Last active
April 4, 2025 15:20
-
-
Save lorenzodifuccia/7f164dc8b22b7d91af97c859f9619965 to your computer and use it in GitHub Desktop.
AP Mode script for Man-in-The-Middle (MitM) environment
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # * * * CONFIGURE * * * | |
| AP_INT="wlan0" | |
| PROXY="192.168.75.1:8080" | |
| # 192.168.75.1 is my eth0 (host VMWare), you can use 127.0.0.1 for local Burp | |
| # Remember to set "Support invisible proxy" on Proxy configuration | |
| # If the interface changes, remember to change these files: | |
| # /etc/hostapd/hostapd.conf | |
| # /etc/dnsmasq.conf | |
| # /etc/network/interfaces | |
| if [ "$(id -u)" -ne 0 ]; then echo "Error 0x10: script must be run as root!"; exit 1; fi | |
| OUT_INT=$(ip route | head -n 1 | awk '{print $5}') | |
| if [ $? -ne 0 ]; then echo "Error 0x11: unable to get the output interface..."; exit 1; fi | |
| # Enable AP_INT | |
| ip addr flush dev $AP_INT | |
| if [ $? -ne 0 ]; then echo "Error 0x20"; exit 1; fi | |
| # nmcli device set $AP_INT managed off | |
| # airmon-ng check kill | |
| # if [ $? -ne 0 ]; then echo "Error 0x21"; exit 1; fi | |
| ifdown $AP_INT | |
| if [ $? -ne 0 ]; then echo "Error 0x22"; exit 1; fi | |
| ifup $AP_INT | |
| if [ $? -ne 0 ]; then echo "Error 0x23"; exit 1; fi | |
| dhclient -r $OUT_INT | |
| if [ $? -ne 0 ]; then echo "Error 0x30"; exit 1; fi | |
| dhclient $OUT_INT | |
| if [ $? -ne 0 ]; then echo "Error 0x31"; exit 1; fi | |
| # Enable dnsmasq | |
| killall dnsmasq 2>/dev/null | |
| dnsmasq -q --log-facility=$(pwd)/dnsmasq.log | |
| if [ $? -ne 0 ]; then echo "Error 0x40"; exit 1; fi | |
| # Enable Hostapd | |
| killall hostapd 2>/dev/null | |
| hostapd -B -d -t -f $(pwd)/hostapd.log /etc/hostapd/hostapd.conf | |
| if [ $? -ne 0 ]; then echo "Error 0x50"; exit 1; fi | |
| # Enable Packet Forward and iptables | |
| sysctl -w net.ipv4.ip_forward=1 | |
| iptables --flush | |
| iptables --table nat --flush | |
| # iptables --delete-chain | |
| # iptables --table nat --delete-chain | |
| iptables --table nat --append PREROUTING -i $AP_INT -p tcp --dport 80 -j DNAT --to-destination $PROXY | |
| iptables --table nat --append PREROUTING -i $AP_INT -p tcp --dport 88 -j DNAT --to-destination $PROXY | |
| iptables --table nat --append PREROUTING -i $AP_INT -p tcp --dport 443 -j DNAT --to-destination $PROXY | |
| iptables --table nat --append PREROUTING -i $AP_INT -p tcp --dport 8000:9000 -j DNAT --to-destination $PROXY | |
| printf "\nFOR QUIC/UDP: sudo iptables --table nat --append PREROUTING -i $AP_INT -p udp --dport 443 -j DNAT --to-destination $PROXY" | |
| iptables --table nat --append POSTROUTING --out-interface $OUT_INT -j MASQUERADE | |
| iptables --append FORWARD --in-interface $AP_INT --out-interface $OUT_INT -j ACCEPT | |
| iptables --append FORWARD --in-interface $OUT_INT --out-interface $AP_INT -j ACCEPT | |
| # Output | |
| SSID=$(grep -o -P "(?<=^ssid\=).+" /etc/hostapd/hostapd.conf) | |
| PASSWD=$(grep -o -P "(?<=wpa_passphrase\=).+" /etc/hostapd/hostapd.conf) | |
| printf "\n\nSSID -> $SSID\nPASSWORD -> $PASSWD\nProxy -> $PROXY\nHappy Hacking :)\n" |
# /etc/network/interfaces
# Wifi for AP
auto wlan0
iface wlan0 inet static
address 192.168.1.1
netmask 255.255.255.0
sudo ./ap_mode.sh, happy hacking!!1 🎉🎉
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
# /etc/dnsmasq.conf interface=wlan0 dhcp-range=192.168.1.10,192.168.1.50,12h addn-hosts=/etc/dnsmasq.hosts server=1.1.1.1