-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkali-linux-evil-access-point.sh
120 lines (99 loc) · 2.76 KB
/
kali-linux-evil-access-point.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
#!/bin/bash
# Kali Linux ISO recipe for : Evil Access Point
#########################################################################################
# Desktop : None
# Metapackages : None
# ISO size : 1.36 GB
# Special notes : Boots into an Access Point.
# : ppp0 and wlan0 hardcoded.
# Background : http://www.offensive-security.com/kali-linux/kali-linux-recipes/
#########################################################################################
# Update and install dependencies
apt-get update
apt-get install git live-build cdebootstrap -y
# Clone the default Kali live-build config.
git clone https://gitlab.com/kalilinux/build-scripts/live-build-config.git
# Let's begin our customisations:
cd live-build-config
# The user doesn't need the kali-linux-full metapackage, we overwrite with our own basic packages.
cat <<EOF > config/package-lists/kali.list.chroot
# kali meta-package depends on everything we want
kali-root-login
kali-defaults
kali-debtags
kali-archive-keyring
debian-installer-launcher
cryptsetup
locales-all
hostapd
dnsmasq
nginx
wireless-tools
iw
aircrack-ng
openssl
sslsplit
responder
openssh-server
openvpn
EOF
mkdir -p config/includes.chroot/etc/hostapd
mkdir -p config/includes.chroot/etc/init.d
cat <<EOF > config/includes.chroot/etc/hostapd/hostapd.conf
interface=wlan0
driver=nl80211
ssid=KaliFreeWifi
channel=1
EOF
cat <<EOF > config/includes.chroot/etc/dnsmasq.conf
log-facility=/var/log/dnsmasq.log
#address=/#/10.0.0.1
#address=/google.com/10.0.0.1
interface=wlan0
dhcp-range=10.0.0.10,10.0.0.250,12h
dhcp-option=3,10.0.0.1
dhcp-option=6,10.0.0.1
#no-resolv
log-queries
EOF
cat <<EOF >> config/includes.chroot/etc/iptables.rules
# Generated by iptables-save v1.4.14 on Mon Jun 9 08:46:32 2014
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Mon Jun 9 08:46:32 2014
# Generated by iptables-save v1.4.14 on Mon Jun 9 08:46:32 2014
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -i wlan0 -o eth0 -j ACCEPT
COMMIT
# Completed on Mon Jun 9 08:46:32 2014
EOF
cat <<EOF > config/includes.chroot/etc/rc.local
#!/bin/bash
ifconfig wlan0 up
ifconfig wlan0 10.0.0.1/24
iptables-restore < /etc/iptables.rules
echo '1' > /proc/sys/net/ipv4/ip_forward
EOF
cat <<EOF >config/hooks/enableservices.chroot
#!/bin/bash
update-rc.d nginx enable
update-rc.d hostapd enable
update-rc.d dnsmasq enable
EOF
cat <<EOF >config/hooks/configurehostapd.chroot
#!/bin/bash
sed -i 's#^DAEMON_CONF=.*#DAEMON_CONF=/etc/hostapd/hostapd.conf#' /etc/init.d/hostapd
EOF
chmod 755 config/hooks/enableservices.chroot
chmod 755 config/hooks/configurehostapd.chroot
chmod 755 config/includes.chroot/etc/rc.local
# Go ahead and run the build!
lb build