After a discussion with a member of the backtrack forums - comaX he agreed to create this script for the N900.
http://pcsci3nce.info/comax/yamas-arm.png
Current main features are :
- Real-time output of creds without definition files : any credential, from any website whould show up
- Log parsing for user-friendly output.
- Network mapping for host discovery.
- Can save dumped passwords to file as well as the whole log file.
- Support for multiple targets on the network, as well as adding targets after attack is launched.
- Checks for missing dependencies when run with “-d” option and auto installs them.

It is by far the best available for the N900.

To install - apt-get install yamas

More info - http://pcsci3nce.info/?p=291

Video of the script thanks to torpedo48 - http://www.youtube.com/watch?v=9bSq7tXSGAo

If you don't know what sslstrip or ettercap is, don't bother downloading it.

REQUIREMENTS:


iptables
xterm
busybox-power
nmap
python-twisted-web
python-pyopenssl
libpcap0.8
libpcre3
busybox-power
which the script will automatically get when installed from apt-get

+

sslstrip(read how to install below)
ettercap(read how to install below)

Installation guide for ettercap, sslstrip and many other tools can be found at:
http://pcsci3nce.info/?p=9

To run the script - type "yamas" in terminal.AS ROOT.

If you get any errors (beside font warnings) do yamas -d to check for missing dependencies.

Current maintainers are comaX and Christos Saturn - http://maemo.org/packages/view/yamas/


UPDATED June 18 2011 - Now saves all files to /home/user/MyDocs/Yamas
UPDATED June 21 - now automatically creates Yamas directory.
UPDATED June 25 - added dependency check in the begining.
UPDATED June 26 - bash no longer required.
UPDATED June 29 - Now available from repositories thanks to Saturn

Hi
Thank you for this, some tips for this errors.
Best regards

EDITED: Disregard my previous note, the script requires an active internet connection to acquire grepcred.txt.

i am connected to my wireless network

Hmm do you have wget installed?
apt-get install wget

hacking tool?

i try but ....

apt-get -f install

Hell Ya Baby!!!
Thank you !!

well pretty nice script it might save a lot of time for auto redirct and save logs and avtivating ip forward

and for people wants ro install sslstrip , ettercap ,many other hacking tools for n900 check my thread

http://talk.maemo.org/showthread.php?t=73572


for wget (it is not needed IMO)

but if you want it
then:

apt-get install wget

Also note that this script was written for bash not ASH as is installed on the n900 by default.

q6600 have you installed BASH?

no i don't

im getting this error any ideas why



cat: cannot open '/temp/yamas.txt' : no such file or directory




i have wget installed but still same issue ..

great script thou thanks for all help

im getting this error any ideas why



cat: cannot open '/temp/yamas.txt' : no such file or directory




i have wget installed but still same issue ..

great script thou thanks for all help

You could try:
sudo ln -s /tmp /temp
touch /temp/yamas.txt

Decided to give the script a shot. At least my laptop running Arch Linux on WPA2-PSK protected WLAN staid secure.

Errors I get when activating arp poisoning:

line 320: ip: command not found
line 1: ip: command not found

Errors I get when activating arp poisoning:

line 320: ip: command not found
line 1: ip: command not found

mmmm

---------------------------

Errors I get when activating arp poisoning:

line 320: ip: command not found
line 1: ip: command not found

You could try:
sudo ln -s /tmp /temp
touch /temp/yamas.txt

that did work but since restarting the script same problem returns .. plus its not caturing anything no matter what website i log into ..

Im not blind. I cant understand why it can't find the ip command. I succesfully installed ettercap packages. If you dont want to help just ignore my posts.

Im not blind. I cant find which commands are missing. I succesfully installed ettercap packages. If you dont want to help just ignore my posts.

IP command is included with busybox binary. Try installing 'enhanced-busybox' package. If you STILL don't have IP command then your system is seriously fcked up.

what happens when you type 'ip' on the command line?


EVERYONE ELSE. Make sure you run this script as root, DOH!

