Jump to content

[Script] FruitySniffer Alpha v1.0


JesseIZ

Recommended Posts

Ok, I was not able to get the script working, but I was able to download the zip file from the new website, and Win SCP it to the pineapple, and get it unzipped using what I learned from the install script. Here is my terminal.

#########################################################################################################################
## _______  _______          __________________          _______  _       _________ _______  _______  _______  _______ ##
##(  ____ \(  ____ )|\     /|\__   __/\__   __/|\     /|(  ____ \( (    /|\__   __/(  ____ \(  ____ \(  ____ \(  ____ )##
##| (    \/| (    )|| )   ( |   ) (      ) (   ( \   / )| (    \/|  \  ( |   ) (   | (    \/| (    \/| (    \/| (    )|##
##| (__    | (____)|| |   | |   | |      | |    \ (_) / | (_____ |   \ | |   | |   | (__    | (__    | (__    | (____)|##
##|  __)   |     __)| |   | |   | |      | |     \   /  (_____  )| (\ \) |   | |   |  __)   |  __)   |  __)   |     __)##
##| (      | (\ (   | |   | |   | |      | |      ) (         ) || | \   |   | |   | (      | (      | (      | (\ (   ##
##| )      | ) \ \__| (___) |___) (___   | |      | |   /\____) || )  \  |___) (___| )      | )      | (____/\| ) \ \__##
##|/       |/   \__/(_______)\_______/   )_(      \_/   \_______)|/    )_)\_______/|/       |/       (_______/|/   \__/##
#########################################################################################################################
Version : Alpha v1.0


Select from the following functions

Hit ctrl + c at any time to quit and clean up
  0    Clean up manually
  1    Sniff  Mails ,Messages,and URl's and files
  2    DNS Spoof, Capture All Packets
  3    Sniffing with Ettercap
  4    Install Dependencies
  5    Sniffing passwords over HTTPS(SSL) + HTTP FTP, IMAP , SMTP and more
  6    Exit
choice :

Oh ok i am going to continue trying to fix the installer.sh script and let me know what you think of FruitySniffer !

- Jesse

Link to comment
Share on other sites

  • Replies 81
  • Created
  • Last Reply

Top Posters In This Topic

Hey Jessel!

Just tried to do the install and encountered the same problem as overwraith. Tried to install on the SD, but something is up with the .zip

Going to try your second method

Configuring unzip.
 Install on USB or on SD?
SD
Archive:  FruitySniffer.zip
  End-of-central-directory signature not found.  Either this file is not
  a zipfile, or it constitutes one disk of a multi-part archive.  In the
  latter case the central directory and zipfile comment will be found on
  the last disk(s) of this archive.
unzip:  cannot find zipfile directory in one of FruitySniffer.zip or
        FruitySniffer.zip.zip, and cannot find FruitySniffer.zip.ZIP, period.
./Installer.sh: line 28: cd: /sd/FruitySniffer/: No such file or directory
chmod: FruitySniffer.sh: No such file or directory
open with : ./FruitySniffer.sh
Done
root@Pineapple:/sd# ls
FruitySniffer.zip  infusions          tmp                var
Installer.sh       lost+found         usr
root@Pineapple:/sd# unzip FruitySniffer.zip 
Archive:  FruitySniffer.zip
  End-of-central-directory signature not found.  Either this file is not
  a zipfile, or it constitutes one disk of a multi-part archive.  In the
  latter case the central directory and zipfile comment will be found on
  the last disk(s) of this archive.
unzip:  cannot find zipfile directory in one of FruitySniffer.zip or
        FruitySniffer.zip.zip, and cannot find FruitySniffer.zip.ZIP, period.
root@Pineapple:/sd# 

Edited by mw3demo
Link to comment
Share on other sites

Hey Jessel!

