Initial Release
Dallas Winger
parent
0bb5899e89
commit
b4a5a21eaa
14
README.md
14
README.md
|
|
@ -1 +1,13 @@
|
|||
# plunderbug-scripts
|
||||
# Plunder Bug Scripts
|
||||
|
||||
The Plunder Bug by Hak5 is pocket-sized LAN Tap that lets you "bug" Ethernet connections with USB-C convenience.
|
||||
|
||||
Coupled with these cross-platform scripts or the Android root app, this smart network sniffer enables passive recording or active scanning.
|
||||
|
||||
|
||||
|
||||
* [Purchase the Plunder Bug at Hak5.org](https://shop.hak5.org/products/bug "Purchase the Plunder Bug at Hak5.org")
|
||||
* [Documentation](https://docs.hak5.org/hc/en-us/categories/360001482953-Plunder-Bug "Plunder Bug Documentation")
|
||||
* [Forums](https://forums.hak5.org/forum/97-plunder-bug/ "Plunder Bug Forums")
|
||||
* IRC: irc.hak5.org #hak5
|
||||
* Discord: https://discord.gg/WuteWPf
|
||||
|
|
|
|||
|
|
@ -0,0 +1,82 @@
|
|||
<#
|
||||
|
||||
Plunder Bug
|
||||
(C) Hak5 2019
|
||||
Powershell mute script that manages NetAdapterBinding for the bug interface
|
||||
used to prevent the capture host from sending data over the wire the bug is tapping
|
||||
|
||||
#>
|
||||
|
||||
param([string]$mode)
|
||||
|
||||
if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`" $mode" -Verb RunAs; exit }
|
||||
|
||||
|
||||
function banner {
|
||||
" ###########################################"
|
||||
" # | \ / Plunder Bug by Hak5 #"
|
||||
" # \ O.o #"
|
||||
" # ( _ )\ Windows Bug Mute Script #"
|
||||
" # '' ''¿ #"
|
||||
" ###########################################"
|
||||
}
|
||||
|
||||
function usage {
|
||||
"Usage: plunderbug.ps1 <mode>"
|
||||
" mute Mute plunder bug interface and exit"
|
||||
" unmute Unmute plunder bug interface and exit"
|
||||
}
|
||||
|
||||
function mute($iface_name) {
|
||||
"Disabling IPv4 on bug interface $iface_name ..."
|
||||
|
||||
Disable-NetAdapterBinding -Name $iface_name -ComponentID ms_tcpip
|
||||
|
||||
"Disabling IPv6 on bug interface $iface_name ..."
|
||||
|
||||
Disable-NetAdapterBinding -Name $iface_name -ComponentID ms_tcpip6
|
||||
|
||||
"Mute complete"
|
||||
}
|
||||
|
||||
function unmute($iface_name) {
|
||||
"Enabling IPv4 on bug interface $iface_name ..."
|
||||
|
||||
Enable-NetAdapterBinding -Name $iface_name -ComponentID ms_tcpip
|
||||
|
||||
"Enabling IPv6 on bug interface $iface_name ..."
|
||||
|
||||
Enable-NetAdapterBinding -Name $iface_name -ComponentID ms_tcpip6
|
||||
|
||||
"Unmute complete"
|
||||
}
|
||||
|
||||
banner
|
||||
"Starting plunderbug mute script..."
|
||||
"Waiting for the plunderbug to be connected..."
