帮酷LOGO
  • 显示原文与译文双语对照的内容
文章标签:WIFI  Sniffing  acc  PAC  PACK  Packet    poi  
Scripts to create your own MITM'ing, packet sniffing WiFi access point

  • 源代码名称:snifflab
  • 源代码网址:http://www.github.com/andrewhilts/snifflab
  • snifflab源代码文档
  • snifflab源代码下载
  • Git URL:
    git://www.github.com/andrewhilts/snifflab.git
  • Git Clone代码到本地:
    git clone http://www.github.com/andrewhilts/snifflab
  • Subversion代码到本地:
    $ svn co --depth empty http://www.github.com/andrewhilts/snifflab
    Checked out revision 1.
    $ cd repo
    $ svn up trunk
  • 设置 SNIFFLAB

    详细指南

    请参考在这里设置你自己的Snifflab网络的详细指南: https://openeffect.ca/snifflab-an-environment-for-testing-mobile-devices/

    sniffer.py-命令行 参数

    -i (specify the network interface)
    -s (specify the file size limit)
    -t (specify the time interval, in seconds, between new PCAP files)
    -f (specify a filename suffix to append to each PCAP.
    -u (specify a ssh username for a remote backup)
    -h (specify a ssh host for remote backup)
    -p (specify the path on the remote host for backup)

    wrt路由器上的防火墙规则发送流量到MITM代理

    确保网络接口( vlan1在这里) 正确。

    PROXYIP=your.proxy.ip
    iptables -t mangle -A PREROUTING -j ACCEPT -p tcp -m multiport --dports 80,443 -s $PROXYIP
    iptables -t mangle -A PREROUTING -j MARK --set-mark 3 -p tcp -m multiport --dports 80,443
    ip rule add fwmark 3 table 2
    ip route add default via $PROXYIP dev vlan1 table 2

    PCAP机器脚本

    /etc/network/interfaces

    auto lo
    iface lo inet loopback
    iface eth0 inet manual
    iface eth1 inet manual
    allow-hotplug wlan0
    iface wlan0 inet dhcp
    wpa-conf/etc/wpa_supplicant/wpa_supplicant.conf
    iface default inet dhcp
    auto bond0
    iface bond0 inet dhcp
    bond-mode 3
    bond-miimon 100
    slaves eth0 eth1

    /etc/wpa_supplicant/wpa_supplicant.conf

    ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
    update_config=1
    network={
     ssid=""
     psk=hashofyourpassword
     proto=RSN
     key_mgmt=WPA-PSK
     pairwise=TKIP
     auth_alg=OPEN
    }

    正在引导时使网络正常运行

    /etc/init.d/network.sh

    #!/bin/sh
    ### BEGIN INIT INFO
    # Provides: network.sh
    # Short-Description: Ensure WiFi as well as Ethernet interfaces are up
    # Description:
    # Default-Start: 2 3 4 5
    # Default-Stop: 0 1 6
    # Required-Start: $remote_fs $syslog
    # Required-Stop: $remote_fs $syslog
    ### END INIT INFO
    sudo ifplugd eth0 --kill
    sudo ifup wlan0
    sudo ifup eth0
    sudo ifup eth1
    sudo ifconfig eth1 promisc
    sudo ifconfig eth0 promisc
    exit 0

    在启动时开始捕获数据包。创建一个 嗅探器 服务

    /etc/init/sniffer.conf

    #sniffer.conf
    start on runlevel [2345]
    stop on runlevel [016]
    script
     cd/home/pi/snifflab
     exec python sniffer.py -i bond0 -s 100 -t 1200
    end script

    MITM代理服务

    mitm.conf

    start on filesystem
    script
     sudo iptables -A PREROUTING -t nat -i em1 -p tcp -m multiport --dports 80,443 -j REDIRECT --to-port 4567
     SSLKEYLOGFILE=/var/log/mitmkeys.log
     export SSLKEYLOGFILE
     echo"MITM Keys being logged here: $SSLKEYLOGFILE"
     exec mitmdump -T --host --conf=/etc/mitmproxy/common.conf
    end script

    将pcaps备份到本地计算机的脚本

    #!/bin/bash
    remote_server=yourservername
    pcap_dir=/pcaps
    keylogfile=/var/log/mitmkeys.log
    local_dir=~/Documents/snifflab
    rsync -a"$remote_server":$pcap_dir $local_dir
    scp"$remote_server":$keylogfile $local_dir


    文章标签:acc  PAC  PACK  scripts  poi    WIFI  Packet  

    Copyright © 2011 HelpLib All rights reserved.    知识分享协议 京ICP备05059198号-3  |  如果智培  |  酷兔英语