Initial Release
parent
0bb5899e89
commit
b4a5a21eaa
14
README.md
14
README.md
|
@ -1 +1,13 @@
|
||||||
# plunderbug-scripts
|
# Plunder Bug Scripts
|
||||||
|
|
||||||
|
The Plunder Bug by Hak5 is pocket-sized LAN Tap that lets you "bug" Ethernet connections with USB-C convenience.
|
||||||
|
|
||||||
|
Coupled with these cross-platform scripts or the Android root app, this smart network sniffer enables passive recording or active scanning.
|
||||||
|
|
||||||
|
![Plunder Bug](https://cdn.shopify.com/s/files/1/0068/2142/products/plunderbug2_500x.jpg)
|
||||||
|
|
||||||
|
* [Purchase the Plunder Bug at Hak5.org](https://shop.hak5.org/products/bug "Purchase the Plunder Bug at Hak5.org")
|
||||||
|
* [Documentation](https://docs.hak5.org/hc/en-us/categories/360001482953-Plunder-Bug "Plunder Bug Documentation")
|
||||||
|
* [Forums](https://forums.hak5.org/forum/97-plunder-bug/ "Plunder Bug Forums")
|
||||||
|
* IRC: irc.hak5.org #hak5
|
||||||
|
* Discord: https://discord.gg/WuteWPf
|
||||||
|
|
|
@ -0,0 +1,82 @@
|
||||||
|
<#
|
||||||
|
|
||||||
|
Plunder Bug
|
||||||
|
(C) Hak5 2019
|
||||||
|
Powershell mute script that manages NetAdapterBinding for the bug interface
|
||||||
|
used to prevent the capture host from sending data over the wire the bug is tapping
|
||||||
|
|
||||||
|
#>
|
||||||
|
|
||||||
|
param([string]$mode)
|
||||||
|
|
||||||
|
if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`" $mode" -Verb RunAs; exit }
|
||||||
|
|
||||||
|
|
||||||
|
function banner {
|
||||||
|
" ###########################################"
|
||||||
|
" # | \ / Plunder Bug by Hak5 #"
|
||||||
|
" # \ O.o #"
|
||||||
|
" # ( _ )\ Windows Bug Mute Script #"
|
||||||
|
" # '' ''¿ #"
|
||||||
|
" ###########################################"
|
||||||
|
}
|
||||||
|
|
||||||
|
function usage {
|
||||||
|
"Usage: plunderbug.ps1 <mode>"
|
||||||
|
" mute Mute plunder bug interface and exit"
|
||||||
|
" unmute Unmute plunder bug interface and exit"
|
||||||
|
}
|
||||||
|
|
||||||
|
function mute($iface_name) {
|
||||||
|
"Disabling IPv4 on bug interface $iface_name ..."
|
||||||
|
|
||||||
|
Disable-NetAdapterBinding -Name $iface_name -ComponentID ms_tcpip
|
||||||
|
|
||||||
|
"Disabling IPv6 on bug interface $iface_name ..."
|
||||||
|
|
||||||
|
Disable-NetAdapterBinding -Name $iface_name -ComponentID ms_tcpip6
|
||||||
|
|
||||||
|
"Mute complete"
|
||||||
|
}
|
||||||
|
|
||||||
|
function unmute($iface_name) {
|
||||||
|
"Enabling IPv4 on bug interface $iface_name ..."
|
||||||
|
|
||||||
|
Enable-NetAdapterBinding -Name $iface_name -ComponentID ms_tcpip
|
||||||
|
|
||||||
|
"Enabling IPv6 on bug interface $iface_name ..."
|
||||||
|
|
||||||
|
Enable-NetAdapterBinding -Name $iface_name -ComponentID ms_tcpip6
|
||||||
|
|
||||||
|
"Unmute complete"
|
||||||
|
}
|
||||||
|
|
||||||
|
banner
|
||||||
|
"Starting plunderbug mute script..."
|
||||||
|
"Waiting for the plunderbug to be connected..."