|
||||
$iface_name = $null
|
||||
$name = $null
|
||||
while ($name -eq $null){
|
||||
|
||||
$name=Get-NetAdapter| Where-Object {$_.MacAddress -match "00-13-37*"} | Select Name | Format-Table -hidetableheader
|
||||
$tmp=$name | Out-String
|
||||
$iface_name=$tmp.trim()
|
||||
|
||||
Start-Sleep -Seconds 1
|
||||
}
|
||||
"Interface Detected... $iface_name"
|
||||
|
||||
if ( $mode -eq "mute" ){
|
||||
mute $iface_name
|
||||
pause
|
||||
exit
|
||||
}
|
||||
|
||||
if ( $mode -eq "unmute") {
|
||||
unmute $iface_name
|
||||
pause
|
||||
exit
|
||||
}
|
||||
|
||||
usage
|
||||
pause
|
||||
|
|
@ -0,0 +1,211 @@
|
|||
#!/bin/bash
|
||||
# Plunder Bug
|
||||
# (C) Hak5 2019
|
||||
#
|
||||
# Bash mute script that manages iptables for the bug interface
|
||||
# used to prevent the capture host from sending data over the wire the bug is tapping
|
||||
|
||||
OS=0
|
||||
|
||||
function banner(){
|
||||
echo " ###########################################"
|
||||
echo " # | \ / Plunder Bug by Hak5 #"
|
||||
echo " # \ O.o #"
|
||||
echo " # ( _ )\ Bug Interface Mute Script #"
|
||||
echo " # '' ''¿ #"
|
||||
echo " ###########################################"
|
||||
}
|
||||
|
||||
function usage() {
|
||||
echo "Usage: sudo ./plunderbug.sh"
|
||||
echo " --mute Mute plunder bug interface and exit"
|
||||
echo " --unmute Unmute plunder bug interface and exit"
|
||||
}
|
||||
|
||||
function iptables_check() {
|
||||
if [[ -z $(which iptables) ]]; then
|
||||
echo "iptables required to mute interface"
|
||||
fi
|
||||
}
|
||||
|
||||
function os_check() {
|
||||
if [[ "$OSTYPE" == "darwin"* ]]; then
|
||||
echo -e "\nOSX Detected\n"
|
||||
OS=1
|
||||
elif [[ "$OSTYPE" == "cygwin" ]]; then
|
||||
err "Cygwin not supported"
|
||||
else
|
||||
OS=0
|
||||
iptables_check
|
||||
fi
|
||||
}
|
||||
|
||||
function micdrop(){
|
||||
echo "Exited"
|
||||
exit $1
|
||||
}
|
||||
|
||||
function err() {
|
||||
echo "[FATAL] $1"
|
||||
QUIT=1
|
||||
micdrop 1
|
||||
}
|
||||
|
||||
function root_check() {
|
||||
if [[ "$EUID" -ne 0 ]]; then
|
||||
echo "Please re-run as root"
|
||||
usage
|
||||
micdrop 1
|
||||
fi
|
||||
}
|
||||
|
||||
function wait_for_bug_connection() {
|
||||
printf "%s" 'Waiting for a plunder bug to be connected...'
|
||||
while [[ -z $IFACE ]]; do
|
||||
printf "%s" .
|
||||
if [[ "$OS" -eq 1 ]]; then
|
||||
IFACE=$(ifconfig | grep 00:13:37 -B2 | head -1 | awk {'print $1'} | sed 's/ *:.*//')
|
||||
else
|
||||
IFACE=$(find /sys/class/net -mindepth 1 -maxdepth 1 ! -name lo -printf "%P " -execdir cat {}/address \; | grep "00:13:37" | cut -d " " -f1)
|
||||
fi
|
||||
sleep 1
|
||||
done
|
||||
echo -e "\n\n[$IFACE] Plunder Bug connected\n"
|
||||
}
|
||||
|
||||
function check_ip6tables_rule_exists(){
|
||||
if [[ -z $(ip6tables -vL|grep $IFACE) ]];then
|
||||
echo 1
|
||||
else
|
||||
echo 0
|
||||
fi
|
||||
}
|
||||
|
||||
function add_rule_to_ip6tables() {
|
||||
pre_existing_rule=$(check_ip6tables_rule_exists)
|
||||
if [[ "$pre_existing_rule" -eq 1 ]];then
|
||||
printf "\t%s" "[+] Adding ip6tables rule..."
|
||||
ip6tables -A OUTPUT -o $IFACE -j DROP && echo "Success" || err "failed to add rule to ip6tables"
|
||||
else
|
||||
echo "IPv6 Mute rule already exists on system..."
|
||||
fi
|
||||
}
|
||||
|
||||
function check_iptables_rule_exists(){
|
||||
if [[ -z $(iptables -vL|grep $IFACE) ]];then
|
||||
echo 1
|
||||
else
|
||||
echo 0
|
||||
fi
|
||||
}
|
||||
|
||||
function add_rule_to_iptables() {
|
||||
pre_existing_rule=$(check_iptables_rule_exists)
|
||||
if [[ "$pre_existing_rule" -eq 1 ]];then
|
||||
printf "\t%s" "[+] Adding iptables rule..."
|
||||
iptables -A OUTPUT -o $IFACE -j DROP && echo "Success" || err "failed to add rule to iptables"
|
||||
else
|
||||
echo "IPv4 Mute rule already exists on system..."
|
||||
fi
|
||||
}
|
||||
|
||||
function remove_rule_from_ip6tables() {
|
||||
pre_existing_rule=$(check_ip6tables_rule_exists)
|
||||
if [[ "$pre_existing_rule" -eq 0 ]];then
|
||||
printf "\t%s" "[-] Removing ip6tables rule..."
