-
February 27th, 2006, 08:38 PM
#1
Wall of Shame/Wall of Sheep PHP Script
You all have seen the Wall of Shame/Wall of Sheep that they run at various hacker cons right? What they do is set up a box on the gateway that sniffs for plaintext passwords and displays them. Well, I could not find any code to do this, so I made my own. You feed it with the output from Ettercap (ettercap -Tq -d -m ettertest.txt), read the comments in the code for details. Can anyone else test this out an see how it works for them? I hope to release it on my website on the 1st.
PHP Code:
<?
/*
Irongeek's Wall Of Shame Code ver. 0.5
Irongeek -at- irongeek.com
[url]http://www.irongeek.com[/url]
Just a fugly script I wrote to tage a logfile from Etthercap ad display
passwords to a webpage.
Ettercap supports:
TELNET, FTP, POP, RLOGIN, SSH1, ICQ, SMB,
MySQL, HTTP, NNTP, X11, NAPSTER, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC,
LDAP, NFS, SNMP, HALF LIFE, QUAKE 3, MSN, YMSG (other protocols coming
soon...)
Some help from:
[url]http://www.php.net/[/url]
[url]http://www.theukwebdesigncompany.com/articles/article.php?article=165[/url]
Consider this code GPLed, but it would be sweet of you to link back to
Irongeek.com if you use it.
*/
?>
<HTML>
<!-- Take out the line below if you dont want it to refesh every 30 sec. -->
<META HTTP-EQUIV="Refresh" Content = "30; URL=shame.php"
<TITLE>Irongeek's Wall Of Shame</TITLE>
<BODY bgcolor="#FFFFCC">
<?
function between($somestring, $ss1, $ss2){
if ($ss2 != "\0"){
return trim(substr($somestring, strpos($somestring, $ss1)+strlen($ss1),
strpos($somestring, $ss2)-strpos($somestring, $ss1)-+strlen($ss1) ) );
} else {
return trim(substr($somestring, strpos($somestring, $ss1)+strlen($ss1),
strlen($somestring)-strpos($somestring, $ss1)));
}
}
function showfirst($somestring, $chrnum ){
if ($chrnum != "all"){
//Swtich comments on the two lines below if you wan an * for every character in the password.
//return str_pad(substr($somestring, 0, $chrnum), strlen($somestring), "*");
return str_pad(substr($somestring, 0, $chrnum), 10, "*");
} else {
return $somestring;
}
}
function PrintCapItem($fontcolor, $proto, $target, $user, $password, $info ){
echo "<TR><TD><B><FONT COLOR=$fontcolor>$proto</FONT></TD><TD>
<FONT COLOR=$fontcolor>$target</FONT></TD><TD><FONT COLOR=$fontcolor>
$user</FONT></TD><TD><FONT COLOR=$fontcolor>$password</FONT></TD></TR>
<TR><TD></TD><TD COLSPAN=\"3\"><FONT SIZE=\"1\"><I>More Info: </I>$info
</FONT></TD></TR>\n";
}
/*Point the line below to the log file you are creating with "ettercap -Tq -D -m ettertest.txt"
if you get an error like:
BUG at [ec_ui.c:ui_register:339]
ops->input == NULL
then try just "ettercap -Tq -m ettertest.txt" without the daemon option.
Also, you could ARP poison the gateway if you like with a command like:
ettercap -Tq -m /var/ettertest.txt -M arp /gateway-IP/ //
*/
$filename = "/var/ettertest.txt";
$fd = fopen ($filename, "r");
$contents = fread ($fd,filesize ($filename));
fclose ($fd);
$delimiter = "\n";
//If you want only unique lines make sure the line below is uncommented.
$splitcontents =array_reverse(array_unique(explode($delimiter, $contents)));
//If you want all lines make sure the line below is uncommented.
//$splitcontents = array_reverse(explode($delimiter, $contents));
/*Set the below to just show the first X characters of the password, "all" to
show all. If you are going to set this, also change the location/name of the
ettercap log tokeep folks from finding it. */
define("SHOWXCHR", "2");
?>
<CENTER><font color="BLACK" face="arial" size="7">Irongeek's<BR>
Wall Of Shame</font></CENTER>
<hr>
<hr>
<?