Just tried to do the install and encountered the same problem as overwraith. Tried to install on the SD, but something is up with the .zip

Going to try your second method

Configuring unzip.
 Install on USB or on SD?
SD
Archive:  FruitySniffer.zip
  End-of-central-directory signature not found.  Either this file is not
  a zipfile, or it constitutes one disk of a multi-part archive.  In the
  latter case the central directory and zipfile comment will be found on
  the last disk(s) of this archive.
unzip:  cannot find zipfile directory in one of FruitySniffer.zip or
        FruitySniffer.zip.zip, and cannot find FruitySniffer.zip.ZIP, period.
./Installer.sh: line 28: cd: /sd/FruitySniffer/: No such file or directory
chmod: FruitySniffer.sh: No such file or directory
open with : ./FruitySniffer.sh
Done
root@Pineapple:/sd# ls
FruitySniffer.zip  infusions          tmp                var
Installer.sh       lost+found         usr
root@Pineapple:/sd# unzip FruitySniffer.zip 
Archive:  FruitySniffer.zip
  End-of-central-directory signature not found.  Either this file is not
  a zipfile, or it constitutes one disk of a multi-part archive.  In the
  latter case the central directory and zipfile comment will be found on
  the last disk(s) of this archive.
unzip:  cannot find zipfile directory in one of FruitySniffer.zip or
        FruitySniffer.zip.zip, and cannot find FruitySniffer.zip.ZIP, period.
root@Pineapple:/sd# 

Hey !

Yeah the problem is that when i upload it and download it with wget it gets corrupted and i don't know why .

But let me know if the second method works ;) (that should work)

- Jesse

Link to comment
Share on other sites

Second method works. I might have an idea why the first way doesn't work. The filehost intentionally corrupts the zip to stop wget downloads? Dependency check has a bug:

Version : Alpha v1.0 


Select from the following functions

Hit ctrl + c at any time to quit and clean up
  0    Clean up manually 
  1    Sniff  Mails ,Messages,and URl's and files
  2    DNS Spoof, Capture All Packets
  3    Sniffing with Ettercap
  4    Install Dependencies
  5    Sniffing passwords over HTTPS(SSL) + HTTP FTP, IMAP , SMTP and more 
  6    Exit 
choice : 4
Installing Dependencies
./FruitySniffer.sh: line 388: sudo: command not found
./FruitySniffer.sh: line 389: sudo: command not found
./FruitySniffer.sh: line 390: sudo: command not found
./FruitySniffer.sh: line 391: sudo: command not found
./FruitySniffer.sh: line 392: sudo: command not found
Done!
Press RETURN for menu

Link to comment
Share on other sites

Second method works. I might have an idea why the first way doesn't work. The filehost intentionally corrupts the zip to stop wget downloads? Dependency check has a bug:

Version : Alpha v1.0 


Select from the following functions

Hit ctrl + c at any time to quit and clean up
  0    Clean up manually 
  1    Sniff  Mails ,Messages,and URl's and files
  2    DNS Spoof, Capture All Packets
  3    Sniffing with Ettercap
  4    Install Dependencies
  5    Sniffing passwords over HTTPS(SSL) + HTTP FTP, IMAP , SMTP and more 
  6    Exit 
choice : 4
Installing Dependencies
./FruitySniffer.sh: line 388: sudo: command not found
./FruitySniffer.sh: line 389: sudo: command not found
./FruitySniffer.sh: line 390: sudo: command not found
./FruitySniffer.sh: line 391: sudo: command not found
./FruitySniffer.sh: line 392: sudo: command not found
Done!
Press RETURN for menu

Fixing the bug right now!

And thanks for the info ;)

- Jesse

Link to comment
Share on other sites

Second method works. I might have an idea why the first way doesn't work. The filehost intentionally corrupts the zip to stop wget downloads? Dependency check has a bug:

Version : Alpha v1.0 


Select from the following functions

Hit ctrl + c at any time to quit and clean up
  0    Clean up manually 
  1    Sniff  Mails ,Messages,and URl's and files
  2    DNS Spoof, Capture All Packets
  3    Sniffing with Ettercap
  4    Install Dependencies
  5    Sniffing passwords over HTTPS(SSL) + HTTP FTP, IMAP , SMTP and more 
  6    Exit 
choice : 4
Installing Dependencies
./FruitySniffer.sh: line 388: sudo: command not found
./FruitySniffer.sh: line 389: sudo: command not found
./FruitySniffer.sh: line 390: sudo: command not found
./FruitySniffer.sh: line 391: sudo: command not found
./FruitySniffer.sh: line 392: sudo: command not found
Done!
Press RETURN for menu

Fixed the bug !

