From dce77903dc5afe9c1f86a0bc7ffe373ad0b4084e Mon Sep 17 00:00:00 2001 From: r4ulcl Date: Sat, 13 Apr 2024 19:19:08 +0200 Subject: [PATCH] Fix indent HTML --- APs/config/html/index.php | 58 +++++++-------- APs/config/html/lab.php | 10 +-- APs/config/html/login.php | 149 ++++++++++++++++++++----------------- APs/config/html/logout.php | 8 +- Attacker/installTools.sh | 9 +-- 5 files changed, 125 insertions(+), 109 deletions(-) diff --git a/APs/config/html/index.php b/APs/config/html/index.php index 04b4583..fcb85f1 100644 --- a/APs/config/html/index.php +++ b/APs/config/html/index.php @@ -1,7 +1,7 @@ @@ -10,15 +10,15 @@ echo "

"; echo "

"; -if ($_SESSION["Username"] == "GLOBAL\GlobalAdmin") { - if (strpos($_SERVER['REMOTE_ADDR'], '192.168.8.') !== false) { //only TLS +if ($_SESSION["Username"] == "GLOBAL\GlobalAdmin") { + if (strpos($_SERVER['REMOTE_ADDR'], '192.168.8.') !== false) { //only TLS echo "flag{B7OXb7KhFHQCz6WHUMf2}"; } else { echo "Your Princess Is in Another Castle!"; } } -if ($_SESSION["Username"] == "CONTOSO\Administrator") { +if ($_SESSION["Username"] == "CONTOSO\Administrator") { if (strpos($_SERVER['REMOTE_ADDR'], '192.168.5.') !== false) { //only MGT echo "flag{RgDOC9yrcRHMAKxgK1PJ}"; } else { @@ -26,26 +26,26 @@ } } -if ($_SESSION["Username"] == "admin") { +if ($_SESSION["Username"] == "admin") { + - if (strpos($_SERVER['REMOTE_ADDR'], '192.168.6.') !== false) { //only MGT Relay - echo "Hello"; - } elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.1.') !== false) { //only HIDDEN + echo "Hello"; + } elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.1.') !== false) { //only HIDDEN echo "flag{iAYcxpe6N2A98zhglx6E}"; - } elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.3.') !== false) { //only WPS + } elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.3.') !== false) { //only WPS echo "flag{KD5TaejRFIDgIQwjgUfB}"; - } elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.16.') !== false) { //only WPS + } elseif (strpos($_SERVER['REMOTE_ADDR'], '192.168.16.') !== false) { //only WPS echo "flag{W5ri9DXRJZCTBpFFxXBM}"; } else { - echo "No FLAG, try logging in with another user ;)"; + echo "No FLAG, try logging in with another user ;)"; } } #ALL: and strpos($_SERVER['REMOTE_ADDR'], '192.168.X.') !== false to only use users in each network -if ($_SESSION["Username"] == "CONTOSO\juan.tr") { +if ($_SESSION["Username"] == "CONTOSO\juan.tr") { if (strpos($_SERVER['REMOTE_ADDR'], '192.168.5.') !== false) { //only MGT echo "flag{hGDSm8oltjM9q217iJYu}"; echo "

"; @@ -54,7 +54,7 @@ } } -if ($_SESSION["Username"] == "test1") { +if ($_SESSION["Username"] == "test1") { if (strpos($_SERVER['REMOTE_ADDR'], '192.168.2.') !== false) { //only PSK echo "flag{feL9kV3oMemAJiEDQLBA}"; } else { @@ -62,7 +62,7 @@ } } -if ($_SESSION["Username"] == "test2") { +if ($_SESSION["Username"] == "test2") { if (strpos($_SERVER['REMOTE_ADDR'], '192.168.2.') !== false) { //only PSK echo "flag{feL9kV3oMemAJiEDQLBA}"; } else { @@ -70,15 +70,15 @@ } } -if ($_SESSION["Username"] == "free1") { - if (strpos($_SERVER['REMOTE_ADDR'], '192.168.10.') !== false) { //only OPN +if ($_SESSION["Username"] == "free1") { + if (strpos($_SERVER['REMOTE_ADDR'], '192.168.10.') !== false) { //only OPN echo "flag{2VphtQyGxsHmRoxGV05a}"; } else { echo "Your Princess Is in Another Castle!"; } } -if ($_SESSION["Username"] == "free2") { +if ($_SESSION["Username"] == "free2") { if (strpos($_SERVER['REMOTE_ADDR'], '192.168.10.') !== false) { //only OPN echo "flag{2VphtQyGxsHmRoxGV05a}"; } else { @@ -86,12 +86,12 @@ } } -if ($_SESSION["Username"] == "anon1") { +if ($_SESSION["Username"] == "anon1") { # NO AP LOGIN - echo "flag{b7UP2psiy5LJiShuFZGD}"; + echo "flag{b7UP2psiy5LJiShuFZGD}"; } -if ($_SESSION["Username"] == "administrator") { +if ($_SESSION["Username"] == "administrator") { if (strpos($_SERVER['REMOTE_ADDR'], '192.168.1.') !== false) { //only WEP echo "flag{g9Ywbxflpye7P0sVAgRQ}"; } else { @@ -100,13 +100,13 @@ } #relay user -if ($_SESSION["Username"] == "CONTOSOREG\luis.da") { # RELAY - echo "flag{NBLvyxgwckKnyGup6HNj}"; - echo "

