Last active
February 9, 2023 23:32
-
-
Save lorenzodifuccia/7f164dc8b22b7d91af97c859f9619965 to your computer and use it in GitHub Desktop.
AP Mode script for Man-in-The-Middle (MitM) environment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# * * * CONFIGURE * * * | |
AP_INT="wlan0" | |
PROXY="192.168.200.1:8080" | |
# If the interface changes, remember to change those files: | |
# /etc/hostapd/hostapd.conf | |
# /etc/dnsmasq.conf | |
# /etc/network/interfaces | |
if [ "$(id -u)" -ne 0 ]; then echo "Error 0x10: script must be run as root!"; exit 1; fi | |
OUT_INT=$(ip route | head -n 1 | awk '{print $5}') | |
if [ $? -ne 0 ]; then echo "Error 0x11: unable to get the output interface..."; exit 1; fi | |
# Enable AP_INT | |
ip addr flush dev $AP_INT | |
if [ $? -ne 0 ]; then echo "Error 0x20"; exit 1; fi | |
nmcli device set $AP_INT managed off | |
if [ $? -ne 0 ]; then echo "Error 0x21"; exit 1; fi | |
ifdown $AP_INT | |
if [ $? -ne 0 ]; then echo "Error 0x22"; exit 1; fi | |
ifup $AP_INT | |
if [ $? -ne 0 ]; then echo "Error 0x23"; exit 1; fi | |
# DHCP the host | |
dhclient -r $OUT_INT | |
if [ $? -ne 0 ]; then echo "Error 0x30"; exit 1; fi | |
dhclient $OUT_INT | |
if [ $? -ne 0 ]; then echo "Error 0x31"; exit 1; fi | |
# Enable dnsmasq | |
killall dnsmasq 2>/dev/null | |
dnsmasq -q --log-facility=$(pwd)/dnsmasq.log | |
if [ $? -ne 0 ]; then echo "Error 0x40"; exit 1; fi | |
# Enable Hostapd | |
killall hostapd 2>/dev/null | |
hostapd -B -t -f $(pwd)/hostapd.log /etc/hostapd/hostapd.conf | |
if [ $? -ne 0 ]; then echo "Error 0x50"; exit 1; fi | |
# Enable Packet Forward and iptables | |
sysctl -w net.ipv4.ip_forward=1 | |
iptables --flush | |
iptables --table nat --flush | |
iptables --delete-chain | |
iptables --table nat --delete-chain | |
iptables --table nat --append PREROUTING -i $AP_INT -p tcp --dport 80 -j DNAT --to-destination $PROXY | |
iptables --table nat --append PREROUTING -i $AP_INT -p tcp --dport 443 -j DNAT --to-destination $PROXY | |
iptables --table nat --append PREROUTING -i $AP_INT -p tcp --dport 8000:9000 -j DNAT --to-destination $PROXY | |
iptables --table nat --append POSTROUTING --out-interface $OUT_INT -j MASQUERADE | |
iptables --append FORWARD --in-interface $AP_INT -j ACCEPT | |
iptables --append FORWARD --in-interface $OUT_INT -j ACCEPT | |
# iptables -A INPUT -j ACCEPT | |
# iptables -A OUTPUT -j ACCEPT | |
# Output | |
SSID=$(grep -o -P "(?<=^ssid\=).+" /etc/hostapd/hostapd.conf) | |
PASSWD=$(grep -o -P "(?<=wpa_passphrase\=).+" /etc/hostapd/hostapd.conf) | |
printf "\n\nSSID -> $SSID\nPASSWORD -> $PASSWD\nProxy -> $PROXY\nHappy Hacking :)\n" |
# /etc/dnsmasq.conf
interface=wlan0
dhcp-range=192.168.1.10,192.168.1.50,12h
server=1.1.1.1
# /etc/network/interfaces
# Wifi for AP
auto wlan0
iface wlan0 inet static
address 192.168.1.1
netmask 255.255.255.0
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
# /etc/hostapd/hostapd.conf interface=wlan0 driver=nl80211 ssid=XXXXXXXXX hw_mode=g channel=6 macaddr_acl=0 auth_algs=1 ignore_broadcast_ssid=0 wpa=2 wpa_passphrase=XXXXXXXXX wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP rsn_pairwise=CCMP