I reinstalled enhanced busybox and now it's working.

im getting this error any ideas why



cat: cannot open '/temp/yamas.txt' : no such file or directory




i have wget installed but still same issue ..

great script thou thanks for all help

Hi ! I'm the one who wrote the script. It's great to see people reacting so much in such a short time !

Regarding this error, the path to which the log is saved should be /tmp/ and not /temp/

Decided to give the script a shot. At least my laptop running Arch Linux on WPA2-PSK protected WLAN staid secure.

There is a more complete version available on my website http://comax.pagesperso-orange.fr if you want to run it on a laptop.

EVERYONE ELSE. Make sure you run this script as root, DOH!

Yup !

Please report any error either by mail directly to me (you'll find it on my website), or on pcscience.info page. You can of course post it here to get help from members, but I might not check very often...

I hope you like it, cheers !

Hi ! I'm the one who wrote the script. It's great to see people reacting so much in such a short time !

Regarding this error, the path to which the log is saved should be /tmp/ and not /temp/



There is a more complete version available on my website http://comax.pagesperso-orange.fr if you want to run it on a laptop.



Yup !

Please report any error either by mail directly to me (you'll find it on my website), or on pcscience.info page. You can of course post it here to get help from members, but I might not check very often...

I hope you like it, cheers !

Holy fvck, you are comaX!

Your script rulez.

You rulez.

Thank you for your contribution.

my bad i added an e in there the problem is




cat: cannot open '/tmp/yamas.txt' : no such file or directory



..

sorry for asking silly question... but what exactly this application does..??

Hi ! I'm the one who wrote the script. It's great to see people reacting so much in such a short time !

Regarding this error, the path to which the log is saved should be /tmp/ and not /temp/



There is a more complete version available on my website http://comax.pagesperso-orange.fr if you want to run it on a laptop.



Yup !

Please report any error either by mail directly to me (you'll find it on my website), or on pcscience.info page. You can of course post it here to get help from members, but I might not check very often...

I hope you like it, cheers !

Comax..you are the boss..respect and thanks :)

I am done installing nmap,ettercap-ng and sslstrip...everything went fine without issues.

I am now running the script and facing the following issues:

Attack is running. You can :
1. Rescan network.
2. Add a target (useless if targeting whole network).
3. Display ASCII correspondence table.
4. Tail-grep hosts through output (make sure there is traffic).
5. Real-time parsing...
6. Quit properly.

Enter the number of the desired option.
mitm_pcsci3nce.sh: line 393: xterm: not found


When i select option 4 i get the "xterm:not found" error.

And also after i scan the network and add a target how do i get the username and passwords

Thanks for the script again

Comax..you are the boss..respect and thanks :)

I am done installing nmap,ettercap-ng and sslstrip...everything went fine without issues.

I am now running the script and facing the following issues:

Attack is running. You can :
1. Rescan network.
2. Add a target (useless if targeting whole network).
3. Display ASCII correspondence table.
4. Tail-grep hosts through output (make sure there is traffic).
5. Real-time parsing...
6. Quit properly.

Enter the number of the desired option.
mitm_pcsci3nce.sh: line 393: xterm: not found


When i select option 4 i get the "xterm:not found" error.

And also after i scan the network and add a target how do i get the username and passwords

Thanks for the script again



resolved after doing "apt-get install xterm"

thanks
Bipin

Script is still beta sort of speak. Will take a look at the tail-grep option. However, the main function of the script works flawlessly.

Main post is updated. I will not answer questions as 'what does this do' and etc. .. This script isn't a joke. If you don't know what this is for, you shouldn't even download it.

Script is still beta sort of speak. Will take a look at the tail-grep option. However, the main function of the script works flawlessly.

Main post is updated. I will not answer questions as 'what does this do' and etc. .. This script isn't a joke. If you don't know what this is for, you shouldn't even download it.


