danmcinerney / lans.py Goto Github PK

https://www.hacking-lab.com/cases/5034-wlan-karma-attack/index.html

In module_check() you present the user with an opportunity to install missing modules via apt-get. However, there is no confirmation that apt-get is installed.

[*] Hit Ctrl-C at any time to stop and choose a victim IP
^CTraceback (most recent call last):
File "./LANs.py", line 1128, in
main(parse_args())
File "./LANs.py", line 992, in main
au.users(IPprefix, routerIP)
File "./LANs.py", line 867, in users
sniff(iface=self.monmode, prn=self.pkt_cb, store=0)
File "/usr/lib/python2.7/dist-packages/scapy/sendrecv.py", line 596, in sniff
s.close()
KeyboardInterrupt

any idea?

IMHO in def signal_handler there shouldn't be this one: open('/proc/sys/net/ipv4/ip_forward', 'w').write('0\n')
Because somebody could have it turned on before and don't want to loose it.

I think it would be better to set here the value which ip_forward had before lunching LANs.py, not hardcoded "zero"…

:)

In the readme, it tells ubuntu users to modify line 135, where it should say "153". I imagine this number will continue to change with code additions.

Hello,

I am trying to run the script in the first phase and it is crashing. Please see the screenshot. Any help?

Hello !

I've been trying for 3 days to get LANs.py inject beef's hook successfully but I couldn't manage to do it. Jamming and redirecting works but I just couldn't inject the script.

I tried -b [hook url], -c, and even tried -r to the demo page but it just wouldn't work.

i am getting error like this

import nfqueue import error nfqueue

I tried easy_install nfqueue and easy_install python-nfqueue. But not working

http://breachattack.com/
http://security.stackexchange.com/questions/39925/breach-a-new-attack-against-http-what-can-be-done
http://security.stackexchange.com/questions/20406/is-http-compression-safe

They compliment eachother, from my understanding.

Here's an implementation in coffee script (i think that's what the .cs extension means?)

https://github.com/nealharris/BREACH

https://code.google.com/p/reaver-wps/

Not sure if this is out of scope or not, but would be a nice tool for a LAN "party script".

When the non-router IP is entered,the output is :

TypeError: start() takes exactly 2 arguments (3 given)

Keep getting this error...
Traceback (most recent call last):
File "LANs.py", line 1220, in
LANsMain(args)
File "LANs.py", line 176, in LANsMain
au.users(IPprefix, routerIP)
File "LANs.py", line 1086, in users
sniff(iface=self.monmode, prn=self.pkt_cb, store=0)
File "/usr/local/lib/python2.7/dist-packages/scapy/sendrecv.py", line 593, in sniff
**karg)]
File "/usr/local/lib/python2.7/dist-packages/scapy/arch/linux.py", line 488, in init
self.ins.bind((iface, type))
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 19] No such device

The repo description needs to be updated to reflect the ability to jam WiFi.

I've installed all the requirements for LANs.py on my Raspberry Pi but since I'm useing Ethernet, I cannot use this script. I've specified "-i eth0" but it still won't work.

Is it possible to have Ethernet support?

Thanks

Hey, thanks for your great tool.

But I have a problem and I don't know how to fix it.

[*] Enabled IP forwarding
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.

Iptables and everything else is working correct but I'm not able to use your tool.

Thanks for the help

Hey any one having problems with arch nfqueue here is an updated
AUR PKGBUILD I created that works.

https://aur.archlinux.org/packages/python2-nfqueue-new/

The initial scan of the network to identify hosts uses 192.168.211.0/24, and my network is 10.0.0.1/24.

Lovely work. Please provide a license so others may understand any copying conditions. Leaving the work with out an otherwise declared license makes it all rights reserved.

Hah, just re-read the source, you did define license as 'GPL'. There are may versions of GPL. Please create a LICENSE with whichever version you intend to use or Note this in your readme.

Thanks.

for the sake of my eyes please make the code more readable ... a easy but not complete way is to use https://pypi.python.org/pypi/autopep8/ ;)

[] Running ARP scan to identify users on the network; this may take a minute - [nmap -sn -n 192.168.1.0/24]
[] Running nbtscan to get Windows netbios names - [nbtscan 192.168.1.0/24]
[*] Enabling monitor mode [airmon-ng start wlan0]
Traceback (most recent call last):
File "LANs.py", line 1603, in
LANsMain(args)
File "LANs.py", line 186, in LANsMain
au.users(IPprefix, routerIP)
File "LANs.py", line 1092, in users
sniff(iface=self.monmode, prn=self.pkt_cb, store=0)
File "/usr/lib/python2.7/dist-packages/scapy/sendrecv.py", line 577, in sniff
p = s.recv(MTU)
File "/usr/lib/python2.7/dist-packages/scapy/arch/linux.py", line 485, in recv
pkt, sa_ll = self.ins.recvfrom(x)
socket.error: [Errno 100] Network is down

I have to fix this script. I'm not sure what all is wrong, but somehow a few things are no longer working. Will fix when I get the time.

