brav0hax / easy-creds Goto Github PK

Shell 100.00%

easy-creds's Introduction

######   ##    ####  #   #        ####  #####  ###### #####   ####
#       #  #  #       # #        #    # #    # #      #    # # 
#####  #    #  ####    #   ##### #      #    # #####  #    #  ####
#      ######      #   #         #      #####  #      #    #      #
#      #    # #    #   #         #    # #   #  #      #    # #    #
###### #    #  ####    #          ####  #    # ###### #####   ####

v3.8-dev Garden of New Jersey

Purpose:
This script leverages tools for stealing credentials during a pen test.

This version has gone through a complete code cleanup -> Thanks al14s & zero_chaos

Added - Macchanger thx to SilverFoxx
Added - Prerequisite test

########################################################################

1. Prereqs
2. Installation
3. Working with easy-creds in screen
4. Instructional videos

1. Prereqs:

* screen
* freeradius (with wpe patches)
* hamster
* ferret
* sslstrip
* dsniff
* urlsnarf
* metasploit
* airbase-ng
* airodump-ng
* hostapd
* mdk3
* ipcalc
* asleap


2. Installation:

Most can be installed from repos, we've included some instruction on installing from source when helpful.

easy-creds is available in some Linux distros already, so before spending a lot of time, try just installing it with your package manager.

If easy-creds is not available already in the repo for your distro please open a bug for them (no us) to add it, then feel free to follow the directions below:

To install SOME of the dependencies for debian/ubuntu based distros use the following command:

apt-get install screen hostapd dsniff dhcp3-server ipcalc aircrack-ng

###
aircrack-ng suite

There are known issues for airbase-ng with the base v1.1 version included in many distros. If that is what your distro provides it is recommended that you grab the latest nightly build from 
the SVN repo and recompile.

Full instructions for installing aircrack-ng available here:
http://www.aircrack-ng.org/doku.php?id=install_aircrack

Follow either svn or nightly tarball guide:
http://www.aircrack-ng.org/doku.php?id=install_aircrack#latest_svn_development_sources
http://www.aircrack-ng.org/doku.php?id=install_aircrack#nightly_build


###
freeradius-wpe

The freeradius in the repo most likely does not include the wpe patch. It is best to install from source unless you are using a distro that already applied this very non-standard patch:

	wget ftp://ftp.freeradius.org/pub/radius/old/freeradius-server-2.1.11.tar.bz2 -O /tmp/freeradius-server-2.1.11.tar.bz2
	wget http://www.opensecurityresearch.com/files/freeradius-wpe-2.1.11.patch -O /tmp/freeradius-wpe-2.1.11.patch
	cd /tmp
	tar xf freeradius-server-2.1.11.tar.bz2
	mv freeradius-wpe-2.1.11.patch /tmp/freeradius-server-2.1.11/freeradius-wpe-2.1.11.patch
	cd freeradius-server-2.1.11
	patch -p1 < freeradius-wpe-2.1.11.patch
	./configure && make && make install
	cd /usr/local/etc/raddb/certs/
	./bootstrap

###
Hamster & Ferret

	mkdir /opt/sidejack
	cd /tmp
	wget http://www.erratasec.com/erratasec.zip -O /tmp/erratasec.zip
	unzip erratasec.zip
	cd hamster/build/gcc4/
	make
	cp /tmp/ec-install/hamster/bin/* /opt/sidejack
	rm -rf /tmp/ferret

	svn checkout http://ferret.googlecode.com/svn/trunk/ /tmp/ferret
	cd /tmp/ferret/
	make
	cp /tmp/ferret/bin/ferret /opt/sidejack/ferret

###
asleap

Asleap may be available in your package manager, if not, you can install like this:

	wget http://www.willhackforsushi.com/code/asleap/2.2/asleap-2.2.tgz -O /tmp/asleap.tgz
	cd /tmp
	tar xf asleap.tgz
	cd asleap
	make
	cp asleap /usr/local/sbin
	cp genkeys /usr/local/bin

###
MDK3

	wget http://homepages.tu-darmstadt.de/~p_larbig/wlan/mdk3-v6.tar.bz2 -O /tmp/mdk3-v6.tar.bz2
	cd /tmp
	tar xf mdk3-v6.tar.bz2
	cd mdk3-v6
	make && make install

3. Working with easy-creds within a screen

I don't want to assume everyone is perfectly comfortable with screen, but please read some tutorials from the web.

easy-creds will look for X windows running, but shouldn't find it on the pwnie and launch everything in a screen sessions. This can feel a bit like Inception once you're in a screen within a screen

The main thing to remember is once the easy-creds screen session launches you should do the following from command prompt.

screen -list (you should see the easy-creds session)
screen -r easy-creds

You are now interacting with the easy-creds screen session. Normally to view your screens you would press ctrl-a then " and this will show you what screens you have open in the session.

