ownlan 0.4.4 → 0.4.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +26 -14
- data/lib/ownlan/attack/ntoa.rb +1 -1
- data/lib/ownlan/cli.rb +2 -13
- data/lib/ownlan/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 423200c7e995f9c76363db774bd44b1649044bc6
|
|
4
|
+
data.tar.gz: f3632b3703004e36c68b88e389cf6919275e8da3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b5cb7d396b4e4adfe0ab46011ebc80d3c51a75c1b6281c24200b2a805465c9814b72400924b24454264ed1166e14298dabd9a6eaf0be8ec7b48c6ae0fdb5a184
|
|
7
|
+
data.tar.gz: fb5cde39ba8533744343769b4b2039f5253b916068e3e41546b7437adb672b1d47e6634963cc3c4613deab606229a59534fe0502f12f82d0d72b449e614fb4fa
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -1,7 +1,12 @@
|
|
|
1
1
|
# Ownlan
|
|
2
2
|
|
|
3
|
+
[](https://codeclimate.com/github/shideneyu/ownlan)
|
|
4
|
+
|
|
3
5
|
__Ownlan__ aims to be a simple, concise and useful pentesting LAN poisoning suite, Written in ``Ruby`` and using ``PacketFU`` for reading and sending the packets off the wire. I decided to make this suite of tools mainly due do to the lack of existing tools on Linux, on top of helping me understanding the whole process behind the scene. OwnLan got uniques features, with some exclusives and excitings attacks probably never ever used on a (pentesting) network.
|
|
4
6
|
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
|
|
5
10
|
## Installation
|
|
6
11
|
|
|
7
12
|
Add this line to your application's Gemfile:
|
|
@@ -26,6 +31,11 @@ And require it in your application:
|
|
|
26
31
|
|
|
27
32
|
## Usage
|
|
28
33
|
|
|
34
|
+
:warning: **Important Note** :warning:: Ownlan *does* only work on Linux based computers until I find a way for the gem to parse automatically the current mac address of the given interface in a Cross-Platform way. I might write a gem for this.
|
|
35
|
+
|
|
36
|
+
### Video Tutorial ###
|
|
37
|
+
[](https://www.youtube.com/watch?v=mAczNeTjMt4 "Ownlan video preview")
|
|
38
|
+
|
|
29
39
|
### Configuration ###
|
|
30
40
|
You can pass multiple variables that will be used in the gem.
|
|
31
41
|
|
|
@@ -67,12 +77,11 @@ Please look at the [cli section](#command-line-interface) for more advanced opti
|
|
|
67
77
|
|
|
68
78
|
## Features
|
|
69
79
|
|
|
70
|
-
**OwnLan** has
|
|
80
|
+
**OwnLan** has three features:
|
|
71
81
|
|
|
72
82
|
1. Disconnect one or several users off the wire
|
|
73
83
|
2. Protecting users from those kind of attacks
|
|
74
84
|
3. Sending custom ARP + DHCP packets easily
|
|
75
|
-
4. Easy ARP packets capture *[Not Implemented]*
|
|
76
85
|
|
|
77
86
|
### Disconnecting users off the wire
|
|
78
87
|
|
|
@@ -82,11 +91,11 @@ The biggest part of **OwnLan**. It disconnects clients thanks to severals techni
|
|
|
82
91
|
|
|
83
92
|
- Gateway side ARP Cache Poisoning (**second duplex**). *A less known attack and powerful one, used by ``NetCut`` , the principle is to give the gateway a fake correspondancy of the victim MAC Adress to make the later one unreachable. If no MAC Adress is given, yours will be given.*
|
|
84
93
|
|
|
85
|
-
- Neighbour Table Overflow attack. *
|
|
94
|
+
- Neighbour Table Overflow attack. * The Neighbour Table Overflow attack will generate identifications packets to the specified target to completely isolate him from the network. The **NTOA** attack can be used to stress test client (gateway, computers) to see if they can undure heavy charges.
|
|
86
95
|
|
|
87
|
-
|
|
96
|
+
### Protecting clients
|
|
88
97
|
|
|
89
|
-
-
|
|
98
|
+
- Resynchronize . This feature will instanciate a full duplex ARP attack to resynchronize the client to the Gateway. Very useful against active attacks.
|
|
90
99
|
|
|
91
100
|
|
|
92
101
|
### Command Line Interface
|
|
@@ -104,8 +113,6 @@ You can also use the provided executable. Simple launch it in accordance to the
|
|
|
104
113
|
* Required: [sub-options]
|
|
105
114
|
-b, --broadcast=<s> Broadcast raw ARP packets to the wire.
|
|
106
115
|
* Required Options : victim_ip, victim_mac, source_ip, source_mac
|
|
107
|
-
-c, --capture=<s> Sniffing ARP packets on the network [Not Implemented]
|
|
108
|
-
|
|
109
116
|
|
|
110
117
|
- where [sub-options] are either:
|
|
111
118
|
|
|
@@ -119,16 +126,9 @@ You can also use the provided executable. Simple launch it in accordance to the
|
|
|
119
126
|
ntoa The client is targeted to get disconnected, using a neighbour table overflow attack. Requires a victim ip.
|
|
120
127
|
* Required options: victim_ip
|
|
121
128
|
* Falcultative options: random_mac
|
|
122
|
-
fake-ip-conflict Generate a fake ip conflict to the victim. Can be used along all the others attacks, or alone.
