pineappleboy Posted November 12, 2015 Share Posted November 12, 2015 hi, at the wireless village at defcon, darren said the analyze.sh script he demo'd for the pineapple would be available on the hak5 forums. i've searched and don't see it, can someone point me to this? thanks, pineappleboy Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted November 13, 2015 Share Posted November 13, 2015 #!/bin/bash if [ -z "$1" ]; then echo "Usage: analyze.sh input_file output_file"; exit fi if [ ! -f oui-small.txt ] then echo "Downloading OUI Database" wget http://standards.ieee.org/regauth/oui/oui.txt echo "Database downloaded. Fixing up oui.txt" cat oui.txt | grep "base 16" | sed "s/(base 16)//g" | cut -c 3- | sed "s/\t//g" | sed "s/ / /g" > oui-small.txt fi echo -e "Processing PineAP Log\n" rm /tmp/analyze_tmp &>/dev/null rm $2 &>/dev/null while read i; do OUI=$(echo $i | awk {'print $7'} | cut -c 1-8 | sed "s/://g" | awk '{print toupper($0)}') grep $OUI oui-small.txt | awk {'print $2'} >> /tmp/analyze_tmp done < $1 unique_manufacturer=$(cat /tmp/analyze_tmp | awk '{print tolower($0)}' | sed "s/,//g" | sort | uniq | wc -l) printf "Unique:\n" >> $2 printf " Probes: " >> $2 && cat pineap.log | awk {'print $10'} | sed "s/'//g" | sort | uniq | wc -l >> $2 printf " Devices: " >> $2 && cat pineap.log | awk {'print $7'} | sort | uniq | wc -l >> $2 printf " OUIs: " >> $2 && cat pineap.log | awk {'print $7'} | sort | cut -c 1-8 | uniq | wc -l >> $2 printf "Manufacturers: $unique_manufacturer\n\n" >> $2 printf "Top 10 Manufacturers:\n" >> $2 cat /tmp/analyze_tmp | sed "s/,//g" | sort | uniq -c | sort -g -r | head -10 >> $2 printf "\nTop 10 Probe Requests:\n" >> $2 cat $1 | awk '{print $10}' | sort | uniq -c | sort -g -r | head -10 >> $2 cat $2 printf "\n" Here you go! Quote Link to comment Share on other sites More sharing options...
pineappleboy Posted November 16, 2015 Author Share Posted November 16, 2015 thanks man! Quote Link to comment Share on other sites More sharing options...
Dice Posted November 26, 2015 Share Posted November 26, 2015 i havent seen the presentation and cannot access their main page at the moment; is it listed on Youtube anywhere ? Quote Link to comment Share on other sites More sharing options...
barry99705 Posted November 26, 2015 Share Posted November 26, 2015 Pretty sure none of the latest defcon vids are out yet. Quote Link to comment Share on other sites More sharing options...
stewbeme Posted August 4, 2016 Share Posted August 4, 2016 Any idea why my output is missing the Top 10 items? I did notice the sort message below. root@Pineapple:~# ./analyze.sh pineap.log output5 Processing PineAP Log sort: unknown sort type Unique: Probes: 40 Devices: 1170 OUIs: 1058 Manufacturers: 0 Top 10 Manufacturers: Top 10 Probe Requests: root@Pineapple:~# Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.