Point 1. This doesn't work by your instructions.
Point 2. Please explain this error here:

Enter IP adresse(s).
192.168.1.2
Targeting 192.168.1.2 on 192.168.1.1 on wlan0 with Ettercap

Attack should be running smooth, enjoy.


Warning: Cannot convert string "nil2" to type FontStruct

Attack is running. You can :
1. Rescan network.
2. Add a target (useless if targeting whole network).


Point 3. Does this actually require a working version of 'arpspoof' installed.

you guys are "evil" but also increasing the value of the n900... :)
I thought this was going to make a fake AP but someone mentioned arp poisoning, I guess it works on whatever network you are associated then? I wonder how it works though, if it lets you do any target website, is the n900 pretending to be the default gateway?

Point 1. This doesn't work by your instructions.
Point 2. Please explain this error here:

Enter IP adresse(s).
192.168.1.2
Targeting 192.168.1.2 on 192.168.1.1 on wlan0 with Ettercap

Attack should be running smooth, enjoy.


Warning: Cannot convert string "nil2" to type FontStruct

Attack is running. You can :
1. Rescan network.
2. Add a target (useless if targeting whole network).


Point 3. Does this actually require a working version of 'arpspoof' installed.


For Point 2: I see that the error is not related to the script . Its a warning related to xterm. Just type xterm in the terminal and you can see the same warning.

Thanks
Bipin

is there any solution to the password window does not set the error "can not open '/ temp / yamas.txt': no such file or directory"?

thanks

temp must tmp ;)

that is fixed in the script?
change where you change temp put tpm?

i went thou the script an there is no were it shows that path as

/temp/yamas.txt it is tmp/yamas.txt but why does it say that thou , a problem some were an i couldnt find it ..

Script creates the file at /TMP/$filename.txt .The file itself is created by sslstrip. What I can think of is:
1. You don't have sslstrip installed
2. You are NOT running the script as root
3. You don't have a /tmp/ directory pre-created, however I am pretty sure sslstrip can create the directory itself when run as root.

About the font error - it is irrelevant ignore it. It has something to do with xterm and it doesn't affect the way the script works.

EDIT:

This does NOT require arpspoof installed. (actually there isn't a arpspoof package available for maemo at all )

Script creates the file at /TMP/$filename.txt .The file itself is created by sslstrip. What I can think of is:
1. You don't have sslstrip installed
2. You are NOT running the script as root
3. You don't have a /tmp/ directory pre-created, however I am pretty sure sslstrip can create the directory itself when run as root.

About the font error - it is irrelevant ignore it. It has something to do with xterm and it doesn't affect the way the script works.

EDIT:

This does NOT require arpspoof installed. (actually there isn't a arpspoof package available for maemo at all )

thats for help , but i am running as root also i do have sslstrip installed an i do have a tmp folder other things are in there ...

Hi everyone ! I received a mail from a member (torpedo48) who noticed an error due to me being exhausted as fcuk : I forgot to change back egrep /root/grepcred.txt to /tmp/... after being done testing it in local...
Thanks to him !

I'm correcting this as I speak, so download (http://pcsci3nce.info/comax/mitm_pcsci3nce.sh) it again it a few minutes ;) And some should see some of there problems solved.

The guys getting /temp/ errors though, I don't why at all ! There isn't any /temp/ path ! What's the default temp dir on the device ? Maybe I just have to change that since an awful lot of errors come from there. Can someone edit the script and replace the /tmp/ to /temp/ to check if it's better ?

I do not own a N900, so I can't answer every question you guys have, sorry ! But I bet Unhuman and the other members will do great ;)

Sorry again for the stupid error !

Edit : done ! Keep testing it, and reporting ;)
Don't hesitate to mail, me I check them often so I'll be able to react quickly ;)

have downloaded new script an im still getting same error ...

have downloaded new script an im still getting same error ...

Have you tried editing the script to use /temp/ instead of /tmp/ ?
I used /tmp/ because it just makes sense, but it could be in root just as well, so just try editing all the paths to something else !

