PDA

View Full Version : Quickly Repeating Repetitive Terminal Commands When Booting into Kali Live Linux



kalikali
2015-12-15, 22:02
For those of you who boot into Kali Live USB or CD, you'll probably get tired of doing the same thing over and over like placing your WiFi adapter into monitor mode each time you boot.

So, I thought that "script" and "scriptreplay" do repetitive terminal tasks but they don't - it literally records what you do in the terminal and then when you replay the script, it doesn't execute the commands, it just replays the script like a video! I don't understand the point of "script" and "scriptreplay" unless of course you enjoy eating popcorn while watching the text you recorded in the terminal playback to you? Anyway, don't do what I did above... here's a simple trick in Linux:

After each command you want to execute in your terminal, place an "&&" (without the quotation marks) like this:

airmon-ng check kill && rfkill unblock all && ifconfig wlan0 down && macchanger -r wlan0 && iwconfig wlan0 mode monitor && ifconfig wlan0 up

Basically, instead of typing each command separately (line after line) over and over again each time you do a Live boot, just copy the commands (which you should save as a text file somewhere on another USB), paste it into the terminal and hit "Enter". That's it! The above will execute all the commands together at the same time on 1 single line in the terminal.

I use the above to do this upon booting into Kali:

airmon-ng check kill = This kills all processes that "could cause trouble".

rfkill unblock all = This allows my WiFi adapter get into monitor mode - I can't start without it as I get an error.

ifconfig wlan0 down = This is useful for 2 reasons:
1) It allows me to change my MAC address and
2) Set the adapter into monitor mode

macchanger -r wlan0 = Changes adapters real MAC address to a random MAC - I always do this.

iwconfig wlan0 mode monitor = Sets the adapter into monitor mode. This is equivalent to "airmon-ng start wlan0" but then you'll get "wlan0mon" which is longer to write and if you want to change your MAC address, you'll still need to do "ifconfig wlan0mon down" to change MAC address.

ifconfig wlan0 up = Finally, this puts everything into place and you're ready to execute other commands.

You can make it longer or shorter by adding more (or less) commands and separating them with an "&&". For instance, if you often go directly into airodump-ng after placing adapter into monitor mode, simply add: "&& airodump-ng wlan0" after the "ifconfig wlan0 up".

You can also write a script to do what I explained above, but, I found copying and pasting is adequate. Also, the "&&" can be replaced by a semi-colon ";" after each command. The difference:

&& = Executes only if the previous command executed properly (so make sure to place the commands in order!)

; = Executes regardless whether the previous command executed (command order matters but command may be skipped)

Hope this helps other beginners like myself :)

Enjoy

mmusket33
2015-12-16, 07:44
MTeams likes your work. We only wish to add the following:

As you are avoiding the use of airmon-ng you could make a virtual monitor from your device wlan0 with the command:

iw wlan0 interface add mon0 type monitor

You will also need to spoof the mac address of the virtual monitor.

You may find macchanger -A a better random spoofing command as some devices cannot accept some 17 long string hex possibilities (i.e. 12 hex characters and 5 colons).

To keep the two(2) mac addresses equal you will have to use bash scripting with awk and sed. We can post our two(2) routines for the older and newer airmon-ng for your reference if you show interest and you can adjust to fit your situation.

You could also just read these routines found in varmacscan2-8 download.

MTeams

kalikali
2015-12-17, 18:06
Hello mmusket33,

I have asked on this thread (https://forums.kali.org/showthread.php?28742-Difference-Between-quot-iwconfig-wlan0-mode-monitor-quot-and-quot-airmon-ng-start-wlan0-quot) regarding your quote above, "avoiding the use of airmon-ng you could make a virtual monitor". I don't see the point in having a virtual monitor mode (mon0) when I can have the monitor mode on the original (wlan0). This way, when I do "ifconfig wlan0 down", I only need to change the MAC address once and when I place the WiFi adapter into monitor mode with "iwconfig wlan0 mode monitor" and I check the MAC address after doing "ifconfig wlan0 up", everything is correct - it's in monitor mode and the MAC address is spoofed.

Maybe you could explain the difference between the method used to set the adapter into monitor mode in the link above? Everyone who answered seems to say "there's no difference".

Also, you say "if you show interest" you have 2 routines that you can show us - well, I am showing interest :)

Thanks

mmusket33
2015-12-18, 01:09
To kalikali

You have asked a question that we ourselves have never understood. We asked this exact question years ago and only got the answer that it was not good practice. Of course if you want to run several virtual monitors doing different things then mon0 mon1 etc is the only way to go. However the newer airmon-ng stops this and allows only one monitor. You can force out a second one using iw wlan0 interface add mon0 type monitor as indicated above. But the newer airmon-ng doesnot like a third monitor.

We have published these routines in kali-threads already see

https://forums.kali.org/showthread.php?27180-How-to-create-multiple-monitors-with-the-newer-airmon-ng&highlight=virtual+monitors

Read thru the thread latter a method to put one device in monitor mode and not use airmon-ng check kill is outlined


Routines including macchanging etc for both versions of airmon-ng are found in varmacscan2-8. But these include complicated awk/sed commands to keep the mac addresses the same. Here your question of why do this at all is valid. Our problem when releasing scripts for the community has always been airmon-ng. Airmon-ng seemed to work for most users therefore we were reluctant to not employ it or release scripts that did not include it. It is as simple as that.

MTeams is rewriting some routines and implementing your suggestions into them. Again we like your work

Thanx

MTeams