Traceback (most recent call last): File "LANs.py", line 1597, in <module> LANsMain(args) File "LANs.py", line 302, in LANsMain Spoof().poison(routerIP, victimIP, routerMAC, victimMAC) File "LANs.py", line 313, in poison send(ARP(op=2, pdst=victimIP, psrc=routerIP, hwdst=victimMAC)) File "/usr/lib/python2.7/dist-packages/scapy/base_classes.py", line 223, in __call__ i.__init__(*args, **kargs) File "/usr/lib/python2.7/dist-packages/scapy/packet.py", line 99, in __init__ self.fields[f] = self.get_field(f).any2i(self, v) File "/usr/lib/python2.7/dist-packages/scapy/fields.py", line 249, in any2i return self.h2i(pkt,x) File "/usr/lib/python2.7/dist-packages/scapy/fields.py", line 230, in h2i x = Net(x) File "/usr/lib/python2.7/dist-packages/scapy/base_classes.py", line 77, in __init__ self.parsed,self.netmask = self._parse_net(net) File "/usr/lib/python2.7/dist-packages/scapy/base_classes.py", line 71, in _parse_net tmp[0]=socket.gethostbyname(tmp[0]) socket.gaierror: [Errno -3] Temporary failure in name resolution

I think it would be of great value specially when someone like me want to get started as quickly as possible. The way it stands right now I have to figure-out and install dependencies by looking at imports.

This looks like a great tool for the Wifi Pineapple! It also already has karma attacks built in.

https://www.wifipineapple.com/
https://forums.hak5.org/

Great work!

We are trying to build the lans package and everything works fine except for issues with nfqueue. We have installed the nfqueue python2 package and installed _nfqueue.so and nfqueue.py under /usr/ib/python2.7/site-packages, but when we try to load nfqueue we get an error:

Traceback (most recent call last):
File "/usr/bin/lans", line 36, in
import nfqueue
File "/usr/lib/python2.7/site-packages/nfqueue.py", line 28, in
_nfqueue = swig_import_helper()
File "/usr/lib/python2.7/site-packages/nfqueue.py", line 24, in swig_import_helper
_mod = imp.load_module('_nfqueue', fp, pathname, description)
ImportError: dynamic module does not define init function (init_nfqueue)

Do you have any idea why we are getting this traceback

Nov 11 17:33 /usr/lib/python2.7/site-packages/nfqueue.py
Nov 11 17:33 /usr/lib/python2.7/site-packages/_nfqueue.so

I just recently compiled airmon, and it installed binaries to /usr/local/sbin, instead of /usr/sbin, which this script expects.

Perhaps the script should check alternate locations (such as the user's path, or common locations of the binaries) before saying it can't find the binary? This seems like good practice when using external programs.

I am a developer for blackarch.org, we are building a archlinux repository that includes packages specifically geared towards pentesting. We would like to use your package in our repository, https://github.com/BlackArch/blackarch. Great job on the package by the way it will be quite useful.

people of my town videos pictures and interviews

If I were to write a fork of this, could I relicense it as GPL?

I install all dependency, and when I try to run the program I get a following error:

[*] Running ARP scan to identify users on the network; this may take a minute...
[-] Nmap ARP scan failed, is it nmap installed?
Traceback (most recent call last):
  File "LANs.py", line 1061, in <module>
    main()
  File "LANs.py", line 936, in main
    au.users(IPprefix, routerIP)
  File "LANs.py", line 750, in users
    for x in nmap:
UnboundLocalError: local variable 'nmap' referenced before assignment

airmon-ng being run takes down wlan0 to being up wlan0mon, this means that the lan connection is dropped.

there's talk of documenting a flag to restore the old functionality however I cant find any record of where this option is.

Lan.py ought to run with this flag enabled.

Refactor LANs.py with creds.py credential harvesting engine. Maybe add support for VM's too in process.

root@kali:~/intercept# python LANs.py -i wlan0
[*] Running ARP scan to identify users on the network; this may take a minute - [nmap -sn -n 192.168.232.0/24]
[-] Router MAC not found. Exiting.

This is what I am getting when attempting to run LANs.py - for some reason it want to use the eth0 ip instead of the wlan/mon interface.

I am running this in a vm using the latest build of Kali

Rab.

LANs.py works wonderfully and I've only had a couple issues that were pretty easy to fix. One thing I think would that would be a great improvement though, the option to poison the entire network vs just attacking one client.

Hello.
Thank you for this program but I cannot see this is working.

After I set the Victims IP address I see this error.