You can download it right now ;)

- Jesse

Link to comment
Share on other sites

Hey Jesse! Really appreciate your work! Just got home, I'll bug test this for the next couple hours/day on my network, and report back. One thing I rememeber on the way out (quickly tried the dependencies check), is sslstrip has a tendency to stay on even after CTRL + C/(0)"Clean up Manually". I had to stop SSLStrip manually via the pineapple web interface, and then rerun the script to stop errors.

I'll look into it deeper, commited to bug testing this all the way through.

Curiously (I am going to start with a fresh install to be sure.), when I "ls" inside /sd/ the Fruity folder is nowhere to be seen, but it is there if I use the "Go to folder" function. I have no idea if this is because of my setup or the folder gets hidden somehow? I'm going to throughly go over it over tonight.

Keep it up!

Link to comment
Share on other sites

Hey Jesse! Really appreciate your work! Just got home, I'll bug test this for the next couple hours/day on my network, and report back. One thing I rememeber on the way out (quickly tried the dependencies check), is sslstrip has a tendency to stay on even after CTRL + C/(0)"Clean up Manually". I had to stop SSLStrip manually via the pineapple web interface, and then rerun the script to stop errors.

I'll look into it deeper, commited to bug testing this all the way through.

Curiously (I am going to start with a fresh install to be sure.), when I "ls" inside /sd/ the Fruity folder is nowhere to be seen, but it is there if I use the "Go to folder" function. I have no idea if this is because of my setup or the folder gets hidden somehow? I'm going to throughly go over it over tonight.

Keep it up!

Hey ,

No problem , many awesome things to come ;)

Please let me know when you bugtested it .

Enjoy

- Jesse

Link to comment
Share on other sites

Hi Jesse, thanks for doing this. I wonder if you have plans to convert this into an Infusion. Most of the code you have is straight forward and having the system within the web interface goes along with the debs idea to keep things as simple as possible. I have mucked around with developing my own infusions with not bad luck. Open source is nice since we can look at how other (much better) debs do things within the interface. Anyway, keep it up, thanks for contributing.

PT

Link to comment
Share on other sites

Hi Jesse, thanks for doing this. I wonder if you have plans to convert this into an Infusion. Most of the code you have is straight forward and having the system within the web interface goes along with the debs idea to keep things as simple as possible. I have mucked around with developing my own infusions with not bad luck. Open source is nice since we can look at how other (much better) debs do things within the interface. Anyway, keep it up, thanks for contributing.

PT

Hey,

This script wont work as an infusion because it requires user interaction so i would have to make alot of scripts for each function which is possible but not easy to do and i am not good in writing php but maybe i can make it into an infusion ;)

- Jesse

Link to comment
Share on other sites

Hey Jesse,

Burning the midnight oil after a hectic day of shopping! Just retried the depencies check, works fine apart from mdk3:

Version : Alpha v1.0 


Select from the following functions

Hit ctrl + c at any time to quit and clean up
  0    Clean up manually 
  1    Sniff  Mails ,Messages,and URl's and files
  2    DNS Spoof, Capture All Packets
  3    Sniffing with Ettercap
  4    Install Dependencies
  5    Sniffing passwords over HTTPS(SSL) + HTTP FTP, IMAP , SMTP and more 
  6    Exit 
choice : 4
Installing Dependencies
Package ettercap (NG-0.7.3-3) installed in root is up to date.
Package dsniff (2.4b1-2) installed in root is up to date.
Unknown package 'mdk3'.
Collected errors:
 * opkg_install_cmd: Cannot install package mdk3.
Package sslstrip (0.9-1) installed in root is up to date.
Package tcpdump (4.2.1-3) installed in root is up to date.
Done!
Press RETURN for menu

