anoduck/crouching_tiger
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
crouching_tiger/README.md
anoduck f2c940ae37 feat(Features): 🚧 Hidden Dragon Work 
Many changes performed in development of Hidden Dragon

hdragon command is broken for development
2024-03-12 18:03:38 -04:00

7.6 KiB
Raw Permalink Blame History

Welcome to crouching_tiger 👋

Version License: MIT

built with Codeium

Automating wireless attacks on targets only intermittently available. Discovers real mac addresses in a network containing randomly generated ones.

Goals

There are several of goals/ideal the project would like to achieve. They are:

  • Run in the background for an indefinite period if need be.
  • Provide a scanning feature used to create a properly formatted csv file to store identified targets in.

IMPORTANT NOTE

YOU MUST HAVE ROOT PERMISSION TO USE

Install

To install the script you have several options at your disposal. The only "frivolous" dependency is the lovely art package for python. If you are interested in this script at all, then you more than likely already have scapy installed on your system. Since all of these were already available on my system, no installation was necessary. But for inquiring minds, the installation process is as follows:

Install with poetry

A simple poetry install should install all the required packages and create the venirtual env for you. From there all that is needed is to run the script with:

poetry install

Install with pipenv

Similarly to poetry, pipenv install should install all the required packages and create the venirtual env for you. From there all that is needed is to run the script with:

pipenv install

Install with pip

This will be more tricky because you will need to install the required packages in the root user's local python library, and not the system python library. This is done by running the following commands:

sudo su
pip3 install --user -r requirements.txt
exit

From here on you will need to become the root user before running the script.

Config

The program is designed to take either flags from the command line of configuration variables from the configu file. Flags on the command line will override variables set in the configuration file. The configuration file for the program will be generated for you automatically upon first run. Once generated, can be found in /etc/ctiger/config.ini. A copy of the configuration spec is provided below:

cfg = """# Crouching Tiger Config File
# PLEASE, DO NOT LEAVE THIS FILE UNTOUCHED!
# TARGETS WILL HAVE TO BE MODIFIED IN ORDER TO WORK!
# ------------------------------------------------------------

# General Settings
# ----------------
interface = string(default='wlan0')
logging_level = option('INFO', 'DEBUG', default='DEBUG')
log_file = string(default='/var/log/ctiger.log')

# ------------------------------------------------------------

# Attack Settings
# ----------------
[ATTACK]
scan_file = string(default='ct_aps.csv')
mon_type = option('create', 'switch', default='switch')
use_daemon = boolean(default=False)

# -----------------------------------------------------------

# Mac Purge Setings
# -----------------
[MAC_PURGE]
if_type = option('create', 'switch', default='switch')
valid_results = string(default='ct_valid.csv')
channel_list = list(default=list(1, 6, 11))
"""

The only configuration option that possibly could use some explanation is the option that defines what type of monitor interface your particular wifi card allows. Not all wireless devices allow the creation of a secondary wlanXmon interface. Some only allow for the mode of the device to be changed. This variable is where you designate this type.

Usage

All runtime flags and subcommands should be described in length by use of the -h flag. Further information of subcommands are described using the subcommand plus the -h flag. ex. poetry run python3 ctiger.py mac -h

sudo $(which poetry) run python3 ctiger.py -h

░█▀▀█ █▀▀█ █▀▀█ █──█ █▀▀ █──█ ─▀─ █▀▀▄ █▀▀▀  ▀▀█▀▀ ─▀─ █▀▀▀ █▀▀ █▀▀█ 
░█─── █▄▄▀ █──█ █──█ █── █▀▀█ ▀█▀ █──█ █─▀█  ─░█── ▀█▀ █─▀█ █▀▀ █▄▄▀ 
░█▄▄█ ▀─▀▀ ▀▀▀▀ ─▀▀▀ ▀▀▀ ▀──▀ ▀▀▀ ▀──▀ ▀▀▀▀  ─░█── ▀▀▀ ▀▀▀▀ ▀▀▀ ▀─▀▀ 
usage: ctiger.py -i $IFACE (-t $TARGET or -f $TARGET_FILE)

Performs various actions on wifi targets.

This program was created with the intent to allow users to attack
wifi targetsthat are only available some of the time, and extract
information from them.

There are three types of actions that can be performed:

2. ATTACK [att] = Will run a scan in the background looking for aps in target list.
      If found will begin capturing a pcap file and deauth attack.

3. Mac_Purge [mac] = Experimental: Scans for wireless devices and acquires their MAC
      addresses. Then transmits a Clear to Send Frame. If the device responds with 
      data frame, then information on the device will be stored and written to file.

options:
  -h, --help            show this help message and exit
  -v, --version         show program's version number and exit
  -i NAME, --interface NAME
                        Interface(s) to scan on
  -f CONFIG_FILE, --file CONFIG_FILE
                        configuration file
  -l {INFO,DEBUG}, --log_level {INFO,DEBUG}
                        Log level
  -z LOG_FILE, --log_file LOG_FILE
                        Log file

actions:
  Action to perform

  {att,mac,scn}         You must use one.
    att                 Attack target
    mac                 Grab Valid addresses

Processing will take several seconds, please be patient.

For Mac discovery

Many devices use randomly generated mac addresses in order to cloak their real addresses. This feature attempts to mitigate this strategy by exploiting the 802.11 protocol.

sudo $(which poetry) run python3 ctiger.py mac -h
░█▀▀█ █▀▀█ █▀▀█ █──█ █▀▀ █──█ ─▀─ █▀▀▄ █▀▀▀  ▀▀█▀▀ ─▀─ █▀▀▀ █▀▀ █▀▀█ 
░█─── █▄▄▀ █──█ █──█ █── █▀▀█ ▀█▀ █──█ █─▀█  ─░█── ▀█▀ █─▀█ █▀▀ █▄▄▀ 
░█▄▄█ ▀─▀▀ ▀▀▀▀ ─▀▀▀ ▀▀▀ ▀──▀ ▀▀▀ ▀──▀ ▀▀▀▀  ─░█── ▀▀▀ ▀▀▀▀ ▀▀▀ ▀─▀▀ 
usage: ctiger.py -i $IFACE (-t $TARGET or -f $TARGET_FILE) mac
       [-h] [-t {create,switch}] [-f VALID_FILE] [-c CHANNELS]

options:
  -h, --help            show this help message and exit
  -t {create,switch}, --type {create,switch}
                        Create new monitor inf or switch mode.
  -f VALID_FILE, --file VALID_FILE
                        File to write results too.
  -c CHANNELS, --channels CHANNELS
                        A single or comma seperated list of channels.

Citations

Hansen, Y. (2018). Python Scapy Dot11. Createspace Independent Publishing Platform.

rpp0. (2024, January 23). rpp0/scapy-fakeap. GitHub. https://github.com/rpp0/scapy-fakeap

Author

👤 Anoduck

Show your support

Donate to Lord Mzte for use of his repository hosting service.

_This README was generated with ❤️ by readme-md-generator