-
Notifications
You must be signed in to change notification settings - Fork 2
/
wp5_mitmproxy.sh
executable file
·138 lines (112 loc) · 4.82 KB
/
wp5_mitmproxy.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
#!/bin/bash
#define variables
echo "$(tput setaf 3) _ ___ _______ ____ _ __ "
echo " | | / (_) ____(_) / __ \\(_)___ ___ ____ _____ ____ / /__ "
echo " | | /| / / / /_ / / / /_/ / / __ \/ _ \/ __ '/ __ \/ __ \/ / _ \\"
echo " | |/ |/ / / __/ / / / ____/ / / / / __/ /_/ / /_/ / /_/ / / __/"
echo " |__/|__/_/_/ /_/ /_/ /_/_/ /_/\___/\__,_/ .___/ .___/_/\___/ "
echo " $(tput sgr0) OWN the Network $(tput setaf 3)/_/ /_/$(tput sgr0) v2.2"
echo ""
echo -n "Pineapple Netmask [255.255.255.0]: "
read pineapplenetmask
if [[ $pineapplenetmask == '' ]]; then
pineapplenetmask=255.255.255.0 #Default netmask for /24 network
fi
echo -n "Pineapple Network [172.16.42.0/24]: "
read pineapplenet
if [[ $pineapplenet == '' ]]; then
pineapplenet=172.16.42.0/24 # Pineapple network. Default is 172.16.42.0/24
fi
echo -n "Interface between PC and Pineapple [eth0]: "
read pineapplelan
if [[ $pineapplelan == '' ]]; then
pineapplelan=eth0 # Interface of ethernet cable directly connected to Pineapple
fi
echo -n "Interface between PC and Internet [wlan0]: "
read pineapplewan
if [[ $pineapplewan == '' ]]; then
pineapplewan=wlan0 #i.e. wlan0 for wifi, ppp0 for 3g modem/dialup, eth0 for lan
fi
temppineapplegw=`netstat -nr | awk 'BEGIN {while ($3!="0.0.0.0") getline; print $2}'` #Usually correct by default
echo -n "Internet Gateway [$temppineapplegw]: "
read pineapplegw
if [[ $pineapplegw == '' ]]; then
pineapplegw=`netstat -nr | awk 'BEGIN {while ($3!="0.0.0.0") getline; print $2}'` #Usually correct by default
fi
echo -n "IP Address of Host PC [172.16.42.42]: "
read pineapplehostip
if [[ $pineapplehostip == '' ]]; then
pineapplehostip=172.16.42.42 #IP Address of host computer
fi
echo -n "IP Address of Pineapple [172.16.42.1]: "
read pineappleip
if [[ $pineappleip == '' ]]; then
pineappleip=172.16.42.1 #Thanks Douglas Adams
fi
echo -n "Enable port forwarding on port 80 for mitmproxy? [Y/n]:"
read enable80forwarding
if [[ $enable80forwarding == '' ]]; then
enable80forwarding=Y
fi
echo -n "Enable port forwarding on port 443 for mitmproxy? [Y/n]:"
read enable443forwarding
if [[ $enable443forwarding == '' ]]; then
enable443forwarding=Y
fi
#Display settings
#echo Pineapple connected to: $pineapplelan
#echo Internet connection from: $pineapplewan
#echo Internet connection gateway: $pineapplegw
#echo Host Computer IP: $pineapplehostip
#echo Pineapple IP: $pineappleip
#echo Network: $pineapplenet
#echo Netmask: $pineapplenetmask
echo ""
echo "$(tput setaf 6) _ . $(tput sgr0) $(tput setaf 7)___$(tput sgr0) $(tput setaf 3)\||/$(tput sgr0) Internet: $pineapplegw - $pineapplewan"
echo "$(tput setaf 6) ( _ )_ $(tput sgr0) $(tput setaf 2)<-->$(tput sgr0) $(tput setaf 7)[___]$(tput sgr0) $(tput setaf 2)<-->$(tput sgr0) $(tput setaf 3),<><>,$(tput sgr0) Computer: $pineapplehostip"
echo "$(tput setaf 6) (_ _(_ ,)$(tput sgr0) $(tput setaf 7)\___\\$(tput sgr0) $(tput setaf 3)'<><>'$(tput sgr0) Pineapple: $pineapplenet - $pineapplelan"
#Bring up Ethernet Interface directly connected to Pineapple
ifconfig $pineapplelan $pineapplehostip netmask $pineapplenetmask up
# Enable IP Forwarding
echo '1' > /proc/sys/net/ipv4/ip_forward
#echo -n "IP Forwarding enabled. /proc/sys/net/ipv4/ip_forward set to "
#cat /proc/sys/net/ipv4/ip_forward
#clear chains and rules
iptables -X
iptables -F
iptables -t nat -X
iptables -t nat -F
#echo iptables chains and rules cleared
#setup IP forwarding
iptables -A FORWARD -i $pineapplewan -o $pineapplelan -s $pineapplenet -m state --state NEW -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE
#echo IP Forwarding Enabled
#remove default route
route del default
#echo Default route removed
#add default gateway
route add default gw $pineapplegw $pineapplewan
#echo Pineapple Default Gateway Configured
#instructions
#echo All set. Now on the Pineapple issue: route add default gw $pineapplehostip br-lan
#ping -c1 $pineappleip
#if [ $? -eq 0 ]; then
#echo "ICS configuration successful."
#echo "Issuing on Pineapple: route add default gw $pineapplehostip br-lan"
#echo " ssh root@$pineappleip 'route add default gw '$pineapplehostip' br-lan'"
#echo "Enter Pineapple password if prompted"
#ssh root@$pineappleip 'route add default gw '$pineapplehostip' br-lan'
#fi
echo ""
echo "Browse to http://$pineappleip:1471"
echo ""
## Added the following rules for port forwarding to mitmproxy
if [[ $enable80forwarding == 'Y' ]]; then
echo "setting port forwarding on port 80 for mitmproxy"
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
fi
if [[ $enable443forwarding == 'Y' ]]; then
echo "setting port forwarding on port 443 for mitmproxy"
iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-port 8080
fi