"; - echo "

"; +if ($_SESSION["Username"] == "CONTOSOREG\luis.da") { # RELAY + echo "flag{NBLvyxgwckKnyGup6HNj}"; + echo "

"; + echo "

"; } -if ($_SESSION["Username"] == "CORPO\god") { # RELAY creds stolen in responder in regional network +if ($_SESSION["Username"] == "CORPO\god") { # RELAY creds stolen in responder in regional network if (strpos($_SERVER['REMOTE_ADDR'], '192.168.7.') !== false) { //only WEP echo "flag{3v1GXNkW0dh3T57ppoP1}"; echo "

"; @@ -125,7 +125,7 @@ # 802.11 Options
ssid=wifi-corp
channel=6
"; - echo "Certificate Authority: http://", $_SERVER['SERVER_ADDR'], "/.internalCA/ "; + echo "Certificate Authority: http://", $_SERVER['SERVER_ADDR'], "/.internalCA/ "; } else { echo "Your Princess Is in Another Castle!"; } @@ -138,4 +138,4 @@ echo "

"; ?> -Congratulation! You have logged into password protected page. Click here to Logout. +Congratulation! You have logged into password protected page. Click here to Logout. \ No newline at end of file diff --git a/APs/config/html/lab.php b/APs/config/html/lab.php index 8849958..b695613 100644 --- a/APs/config/html/lab.php +++ b/APs/config/html/lab.php @@ -1,7 +1,7 @@ @@ -12,5 +12,5 @@ ?> -Congratulation! You have logged into password protected page. Click here to go to index.php to get the flag. - +Congratulation! You have logged into password protected page. Click here to go to index.php to +get the flag. \ No newline at end of file diff --git a/APs/config/html/login.php b/APs/config/html/login.php index 2a593b0..0122df9 100644 --- a/APs/config/html/login.php +++ b/APs/config/html/login.php @@ -1,34 +1,42 @@ 'SuperSuperSecure@!@', -'CONTOSO\Administrator' => 'SuperSecure@!@', -'CONTOSO\juan.tr' => 'bulldogs1234', -'CONTOSOREG\luis.da' => 'u89gh68!6fcv56ed', -'CORPO\god' => 'tommy1', -'admin' => 'admin', -'test1' => 'OYfDcUNQu9PCojb', -'test2' => '2q60joygCBJQuFo', -'free1' => 'Jyl1iq8UajZ1fEK', -'free2' => '5LqwwccmTg6C39y', -'administrator' => '123456789a', -'anon1' => 'CRgwj5fZTo1cO6Y'); - - -/* Check and assign submitted Username and Password to new variable */$Username = isset($_POST['Username']) ? $_POST['Username'] : ''; -$Password = isset($_POST['Password']) ? $_POST['Password'] : ''; - -/* Check Username and Password existence in defined array */if (isset($logins[$Username]) && $logins[$Username] == $Password){ -/* Success: Set session variables and redirect to Protected page */$_SESSION['UserData']['Username']=$logins[$Username]; -/* Success: Set session variables USERNAME */$_SESSION['Username']=$Username; - -header("location:index.php"); -exit; -} else { -/*Unsuccessful attempt: Set error message */$msg="Invalid Login Details"; -} +/* Check Login form submitted */ +if (isset($_POST['Submit'])) { + /* Define username and associated password array */ + $logins = array( + 'GLOBAL\GlobalAdmin' => 'SuperSuperSecure@!@', + 'CONTOSO\Administrator' => 'SuperSecure@!@', + 'CONTOSO\juan.tr' => 'bulldogs1234', + 'CONTOSOREG\luis.da' => 'u89gh68!6fcv56ed', + 'CORPO\god' => 'tommy1', + 'admin' => 'admin', + 'test1' => 'OYfDcUNQu9PCojb', + 'test2' => '2q60joygCBJQuFo', + 'free1' => 'Jyl1iq8UajZ1fEK', + 'free2' => '5LqwwccmTg6C39y', + 'administrator' => '123456789a', + 'anon1' => 'CRgwj5fZTo1cO6Y' + ); + + + /* Check and assign submitted Username and Password to new variable */ + $Username = isset($_POST['Username']) ? $_POST['Username'] : ''; + $Password = isset($_POST['Password']) ? $_POST['Password'] : ''; + + /* Check Username and Password existence in defined array */ + if (isset($logins[$Username]) && $logins[$Username] == $Password) { + /* Success: Set session variables and redirect to Protected page */ + $_SESSION['UserData']['Username'] = $logins[$Username]; + /* Success: Set session variables USERNAME */ + $_SESSION['Username'] = $Username; + + header("location:index.php"); + exit; + } else { + /*Unsuccessful attempt: Set error message */ + $msg = "Invalid Login Details"; + } } @@ -94,49 +102,54 @@ ?>
"; - echo "