Where it gets tricky is when you have a screen session, then launch another screen session (easy-creds attacks). When that happens you will need to do the following:

ctrl-a then a then "

That extra 'a' lets the screen program know you want to work with the inner screen session.

Yes it is confusing a bit at first but you'll get the hang of it.


4. Instructional Videos:
Instructional videos can be found here -> http://www.youtube.com/user/Brav0Hax

Even if the version is not the same, the base functionality is.

Happy hunting!!

[email protected]

easy-creds's People

Contributors

Stargazers

Watchers

Forkers

al14s jscro hajolito ehumphri kernelbitch noncetonic karthikrangarajan mubix cmavr8 atlantis2013 molotof besimaltnok agsola psych0-smil3s brazillink zenxiaoshu cpxintel ryehawk28 vicgc kidclavo 0x0mar baldybadgersrunningroundmybrain vaginessa craig5233 avicoder 5w1tch cgtarmenta tetrasine syeekick sh3llsh0ck3d master2be1 restanrm 0x90shell grosdev icekvot rubicondimitri floppynator jb071 soulless313 lamkeysing92 bahtiyarb-torba pr0xych41ns infinitedevelopment lucabongiorni barmallini hanshaze r13mann freeroute songofhack embpgp wmswu c0nn3ct patzor jameslinus foundtarin kufan 00kush00 filipesam n4yk tanc7 sea13502 chengyang827 benfang2002 kuteminh11 s4yhell0 willame sugitime freeethicalhacking fingerleakers ykankaya inosec kosamkarmansi otomazeli ptahchiev mesutozsoycom sh317er mgcfish freeguy1 johntomyang 5l1v3r1 reynelda86 kelvinninja1 miraoui1 ilkkai foxthealmighty tarlety hartl3y94 gugugu5331 tommalvoriddle redrouge asuradago l3aalteshuva

easy-creds's Issues

Ettercap is not working

In kali sana, easy-creds 3.8 dev works fine except ettercap. Client can connect to internet and url sniff also shows the links but the ettercap tab is not opening.

DHCP cannot initialize success in kali linux 2.0

I create fake AP success, but devices cannot connect to it. I used wireshark to capture data packages, it shows device keep DHCP request but without any response...

Installation went horribly wrong

I know that this package is preety old, however I still tried installing it on my Ubuntu.
The logs get cleared, so it was kinda hard to read and copy everything, however, literally everytime i got spammed

Edit: During installation there were a whole lot of compilation errors.

job-working-directory: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
couldn't find radiusd
couldn't find mdk3
[!] Some prereqs missing, functionality may be impaired. Review README file.
sh: 0: getcwd() failed: No such file or directory
[-] I can't find a wireless interface to display...continuing anyway

xterm: Can't execvp sslstrip: No such file or directory
shell-init: error retrieving current direotry: getcwd: cannot access parent directories: No such file or directory
sh: 0: getcwd() failed: No such files or directory

xterm: Can't execvp ettercap: No such file or directory
shell-init: error retrieving current direotry: getcwd: cannot access parent directories: No such file or directory
sh: 0: getcwd() failed: No such files or directory

Airbase-NG
error setting MTU on wlx00c0caae5c94
Error: Got channel -1. expected a value > 0.

These errors aren't logs from one time, i simply had to rewrite them because i can't copy the logs, so i put them in one here. Is there any way to uninstall fully easy-creds or fix it?

"Nmap format" not working

After selecting Poisoning Attacks and then Create Victim Host List, the network range isn't registering.

Enter your target network range (nmap format): 192.168.1.1/24
Enter your target network range (nmap format):
Enter your target network range (nmap format): 192.168.1.0-255
Enter your target network range (nmap format):

MAC change leads to Fake AP disconnections

First of all, this is probably not a problem of easy-creds itself, but some of the components used.

Steps to reproduce:
FakeAP attacks > Fake AP attack static. Most settings are irrelevant (do not affect), but if I choose to change my mon card's MAC, the problem manifests.

