nfq == 'y':
|
|
||||||
os.system('apt-get install -y python-nfqueue')
|
|
||||||
import nfqueue
|
import nfqueue
|
||||||
else:
|
|
||||||
exit('[-] Exiting due to missing dependency')
|
|
||||||
import logging
|
import logging
|
||||||
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
|
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
|
||||||
try:
|
try:
|
||||||
from scapy.all import *
|
from scapy.all import *
|
||||||
except Exception:
|
except Exception:
|
||||||
scpy = raw_input('[-] python-scapy not installed, would you like to install now? (apt-get install -y python-nfqueue will be run if yes) [y/n]: ')
|
module_check('scapy')
|
||||||
if scpy == 'y':
|
|
||||||
os.system('apt-get install -y python-scapy')
|
|
||||||
from scapy.all import *
|
from scapy.all import *
|
||||||
else:
|
|
||||||
exit('[-] Exiting due to missing dependency')
|
|
||||||
conf.verb=0
|
conf.verb=0
|
||||||
#Below is necessary to receive a response to the DHCP packets because we're sending to 255.255.255.255 but receiving from the IP of the DHCP server
|
#Below is necessary to receive a response to the DHCP packets because we're sending to 255.255.255.255 but receiving from the IP of the DHCP server
|
||||||
conf.checkIPaddr=0
|
conf.checkIPaddr=0
|
||||||
try:
|
try:
|
||||||
from twisted.internet import reactor
|
from twisted.internet import reactor
|
||||||
except Exception:
|
except Exception:
|
||||||
twstd = raw_input('[-] python-twisted not installed, would you like to install now? (apt-get install -y python-twisted will be run if yes) [y/n]: ')
|
module_check('twisted')
|
||||||
if twstd == 'y':
|
|
||||||
os.system('apt-get install -y python-twisted')
|
|
||||||
from twisted.internet import reactor
|
from twisted.internet import reactor
|
||||||
else:
|
|
||||||
exit('[-] Exiting due to missing dependency')
|
|
||||||
from twisted.internet.interfaces import IReadDescriptor
|
from twisted.internet.interfaces import IReadDescriptor
|
||||||
from twisted.internet.protocol import Protocol, Factory
|
from twisted.internet.protocol import Protocol, Factory
|
||||||
from sys import exit
|
from sys import exit
|
||||||
|
|
@ -255,9 +258,6 @@ class Parser():
|
||||||
body = r.text.encode('utf-8')
|
body = r.text.encode('utf-8')
|
||||||
except Exception:
|
except Exception:
|
||||||
payload.set_verdict(nfqueue.NF_ACCEPT)
|
payload.set_verdict(nfqueue.NF_ACCEPT)
|
||||||
# debugger = open('...', 'w')
|
|
||||||
# debugger.write(body)
|
|
||||||
# debugger.close()
|
|
||||||
|
|
||||||
# INJECT
|
# INJECT
|
||||||
if self.args.beef:
|
if self.args.beef:
|
||||||
|
|
@ -467,6 +467,7 @@ class Parser():
|
||||||
logger.write('[*] '+url+'\n')
|
logger.write('[*] '+url+'\n')
|
||||||
|
|
||||||
# Print search terms
|
# Print search terms
|
||||||
|
if self.args.post or self.args.urlspy:
|
||||||
self.searches(url, host)
|
self.searches(url, host)
|
||||||
|
|
||||||
#Print POST load and find cookies
|
#Print POST load and find cookies
|
||||||
|
|
|
||||||
|
|
@ -150,7 +150,7 @@ This script uses a python nfqueue-bindings queue wrapped in a Twisted IReadDescr
|
||||||
|
|
||||||
Injecting code undetected is a dicey game, if a minor thing goes wrong or the server the victim is requesting data from performs things in unique or rare way then the user won't be able to open the page they're trying to view and they'll know something's up. This script is designed to forward packets if anything fails so during usage you may see lots of "[!] Injected packet for www.domain.com" but only see one or two domains on the BEeF panel that the browser is hooked on. This is OK. If they don't get hooked on the first page just wait for them to browse a few other pages. The goal is to be unnoticeable. My favorite BEeF tools are in Commands > Social Engineering. Do things like create an official looking Facebook pop up saying the user's authentication expired and to re-enter their credentials.
|
Injecting code undetected is a dicey game, if a minor thing goes wrong or the server the victim is requesting data from performs things in unique or rare way then the user won't be able to open the page they're trying to view and they'll know something's up. This script is designed to forward packets if anything fails so during usage you may see lots of "[!] Injected packet for www.domain.com" but only see one or two domains on the BEeF panel that the browser is hooked on. This is OK. If they don't get hooked on the first page just wait for them to browse a few other pages. The goal is to be unnoticeable. My favorite BEeF tools are in Commands > Social Engineering. Do things like create an official looking Facebook pop up saying the user's authentication expired and to re-enter their credentials.
|
||||||
|
|
||||||
NOTE TO UBUNTU USERS: you will need to update/manually install nfqueue-bindings to version 0.4.3 due to the fact the version in Ubuntu's repo is 0.2. Alternatively just edit the Parser.start() function on line 135 from:
|
NOTE TO UBUNTU USERS: you will need to update/manually install nfqueue-bindings to version 0.4.3 due to the fact the version in Ubuntu's repo is 0.2. Alternatively just edit the Parser.start() function from:
|
||||||
|
|
||||||
def start(self, payload):
|
def start(self, payload):
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue