Hello
Thanks for your great script !
"for sure in the next future I'll need to adapt iptables rules for the new nftables stuff."
Any ETA for this?
Hello
Thanks for your great script !
"for sure in the next future I'll need to adapt iptables rules for the new nftables stuff."
Any ETA for this?
Not yet because with the fix, now is going to work always... but for sure it will be done. If I receive some help it can be done very soon. I just need to "translate" all the iptables commands to the new nomenclature... These are the commands to translate. Any help is welcome:
Saving and restoring:
iptables-save > file
iptables-restore < file
Probably saving and restoring will be the same
Cleaning rules:
iptables -F
iptables -t nat -F
iptables -X
iptables -t nat -X
Cleaning stuff maybe will be unchanged (wild guess, didn't checked yet new nomenclature documentation)
Policy stuff:
iptables -P FORWARD ACCEPT
Some rules:
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.1.1:80
iptables -A INPUT -p tcp --destination-port 80 -j ACCEPT
iptables -A INPUT -p udp --destination-port 53 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
NAT masquerading:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Icmp stuff:
iptables -A INPUT -p icmp --icmp-type 8 -s 192.168.1.0/255.255.255.0 -d 192.168.1.1/255.255.255.0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s 192.168.1.0/255.255.255.0 -d 192.168.1.1/255.255.255.0 -j DROP
That's all. For sure, airgeddon has more iptables rules... but most of them are "repeated" just with some different data (port or whatever)... but translating this I could adapt it to the new nftables. Any help? I have not too much time lately!
Thanks.
Done...@pamamolf, nftables integration is finished: https://github.com/v1s1t0r1sh3r3/airgeddon/pull/234
Now airgeddon detects if nft is present and if present is using it. If no nftables present it works as always using iptables... everything is done automatically. I even added a new option AIRGEDDON_FORCE_IPTABLES that can be set to true to force use of iptables instead of nftables if the user prefer that. It is documented as all options at wiki here: https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Options
This is milestoned to be released on next 9.10 version. Anyway you can use and test it now cloning dev branch of the project (git clone -b dev <repo>).
Cheers.
airgeddon v9.10 was released today. Now mdk3 was replaced by mdk4 . It has now support for nftables.
We are working hard on v9.20 which will have support for tmux in order to avoid the requirement of a X window system. It will be able to be configured in options .airgeddonrc file and on some environments (headless servers) could be an interesting feature.
Cheers!
Sorry for reposting... but if there are not too much activity I'll inform anyway about new releases here...
v9.11 released with some fixes making airgeddon compatible with BeEF versions. It seems on new BeEF versions there are some modifications in the config file. Now airgeddon is able to detect BeEF version and perform the needed changes in order to make it work with all of them even with the coming soon 0.4.7.2 BeEF version which did not reached yet the Kali repositories. I added also a couple of minor fixes and now once airgeddon update, the new .airgeddonrc file containing options is also updated to add new possible options and to avoid possible warnings. In addition, airgeddon will save the customizations on this file to avoid overriding them on update, so user can keep safely their customizations.
Tmux support is already done in another branch (headless_tmux) and is now under beta testing. v9.20 will have this new feature which will allow us to launch airgeddon on headless (without X window system) environments. Very useful for old raspberry pi or similar resources limited devices.
Cheers!
Appreciate the update and love your work. This is by far the funnest setup out there and super reliable, all it needs is PMKID if you can be bothered.
Hi, I'm trying the wps bruteforce but it only tries the same pin over and over.
@smoothy, yeah, that will be implemented for sure!
@donThomaso, What airgeddon version do you have? are you trying reaver or bully bruteforce?
hhmm.... it works ok for me. I think it depends of the Access Point. But in anycase it not seems an airgeddon issue. Maybe you want to ask to the reaver staff at their github.
v9.20 with tmux support to be used in headless servers was released today. Happy hacking!
thanks for your hard work
This being said MTeams could find no indication that mac codes of the user are being spoofed and that users are broadcasting their hardware mac.
Due the retiring of the mdk4 package from the Debian testing repos and from the Kali repos, we added a feature to use mdk3 backward compatibility. For the next v9.21 there will be a new option at options file (.airgeddonrc) called AIRGEDDON_MDK_VERSION with the default value mdk4 but it can be changed to mdk3 to use mdk3 instead.
Now working on the custom certificates creation for enterprise attacks which will released on v9.21 as well. Cheers!
I noticed that Pixiedust only works on routers with Ralink chipset
do you know why?
I've also noticed that wps null attack works on all v***zon D-link 2750b
The WPS Pixie Dust vulnerability is based on the lack of randomness over the PRNG used to cipher the public key. This vulnerability is affecting only to some Access Points. It depends of the vendor's WPS implementation. Some APs are affected and others are not affected. Here you can find a list (maybe is not pretty much up-to-date) about different access points regarding this topic: https://docs.google.com/spreadsheets...gid=2048815923
Take a look at it if you want to check how many access points are affected. You'll see there there are more APs affected than the Ralink chipset based. Hope it helps.
Hi, v9.21 was released today with custom certificates creation for enterprise attacks, some fixes and the backwards compatibility for mdk (now mdk3 or mdk4 can be chosen). Happy hacking!
Hi, v9.21 is working fine for me. Good job!!
I woluld suggest the following order for the windows:
window1: select wlan
window2: get it into monitor mode
window3: scan for targets
window4: choose attack mode
On my computers window4 appears before window3. Is there some reason for this?
Hi Only one problem, it the mode where it's looking for sites to use, I find very few site as compeared to airodump-ng start wlan0. Seems like it lacks power. Are there any switches to up it's pull in power?
Hi @ea1kt, what are you talking about exactly? which attack with 4 windows? what you are describing are not windows are the order of the actions to take. You can do your own action order choosing options on menus. What you want can be done doing that actions in the precise order.
@cold iron, what you mean with "mode where it's looking for sites to use" ?? Do you mean standard airodump-ng scanning? ok, airgeddon is using airodump-ng, so using it without using airgeddon is exactly the same. The power of your card is the same and that is not related to airgeddon. The unique difference using airgeddon's airodump-ng is that airgeddon is filtering out the unneeded networks depending of the menu on which you are launching it. For example, if you are on the WEP menu, on the scan only WEP networks will appear. If you are on Handshake capturing menu, only WPA/WPA2 networks will appear, etc. This may cause that inside airgeddon the results of the scan are less but is not true. They are the same but they are filtered in order to be useful.
Cheers!
Hi, well I see a big difference between the to client screens, a lot less in the wpa screen and all them are missing are very close which seems odd. The close ones should show better.
Great program I must say, thanks
I don?t quite understand your msg. but let me say @V1s1t0r?s answer is right. I did?t know the scans were filtered as he explains in his answer to @cold iron. Now everything makes sense, and after reading carefully every option in airgeddon one can see there is more in the program than meets the eye at first sight.
Cheers and beers.
Hi ea1kt..... I like the router part of the program, but the search for clients part picks up a lot less bbsid then the handshake one. That was what I was trying to say. Also the clients closes to me do not show up at all in the router search which seems odd but do in the hand shake window. Just wondering why.
Hi @v1s1t0r, i've stup airgeddon ona RPi3+ with Kali and testedit with an external wireless adapter: working OK.
If I use the internal card, when exploring for targets I get the following error msg:
Interface wlan0 selected. Mode: Monitor. Supported bands: 2.4Ghz, 5Ghz
Selected BSSID: E2:41:36:25:D3:00
Selected channel: 6
Selected ESSID: MOVISTAR_D300
Type of encryption: WPA2
Select an option from menu:
---------
0. Return to main menu
1. Select another network interface
2. Put interface in monitor mode
3. Put interface in managed mode
4. Explore for targets (monitor mode needed)
------------ (monitor mode needed for capturing) -------------
5. Capture Handshake
---------
6. Clean/optimize Handshake file
---------
*Hint* The natural order to proceed in this menu is usually: 1-Select wifi card 2-Put it in monitor mode 3-Select target network 4-Capture Handshake
---------
> 4
**************************** Exploring for targets *****************************
Exploring for targets option chosen (monitor mode needed)
Selected interface wlan0 is in monitor mode. Exploration can be performed
WPA/WPA2 filter enabled in scan. When started, press [Ctrl+C] to stop...
Press [Enter] key to continue...
airgeddon.sh: line 11619: /tmp/nws-01.csv: No such file or directory
(I get this same error with two different RPi's with different sd-cards). The internal card supports monitor mode and injection: working OK with the aircrack suite.
In the /temp folder there is a nws.csv file but no nws-01.csv file. Please, how can I tackle this?
@ea1kt that error is probably caused because it is trying to launch an xterm window and it seems you don't have a X windows system to connect to.
For that headless systems you can use tmux instead of xterm just modifying the AIRGEDDON_WINDOWS_HANDLING and setting it to "tmux" in .airgeddonrc options file. You can do it also from the options menu inside the application.
If you have a X windows system up and running and you are still getting that error using xterm, maybe you need to fix some kind of problem to access to it. Usually a simple xhosts + command do the trick.
v9.23 released . This release is a minor release. No major changes, just small fixes.
I don't want to spoil too much yet, but we are working in a new version (v10.0) with a major change. We are trying to create a plugins system on which the users will be able to perform custom modifications and will be able to develop easily some modifications to airgeddon. I'll give more details when it gets a more mature stage.
Cheers!
Hi, we are working hard on the next version. We are creating a plugins system! in order to let the community to create their own airgeddon customizations. It is ambitious but if finally we are able to do it, it will be awesome! Here is a link where we explain everything related to this with more detail: https://github.com/v1s1t0r1sh3r3/airgeddon/issues/308
We also created a Discord channel in order to help to the users. Here is the public invitation link: https://discord.gg/sQ9dgt9
Regards
Done!! new v10.0 airgeddon version with plugins system and other minor improvements was released!!
