Br@d Posted December 16, 2016 Posted December 16, 2016 (edited) OK, I have not scripted anything in a number of years, and those scripts were either a batch file for powershell v1 and v2. I thought it would be fun to write a script that I could set to run at start up and use with a Raspberry Pi and the proper WiFi dongle to automatically capture open WiFi traffic based on the most active network. I would greatly appreciate the community taking a look at what I have and help me clean up and refine the code. <this is of course purely for educational purposes> I thinks this could also be converted to a useful pineapple module #/bin/bash # references the interface wlaninterface=wlan0mon # sets the base file name for the wireless survey recon=scouted # sets the file name for the pcap file to write too pcapfile=DaCapFile # sets the lenth of time to run the survey for - in seconds recontime=30s # sets the lenth of time to run the packet capture for - in seconds capturetime=600s # finds the open WiFi network with the most active traffic and get the channel number channel=$(grep -a 'OPN' $recon*.csv | sort -nrk11 | tail -1 | awk '{print $6}') # removes the comma from the output of the previous line ch=${channel::-1} #finds the open WiFi network with the most active traffic and get the ESSID network=$(grep -a 'OPN' $recon*.csv | sort -nrk11 | tail -1 | awk '{print $19}') # removes the comma from the output of the previous line ssid=${network::-1} # general house cleaning to remove previous captures rm $recon*.csv &> /dev/null rm $pcapfile*.cap &> /dev/null # setting wlan0 into monitor mode airmon-ng check kill airmon-ng start wlan0 # running the wireless survey airodump-ng -w $recon --output-format csv $wlaninterface &> /dev/null & sleep $recontime kill $! #running the packet capture airodump-ng -c $ch --essid $ssid -w $pcapfile --output-format pcap $wlaninterface &> /dev/null & sleep $capturetime kill $! Edited December 16, 2016 by Br@d Quote
bashincajun Posted December 31, 2016 Posted December 31, 2016 I looks fine to me. have you tested it yet? I was looking at doing something like this on one of my extra PIs. Quote
Br@d Posted December 31, 2016 Author Posted December 31, 2016 so far so good. The script works as is but with some caveats, so i'm going to make it more stable. I still have to figure our the best way to make it run automatically on power on :) Quote
Teabot 5000 Posted January 1, 2017 Posted January 1, 2017 On 31/12/2016 at 4:33 PM, Br@d said: so far so good. The script works as is but with some caveats, so i'm going to make it more stable. I still have to figure our the best way to make it run automatically on power on :) There's a few ways to get it running on boot. Imagine I saved the script as "coolScript.sh" in the /path_to_file/ directory. The quick way would be to add a line like the following to the /etc/rc.local file (above the "exit 0" in the rc.local file of course): /path_to_file/coolScript.sh || exit 1; The better way would be to add an init script by adding a new script to the "/etc/init.d/" folder that calls the script. The commands would be like so (Note: must be run as root): echo '#!/bin/sh' > /etc/init.d/runCoolScript echo '/path_to_script/coolScript.sh' >> /etc/init.d/runCoolScript chmod ugo+x /etc/init.d/runCoolScript update-rc.d runCoolScript defaults The top two lines could obviously be done in an editor instead or echoing them. Quote
Br@d Posted January 5, 2017 Author Posted January 5, 2017 ok so the script seemed to be working well on a test system running the Parrot distro but on my pi running Kali for ARM I get an error on line 22 ch=${channel::-1} which was used to removes the comma from the output of the previous line (which found the desired channel but had a comma at the end).. any thoughts Quote
Teabot 5000 Posted January 5, 2017 Posted January 5, 2017 50 minutes ago, Br@d said: ok so the script seemed to be working well on a test system running the Parrot distro but on my pi running Kali for ARM I get an error on line 22 ch=${channel::-1} which was used to removes the comma from the output of the previous line (which found the desired channel but had a comma at the end).. any thoughts Can you post the error that you get. Or are you saying that line just doesn't work? Quote
Br@d Posted January 5, 2017 Author Posted January 5, 2017 oops sorry... the error is "line 22: -1: substring expression < 0" but I just noticed that the was one error before that "grep: scouted*.csv: No such file or directory" It looks like it is trying to call the variables before the are actually called on ---- or something like that Quote
Teabot 5000 Posted January 5, 2017 Posted January 5, 2017 Maybe try adding in a condition after grep is run on the file, just in case the file doesn't exist. if [[ ! $channel ]]; then echo "Problem reading file $recon" exit 0 fi Does the file exist in the directory you called the script from? Also, try removing the "*" wild card symbol from the file name, or remove the ".csv" from the file name and have the line like so: network=$(grep -a 'OPN' $recon*.csv | sort -nrk11 | tail -1 | awk '{print $19}') I think I had problems putting a wild card into the middle of a filename before, so that could be the reason it can't grep the file :) Quote
Teabot 5000 Posted January 5, 2017 Posted January 5, 2017 I forgot to change the line, should look like this with the ".csv" gone from the filename: network=$(grep -a 'OPN' $recon* | sort -nrk11 | tail -1 | awk '{print $19}') Quote
Br@d Posted January 5, 2017 Author Posted January 5, 2017 those files are actually created with line #33 # running the wireless survey airodump-ng -w $recon --output-format csv $wlaninterface &> /dev/null & on parrot system (currently dead) do not try to call those variables until they actually called into action later in the script after the relevant content was created. They should just be defined at the start but seem to be called on instead... is that possible? Quote