"; - echo "flag{NBLvyxgwckKnyGup6HNj}"; - echo "

"; - echo "

"; - } +# Check IP from CONTOSOREG Relay +if (strpos($_SERVER['REMOTE_ADDR'], '192.168.7.') !== false) { + #relay user + echo "

"; + echo "

"; + echo "flag{NBLvyxgwckKnyGup6HNj}"; + echo "

"; + echo "

"; +} - # Check IP from CONTOSOREG Tablets Relay - if (strpos($_SERVER['REMOTE_ADDR'], '192.168.18.') !== false){ - #relay user - echo "

"; - echo "

"; - echo "flag{gsnyT98GxngXgMPJEIKw}"; - echo "

"; - echo "

"; - } +# Check IP from CONTOSOREG Tablets Relay +if (strpos($_SERVER['REMOTE_ADDR'], '192.168.18.') !== false) { + #relay user + echo "

"; + echo "

"; + echo "flag{gsnyT98GxngXgMPJEIKw}"; + echo "

"; + echo "

"; +} ?>
- - - - + + + + - + @@ -155,10 +168,10 @@
"; - echo "Hello Global Admin:"; - echo "

"; - echo "Your pass is: SuperSuperSecure@!@"; + echo "

"; + echo "Hello Global Admin:"; + echo "

"; + echo "Your pass is: SuperSuperSecure@!@"; - } +} ?> \ No newline at end of file diff --git a/APs/config/html/logout.php b/APs/config/html/logout.php index 4b0137c..e7cd183 100644 --- a/APs/config/html/logout.php +++ b/APs/config/html/logout.php @@ -1,2 +1,6 @@ - \ No newline at end of file + \ No newline at end of file diff --git a/Attacker/installTools.sh b/Attacker/installTools.sh index 42b8a69..5ef823a 100644 --- a/Attacker/installTools.sh +++ b/Attacker/installTools.sh @@ -273,11 +273,10 @@ cd wifite2 sudo python3 setup.py install # Fluxion -cd $TOOLS - -git clone https://www.github.com/FluxionNetwork/fluxion.git -cd fluxion -./fluxion.sh +#cd $TOOLS +#git clone https://www.github.com/FluxionNetwork/fluxion.git +#cd fluxion +#./fluxion.sh # Kismet ##sudo apt-get install -y build-essential git libwebsockets-dev pkg-config zlib1g-dev libnl-3-dev libnl-genl-3-dev libcap-dev libpcap-dev libnm-dev libdw-dev libsqlite3-dev libprotobuf-dev libprotobuf-c-dev protobuf-compiler protobuf-c-compiler libsensors4-dev libusb-1.0-0-dev python3 python3-setuptools python3-protobuf python3-requests python3-numpy python3-serial python3-usb python3-dev python3-websockets librtlsdr0 libubertooth-dev libbtbb-dev
+ +

Login

 +

Login

+
Username