|
|
123
|
-
* Required options: victim_ip [Not Implemented]
|
|
124
|
-
|
|
125
129
|
resynchronize Operate a dual duplex attack on a victim to disconnect the attacker and heal the victim. Warning: If you are the victim, you will have to fill the optional options.
|
|
126
130
|
* Required options: victim_ip
|
|
127
131
|
* Optional options: victim_mac , gateway_mac
|
|
128
|
-
stealth Becomes invisible from network scanners, preventing you from getting targeted. [Not Implemented]
|
|
129
|
-
static Set a static ARP Cache for the current session. Good against first-duplex ARP Cache Poisoning. [Not Implemented]
|
|
130
|
-
freeze Reset and Freeze your ARP Cache. Good against NTOAs. [Not Implemented]
|
|
131
|
-
|
|
132
132
|
|
|
133
133
|
- Where [Other Options] can be:
|
|
134
134
|
|
|
@@ -147,6 +147,18 @@ You can also use the provided executable. Simple launch it in accordance to the
|
|
|
147
147
|
|
|
148
148
|
|
|
149
149
|
|
|
150
|
+
## Security
|
|
151
|
+
|
|
152
|
+
As a basic form of security __KrakenClient__ provides a set of SHA512 checksums for
|
|
153
|
+
every Gem release. These checksums can be found in the `checksum/` directory.
|
|
154
|
+
Although these checksums do not prevent malicious users from tampering with a
|
|
155
|
+
built Gem they can be used for basic integrity verification purposes.
|
|
156
|
+
|
|
157
|
+
The checksum of a file can be checked using the `sha512sum` command. For
|
|
158
|
+
example:
|
|
159
|
+
|
|
160
|
+
$ sha512sum pkg/kraken_client-0.0.1.gem
|
|
161
|
+
d12d7d9c2a4fdfe075cbb7a141fa5f2195175891e4098c7e1a28c8bca655ab44fb9d67b6a2e3991d0f852026c5e4537fdf7e314575c68d1c80b3a4b1eb1c041f pkg/kraken_client-0.0.1.gem
|
|
150
162
|
|
|
151
163
|
## Versioning
|
|
152
164
|
|
data/lib/ownlan/attack/ntoa.rb
CHANGED
data/lib/ownlan/cli.rb
CHANGED
|
@@ -21,7 +21,6 @@ EOS
|
|
|
21
21
|
opt :attack, "Set an attack on a device on the network", short: 'a', type: :string
|
|
22
22
|
opt :protect, "Protect a device from lan attacks", short: 'p', type: :string
|
|
23
23
|
opt :broadcast, "Inject ARP crafted packets in the wire", short: 'b'
|
|
24
|
-
opt :capture, "Sniffing ARP packets on the network", short: 'c', type: :string
|
|
25
24
|
|
|
26
25
|
# Attack part
|
|
27
26
|
banner <<-EOS
|
|
@@ -38,8 +37,7 @@ Attacks sub-options:
|
|
|
38
37
|
ntoa The client is targeted to get disconnected, using a neighbour table overflow attack. Requires a victim ip.
|
|
39
38
|
* Required options: victim_ip
|
|
40
39
|
* Falcultative options: random_mac
|
|
41
|
-
|
|
42
|
-
* Required options: victim_ip
|
|
40
|
+
|
|
43
41
|
EOS
|
|
44
42
|
|
|
45
43
|
|
|
@@ -47,9 +45,6 @@ Attacks sub-options:
|
|
|
47
45
|
banner <<-EOS
|
|
48
46
|
|
|
49
47
|
Protect sub-options:
|
|
50
|
-
stealth Becomes invisible from network scanners, preventing you from getting targeted.
|
|
51
|
-
static Set a static ARP Cache for the current session. Good against first-duplex ARP Cache Poisoning.
|
|
52
|
-
freeze Reset and Freeze your ARP Cache. Good against NTOAs.
|
|
53
48
|
resynchronize Operate a dual duplex attack on a victim to disconnect the attacker and heal the victim. Warning: If you are the victim, you will have to fill the optional options.
|
|
54
49
|
* Required options: victim_ip
|
|
55
50
|
* Optional options: victim_mac , gateway_mac
|
|
@@ -64,12 +59,6 @@ Broadcast: Send raw ARP packets to the wire.
|
|
|
64
59
|
|
|
65
60
|
EOS
|
|
66
61
|
|
|
67
|
-
# Capture part
|
|
68
|
-
banner <<-EOS
|
|
69
|
-
Capture sub-options:
|
|
70
|
-
|
|
71
|
-
EOS
|
|
72
|
-
|
|
73
62
|
# Other options part
|
|
74
63
|
banner <<-EOS
|
|
75
64
|
Other Options:
|
|
@@ -78,7 +67,7 @@ Other Options:
|
|
|
78
67
|
|
|
79
68
|
opt :delay, "Set the time lapse delay between each packet", default: 0.5
|
|
80
69
|
opt :interface, "Set the network interface which will be used", short: 'i', default: 'wlan0'
|
|
81
|
-
opt :random_mac, "If setted, the used origin addresses will be randomly generated.",
|
|
70
|
+
opt :random_mac, "If setted, the used origin addresses will be randomly generated.", default: false
|
|
82
71
|
opt :victim_ip, "Set the ip address of the target.", short: 't', type: :string
|
|
83
72
|
opt :victim_mac, "Set the mac address of the target", type: :string
|
|
84
73
|
opt :gateway_ip, "Set the ip adress of the gateway", type: :string
|
data/lib/ownlan/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ownlan
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- sidney
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-01-
|
|
11
|
+
date: 2016-01-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: packetfu
|