Pwnd2Pwnr Posted January 4, 2013 Posted January 4, 2013 (edited) What's up, HAk5? I have a simple question, and as I am writing this, I may resolve it... but any who, I got a n00b question for ya guys... I have recently been using crunch... more or less for phone numbers. So, I successfully crunched my local area code and phone numbers. ./crunch 10 10 -t 313%%%%%%% -o /home/SoE/Documents/313phone.txt = successful. ...but when I use f0ne.sh sudo bash ./f0ne.sh "dearborn, mi" > dearborn.txt = awk: run time error: regular expression compile failed (missing operand) ?number= FILENAME="" FNR=0 NR=0 I chmod'd the script... and I already declared which folder I want it to save at in the script... but never gets anything... what am I doing wrong? THanks in ADvance and here is the script: http://pastebin.com/v2jJHYZ2 Edited January 4, 2013 by Pwnd2Pwnr Quote
digip Posted January 4, 2013 Posted January 4, 2013 Im not much for bash or scripting but does the f0ne.sh read items in line by line? If so, does your command add a new line after each item? If not, it may see it as one long string and be like wtf are you trying to parse? Quote
Pwnd2Pwnr Posted January 5, 2013 Author Posted January 5, 2013 \\Here is the entire script// #!/bin/bash # ############################################################################ # US Phone Number Generator by DERV # ############################################################################ # HELP # run the program with -h for help # # ./f0ne.sh -h # ############################################################################ # # USES: # wget* # awk # sort** # uniq** # tr** # # *internet access is required # # **not necessary, but recommended # # ############################################################################ # # CHANGE LOG # # revision 6 changes: (8/22/10) # -command-line arguments! # -to run: ./f0ne.sh [city] [style] # -outputs only phone numbers instead of a file (so user can pipe to a file or aircrack) # -ex: ./f0ne.sh "albuquerque, nm" 2 # -this will create all alb numbers with style 555-666-1234 (- separators) # # # revision 5 changes: (8/18/10) # -can run independent of crunch - slower, but it works if crunch isn't available # -saves to 'name_of_city.txt' instead of generic 'phone.txt' # -leeto burrito ascii art # # revision 4 changes: # -removes duplicates for numbers that don't contain the area code (prefix only) # # revision 3 changes: # -aircrack-ng passthrough for WPA cracking (saves time/space) # -key is outputted to aircrack.txt and script stops immediately if key is found # # revision 2 changes: # -menu system to output certain phone number formats # -corrected error for cities with spaces in the name # ############################################################################ # # ToDo # receive city, format, aircrack info as arguments to be more linux-like # - just have if [[ $1 != ... everywhere! # ############################################################################ # # Note: # This script runs MUCH faster if crunch is installed! # program looks for crunch in directory /pentest/passwords/crunch/ # edit the line below if crunch is located elsewhere on your computer: # CRUNCH="/home/traie/crunch-3.4/" #CRUNCH="/derpderp/hurrdurr/./crunch" # for testing if user doesn't have crunch # # crunch can be found here: http://sourceforge.net/projects/crunch-wordlist/ # ############################################################################ # check if the user needs help if [[ $1 = 'h' ]] || [[ $1 = '--help' ]] || [[ $1 = '-h' ]] || [[ $1 = 'help' ]] || [[ $1 = '-help' ]]; then echo "" echo -e "\E[32m /" echo -e "\E[32m /\`\`/ \E[32mf 0 n e" echo -e "\E[32m /__/" echo -e "\E[32m /__/ \E[37mphone number generator" echo -e "\E[39m" echo "" echo -e "\E[37mabout:" echo -e "\E[39m" echo " Phone numbers are a common password choice." echo " Generating every 7-digit phone number for an area code leads to 10 million numbers." echo " There is a website that finds only valid numbers (areacode and prefix) for certain cities." echo " This program uses that website to generate customized lists of phone numbers." echo "" echo "" echo -e "\E[37mhow to use:" echo -e "\E[39m" echo " Enter the U.S. city, for example 'New York'." echo "" echo " Then enter what format you want the phone number stored." echo " 1) (555)444-####" echo " 2) 555-444-####" echo " 3) 555444####" echo " 4) 444-####" echo " 5) 444####" echo "" echo " f0ne will ask if you want to passthrough the results to aircrack-ng to crack WPA." echo " This feature is designed to save time and harddisk space." echo " Enter 'y' to select this option." echo " You will be prompted for the .CAP file containing a WPA handshake," echo " and the name (SSID) of the access point." echo "" echo " If you do not select aircrack-ng passthrough, f0ne will save the numbers to a file." echo "" echo "" echo -e "\E[37mnote:" echo " f0ne uses Crunch to generate phone numbers quickly." echo " The script defaults to /pentest/passwords/crunch/ to locate crunch" echo " If needed, edit f0ne.sh to change the crunch path (LINE 66)" echo "" echo " If crunch is not found, f0ne.sh uses a built-in script that is much slower than crunch." echo "" echo " f0ne also accepts command-line arguments!" echo -e " Usage: \E[39m./f0ne.sh \E[32m[CITY] [sTYLE]\E[37m" echo -e " Example: \E[39m./f0ne.sh \E[32m\"albuquerque, nm\" 5\E[37m" echo " When using command-line arguments, f0ne will only output the phone numbers and no other data," echo " so piping to a file is recommened:" echo -e " \E[39m./f0ne.sh \E[32m\"chicago, il\" 5 \E[36m> chicago.txt\E[37m" echo " This will write all the phone numbers to the file 'chicago.txt'" echo -e "\E[39m" exit 0 fi # trap term/keyboard interrupt signals trap ITSATRAP INT trap ITSATRAP TERM ITSATRAP() { killall aircrack-ng 2> /dev/null & 1> /dev/null if [[ $# -eq 0 ]]; then echo -e "\E[39m" echo -e "\E[31m[!] Keyboard interrupt; exiting\E[39m" fi exit 0 } # banner if [[ $# -eq 0 ]]; then # only print if user supplied no arguments echo "" echo -e "\E[32m /" echo -e "\E[32m /\`\`/ \E[32mf 0 n e" echo -e "\E[32m /__/" echo -e "\E[32m /__/ \E[37mphone number generator" echo -e "\E[39m" echo "" fi # check if user has crunch installed if [[ ! -f "$CRUNCH" ]]; then # crunch isn't found; use a built-in shell script instead # check if user is root; warn about not running as root (chmod!) if [[ `users` != 'root' ]] && [[ $# -eq 0 ]]; then echo "[+] It is recommened to run this script as root if you do not have crunch installed." echo -n "[?] Do you wish to continue? (y/n) " read ANSWER if [[ "${ANSWER}" = 'n' ]]; then exit 0; fi fi HAS_CRUNCH="0" # variable so we know if we are using CRUNCH or not if [[ $# -eq 0 ]]; then echo "" echo -e "\E[31m[!] \E[39mCrunch was not found." echo "[-] Creating temporary phone-number-generating script..." fi # create script that generates the last 4 phone numbers to the argument passed # as you can see, all this script does is echo (it's harmless) echo "#!