Changelog:
Now the community will be able to develop their own airgeddon customizations easily... thanks to the function hooking system (prehook, override and posthook), we can choose the function we want to interact to and easily perform the needded modifications. More info at links:Quote:
v10.0
- Added plugins system
- Added example plugin: Missing dependencies auto-installation for some distros (Kali, Parrot, BlackArch)
- Improvements for Evil Twin on captive portal detection for newer devices
- Missing 5GHz channels added
- Github pull request template added and issue templates updated
- Fixed error on hex2ascii conversion for some WEP passwords
https://github.com/v1s1t0r1sh3r3/air...ugins%20System
https://github.com/v1s1t0r1sh3r3/air...%20Development
We also created a new wiki section "Plugins Hall of Fame" https://github.com/v1s1t0r1sh3r3/air...ll%20of%20Fame where we will place external links to awesome plugins developed by the community.
Now the limits are only set by your imagination :D
Regards!
Having a problem when putting a device into monitor mode:
I select option 2 to put into monitor mode.Code:Interface wlan1 selected. Mode: Managed. Supported bands: 2.4GHz, 5GHz
Select an option from menu:
...
Now, I get:
The interface name is not called "enabled", and it IS a wifi card.Code:The inteface changed it's name while setting in monitor mode. Autoselected
Monitor mode now is set on enabled
Press any key to continue...
Interface enabled selected. Mode: (Non wifi card)
...
This is occurring on a bare metal install (not a virtual machine) of Kali 2019.4, with all packages installed and up to date. By the way, the interface name has NOT changed, according to ifconfig. It is still wlan1 after being put into monitor mode!
My card is an alfa AWUS036ACH with official aircrack-ng dkms driver loaded.
What is going on?
Hi, I can say that the problems you are experiencing are problems of the driver because they are printing a very different output on iwconfig commands than the rest of the drivers for the rest of the cards.
So, all the Realtek chipsets RTL88xx like yours (RTL8812AU) are having problems using airgeddon due this different output. Anyway, don't worry! there are some workarounds for you:
Since the airgeddon v10.0 was released, there is a new awesome feature, a plugins system. Now users can develop their own custom stuff. More info here: airgeddon Plugins System. What is this useful for these kind of cards? because there is a plugin to handle that awful different behavior. You can find it here.
So using the plugin, you can work safely using that cards in airgeddon.
Anyway, check the list of the recommended and whitelisted cards: airgeddon Compatible Cards
For the next v10.01 airgeddon will have removed use of ifconfig and iwconfig commands (they are deprecated). Instead, ip and iw commands are used... so for v10.01 the plugin will be no needed and you'll be able to use your card directly with airgeddon without any plugin because the problems were caused by the use of iwconfig. v10.01 is already developed but not released yet (just waiting for some translations before releasing it). If you want to use it now you can do a git clone of the "dev" branch: git clone -b dev https://github.com/v1s1t0r1sh3r3/airgeddon
Enjoy! :)
Installed the new Kali and trying to install Airgaddon's missing tools. But I keep getting "unable to locate package" I am using the same command as before but not working.
I know this may be a dumb question, sorry.
In first place, if you are using airgeddon v10.0 which already has the plugins system, there is a buitin plugin which will install the missing dependencies for you if they are missing. So do a git clone, launch it and follow the instructions on the screen, that's all you need.
Anyway, if you want to install them manually, of course you can, but you need to know how to do it... which dependency are you missing? which command are you launching to try to install it? please be more specific! otherwise is impossible to help you. It's important to be concrete to ask something.
I'm having problems exploring targets for WPS and would like to know which network adapters are working 100%. I have one TL-WN722N and one AWUS036NEH.
One of them was working(to scan) this morning but now i cant get any of them to work. I can enable monitor mode and do the other scans.
Read the airgeddon wiki for that: https://github.com/v1s1t0r1sh3r3/air...and%20Chipsets
Panda cards are cheap and easy to find on ebay, amazon, etc.
Not sure what are you referring to. airgeddon is not available (yet) at Kali repos. To install airgeddon on Kali you can do the common git clone method or install the available .deb package from the github.
Yes. I have airgeddon install, but missing some of the tools like 8 or so. When I try to download them I get that message "can not find package" or something like that. Github has all the files, I can search and find them but for some reason, kali can't.!!
Kali has all the packages needed on their repos. Please, post here the packages you are missing. Probably you are doing something wrong. For example... if you read something like this:
wash .... Ok
openssl .... Ok
dhcpd .... Error (Possible package name : isc-dhcp-server / dhcp-server / dhcp)
reaver .... Ok
That means that you are missing the command dhcpd, but the name of the package is not dhcpd. It is "isc-dhcp-server" or "dhcp-server" or "dhcp", it depends of your linux distribution. For Kali, Parrot and Debian based distros you should perform to fix this: "apt install isc-dhcp-server".
Paste here your problem and what you are missing.
By the way, I followed the Kali guide: https://www.kali.org/docs/development/public-packaging/
I created an account and a repo at Gitlab.com: https://gitlab.com/v1s1t0r1sh3r3/airgeddon
I was able to create the .deb package following the guide. I had some problems but now are solved. I hope with this airgeddon could be added to Kali repos :D