I don't think that should be a problem, but also check the permissions to make sure the file has read permissions... (that's a long shot...)

Have you tried editing the script to use /temp/ instead of /tmp/ ?
I used /tmp/ because it just makes sense, but it could be in root just as well, so just try editing all the paths to something else !

I don't think that should be a problem, but also check the permissions to make sure the file has read permissions... (that's a long shot...)

tryed that yesterday no matter what path i put it still says same thing ..

hi
i manage to get the mitm al is working fine, just asking about this:

line 324 illegal option -e
line 334 illegal option -e
line 336 not fund

Any tips

hi
i manage to get the mitm al is working fine, just asking about this:

line 324 illegal option -e
line 334 illegal option -e
line 336 not fund

Any tips

I believe those are arguments passed to read. It's pretty useless, I'll delete them.

All those errors make me think of something... What OS are you running ? This is supposed to be run in BT5-arm. Of course it can be runned under something else, but you may have compatibility issues : using ash instead of bash, things like that. That would explain the -e argument not being recognized, but also the different path errors, and file readability.

Those having problems with reading a file, I'd need more detail about what's going on :
- Does the file exist ?
- What are its permissions ?
- Can you cat <file> it ?
- Grep/egrep ?

hi
i run this script under xterminal on maemo not under bt5 for me is working so far.

hi
i run this script under xterminal on maemo not under bt5 for me is working so far.

Hmm ok. I believe unhumane runs it on both maemo and BT5-arm then... But all you guys on the forums are supposed to use the same version on the same OS right ?

(Never heard of maemo before yesterday, so, please shed some light ^^ )

Yes, maemo

tryed that yesterday no matter what path i put it still says same thing ..

I had the same problem with /tmp/yamas.txt or whatever I chosen as the filename to save the log.

After install the packages python-twisted-web python-openssl , and reinstall sslstrip the problem dissapears and I was able to manage the mitm with my n82, getting the passwords flawessly.

Thanks for this script, will test it further and report here.

Hi everyone ! I received a mail from a member (torpedo48) who noticed an error due to me being exhausted as fcuk : I forgot to change back egrep /root/grepcred.txt to /tmp/... after being done testing it in local...
Thanks to him !

Glad to be helpful ;)

Thanks to you for your great script!

Hmm ok. I believe unhumane runs it on both maemo and BT5-arm then... But all you guys on the forums are supposed to use the same version on the same OS right ?

(Never heard of maemo before yesterday, so, please shed some light ^^ )

Maemo is the OS that runs on our phones, basically it is a debian distribution which is heavily modified for small screen, still the core is the same, like apt-get and default we got a ash shell (busybox 1.18)

We can install bash by issuing apt-get install bash, but I don't fully understand bash and busybox together. I can type bash in busybox and I get a bash shell but then when I want to gain root it flips back to busybox (ash)

"cat: cannot open '/temp/yamas.txt' : no such file or directory"


cp script /usr/bin
chmod +rwx /usr/bin/script
bash script

should work now

I had the same problem with /tmp/yamas.txt or whatever I chosen as the filename to save the log.

After install the packages python-twisted-web python-openssl , and reinstall sslstrip the problem dissapears and I was able to manage the mitm with my n82, getting the passwords flawessly.

Thanks for this script, will test it further and report here.

that worked a treat many thanks ..

I had the same problem with /tmp/yamas.txt or whatever I chosen as the filename to save the log.

After install the packages python-twisted-web python-openssl , and reinstall sslstrip the problem dissapears and I was able to manage the mitm with my n82, getting the passwords flawessly.

Thanks for this script, will test it further and report here.

Oh boy... Since I thought this was being used on Backtrack, I never thought you would miss such dependencies. They are in deed needed !

Maemo is the OS that runs on our phones, basically it is a debian distribution which is heavily modified for small screen, still the core is the same, like apt-get and default we got a ash shell (busybox 1.18)

We can install bash by issuing apt-get install bash, but I don't fully understand bash and busybox together. I can type bash in busybox and I get a bash shell but then when I want to gain root it flips back to busybox (ash)

All right ! Thanks for the light ! Maybe I should add some bits of code to check for the needed dependencies...