echo "<TABLE BORDER=\"1\" ALIGN=\"CENTER\" bgcolor=\"#FFFFFF\"
bordercolorlight=\"#0000FF\" bordercolordark=\"#330099\" >";
echo "<TR><TD><B>Protocol</B></TD><TD><B>Target</B></TD><TD><B>User</B></TD>
<TD><B>Password</B></TD></TR>";
foreach ( $splitcontents as $line )
{
$line=str_replace(">",">",str_replace("<","<",$line));
$proto =trim(substr($line, 0, strpos($line, ":")));
switch ($proto):
case "SNMP":
$fontcolor="\"#009900\"";
$target= between($line, " : ", " -> COMMUNITY:");
$user= "N/A";
$password=showfirst(between($line, " -> COMMUNITY: ", " INFO:"), SHOWXCHR);
$info=between($line, "INFO:", "\0");
PrintCapItem($fontcolor, $proto, $target,$user,$password, $info );
break;
case "HTTP":
$fontcolor="\"#330099\"";
$target= between($line, " : ", " -> USER: ");
$user= between($line, "USER: ", " PASS:");
$password=showfirst(between($line, "PASS: ", " INFO:"), SHOWXCHR);
$info=between($line, "INFO:", "\0");
PrintCapItem($fontcolor, $proto, $target,$user,$password, $info );
break;
case "TELNET":
$fontcolor="\"#CC33CC\"";
$target= between($line, " : ", " -> USER:");
$user= between($line, "USER: ", " PASS:");
$password=showfirst(between($line, "PASS:", "\0"), SHOWXCHR);
$info="N/A";
PrintCapItem($fontcolor, $proto, $target,$user,$password, $info );
break;
case "POP":
$fontcolor="\"#8888FF\"";
$target= between($line, " : ", " -> USER:");
$user= between($line, "USER: ", " PASS:");
$password=showfirst(between($line, "PASS:", "\0"), SHOWXCHR);
$info="N/A";
PrintCapItem($fontcolor, $proto, $target,$user,$password, $info );
break;
case "FTP":
$fontcolor="\"#004400\"";
$target= between($line, " : ", " -> USER:");
$user= between($line, "USER: ", " PASS:");
$password=showfirst(between($line, "PASS:", "\0"), SHOWXCHR);
$info="N/A";
PrintCapItem($fontcolor, $proto, $target,$user,$password, $info );
break;
case "VNC":
$fontcolor="\"#00708\"";
$target= between($line, " : ", " ->");
$user="Challenge:"." ".between($line, " -> Challenge:", " Response:");
$password="Response:"." ".between($line, " Response:", "\0");
$info="N/A";
PrintCapItem($fontcolor, $proto, $target,$user,$password, $info );
break;
case "IRC":
$fontcolor="\"#FF3333\"";
$target= between($line, " : ", " -> USER: ");
$user= between($line, "USER: ", " PASS:");
$password=showfirst(between($line, "PASS: ", " INFO:"), SHOWXCHR);
$info=between($line, "INFO:", "\0");
PrintCapItem($fontcolor, $proto, $target,$user,$password, $info );
break;
case "YMSG":
$fontcolor="\"#BBBB00\"";
$target= between($line, " : ", " -> USER: ");
$user= between($line, "USER: ", " HASH:");
$password=showfirst(between($line, "HASH: ", " - "), SHOWXCHR);
$info=between($line, " - ", "\0");
PrintCapItem($fontcolor, $proto, $target,$user,$password, $info );
break;
case "DHCP":
break;
default:
if (strpos($line, " : ") != 0 && strpos($line, "PASS") != 0){
$fontcolor="\"#FF00FF\"";
$target= between($line, " : ", " -> USER:");
$user= between($line, "USER: ", " PASS:");
$password=showfirst(between($line, "PASS:", "\0"), SHOWXCHR);
$info="N/A";
PrintCapItem($fontcolor, $proto, $target,$user,$password, $info );
break;
}else{
$trash=$trash."<TR><TD COLSPAN=\"4\">$proto<font color=\"#ff0000\">
$line</font></TD></TR>";
}
endswitch ;
}
//Call the PHP script with a ?debug=1 on the end to see the trash lines.
if ($_GET[debug]==1) echo $trash;
echo "</TABLE>";
?>
<HR>
<CENTER>Source code for this “Wall of Shame” script can be found at
<A HREF="http://www.irongeek.com">[url]http://www.irongeek.com[/url]</A></CENTER>
</BODY>
</HTML>
-
March 7th, 2006, 01:49 AM
#2
Looks like a nice script, written in php too, my favorite. Make sure you just upload the text file, don't actually run ettercap on your webhost or datacenter server, they tend to frown on sniffers, lol.
Take it easy.
PuReWebDev
-
March 7th, 2006, 02:02 AM
#3
Thank. I've put a better version of the script here:
http://www.irongeek.com/i.php?page=security/wallofshame
With screenshots.
-
May 9th, 2007, 09:40 PM
#4
Junior Member
Getting it running in backtrack 2 final.
Irongeek,
Could you show how to get the php script up and running. I am running Backtrack 2 final and have ettercap working fine. I am capturing usernames and passwords but I am not familiar with php at all.
Thanks
-
May 9th, 2007, 09:52 PM
#5
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|