diff --git a/_example/example.js b/_example/example.js index e3d55125..f049bbb3 100644 --- a/_example/example.js +++ b/_example/example.js @@ -6,6 +6,10 @@ var fakeBSSID = random.Mac() function onDeauthentication(event) { var data = event.data; + + run('graph.to_dot ' + data.address1); + run('!dot -Tpng bettergraph.dot > /tmp/graph_deauth.png') + var message = '🚨 Detected deauthentication frame:\n\n' + 'Time: ' + event.time + "\n" + 'GPS: lat=' + session.GPS.Latitude + " lon=" + session.GPS.Longitude + " updated_at=" + session.GPS.Updated.String() + "\n\n" + @@ -17,17 +21,38 @@ function onDeauthentication(event) { // send to telegram bot sendMessage(message); + sendPhoto("/tmp/graph_deauth.png"); +} + +function onNewAP(event){ + var ap = event.data; + if(ap.hostname == fakeESSID) { + run('graph.to_dot ' + ap.mac); + run('!dot -Tpng bettergraph.dot > /tmp/graph_ap.png') + + var message = '🚨 Detected possible rogue AP:\n\n' + + 'Time: ' + event.time + "\n" + + 'GPS: lat=' + session.GPS.Latitude + " lon=" + session.GPS.Longitude + " updated_at=" + session.GPS.Updated.String() + "\n\n" + + 'AP: ' + ap.mac + ' (' + ap.vendor + ')'; + + // send to telegram bot + sendMessage(message); + sendPhoto("/tmp/graph_ap.png"); + } } function onHandshake(event){ var data = event.data; var what = 'handshake'; + run('graph.to_dot ' + data.station); + run('!dot -Tpng bettergraph.dot > /tmp/graph_handshake.png') + if(data.pmkid != null) { what = "RSN PMKID"; } else if(data.full) { what += " (full)"; - } else if(hand.half) { + } else if(data.half) { what += " (half)"; } @@ -39,21 +64,7 @@ function onHandshake(event){ // send to telegram bot sendMessage(message); -} - -function onNewAP(event){ - var ap = event.data; - if(ap.hostname == fakeESSID) { - log("DETECTED KARMA ATTACK!!!"); - // TODO: add reporting - } -} - -function onAnyEvent(event){ - // if endpoint.new or endpoint.lost, clear the screen and show hosts - if( event.tag.indexOf('endpoint.') === 0 ) { - // run('clear; net.show'); - } + sendPhoto("/tmp/graph_handshake.png"); } function onTick(event) { @@ -62,13 +73,18 @@ function onTick(event) { log("session script loaded, fake AP is " + fakeESSID); +// enable the graph module +run('graph on') + // create an empty ticker so we can run commands every few seconds run('set ticker.commands ""') run('set ticker.period 10') run('ticker on') + // enable recon and probing of new hosts run('net.recon on'); run('net.probe on'); + // enable wifi scanning run('set wifi.interface ' + wifiInterface); run('wifi.recon on'); @@ -80,7 +96,4 @@ onEvent('wifi.deauthentication', onDeauthentication); // register for wifi.client.handshake events onEvent('wifi.client.handshake', onHandshake); // register for wifi.ap.new events -onEvent('wifi.ap.new', onNewAP); - -// register for any event -onEvent(onAnyEvent); \ No newline at end of file +onEvent('wifi.ap.new', onNewAP); \ No newline at end of file diff --git a/_example/telegram.js b/_example/telegram.js index 3420c315..44db1ce9 100644 --- a/_example/telegram.js +++ b/_example/telegram.js @@ -1,4 +1,6 @@ function sendMessage(message) { + log(message); + var url = 'https://api.telegram.org/bot' + telegramToken + '/sendMessage?chat_id=' + telegramChatId + '&text=' + http.Encode(message); @@ -7,4 +9,10 @@ function sendMessage(message) { if( resp.Error ) { log("error while running sending telegram message: " + resp.Error.Error()); } +} + +function sendPhoto(path) { + var url = 'https://api.telegram.org/bot' + telegramToken + '/sendPhoto'; + var cmd = 'curl -s -X POST "' + url + '" -F chat_id=' + telegramChatId + ' -F photo="@' + path + '"'; + run("!"+cmd); } \ No newline at end of file