*] Hit Ctrl-C at any time to stop and choose a victim IP ^C [*] Turning off monitor mode [*] Enter the non-router IP to spoof: 192.168.1.3 [*] Checking the DHCP and DNS server addresses... Traceback (most recent call last): File "LANs.py", line 1220, in <module> LANsMain(args) File "LANs.py", line 198, in LANsMain ans, unans = srp(dhcp, timeout=5, retry=1) File "/usr/lib/python2.7/dist-packages/scapy/sendrecv.py", line 357, in srp s = conf.L2socket(iface=iface, filter=filter, nofilter=nofilter, type=type) File "/usr/lib/python2.7/dist-packages/scapy/arch/linux.py", line 417, in __init__ self.ins.bind((iface, type)) File "/usr/lib/python2.7/socket.py", line 224, in meth return getattr(self._sock,name)(*args) socket.error: [Errno 19] No such device
I install the metasploit framework pro from rapid7 but its still doesnt work.

Is there any way to pass this error.

I know it's stated clearly that you've intended for this to only work on Linux, but will you be extending this for the OSX platform at some point in the future?

Of all the prerequisites listed in your README file, I've not been able to find an equivalent for python nfqueue. May I know if you might know what can be used on OSX in place of this?

Much appreciated.

Would it be possible to make LANs.py able to output the websites visited, emails, credentials, etc to a file? I would think that would make analyzing captured data easier.

python LANs.py -u -n results in the following error on line 987 in main:

UnboundLocalError: local variable 'IPprefix' referenced before assignment

output of /sbin/ip route:
ipr = ["'default", 'via', '192.168.1.1', 'dev', 'wlan2', '\n192.168.1.0/24', 'dev', 'wlan2', '', 'proto', 'kernel', '', 'scope', 'link', '', 'src', '192.168.1.5', "\n'"]

which you then IPprefix = ipr[8][2:]

resulting in nothing. Not sure what you are expecting here - an IP of router?

I saw an earlier issue that you fixed that tweaked this - may need to tweak a little more.

Not really. Good job!

I tried to reboot my network service and tried again.
I think something is wrong with scapy module itself.
I did upgrade the scapy and current scapy version is 2.4.0
here's the error I got on python LANs.py -u -p
root@vandan:/home/vandan/Downloads/oscp/Lanpy_spyLANUsers/LANs.py# python LANs.py -u -p
[] Running ARP scan to identify users on the network; this may take a minute - [nmap -sn -n 192.168.2.0/24]
[] Running nbtscan to get Windows netbios names - [nbtscan 192.168.2.0/24]
[*] Enabling monitor mode [airmon-ng start wlp9s0]
Traceback (most recent call last):
File "LANs.py", line 1597, in
LANsMain(args)
File "LANs.py", line 182, in LANsMain
au.users(IPprefix, routerIP)
File "LANs.py", line 1080, in users
sniff(iface=self.monmode, prn=self.pkt_cb, store=0)
File "/usr/local/lib/python2.7/dist-packages/scapy/sendrecv.py", line 731, in sniff
*arg, **karg)] = iface
File "/usr/local/lib/python2.7/dist-packages/scapy/arch/linux.py", line 591, in init
_flush_fd(self.ins)
File "/usr/local/lib/python2.7/dist-packages/scapy/arch/linux.py", line 395, in _flush_fd
os.read(fd,MTU)
OSError: [Errno 100] Network is down

python-requests may be needed on certain Linux Machines, Arch-Linux.

I installed kite with all the dependencies on Parallel , but when i run python LANs.py i receive the following message:

Enabling monitor mode failed , do you have aircrack-ng installed ?

I m sure that aircrack-ng is installed .

where is aircrack-ng => /usr/sbin/aircrack-ng

Running: ./LANs.py -i wlan1 -c '<title>OWNED</title>' -ip 192.168.0.19

And I'm getting:

[] Enabled IP forwarding
[] Flushed firewall and forwarded traffic to the queue; waiting for data

callback failure !
Traceback (most recent call last):
File "./LANs.py", line 169, in start
self.injecthtml(load, ack, pkt, payload, dport, sport)
File "./LANs.py", line 217, in injecthtml
self.user_agent = "'"+self.get_user_agent(header_lines)+"'"
TypeError: cannot concatenate 'str' and 'NoneType' objects

Do you know what could be a reason?

Any URL containing the string ".jpg" will not be displayed when URLSpy is enabled. E.g. www.jpg.daviddworken.com will not be listed. This is an edge case, but should still be addressed.

• Rather than checking if URL contains ".jpg", instead:
  • Strip URL of all arguments.
  • Check if URL ends with ".jpg"

Filter out ad URLs.

• Generate a list of ad websites/domains.
• Filter URLs to check if they are on any of those domains.

I had downloaded this script and when tried to run script (as root on fresh installed Kali linux 2.0), it gave me this error:

[-] Enabling monitor mode failed, do you have aircrack-ng installed?

(screenshot: http://imgur.com/BVwWQie)

My wifi card supports monitor mode (Tp-link tl-wn722n) and when I run:

airmon-ng check kill
airmon-ng start wlan0
...

everything works properly. Can you please tell me how to fix this?

Hey, I can use aircrack-ng as a command, but when I try to run LANS, it gives me an error saying "Enabling monitor mode failed, do you have aircrack-ng installed?" The answer seems obvious. "Install aircrack-ng!" But, I already have it downloaded.