/bin/bash trap ITSATRAP INT trap ITSATRAP TERM ITSATRAP() { exit 0 } PRE=\$1 COUNT=0 while [ \${COUNT} -lt 10000 ]; do TEMP=\${COUNT} if [ \${#TEMP} -eq 1 ]; then TEMP=\"000\${TEMP}\" elif [ \${#TEMP} -eq 2 ]; then TEMP=\"00\${TEMP}\" elif [ \${#TEMP} -eq 3 ]; then TEMP=\"0\${TEMP}\" fi echo \${PRE}\${TEMP} COUNT=\$((COUNT + 1)) done exit 0" > f0ne-crunch.sh # end of script # change permissions on this temporary script (so we can run it) chmod +x f0ne-crunch.sh # let user know what's up if [[ $# -eq 0 ]]; then echo -e "\E[33m[-] \E[39mNote: Temporary script f0ne-crunch.sh will be deleted on exit." fi CRUNCH="./f0ne-crunch.sh" ## old style would quit ; fuck that! ## echo "" ## echo "[!] Path to crunch not found! ($CRUNCH)" ## echo "[!] Please edit phone.sh Line 40 to the correct path to Crunch" ## exit else # if crunch is found, use it! (it's much faster than f0ne-crunch.sh) HAS_CRUNCH="1" fi if [[ $# -eq 0 ]]; then echo -n -e "\E[32m[+] \E[39mEnter a U.S. City (e.g. \E[32mchicago, il\E[39m): \E[32m" read CITY OUTFILE=$CITY # OUTFILE is the output file -- where the data is saved to OUTFILE=${OUTFILE// /} # strip out the spaces OUTFILE=${OUTFILE//[^a-zA-Z0-9]/} # leave only alphanumeric characters OUTFILE=`echo -n $OUTFILE | tr A-Z a-z` # convert to lowercase OUTFILE="${OUTFILE}.txt" # make it a txt file rm -rf ${OUTFILE} # remove the output file, just in case; so we don't 'stack' numbers together elif [[ $# -eq 1 ]]; then CITY=$1 STYLE=3 # default to [areacode][prefix][number] without any separators OUTFILE="/home/traie/do/Documents/" elif [[ $# -eq 2 ]]; then CITY=$1 STYLE=$2 # user gave us city and separator! OUTFILE="" else echo -e "\E[33m[+] \E[39mError: invalid amount of arguments" echo "" echo -e "\E[33m[+] \E[39mProper usage (with examples):" echo "" echo -e "\E[33m[+] \E[39m./f0ne.sh \E[32m[CITY]" echo -e "\E[33m[+] \E[39m ./f0ne.sh \E[32mchicago" echo -e "\E[33m[+] \E[39m ./f0ne.sh \E[32m\"chicago, il\"" echo "" echo -e "\E[33m[+] \E[39m./f0ne.sh \E[32m[CITY] [sTYLE]" echo -e "\E[33m[+] \E[39m ./f0ne.sh \E[32mchicago 3" echo -e "\E[33m[+] \E[39m ./f0ne.sh \E[32m\"chicago, il\" 3" echo "" exit 0 fi # change format of CITY (used for URL request) CITY=${CITY// /+} # website we use can't have spaces; use plus-signs (+) instead CITY=${CITY//,/+} # convert commas to spaces CITY=${CITY//[^a-zA-Z0-9+]/} # only alphanumeric characters (and plus signs!) CITY=`echo -n $CITY | tr A-Z a-z` # finally, lowercase if [[ $# -eq 0 ]]; then # phone number style menu echo -e "\E[39m" echo -e "[-] Select a phone number format:" echo "" echo -e " \E[32m1\E[39m) (555)555-5555 [13 chars]" echo -e " \E[32m2\E[39m) 555-555-1234 [12 chars]" echo -e " \E[32m3\E[39m) 5555555555 [10 chars]" echo -e " \E[32m4\E[39m) 555-1234 [ 8 chars]" echo -e " \E[32m5\E[39m) 5551234 [ 7 chars]" echo "" echo -n -e "\E[32m[+]\E[39m Enter a number between \E[32m1\E[39m and \E[32m5\E[39m: \E[32m" read STYLE fi # check if style (phone number formatting) is a valid menu option if [[ "$STYLE" -lt "1" ]] || [[ $STYLE -gt "5" ]]; then # if they picked something < 1 or > 5 echo -e "\E[31m[!] \E[39mInvalid menu number ($STYLE). Please use 1-5. \E[31mexiting.\E[39m" exit 0 fi # if we're not using command-line arguments... if [[ $# -eq 0 ]]; then # wpa passthrough question echo -e "\E[33m[?]\E[39m Do you want to passthrough the phone numbers into " echo -n -e " aircrack-ng to crack a WPA handshake capture file? (\E[32my\E[39m/\E[32mn\E[39m): \E[32m" read ANS # if they want to pass through to aircrack-ng... if [[ "$ANS" == "y" ]]; then # get .cap path echo "" echo -n -e "[+] Enter the \E[32mpath to the .cap file\E[39m containing a WPA handshake: \E[32m" read CAP echo -e "\E[39m" if [[ ! -f "$CAP" ]]; then # if the .cap file does not exist, gtfo CAP="" echo -e "\E[31m[!] \E[39mCAP file \E[31m\'${CAP}\' \E[39mnot found; defaulting output to \E[32m${OUTFILE}\E[39m" else # cap file exists, get the ESSID echo -n -e "[+] Enter the \E[32mESSID\E[39m of the access point: \E[32m" read ESSID fi # remove aircrack.txt now -- will contain if/when WPA key is found rm -f aircrack.txt else # if CAP="", then we will only output phone numbers to the OUTFILE; no passthrough CAP="" fi else CAP="" fi # delete temporary files rm -rf /tmp/page1.txt rm -rf /tmp/page2.txt # get html from site if [[ $# -eq 0 ]]; then echo -e "\E[39m" echo -e "\E[32m[+] \E[39mGathering area-code and prefix information using wget; please wait..." fi wget -q -O /tmp/page1.txt http://www.melissadata.com/lookups/phonelocation.asp?number=${CITY} # if wget returned invalid data or nothing at all... if [[ $(cat /tmp/page1.txt) = "" ]] || [[ ! -f /tmp/page1.txt ]]; then echo "" echo -e "\E[31m[!]