|
||||
ip6tables -D OUTPUT -o $IFACE -j DROP && echo "Success" || err "failed to remove ip6tables rule"
|
||||
else
|
||||
echo "IPv6 Mute rule already removed from system..."
|
||||
fi
|
||||
}
|
||||
|
||||
function remove_rule_from_iptables() {
|
||||
pre_existing_rule=$(check_iptables_rule_exists)
|
||||
if [[ "$pre_existing_rule" -eq 0 ]];then
|
||||
printf "\t%s" "[-] Removing iptables rule..."
|
||||
iptables -D OUTPUT -o $IFACE -j DROP && echo "Success" || err "failed to remove iptables rule"
|
||||
else
|
||||
echo "IPv4 Mute rule already removed from system..."
|
||||
fi
|
||||
}
|
||||
|
||||
function disable_interface_in_networksetup() {
|
||||
BUGIFACE=$(ifconfig | grep 00:13:37 -B2 | head -1 | awk {'print $1'} | sed 's/ *:.*//')
|
||||
if [[ -n "$BUGIFACE" ]]; then
|
||||
BUGIFACENAME=$(networksetup -listnetworkserviceorder | grep $BUGIFACE -B1 | head -1 | sed 's/(.*)//' | cut -c2-)
|
||||
networksetup -setv4off "$BUGIFACENAME" || err "error disabling ipv4 on bug interface"
|
||||
networksetup -setv6off "$BUGIFACENAME" || err "error disabling ipv6 on bug interface"
|
||||
fi
|
||||
}
|
||||
|
||||
function enable_interface_in_networksetup(){
|
||||
BUGIFACE=$(ifconfig | grep 00:13:37 -B2 | head -1 | awk {'print $1'} | sed 's/ *:.*//')
|
||||
if [[ -n "$BUGIFACE" ]]; then
|
||||
BUGIFACENAME=$(networksetup -listnetworkserviceorder | grep $BUGIFACE -B1 | head -1 | sed 's/(.*)//' | cut -c2-)
|
||||
networksetup -setdhcp "$BUGIFACENAME" || err "error enabling ipv4 on bug interface"
|
||||
networksetup -setv6automatic "$BUGIFACENAME" || err "error enabling ipv6 on bug interface"
|
||||
fi
|
||||
}
|
||||
|
||||
function mute(){
|
||||
echo "[*] Muting plunder bug interface..."
|
||||
if [[ "$OS" -eq 0 ]]; then
|
||||
add_rule_to_iptables
|
||||
add_rule_to_ip6tables
|
||||
elif [[ "$OS" -eq 1 ]];then
|
||||
disable_interface_in_networksetup
|
||||
fi
|
||||
echo -e "[*] Mute complete\n"
|
||||
}
|
||||
|
||||
function unmute() {
|
||||
echo "[*] Unmuting plunder bug interface... $IFACE"
|
||||
if [[ "$OS" -eq 0 ]]; then
|
||||
remove_rule_from_iptables
|
||||
remove_rule_from_ip6tables
|
||||
elif [[ "$OS" -eq 1 ]];then
|
||||
enable_interface_in_networksetup
|
||||
fi
|
||||
echo -e "[*] Unmute complete\n"
|
||||
QUIT=1
|
||||
}
|
||||
|
||||
function cleanup() {
|
||||
echo -e "\n[!] Cleaning up..."
|
||||
unmute
|
||||
}
|
||||
|
||||
##########################
|
||||
# MAIN ENTRY
|
||||
##########################
|
||||
QUIT=0
|
||||
# Validate args
|
||||
banner
|
||||
|
||||
# Validate priv / iptables
|
||||
root_check
|
||||
os_check
|
||||
|
||||
if [[ -z "$2" ]]; then
|
||||
# Wait for device to be connected - no arg supplied for --mute/--unmute
|
||||
wait_for_bug_connection
|
||||
else
|
||||
# Arg given for --mute/--unmute
|
||||
IFACE=$2
|
||||
fi
|
||||
|
||||
# Handle modes
|
||||
if [[ "$1" = "--unmute" ]]; then
|
||||
cleanup
|
||||
micdrop 0
|
||||
elif [[ "$1" = "--mute" ]]; then
|
||||
mute
|
||||
micdrop 0
|
||||
else
|
||||
usage
|
||||
micdrop 1
|
||||
fi
|
||||
|
||||
# Wait for bug to be unplugged/ctrl-c - cleanup and exit
|
||||
trap cleanup INT
|
||||
micdrop 0
|
||||
Loading…
Reference in New Issue