Jason Cooper Posted January 6, 2017 Posted January 6, 2017 Try #/bin/bash # references the interface wlaninterface=wlan0mon # sets the base file name for the wireless survey recon=scouted # sets the file name for the pcap file to write too pcapfile=DaCapFile # sets the lenth of time to run the survey for - in seconds recontime=30s # sets the lenth of time to run the packet capture for - in seconds capturetime=600s # general house cleaning to remove previous captures rm $recon*.csv &> /dev/null rm $pcapfile*.cap &> /dev/null # setting wlan0 into monitor mode airmon-ng check kill airmon-ng start wlan0 # running the wireless survey airodump-ng -w $recon --output-format csv $wlaninterface &> /dev/null & sleep $recontime kill $! # finds the open WiFi network with the most active traffic and get the channel number channel=$(grep -a 'OPN' $recon*.csv | sort -nrk11 | tail -1 | awk '{print $6}') # removes the comma from the output of the previous line ch=${channel::-1} #finds the open WiFi network with the most active traffic and get the ESSID network=$(grep -a 'OPN' $recon*.csv | sort -nrk11 | tail -1 | awk '{print $19}') # removes the comma from the output of the previous line ssid=${network::-1} #running the packet capture airodump-ng -c $ch --essid $ssid -w $pcapfile --output-format pcap $wlaninterface &> /dev/null & sleep $capturetime kill $! The only change made is that I've moved the house clearing and survey parts so that they run before the you process the survey results. I suspect that in your earlier testing you had an old recon file present which it then used and as the script leaves the recon file on the filesystem at the end you'd only encounter the issue when you moved the script across but not the recon file. The good news is that this bug actually highlighted a logic bug that would be very difficult to spot otherwise (the logic bug was that each time it ran it was using the recon file from the previous time you ran the script not this time, which if you've changed locations wouldn't be much use). Quote
0phoi5 Posted January 6, 2017 Posted January 6, 2017 Nice script, but what if the WiFi network with the most active traffic changes in the moment between getting the channel number and getting the ESSID? Would it not be possible to set the $channel and $network variables in the same line of code? Just incase Quote
Br@d Posted January 10, 2017 Author Posted January 10, 2017 On 1/1/2017 at 2:40 PM, Teabot 5000 said: There's a few ways to get it running on boot. Imagine I saved the script as "coolScript.sh" in the /path_to_file/ directory. The quick way would be to add a line like the following to the /etc/rc.local file (above the "exit 0" in the rc.local file of course): /path_to_file/coolScript.sh || exit 1; The better way would be to add an init script by adding a new script to the "/etc/init.d/" folder that calls the script. The commands would be like so (Note: must be run as root): echo '#!/bin/sh' > /etc/init.d/runCoolScript echo '/path_to_script/coolScript.sh' >> /etc/init.d/runCoolScript chmod ugo+x /etc/init.d/runCoolScript update-rc.d runCoolScript defaults The top two lines could obviously be done in an editor instead or echoing them. ok I seem to be having issues getting this to run at power on.... can you try to elaborate on they steps needed in a Linux for dummies version.... (the amount I have learned in the last few weeks has surprised me but there is still a long way to go ) Quote
Teabot 5000 Posted January 11, 2017 Posted January 11, 2017 So you should be able to save your script as say "openWifiCap.sh" in the /opt directory ("/opt/openWifiCap.sh" is now the full path to the script) and then have it executed at boot by placing a call to the script in the "/etc/rc.local" file. First off, once you've saved the script make sure to run the command "sudo chmod +xw openWifiCap.sh" to make it executable (the +x) and give it write permissions (the w). At this stage you should be able to run "./openWifiCap.sh" and it should work as expected. Next, add in a call to the script in the in the "/etc/rc.local" file. By default, this file should look something like this: #!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. exit 0 You'll want to add the call to the script above the line with "exit 0". With it done, it would look like this: #!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. sh /opt/openWifiCap.sh & exit 0 The "sh" at the start will call the script and the "&" at the end of the line will get the script to run in the background. If you still have issues with that method you could try the other. Take a look at the answers here for a decent run through of how to do that. Quote
Br@d Posted January 12, 2017 Author Posted January 12, 2017 Awesome, thanks.. that was a lot of help! so here is the next funny thing..... The script runs exactly as expected if run it manually "sudo ./MyScirpt.sh" But... when running it as a start up script it does not run correctly. Instead it shows the airodump-ng scan on the screen and does not quite after 30 seconds... thoughts? Quote
Teabot 5000 Posted January 13, 2017 Posted January 13, 2017 It sounds like the script isn't being started as a daemon. Did you include the "&" at the end of the line in the rc.local file? Quote
Br@d Posted January 14, 2017 Author Posted January 14, 2017 Success!! That script has changed a bit over the past few weeks... but not a lot I appears (and I'm guessing) that there is some background services needed that have not loaded by the time the script was called. The fix was to set the pi to auto-login and call the script for the .bashrc file... this seems to be working well, but I have a lot of testing to do. Thank you everyone for your help! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.