\E[39m Unable to download phone numbers for city '${CITY}'; exiting" echo -e "\E[31m[!]\E[39m Unexpected errors occurred while accessing the following site:" echo -e "\E[31mhttp://www.melissadata.com/lookups/phonelocation.asp?number=${CITY}\E[39m" echo -e "\E[31m[!]\E[39m Check to make sure your internet connection is working and this URL provides relevant data." exit 0 fi # echo "[-] Prefixes gathered. Parsing..." # the next few lines are pretty ugly # i don't know much about awk, so I basically juggled the data between two files (page1.txt and page2.txt) # this is horrible code and I'm sure there's a one-line awk solution to this, but I wasn't able to find it... # grab the beginning of the phone numbers from page1, store in page2 awk ' BEGIN {FS = "?number=" } {print $2} ' /tmp/page1.txt >> /tmp/page2.txt rm /tmp/page1.txt # strip the end of the number (ignoring the trailing '0000' for each #) awk ' BEGIN {FS = "0000\"" } {print $1} ' /tmp/page2.txt >> /tmp/page1.txt rm /tmp/page2.txt # remove blank lines 'cause I suck at awk awk '$0!~/^$/ {print $0}' /tmp/page1.txt >> /tmp/page2.txt rm /tmp/page1.txt # if the user selected a menu item larger than 3... if [[ "${STYLE}" -gt "3" ]]; then # we don't need area code! while read Lines do # remove areacode from each line echo ${Lines:3} >> /tmp/page1.txt done < /tmp/page2.txt rm /tmp/page2.txt # remove duplicates -- this is possible for large cities where different areacodes have the same prefix! cat /tmp/page1.txt | sort | uniq > /tmp/page2.txt rm /tmp/page1.txt fi # at this point, /tmp/page2.txt contains all of the [area codes and] prefixes for the city # the following lines/loop counts how many prefixes there are # this is purely to let the user know how much longer the process will take COUNT=0 # COUNT will be the total amount of prefixes to generate CURRENT=0 # CURRENT keeps track of which prefix we are currently working on while read Line; do # go through every line in the prefix file COUNT=$((COUNT + 1)) # increment counter done < /tmp/page2.txt # stop at the end of the file # loop through every areacode/prefix while read Line do # if we are passing through to aircrack and we've cracked it, stop! if [[ ! "$CAP" == "" ]] && [[ -f "aircrack.txt" ]]; then break fi # sometimes the website returns only 3 digits (invalid numbers) # i hit this error briefly, might have been isolated, but still gonna check for it! if [[ "${STYLE}" -lt "4" ]] && [[ ${#Line} -eq 3 ]]; then continue # move onto the next one fi CURRENT=$((CURRENT + 1)) # increment counter of how many prefixes we've done # format the line to fit the style if [ $STYLE = '1' ]; then # Style: (###)###-@@@@ Line="(${Line:0:3})${Line:3}-" LEN=13 elif [ $STYLE = '2' ]; then # Style: ###-###-@@@@ Line="${Line:0:3}-${Line:3}-" LEN=12 elif [ $STYLE = '3' ]; then # Style: ######@@@@ Line=${Line} #nothing changes LEN=10 elif [ $STYLE = '4' ]; then # Style: ###-@@@@ Line="${Line}-" LEN=8 elif [ $STYLE = '5' ]; then # Style: ###@@@@ LEN=7 fi # now that we know the format, see if we are passing through to aircrack or OUTFILE if [[ ! "$CAP" == "" ]]; then # cap file exists, need to pass through to aircrack echo -e "\E[32m[+] \E[39mPassing through to aircrack-ng: \E[32m${Line}####\E[39m..." if [[ HAS_CRUNCH = '1' ]]; then ${CRUNCH} $LEN $LEN 0123456789 -t ${Line}@@@@ | aircrack-ng -l aircrack.txt -w - -e ${ESSID} ${CAP} else ${CRUNCH} "${Line}" | aircrack-ng -l aircrack.txt -w - -e ${ESSID} ${CAP} fi else # no cap file, just output to OUTFILE # if user didn't supply any arguments (we're in verbose mode) if [[ $# -eq 0 ]]; then echo -e "\E[32m[+] \E[39mGenerating phone numbers: \E[32m${Line}####\E[39m... (${CURRENT}/${COUNT})" if [[ HAS_CRUNCH -eq 1 ]]; then ${CRUNCH} $LEN $LEN 0123456789 -t ${Line}@@@@ >> "${OUTFILE}" else ${CRUNCH} "${Line}" >> "${OUTFILE}" fi else # user supplied arguments, ONLY OUTPUT VALID NUMBERS! if [[ HAS_CRUNCH -eq 1 ]]; then ${CRUNCH} $LEN $LEN 0123456789 -t ${Line}@@@@ else ${CRUNCH} "${Line}" fi fi fi done < /tmp/page2.txt # at this point, we're done generating! # delete temporary file containing area codes/prefixes rm /tmp/page2.txt if [[ ! "$CAP" == "" ]]; then # if we were trying to passthrough echo -n -e "\E[32m[!]\E[39m Finished! " if [[ -f "aircrack.txt" ]]; then # if we cracked it echo -e "\E[32mPassword found: " + $(cat aircrack.txt) echo -e "\E[32m[!] Saved to 'aircrack.txt'" else # if we didn't crack it echo -e "\E[31mPassword not found." fi else # if we were just generating phone numbers if [[ $# -eq 0 ]]; then echo "" echo -e "\E[32m[!] Finished;\E[39m results are saved in \E[32m${OUTFILE}\E[39m" fi fi # if we used the crunch script, delete it if [[ $HAS_CRUNCH -eq 0 ]]; then rm -rf f0ne-crunch.sh fi # print out a single white line so the next lines the user types/sees will be white (normal) if [[ $# -eq 0 ]]; then echo -e "\E[39m" fi exit 0 Quote
digip Posted January 5, 2013 Posted January 5, 2013 Maybe I should have rephrased my question..lol. Open "313phone.txt" or just tail the file, and tell me, is it one long string, or numbers on each line of their own? If its one long string and no line breaks, thats what I was more or less getting at and if thats why there was an error? Assuming the ./crunch command created the proper file is more or less what I am asking. Quote
Pwnd2Pwnr Posted January 5, 2013 Author Posted January 5, 2013 LOL... oopsy daisy... but yes... ./crunch does create the file. I have made several other "lists" in the past. Essentially, f0ne.sh is just being a dick. :) I was just thinking of scrapping the script because ./crunch does a great job in itself. I was just testing the wget feature to actually pull the active 313 exchanges... not just a list from 3130000001, 3130000002, etc. The script, from what I read, boasted the fact it would find active numbers... not just a Hugh Jass list. Quote
digip Posted January 5, 2013 Posted January 5, 2013 You run some kind of asterisk box at home or you actually using dial up? lol If you're looking for fun with phone and voip systems HD Moore has a tool for tracking voice systems and being able to listen in and capture/record calls, but I don't know if hes ever released the code publicly. I've seen him give talks about it in the past and building stats on voip systems which can be used, I assume, to pivot into a companies network. Quote
Pwnd2Pwnr Posted January 5, 2013 Author Posted January 5, 2013 (edited) The list has dual purposes... ;) *edit* TeleMarketers might not call back soon... Edited January 5, 2013 by Pwnd2Pwnr Quote
no42 Posted January 5, 2013 Posted January 5, 2013 You run some kind of asterisk box at home or you actually using dial up? lolIf you're looking for fun with phone and voip systems HD Moore has a tool for tracking voice systems and being able to listen in and capture/record calls, but I don't know if hes ever released the code publicly. I've seen him give talks about it in the past and building stats on voip systems which can be used, I assume, to pivot into a companies network. It was called warvox http://warvox.org Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.