|
||||||
|
$iface_name = $null
|
||||||
|
$name = $null
|
||||||
|
while ($name -eq $null){
|
||||||
|
|
||||||
|
$name=Get-NetAdapter| Where-Object {$_.MacAddress -match "00-13-37*"} | Select Name | Format-Table -hidetableheader
|
||||||
|
$tmp=$name | Out-String
|
||||||
|
$iface_name=$tmp.trim()
|
||||||
|
|
||||||
|
Start-Sleep -Seconds 1
|
||||||
|
}
|
||||||
|
"Interface Detected... $iface_name"
|
||||||
|
|
||||||
|
if ( $mode -eq "mute" ){
|
||||||
|
mute $iface_name
|
||||||
|
pause
|
||||||
|
exit
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( $mode -eq "unmute") {
|
||||||
|
unmute $iface_name
|
||||||
|
pause
|
||||||
|
exit
|
||||||
|
}
|
||||||
|
|
||||||
|
usage
|
||||||
|
pause
|
|
@ -0,0 +1,211 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Plunder Bug
|
||||||
|
# (C) Hak5 2019
|
||||||
|
#
|
||||||
|
# Bash mute script that manages iptables for the bug interface
|
||||||
|
# used to prevent the capture host from sending data over the wire the bug is tapping
|
||||||
|
|
||||||
|
OS=0
|
||||||
|
|
||||||
|
function banner(){
|
||||||
|
echo " ###########################################"
|
||||||
|
echo " # | \ / Plunder Bug by Hak5 #"
|
||||||
|
echo " # \ O.o #"
|
||||||
|
echo " # ( _ )\ Bug Interface Mute Script #"
|
||||||
|
echo " # '' ''¿ #"
|
||||||
|
echo " ###########################################"
|
||||||
|
}
|
||||||
|
|
||||||
|
function usage() {
|
||||||
|
echo "Usage: sudo ./plunderbug.sh"
|
||||||
|
echo " --mute Mute plunder bug interface and exit"
|
||||||
|
echo " --unmute Unmute plunder bug interface and exit"
|
||||||
|
}
|
||||||
|
|
||||||
|
function iptables_check() {
|
||||||
|
if [[ -z $(which iptables) ]]; then
|
||||||
|
echo "iptables required to mute interface"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function os_check() {
|
||||||
|
if [[ "$OSTYPE" == "darwin"* ]]; then
|
||||||
|
echo -e "\nOSX Detected\n"
|
||||||
|
OS=1
|
||||||
|
elif [[ "$OSTYPE" == "cygwin" ]]; then
|
||||||
|
err "Cygwin not supported"
|
||||||
|
else
|
||||||
|
OS=0
|
||||||
|
iptables_check
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function micdrop(){
|
||||||
|
echo "Exited"
|
||||||
|
exit $1
|
||||||
|
}
|
||||||
|
|
||||||
|
function err() {
|
||||||
|
echo "[FATAL] $1"
|
||||||
|
QUIT=1
|
||||||
|
micdrop 1
|
||||||
|
}
|
||||||
|
|
||||||
|
function root_check() {
|
||||||
|
if [[ "$EUID" -ne 0 ]]; then
|
||||||
|
echo "Please re-run as root"
|
||||||
|
usage
|
||||||
|
micdrop 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function wait_for_bug_connection() {
|
||||||
|
printf "%s" 'Waiting for a plunder bug to be connected...'
|
||||||
|
while [[ -z $IFACE ]]; do
|
||||||
|
printf "%s" .
|
||||||
|
if [[ "$OS" -eq 1 ]]; then
|
||||||
|
IFACE=$(ifconfig | grep 00:13:37 -B2 | head -1 | awk {'print $1'} | sed 's/ *:.*//')
|
||||||
|
else
|
||||||
|
IFACE=$(find /sys/class/net -mindepth 1 -maxdepth 1 ! -name lo -printf "%P " -execdir cat {}/address \; | grep "00:13:37" | cut -d " " -f1)
|
||||||
|
fi
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
echo -e "\n\n[$IFACE] Plunder Bug connected\n"
|
||||||
|
}
|
||||||
|
|
||||||
|
function check_ip6tables_rule_exists(){
|
||||||
|
if [[ -z $(ip6tables -vL|grep $IFACE) ]];then
|
||||||
|
echo 1
|
||||||
|
else
|
||||||
|
echo 0
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function add_rule_to_ip6tables() {
|
||||||
|
pre_existing_rule=$(check_ip6tables_rule_exists)
|
||||||
|
if [[ "$pre_existing_rule" -eq 1 ]];then
|
||||||
|
printf "\t%s" "[+] Adding ip6tables rule..."
|
||||||
|
ip6tables -A OUTPUT -o $IFACE -j DROP && echo "Success" || err "failed to add rule to ip6tables"
|
||||||
|
else
|
||||||
|
echo "IPv6 Mute rule already exists on system..."
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function check_iptables_rule_exists(){
|
||||||
|
if [[ -z $(iptables -vL|grep $IFACE) ]];then
|
||||||
|
echo 1
|
||||||
|
else
|
||||||
|
echo 0
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function add_rule_to_iptables() {
|
||||||
|
pre_existing_rule=$(check_iptables_rule_exists)
|
||||||
|
if [[ "$pre_existing_rule" -eq 1 ]];then
|
||||||
|
printf "\t%s" "[+] Adding iptables rule..."
|
||||||
|
iptables -A OUTPUT -o $IFACE -j DROP && echo "Success" || err "failed to add rule to iptables"
|
||||||
|
else
|
||||||
|
echo "IPv4 Mute rule already exists on system..."