I checked out opkg list and opkg list_installed and there is no mention of mdk3. Which I know has to be wrong. I therefore did and opkg update:

root@Pineapple:/sd/FruitySniffer# opkg update
Downloading http://cloud.wifipineapple.com/mk5/packages/Packages.gz.
Updated list of available packages in /var/opkg-lists/pineapple_packages.
root@Pineapple:/sd/FruitySniffer# opkg list
---Snip---
mdadm - 3.2.5-1 - A tool for managing Linux Software RAID arrays.
mdk3 - v6-1 - Tool to exploit wireless vulnerabilities
mdns-utils - 214.3.2-4 - Bonjour, also known as zero-configuration networking, enables
 automatic discovery of computers, devices, and services on
 IP networks.
---Snip---

Tried the check depencies again:

Installing Dependencies
Package ettercap (NG-0.7.3-3) installed in root is up to date.
Package dsniff (2.4b1-2) installed in root is up to date.
Installing mdk3 (v6-1) to root...
Downloading http://cloud.wifipineapple.com/mk5/packages/mdk3_v6-1_ar71xx.ipk.
Configuring mdk3.
Package sslstrip (0.9-1) installed in root is up to date.
Package tcpdump (4.2.1-3) installed in root is up to date.
Done!
Press RETURN for menu

An "opkg update" before the opkg install in FruitySniffer.sh should solve the problem.

Link to comment
Share on other sites

Found a bug with arpspoofing, I think.

I went ahead with the first option: Sniff Mails ,Messages,and URl's and files

Who do you want to arpspoof eg : 192.168.0.18
10.0.1.1  
Where do your want to save the output? Default = /sd/FruitySniffer/logs/logs.txt
arpspoof: invalid option -- r
Version: 2.4
Usage: arpspoof [-i interface] [-t target] host
^C

There is no -r option in arpspoof according to the man. In this case, I'm trying to arp the whole network, so I chose my router ip (Right thing to do?)

arpspoof -i br-lan 10.0.1.1

I opened up vim and saw at line 101:

 arpspoof -i $Interface -r $gateway -t $target &

I changed that to:

arpspoof -i $Interface $target &

Which gets things going but it just continues to arp and doesn't continue with the rest of the script:

Nmap done: 256 IP addresses (9 hosts up) scanned in 9.56 seconds
Who do you want to arpspoof eg : 192.168.0.18
10.0.1.1
Where do your want to save the output? Default = /sd/FruitySniffer/logs/logs.txt
0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx
0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx
0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx

I hit enter to see if that would do anything for the hell of it:

Write failed: Broken pipe
root:~ root$ 

Disconnected. Might be worth checking out yamas/easy-creds and compare, my dog tired mind can't figure it out/is doing something wrong.

As a request: An option to target an individual target via -t and the whole network would be nice via arpspoof.

I also tried running it without arpspoof, and connected via a Karma SSID. I checked a mail via my iPhone, and sent one, browsed two sites and quit the script. I checked the logs, urlsnarf works fine, but nothing from mailsnarf.

I apologise for this chaotic post, it's 4am here and it's been a hectic day, my brains burnt and so are my eyes! Will pick up on this tomorrow evening.

I also quickly tried via ettercap. The wget via mediafire is a bad idea, it pulls the config file as the hmtl page for the download page, rather than the actual file. I don't think they support wget in the manner tried here. Here is my 1iQbYYX file in /etc/

It appears you are using an older browser. For a better experience when using MediaFire, we recommend you upgrade your browser.
Help
Questions? Submit a ticket or visit our Help Center.
Additional help links: Contact Us Help with Web Help with Mobile Help with Desktop
Call us at 1-877-688-0068 to speak to a live representative.
YOUR SUPPORT CODE:

CLOSE
MediaFire
Overview Share Connect Backup Trusted More

etc

Time to sleep! :)

Link to comment
Share on other sites

Hey,

This script wont work as an infusion because it requires user interaction so i would have to make alot of scripts for each function which is possible but not easy to do and i am not good in writing php but maybe i can make it into an infusion ;)

- Jesse

If you were to put this into an infusion, you would have the options etc at the top of each section then have a link to execute the script based upon those options. Also you should have the output of the script located within the infusion. That said, your script, your choice. Have fun with it, that's the main thing.

