forked from asciimoo/whol
-
Notifications
You must be signed in to change notification settings - Fork 1
/
whol.sh
executable file
·124 lines (100 loc) · 3.47 KB
/
whol.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
#!/usr/bin/env ksh
#.---------------------------------------------
# (W|H)all Of Lame
#
#,---------------------------------------------
IFACE='wlan0'
DIR='/tmp'
FIFO='whol_pipe'
DSNIFF_FIFO='whol_dsniff_pipe'
QUIET=0
CHANNEL=0
PREF=$(iwconfig 2>/dev/null | egrep '^mon[0-9]+' | wc -l)
DPREFIX=/tmp/whol_tdump$PREF
destruct() {
if [[ "$STATUS" -gt 0 ]] ; then return; fi
echo "exitting.."
R=0
STATUS=$((STATUS+1))
if [[ "$1" != "" ]] ; then kill $1; fi
airmon-ng stop mon$PREF
rm $DIR/$FIFO$PREF
[[ $DSNIFF ]] && rm $DIR/$DSNIFF_FIFO$PREF
# TODO more sophisticated destruction..
[[ $DSNIFF ]] && killall dsniff
}
usage() {
echo -e "(W|H)all of lame - (C) 2010 Adam Tauber
Usage:
whol -c [wireless channel] <options>
Options:
-c, --channel <int> : Channel of open wifi networks
-i, --interface <str> : Wireless interface name
-f, --filter <str> : Pcap filter expression
-r, --relevance <float> : Filter output (default is 10)
-w, --write-file <str> : Write the original sniffed traffic to file (pcap format)
-s, --session-str <str> : A session string to the API of http://editgrid.com
-t, --tmp-dest <str> : Destination of the temporary files generated by tcpdump - it is useful
when more than one whols running - default is /tmp/whol_tdump
-d, --dsniff : Use dsniff
-q, --quiet : Quiet mode (no visual output)
-h, --help : Displays this
"
}
ARGS=`getopt -n whol -u -l channel:,help,quiet,interface:,tmp-dest:,write-file:,filter:,relevance:,session-str:,dsniff c:s:r:t:f:i:w:hqd $*`
[[ $? != 0 ]] && {
usage
exit 1
}
set -- $ARGS
for i
do
case "$i" in
-c|--channel ) shift; CHANNEL=$1; shift;;
-q|--quiet ) shift; QUIET=1;;
-i|--interface ) shift; IFACE=$1; shift;;
-f|--filter ) shift; FILTER=$1; shift;;
-w|--write-file ) shift; W_FILE=$1; shift;;
-t|--tmp-dest ) shift; DPREFIX=$1$PREF; shift;;
-d|--dsniff ) shift; DSNIFF=1;;
-r|--relevance ) shift; RELEVANCE='-r '$1; shift;;
-s|--session-str ) shift; SESSION='-s '$1; shift;;
-h|--help ) shift; usage; exit 1;;
esac
done
[[ $CHANNEL == 0 ]] && {
echo '[!] Wrong wireless channel'
usage
exit 1
}
mkfifo $DIR/$FIFO$PREF
airmon-ng start $IFACE $PREF $( if [ $QUIET -eq 1 ] ; then echo ' >/dev/null'; fi)
airodump-ng_wholmod -o pcap -w $DIR/$FIFO$PREF -t OPN -c $CHANNEL mon$PREF -p -q&
APID=$!
trap "destruct $APID" INT
#ettercap -T -d -m ettertest.log -r $FIFO
[[ $DSNIFF ]] && mkfifo $DIR/$DSNIFF_FIFO$PREF && dsniff -m -p $DIR/$DSNIFF_FIFO$PREF &
(cat $DIR/$FIFO$PREF |\
tee $([[ $DSNIFF ]] && echo -n $DIR/$DSNIFF_FIFO$PREF) $W_FILE | \
tcpdump -r - -C 1 -w $DPREFIX)&
# python ./splitpcap.20051126.py | \
TC=1
R=1
rm $DPREFIX*
FILTERPREF=$(./tshark_parser.py -f)
while [ $R == 1 ] ; do
[[ ! -f "$DPREFIX$TC" ]] && { sleep 1; continue; }
if [[ $TC -eq 1 ]]; then
F=$DPREFIX
else
F=$DPREFIX$(( TC-1 ))
fi
[[ -f $F ]] && {
tshark -r $F -R \
"$FILTERPREF $([[ $FILTER ]] && echo -n ' and ('$FILTER')')" \
-T pdml 2>/dev/null && rm $F
}
TC=$(( $TC+1 ))
done | ./tshark_parser.py $RELEVANCE $SESSION
R=0
destruct $APID