-
Notifications
You must be signed in to change notification settings - Fork 97
brav0hax/easy-creds
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
###### ## #### # # #### ##### ###### ##### ####
# # # # # # # # # # # # # #
##### # # #### # ##### # # # ##### # # ####
# ###### # # # ##### # # # #
# # # # # # # # # # # # # # #
###### # # #### # #### # # ###### ##### ####
v3.7- Garden of Your Mind
Purpose:
This script leverages tools for stealing credentials during a pen test.
This version has gone through a complete code cleanup -> Thanks al14s
New Attack -> Freeradius attack with a softAP
########################################################################
1. Prereqs
2. Installation
3. Configuration of Paths
4. Working with easy-creds in screen
5. Instructional videos
1. Prereqs:
* screen
* freeradius-wpe
* hamster
* ferret
* sslstrip
* dsniff
* urlsnarf
* metasploit
* airbase-ng
* airodump-ng
* hostapd
* mdk3
* ipcalc
* asleap
2. Installations:
Run the installer, it *should* install everything you need. If not, you'll need to do it manually
Most can be installed from repos, I've included some instruction on installing from source.
###
aircrack-ng suite
This is already installed by default, however, there are know issues for airbase-ng with the base v1.1 distro install. It is recommended that you grab the latest nightly build from the SVN repo and recompile
svn co http://trac.aircrack-ng.org/svn/trunk/ /tmp/aircrack-ng
cd /tmp/aircrack-ng/
make && make install
bash /usr/local/sbin/airodump-ng-oui-update
###
freeradius-wpe
The free radius in the repo does not include the wpe patch. It is best to install from source
wget ftp://ftp.freeradius.org/pub/radius/old/freeradius-server-2.1.11.tar.bz2 -O /tmp/freeradius-server-2.1.11.tar.bz2
wget http://www.opensecurityresearch.com/files/freeradius-wpe-2.1.11.patch -O /tmp/freeradius-wpe-2.1.11.patch
cd /tmp
tar -jxvf freeradius-server-2.1.11.tar.bz2
mv freeradius-wpe-2.1.11.patch /tmp/freeradius-server-2.1.11/freeradius-wpe-2.1.11.patch
cd freeradius-server-2.1.11
patch -p1 < freeradius-wpe-2.1.11.patch
./configure && make && make install
cd /usr/local/etc/raddb/certs/
./bootstrap
###
Hamster & Ferret
mkdir /opt/sidejack
cd /tmp
wget http://www.erratasec.com/erratasec.zip -O /tmp/erratasec.zip
unzip erratasec.zip
cd hamster/build/gcc4/
make
cp /tmp/ec-install/hamster/bin/* /opt/sidejack
rm -rf /tmp/ferret
svn checkout http://ferret.googlecode.com/svn/trunk/ /tmp/ferret
cd /tmp/ferret/
make
cp /tmp/ferret/bin/ferret /opt/sidejack/ferret
###
asleap
mkdir /opt/asleap
wget http://www.willhackforsushi.com/code/asleap/2.2/asleap-2.2.tgz -O /tmp/asleap.tgz
cd /tmp
tar xvf asleap.tgz
cd asleap
make
mv /tmp/asleap/* /opt/asleap/
###
MDK3
wget http://homepages.tu-darmstadt.de/~p_larbig/wlan/mdk3-v6.tar.bz2 -O /tmp/mdk3-v6.tar.bz2
cd /tmp
tar -xvjpf mdk3-v6.tar.bz2
cd mdk3-v6
make && make install
3. Configuration of Program paths
One of the things I tried to do with this version is to remove the hardcoded paths relating to BackTrack. This is an attempt to use easy-creds on other distros (Ubuntu, Debian, Red Hat)
In order to pull this off I was originally using the 'locate' command to identify the proper exec paths. This proved to be a bit clugy, so I decided to use variable declarations for the paths. This is much easier, but requires some additional set up by the user.
The current paths are set with the defaults used by the installer but easily changeable. Starting on line 118 you can set the proper paths, using 'locate' or 'which'
example:
root@bt:~# which mdk3
/usr/local/sbin/mdk3
Based on the info you would set the following:
mdk3path="/usr/local/sbin"
4. Working with easy-creds within a screen
I don't want to assume everyone is perfectly comfortable with screen, but please read some tutorials from the web. When using the pwnie you will most likely be in a screen session already, if not make sure that's the first thing you do once you get your shell.
easy-creds will look for X windows running, but shouldn't find it on the pwnie and launch everything in a screen sessions. This can feel a bit like Inception once you're in a screen within a screen
The main thing to remember is once the easy-creds screen session launches you should do the following from command prompt.
screen -list (you should see the easy-creds session)
screen -r easy-creds
You are now interacting with the easy-creds screen session. Normally to view your screens you would press ctrl-a then " and this will show you what screens you have open in the session.
Where it gets tricky is when you have a screen session, then launch another screen session (easy-creds attacks). When that happens you will need to do the following:
ctrl-a then a then "
That extra 'a' lets the screen program know you want to work with the inner screen session.
Yes it is confusing a bit at first but you'll get the hang of it.
5. Instructional Videos:
Instructional videos can be found here -> http://www.youtube.com/user/Brav0Hax
Even if the version is not the same, the base functionality is.
Happy hunting!!
[email protected]
About
No description, website, or topics provided.
Resources
Stars
Watchers
Forks
Packages 0
No packages published