Script is run as follows in terminal:
bash mitm_pcsci3nce.sh

Moreover, I have given a link with instructions for installing ettercap and sslstrip in the main post for a reason.

Once again, the script works under maemo. Most people have problems either because of lacking dependencies or because of wrong installations of those dependencies.

Oh boy... Since I thought this was being used on Backtrack, I never thought you would miss such dependencies. They are in deed needed !



All right ! Thanks for the light ! Maybe I should add some bits of code to check for the needed dependencies...

All working great here thanks,although I do have quite alot install previously Koodos :)

Heres what I see as a dependancy list for all.

ettercap
sslstrip-0.9
python-scapy
libpcap0.8
nmap
iptables
iproute
xterm
python-twisted-web
python-openssl

All are in repos apart from sslstrip and ettercap which the download link is in this thread somewhere. Simply put in xterm

sudo apt-get install python-scapy libpcap0.8 nmap iptables iproute xterm python-twisted-web python-openssl

Also if you are unsure have a look at karams hacking tutorial it covers most things needed to get you going.
http://talk.maemo.org/showthread.php?t=73572

Seems like some people in here are either
1)Not running as sudo bash /script/location

2)Not capable of editing a script to get rid of read errors. It tells you the line its on. Just use a txt editor like vim and find that line rm the -e part of the line simples.

3)Just plain lazy and simply install everything on here without knowing what it really is or indeed how to use it. Google is you best friend.:)

Thanks for the list @casper27. I am running the script on my phone, but I had most of the stuff pre-installed long time ago. I will fill up the dependency list with the packages you have listed.

Thanks for the list @casper27. I am running the script on my phone, but I had most of the stuff pre-installed long time ago. I will fill up the dependency list with the packages you have listed.

Add also libpcre3 (needed for ettercap), bash and busybox-power

I am quite sure busybox-power isn't needed. I run the script without it. Cheers.

EDIT

Though I have enhanced-busybox, which I have listed in the dependencies.

I am quite sure busybox-power isn't needed. I run the script without it. Cheers.

EDIT

Though I have enhanced-busybox, which I have listed in the dependencies.

Well, it's the same package.

One more thing, libpcap0.8 and libpcre3 should be before ettercap since they are its dependencies.

BTW, I have to say that this together with aircrack-ng you have made a very scary combination! Bravo.

EDIT: I'm not sure, but it might be the case that if you have iproute you don't need busybox-power. The reverse is true since I don't have iproute.

Is it supposed to show more than one host when it does the scan?

Thx for the help :/
srsly, game 7
too many targets :O

-edit-

well FYI it didn't work when I was connected to "free wi-fi" in a place with probably 300 ppl. Does that mean the router has a firewall blocking something this needs to do? I don't know what exactly it's scanning for.
I tried it at home and it works, detects more hosts...

Maemo is the OS that runs on our phones, basically it is a debian distribution which is heavily modified for small screen, still the core is the same, like apt-get and default we got a ash shell (busybox 1.18)

We can install bash by issuing apt-get install bash, but I don't fully understand bash and busybox together. I can type bash in busybox and I get a bash shell but then when I want to gain root it flips back to busybox (ash)

pretty simple... type this.

sudo gainroot
bash-setup

pretty simple... type this.

sudo gainroot
bash-setup

Are you sure? Command not found...

Are you sure? Command not found...

try

apt-get install bash

then try should all be fine then

This script requires some serious work to make it ready for the n900. For example, why are you using xterm? It is a NEEDLESS dependancy, use osso-xterm instead (the built in one).

Why does it depend on BASH, why not modify it to be compliant with ash?

Why does it have to connect to the net to download extra scripts?

Why not just combine the two into a local version?

This script requires some serious work to make it ready for the n900. For example, why are you using xterm? It is a NEEDLESS dependancy, use osso-xterm instead (the built in one).

