832e46bf1d
polishing signal reception, creation of ap class, added time class,further work on logging and features. Hidden Dragon is unfinished, do not use. |
||
|---|---|---|
| ctiger | ||
| Docs | ||
| .gitignore | ||
| __version__.py | ||
| ap_db-rearrange.awk | ||
| awktest-original.py | ||
| awktest.py | ||
| changelog.md | ||
| changelog.org | ||
| crouching_tiger.code-workspace | ||
| ctiger.gv | ||
| ctiger.py | ||
| ctiger.sublime-project | ||
| ctiger_study.ipynb | ||
| fix_print.awk | ||
| poetry.lock | ||
| printer.py | ||
| pyproject.toml | ||
| README.md | ||
| scapy_ex.py | ||
| start.py | ||
| VERSION.md | ||
Welcome to crouching_tiger 👋
Automating wireless attacks on targets only intermittently available. Discovers real mac addresses in a network containing randomly generated ones.
Goals
There are several of goals/ideal the project would like to achieve. They are:
- Run in the background for an indefinite period if need be.
- Provide a scanning feature used to create a properly formatted csv file to store identified targets in.
IMPORTANT NOTE
YOU MUST HAVE ROOT PERMISSION TO USE
Install
To install the script you have several options at your disposal. The only "frivolous" dependency is the lovely art package for python. If you are interested in this script at all, then you more than likely already have scapy installed on your system. Since all of these were already available on my system, no installation was necessary. But for inquiring minds, the installation process is as follows:
Install with poetry
A simple poetry install should install all the required packages and create the venirtual env for
you. From there all that is needed is to run the script with:
poetry install
Install with pipenv
Similarly to poetry, pipenv install should install all the required packages and create the
venirtual env for you. From there all that is needed is to run the script with:
pipenv install
Install with pip
This will be more tricky because you will need to install the required packages in the root user's local python library, and not the system python library. This is done by running the following commands:
sudo su
pip3 install --user -r requirements.txt
exit
From here on you will need to become the root user before running the script.
Config
The program is designed to take either flags from the command line of configuration variables from
the configu file. Flags on the command line will override variables set in the configuration file.
The configuration file for the program will be generated for you automatically upon first run. Once
generated, can be found in /etc/ctiger/config.ini. A copy of the configuration spec is provided
below:
cfg = """# Crouching Tiger Config File
# PLEASE, DO NOT LEAVE THIS FILE UNTOUCHED!
# TARGETS WILL HAVE TO BE MODIFIED IN ORDER TO WORK!
# ------------------------------------------------------------
# General Settings
# ----------------
interface = string(default='wlan0')
logging_level = option('INFO', 'DEBUG', default='DEBUG')
log_file = string(default='/var/log/ctiger.log')
# ------------------------------------------------------------
# Attack Settings
# ----------------
[ATTACK]
scan_file = string(default='ct_aps.csv')
mon_type = option('create', 'switch', default='switch')
use_daemon = boolean(default=False)
# -----------------------------------------------------------
# Mac Purge Setings
# -----------------
[MAC_PURGE]
if_type = option('create', 'switch', default='switch')
valid_results = string(default='ct_valid.csv')
channel_list = list(default=list(1, 6, 11))
"""
The only configuration option that possibly could use some explanation is the option that defines what type of monitor interface your particular wifi card allows. Not all wireless devices allow the creation of a secondary wlanXmon interface. Some only allow for the mode of the device to be changed. This variable is where you designate this type.
Usage
All runtime flags and subcommands should be described in length by use of the -h flag. Further
information of subcommands are described using the subcommand plus the -h flag. ex. poetry run python3 ctiger.py mac -h
sudo $(which poetry) run python3 ctiger.py -h
░█▀▀█ █▀▀█ █▀▀█ █──█ █▀▀ █──█ ─▀─ █▀▀▄ █▀▀▀ ▀▀█▀▀ ─▀─ █▀▀▀ █▀▀ █▀▀█
░█─── █▄▄▀ █──█ █──█ █── █▀▀█ ▀█▀ █──█ █─▀█ ─░█── ▀█▀ █─▀█ █▀▀ █▄▄▀
░█▄▄█ ▀─▀▀ ▀▀▀▀ ─▀▀▀ ▀▀▀ ▀──▀ ▀▀▀ ▀──▀ ▀▀▀▀ ─░█── ▀▀▀ ▀▀▀▀ ▀▀▀ ▀─▀▀
usage: ctiger.py -i $IFACE (-t $TARGET or -f $TARGET_FILE)
Performs various actions on wifi targets.
This program was created with the intent to allow users to attack
wifi targetsthat are only available some of the time, and extract
information from them.
There are three types of actions that can be performed:
2. ATTACK [att] = Will run a scan in the background looking for aps in target list.
If found will begin capturing a pcap file and deauth attack.
3. Mac_Purge [mac] = Experimental: Scans for wireless devices and acquires their MAC
addresses. Then transmits a Clear to Send Frame. If the device responds with
data frame, then information on the device will be stored and written to file.
options:
-h, --help show this help message and exit
-v, --version show program's version number and exit
-i NAME, --interface NAME
Interface(s) to scan on
-f CONFIG_FILE, --file CONFIG_FILE
configuration file
-l {INFO,DEBUG}, --log_level {INFO,DEBUG}
Log level
-z LOG_FILE, --log_file LOG_FILE
Log file
actions:
Action to perform
{att,mac,scn} You must use one.
att Attack target
mac Grab Valid addresses
Processing will take several seconds, please be patient.
For Mac discovery
Many devices use randomly generated mac addresses in order to cloak their real addresses. This feature attempts to mitigate this strategy by exploiting the 802.11 protocol.
sudo $(which poetry) run python3 ctiger.py mac -h
░█▀▀█ █▀▀█ █▀▀█ █──█ █▀▀ █──█ ─▀─ █▀▀▄ █▀▀▀ ▀▀█▀▀ ─▀─ █▀▀▀ █▀▀ █▀▀█
░█─── █▄▄▀ █──█ █──█ █── █▀▀█ ▀█▀ █──█ █─▀█ ─░█── ▀█▀ █─▀█ █▀▀ █▄▄▀
░█▄▄█ ▀─▀▀ ▀▀▀▀ ─▀▀▀ ▀▀▀ ▀──▀ ▀▀▀ ▀──▀ ▀▀▀▀ ─░█── ▀▀▀ ▀▀▀▀ ▀▀▀ ▀─▀▀
usage: ctiger.py -i $IFACE (-t $TARGET or -f $TARGET_FILE) mac
[-h] [-t {create,switch}] [-f VALID_FILE] [-c CHANNELS]
options:
-h, --help show this help message and exit
-t {create,switch}, --type {create,switch}
Create new monitor inf or switch mode.
-f VALID_FILE, --file VALID_FILE
File to write results too.
-c CHANNELS, --channels CHANNELS
A single or comma seperated list of channels.
Citations
Hansen, Y. (2018). Python Scapy Dot11. Createspace Independent Publishing Platform.
rpp0. (2024, January 23). rpp0/scapy-fakeap. GitHub. https://github.com/rpp0/scapy-fakeap
Author
👤 Anoduck
- Website: http://anoduck.github.io
- Github: @anoduck
Show your support
Donate to Lord Mzte for use of his repository hosting service.
_This README was generated with ❤️ by readme-md-generator