-
Notifications
You must be signed in to change notification settings - Fork 13
/
802.11evil
executable file
·235 lines (202 loc) · 4.94 KB
/
802.11evil
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
#!/usr/bin/env bash
#
# 802.11evil
#
# Create evil WiFi access point.
#
# Author: Emanuel Duss
#
set -o nounset
_red="$(tput setaf 1)"
_green="$(tput setaf 2)"
_reset="$(tput sgr0)"
echo_info(){ echo "${_green}[*] ${*}${_reset}" >&2; }
echo_error(){ echo "${_red}[#] ${*}${_reset}" >&2; }
print_usage(){
cat << EOI
Usage: 802.11evil [OPTION ...]
Program:
Create evil WiFi access point.
Options:
-l LAN interface (default: eth0)
-a Access Point interface (default: wlan0)
-i Access Point IP address (default: 192.168.42.1)
-s Access Point SSID (default: 802.11evil)
-p Access Point password (default: password)
-r Redirect on/off (default: off)
-f Redirect ports from (default: 80,443)
-t Redirect ports to (default: 8080)
EOI
}
check_dependencies(){
local fail=0
for command in "$@"
do
if ! hash "$command" &> /dev/null
then
echo_error "Command \"$command\" not found."
fail=1
fi
done
[[ "$fail" == 1 ]] && exit 1
}
parse_arguments(){
LAN_INTERFACE="eth0"
AP_INTERFACE="wlan0"
AP_ADDRESS="192.168.42.1"
SSID="802.11evil"
PASSWORD="password"
REDIRECT="off"
REDIRECTPORTS="80,443"
REDIRECTTO="8080"
while getopts l:i:a:s:p:rf:t:h name
do
case $name
in
l)
LAN_INTERFACE="$OPTARG"
;;
a)
AP_INTERFACE="$OPTARG"
;;
i)
AP_ADDRESS="$OPTARG"
;;
s)
SSID="$OPTARG"
;;
p)
PASSWORD="$OPTARG"
;;
r)
REDIRECT="on"
;;
f)
REDIRECTPORTS="$OPTARG"
;;
t)
REDIRECTTO="$OPTARG"
;;
h)
print_usage
exit
;;
?)
print_usage >&2
exit 1
;;
esac
done
}
# Always run exit_trap; only run exit_cleanup when set to 1
CLEANUP="0"
enable_cleanup(){ CLEANUP="1"; }
exit_trap(){
echo
echo_info "Stopping 802.11evil..."
[[ "${CLEANUP}" == "1" ]] && exit_cleanup
}
trap exit_trap EXIT
exit_cleanup(){
echo_info "Stopping dnsmasq..."
pkill dnsmasq
echo_info "Stopping hostapd..."
pkill hostapd
echo_info "Restoring network interface configuration..."
ip address flush "${AP_INTERFACE}"
base64 -d <<< "${INITIAL_AP_INTERFACE}" | ip address restore "${AP_INTERFACE}"
sysctl -q net.ipv4.ip_forward="${INITIAL_IPFORWARD}"
echo_info "Restoring iptables configuration..."
iptables-restore <(echo "${INITIAL_IPTABLES}")
echo_info "Stopped."
}
show_settings(){
echo_info "Configured LAN interface: ${LAN_INTERFACE}"
echo_info "Configured access point interface: ${AP_INTERFACE}"
echo_info "Configured access point IP address: ${AP_ADDRESS}"
echo_info "Configured SSID: ${SSID}"
echo_info "Configured password: ${PASSWORD}"
echo_info "Configured to redirect: ${REDIRECT}"
echo_info "Configured port(s) to redirect: ${REDIRECTPORTS}"
echo_info "Configured port to redirect to: ${REDIRECTTO}"
echo
}
check_preconditions(){
if [[ "$UID" != 0 ]]
then
echo_error "Program must be run as root."
exit 1
fi
}
save_initial_configuration(){
INITIAL_AP_INTERFACE="$(ip address save "${AP_INTERFACE}" | base64 -w0)"
INITIAL_IPFORWARD="$(sysctl -n net.ipv4.ip_forward)"
INITIAL_IPTABLES="$(iptables-save)"
}
configure_network(){
echo_info "Configure access point interface..."
ip address flush "${AP_INTERFACE}"
ip address add "${AP_ADDRESS}/24" dev "${AP_INTERFACE}"
ip link set dev "${AP_INTERFACE}" up
ip -br address list "${AP_INTERFACE}"
if [[ "${REDIRECT}" == "on" ]]
then
echo_info "Configure port redirects..."
for port in ${REDIRECTPORTS//,/ }
do
iptables -t nat -A PREROUTING -i "${AP_INTERFACE}" -p tcp --dport "$port" -j REDIRECT --to-port "${REDIRECTTO}"
done
iptables -nL -t nat | grep REDIRECT
else
echo_info "Not configured to redirect ports."
fi
}
configure_ap(){
echo_info "Starting hostapd..."
hostapd <(cat << EOI
interface=${AP_INTERFACE}
driver=nl80211
ssid=${SSID}
hw_mode=g
channel=6
wpa_passphrase=${PASSWORD}
wpa=1
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
wpa_ptk_rekey=600
macaddr_acl=0
EOI
) &
}
configure_dnsmasq(){
echo_info "Starting dnsmasq..."
local subnet
subnet="$(cut -d . -f 1-3 <<< "${AP_ADDRESS}")"
dnsmasq --no-daemon --interface "${AP_INTERFACE}" --bind-interfaces \
--dhcp-range="${subnet}.50,${subnet}.150" \
--log-dhcp --log-queries \
-C /dev/null &
}
configure_nat(){
echo_info "Configuring IP forwarding and NAT..."
sysctl -q -w net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -o "${LAN_INTERFACE}" -j MASQUERADE
iptables -P FORWARD ACCEPT
}
main(){
check_dependencies hostapd dnsmasq
parse_arguments "$@"
shift $((OPTIND - 1))
show_settings
check_preconditions
save_initial_configuration
enable_cleanup
configure_network
configure_ap
configure_dnsmasq
configure_nat
echo_info "Successfully set up 802.11evil."
echo_info "Press ^C (Ctrl-C) to stop 802.11evil."
read -r -d '' # Wait for ^C
}
main "$@"