Everything seems to go on OK (MAC changed ok, AP created etc) but once my client connects to the AP and tries downloading they get disconnected. Then it tries to connect again (Android phone) and succeeds, only to get disconnected a few seconds later. This goes on forever. Haven't tried other clients.

I have tried this many times, and it's consistently reproducible. If I do not change the MAC it works great.

Free Radius installation fails on Kali

mkdir -p /usr/local/etc/raddb/certs solves it

Packaging for kali

hi am packaging this for debian/kali the file definitions.sslstrip, where does it go? and whats it for? it does not seem to be referenced in the installer.
Also the script seems to need svn/git versions of a lot of packages, before i go of and start packaging all its cutting edge deps, has it been tested on a standard kali setup, if so where does it fall over, a lot of kali packages are seriously out of date, is that going to effect operation ?

Internet on Fake AP extremely slow

Hey brav0 I love this script and want to thank you for the amazing work you've done. The one issue I'm having is that when connecting to the AP from a victim machine, the internet goes extremely slow, taking a few minutes for a page to load. I'm tunneling a very fast connection to the AP, so I'm not sure where the issue is.

Also I'm not sure if this has anything to do with it, but when starting airbase all goes well but I'm getting this error:
error: got channel -1, expected a value > 0.

Any help would be appreciated!

Thanks again

Easy-creds installer stuck at getting freeradius. Is there a way to bypass it?

This is where it gets stuck
Connecting to ftp.freeradius.org (ftp.freeradius.org)|62.210.29.29|:21...
Thanks!

Credentials Windows Stays Open

When performing a FreeRadius attack the cleanup does not close the xterm window for credentials

Easy-Creds on Wifi Pineapple Mark V?

I just got hold of this fantastic device and thought easy-creds would be great for it. Any chance of compatibility?

Really appreciate the interesting work you are doing on this and ettercap!

Http://forums.hak5.org

closed

NonIssue: Question: How is EvilTwin AP supposed to work?

Hi again,
This is not an issue report, but a question/discussion, but there is no forum in github.

I'm trying to get all modes of easy-creds working, so I have some questions. I may write my knowledge down as documentation (in the wiki maybe) of this project when I have enough, if that's ok with you (brav0hax).

So, the question is: how is the EvilTwin mode supposed to work?
Create rogue unsecured APs based on client probes, right?
Should clients be able to connect and use the APs? Mine doesn't. Even if (the client) chooses to connect to one of the created networks, it can't. Is this normal?

(Feature suggestion: make APs with var security settings. 4 for each ssid. This will increase autoconnection success)

Thanks,
Chris

updates?

Great project, but are you going to make any updates?

wlanxmon (ex. wlan0mon), new airmon-ng update

sorry my language,

airmon-ng get update this moon.
will see https://www.kali.org/penetration-testing/pixiewps-reaver-aircrack-ng-updates/

"Goodbye mon0, hello wlan0mon!"

what we do now?

Easy-creds on Kali 1.09

Hi,

I've been trying to get easy-creds set up a fake AP but I ran into some trouble due to the fact that Kali uses isc-dhcp-server now and not dhcp3 anymore.

I looked at some fixes online but I still can't get it to work properly. My devices can connect to the fake AP but traffic doesn't get through.

Did you fix this in any later versions, and if not do you recommend using something else?

I'm running EC 3.7.3, so maybe updating will fix this?

Kind regards,
Thomas

Unrecognized dhcpd on Kali

I installed this on Kali but getting unrecognized dhcpd. As I understand Kali is using isc-dhcp

thanks

Client cannot connect to AP after launching rogue AP on easy-creds

Hello,

I hope you are well. I have been having an issue in getting easy-creds to work. I was able to get the prereqs installed, but still having issues. I am trying to create a honey pot test by creating a free AP as internet is running as well. I have eth0 as my internet and wlan0 (AWUSO36NH). So, when a user connects they will connect with internet. Every time client(s) connects to the free AP, it will take a long time to connect. But when they do connect, internet will not go through and I will not be able to get the credentials as I am wanting (All testing in my home environment) . Pop-ups when running the free AP come up like sslstrip, ettercap, and dmesg are up. Also, I am getting an error where "got channel -1, expected a value > 0. I typed in channel 9. I know it works on raspberry pi (Kali linux arm) cause I am using a book "Penetration testing Raspberry Pi." Let me know what you think. Also, are we suppose to use dhcp3 or isc-dhcp3?

Thanks,
joeyj2468

[Feature Request] Add OSX to supported platforms

Any option of getting OSX added to the list for the install?