Link to comment
Share on other sites

Found a bug with arpspoofing, I think.

I went ahead with the first option: Sniff Mails ,Messages,and URl's and files

Who do you want to arpspoof eg : 192.168.0.18
10.0.1.1  
Where do your want to save the output? Default = /sd/FruitySniffer/logs/logs.txt
arpspoof: invalid option -- r
Version: 2.4
Usage: arpspoof [-i interface] [-t target] host
^C

There is no -r option in arpspoof according to the man. In this case, I'm trying to arp the whole network, so I chose my router ip (Right thing to do?)

arpspoof -i br-lan 10.0.1.1

I opened up vim and saw at line 101:

 arpspoof -i $Interface -r $gateway -t $target &

I changed that to:

arpspoof -i $Interface $target &

Which gets things going but it just continues to arp and doesn't continue with the rest of the script:

Nmap done: 256 IP addresses (9 hosts up) scanned in 9.56 seconds
Who do you want to arpspoof eg : 192.168.0.18
10.0.1.1
Where do your want to save the output? Default = /sd/FruitySniffer/logs/logs.txt
0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx
0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx
0:13:37:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp reply 10.0.1.1 is-at 0:13:37:xx:xx:xx

I hit enter to see if that would do anything for the hell of it:

Write failed: Broken pipe
root:~ root$ 

Disconnected. Might be worth checking out yamas/easy-creds and compare, my dog tired mind can't figure it out/is doing something wrong.

As a request: An option to target an individual target via -t and the whole network would be nice via arpspoof.

I also tried running it without arpspoof, and connected via a Karma SSID. I checked a mail via my iPhone, and sent one, browsed two sites and quit the script. I checked the logs, urlsnarf works fine, but nothing from mailsnarf.

I apologise for this chaotic post, it's 4am here and it's been a hectic day, my brains burnt and so are my eyes! Will pick up on this tomorrow evening.

I also quickly tried via ettercap. The wget via mediafire is a bad idea, it pulls the config file as the hmtl page for the download page, rather than the actual file. I don't think they support wget in the manner tried here. Here is my 1iQbYYX file in /etc/

It appears you are using an older browser. For a better experience when using MediaFire, we recommend you upgrade your browser.
Help
Questions? Submit a ticket or visit our Help Center.
Additional help links: Contact Us Help with Web Help with Mobile Help with Desktop
Call us at 1-877-688-0068 to speak to a live representative.
YOUR SUPPORT CODE:

CLOSE
MediaFire
Overview Share Connect Backup Trusted More

etc

Time to sleep! :)

Hi!

Thanks for testing it !

I am trying to fix it all . i dont get arpspoof to run in the background so you need to open 2 ssh session for it to work right now srry ;(

- Jesse

Link to comment
Share on other sites

Hey Jesse,

Quick question, should the etter.conf be:

[privs]
ec_uid = 0 # nobody is the default
ec_gid = 0 # nobody is the default

iso

[privs]
ec_uid = 65534 # nobody is the default
ec_gid = 65534 # nobody is the default

To run as root? If anyone can tell me when it should and shouldn't be dropped to 0 that would be great! I have just been making it zero in everycase out of habit.

Link to comment
Share on other sites

  • 3 weeks later...

Hey Jesse,

Hope you enjoyed the holidays, and Happy New Year! Any update in the works?

Hey ,

Hope you enjoyed your holidays too ;)

I am working on a update but i dont have alot of ideas to put in the update like extra features or something .

But i did post an announcement of Fruity Cracker on the forum .

- Jesse

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...