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function remove_rule_from_ip6tables() {
|
||||||
|
pre_existing_rule=$(check_ip6tables_rule_exists)
|
||||||
|
if [[ "$pre_existing_rule" -eq 0 ]];then
|
||||||
|
printf "\t%s" "[-] Removing ip6tables rule..."
|
||||||
|
ip6tables -D OUTPUT -o $IFACE -j DROP && echo "Success" || err "failed to remove ip6tables rule"
|
||||||
|
else
|
||||||
|
echo "IPv6 Mute rule already removed from system..."
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function remove_rule_from_iptables() {
|
||||||
|
pre_existing_rule=$(check_iptables_rule_exists)
|
||||||
|
if [[ "$pre_existing_rule" -eq 0 ]];then
|
||||||
|
printf "\t%s" "[-] Removing iptables rule..."
|
||||||
|
iptables -D OUTPUT -o $IFACE -j DROP && echo "Success" || err "failed to remove iptables rule"
|
||||||
|
else
|
||||||
|
echo "IPv4 Mute rule already removed from system..."
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function disable_interface_in_networksetup() {
|
||||||
|
BUGIFACE=$(ifconfig | grep 00:13:37 -B2 | head -1 | awk {'print $1'} | sed 's/ *:.*//')
|
||||||
|
if [[ -n "$BUGIFACE" ]]; then
|
||||||
|
BUGIFACENAME=$(networksetup -listnetworkserviceorder | grep $BUGIFACE -B1 | head -1 | sed 's/(.*)//' | cut -c2-)
|
||||||
|
networksetup -setv4off "$BUGIFACENAME" || err "error disabling ipv4 on bug interface"
|
||||||
|
networksetup -setv6off "$BUGIFACENAME" || err "error disabling ipv6 on bug interface"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function enable_interface_in_networksetup(){
|
||||||
|
BUGIFACE=$(ifconfig | grep 00:13:37 -B2 | head -1 | awk {'print $1'} | sed 's/ *:.*//')
|
||||||
|
if [[ -n "$BUGIFACE" ]]; then
|
||||||
|
BUGIFACENAME=$(networksetup -listnetworkserviceorder | grep $BUGIFACE -B1 | head -1 | sed 's/(.*)//' | cut -c2-)
|
||||||
|
networksetup -setdhcp "$BUGIFACENAME" || err "error enabling ipv4 on bug interface"
|
||||||
|
networksetup -setv6automatic "$BUGIFACENAME" || err "error enabling ipv6 on bug interface"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function mute(){
|
||||||
|
echo "[*] Muting plunder bug interface..."
|
||||||
|
if [[ "$OS" -eq 0 ]]; then
|
||||||
|
add_rule_to_iptables
|
||||||
|
add_rule_to_ip6tables
|
||||||
|
elif [[ "$OS" -eq 1 ]];then
|
||||||
|
disable_interface_in_networksetup
|
||||||
|
fi
|
||||||
|
echo -e "[*] Mute complete\n"
|
||||||
|
}
|
||||||
|
|
||||||
|
function unmute() {
|
||||||
|
echo "[*] Unmuting plunder bug interface... $IFACE"
|
||||||
|
if [[ "$OS" -eq 0 ]]; then
|
||||||
|
remove_rule_from_iptables
|
||||||
|
remove_rule_from_ip6tables
|
||||||
|
elif [[ "$OS" -eq 1 ]];then
|
||||||
|
enable_interface_in_networksetup
|
||||||
|
fi
|
||||||
|
echo -e "[*] Unmute complete\n"
|
||||||
|
QUIT=1
|
||||||
|
}
|
||||||
|
|
||||||
|
function cleanup() {
|
||||||
|
echo -e "\n[!] Cleaning up..."
|
||||||
|
unmute
|
||||||
|
}
|
||||||
|
|
||||||
|
##########################
|
||||||
|
# MAIN ENTRY
|
||||||
|
##########################
|
||||||
|
QUIT=0
|
||||||
|
# Validate args
|
||||||
|
banner
|
||||||
|
|
||||||
|
# Validate priv / iptables
|
||||||
|
root_check
|
||||||
|
os_check
|
||||||
|
|
||||||
|
if [[ -z "$2" ]]; then
|
||||||
|
# Wait for device to be connected - no arg supplied for --mute/--unmute
|
||||||
|
wait_for_bug_connection
|
||||||
|
else
|
||||||
|
# Arg given for --mute/--unmute
|
||||||
|
IFACE=$2
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Handle modes
|
||||||
|
if [[ "$1" = "--unmute" ]]; then
|
||||||
|
cleanup
|
||||||
|
micdrop 0
|
||||||
|
elif [[ "$1" = "--mute" ]]; then
|
||||||
|
mute
|
||||||
|
micdrop 0
|
||||||
|
else
|
||||||
|
usage
|
||||||
|
micdrop 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Wait for bug to be unplugged/ctrl-c - cleanup and exit
|
||||||
|
trap cleanup INT
|
||||||
|
micdrop 0
|
Loading…
Reference in New Issue