Why does it depend on BASH, why not modify it to be compliant with ash?

Why does it have to connect to the net to download extra scripts?

Why not just combine the two into a local version?


great idea but all i had to do to get it working was to install bash an reinstall sslstrip an now all works great does its job as it should ...

While hugely entertaining, the Heath Robinson approach is never the best.

This script requires some serious work to make it ready for the n900. For example, why are you using xterm? It is a NEEDLESS dependancy, use osso-xterm instead (the built in one).

Why does it depend on BASH, why not modify it to be compliant with ash?

Why does it have to connect to the net to download extra scripts?

Why not just combine the two into a local version?

Original script is for Backtrack5. This script is a simpler version with ettercap support ( original script uses arpspoof ). It is not specially tailored for the N900, but it works flawlessly with the correct dependency installed so I see absolutely no reason to edit.

However, I can't see what right do you have to whine here in such an aggressive manner. I don't think anyone owes you any explanation why is this created in this way, nor that you have the word to say whether the script is fit or not for the N900.

Cheers, but this kind of 'feedback' is far from appreciated.

isnt all feedback good for the script , an he is right in what hes saying if its for the n900 then it should be wrote for the n900 , im sure some 1 said that it was for BT5-arm edition if thats the case why doesnt it say that in first post/title ...

That said it didnt take much to get going but would be good for the noobs of the forum if it worked out the box ...

calm down people no need for the fight lol haha

The script was not wrote specifically for the N900 it is just an Arm variant of the original script.

That said it didnt take much to get going but would be good for the noobs of the forum if it worked out the box ...



"Noobs" shouldn't even use the script .. So in a way I actually think it is better that the installation is more complicated.

"Noobs" shouldn't even use the script .. So in a way I actually think it is better that the installation is more complicated.

well ye they should at least try it remember noobs start somewere an if this script helps then i dont see why they cany use it ..

This script requires some serious work to make it ready for the n900. For example, why are you using xterm? It is a NEEDLESS dependancy, use osso-xterm instead (the built in one).

Why does it depend on BASH, why not modify it to be compliant with ash?

Why does it have to connect to the net to download extra scripts?

Why not just combine the two into a local version?

My first "bad" feedback, finally ! :P

So, as I posted earlier : i didn't know maemo before this thread existed and I do not own a N900. I just "ported" it according to what I was told.

" It is a NEEDLESS dependancy, use osso-xterm instead (the built in one)."
Fine ! you just had to say it, it shouldn't be to hard to do ! Could you please send me the part of code that should change accordingly ? (in case it's not just xterm that becomes osso-xterm of course)

"Why does it depend on BASH, why not modify it to be compliant with ash?"
Cause it was made for bash, duh. What should change for it to be ash compliant ? You input is welcomed !

There is no extra script needed, just a file I use to parse the logs. Think of it as a pseudo-definition file. The only point of this is that it allows me to update it as soon as I find something new, whitout the need for the end-user to check for updates. If you guys don't like it, I can put it back in, without downloads. But since you should use that on a (=YOUR/AUTHORIZED) network, you should have connectivity. What are 13 fcuking bits anyway? Could be handy for the --parse option, I must admit. But really, I think being connected isn't too much to ask !
If a majority of people don't like it, I'll reverse it back to a grep line !

Thanks for the feedback, that should help improve it ! But just try to cool it on the way you say it. I'm a student in law (read, nothing computer-related), doing it for fun, and for free ;)

Waiting for your input ;) Don't hesitate to mail me !

Cheers

##############

well ye they should at least try it remember noobs start somewere an if this script helps then i dont see why they cany use it ..
While I agree with unhuman, I agree with that too. Let me clarify : script kiddies should keep the hell away from it. Noobs should devour the source to learn what is going on.
As stated in the disclaimer (cf. source), this script is intended for learning purposes (both bash and network security). I believe I wrote the needed comments in it for anyone to understand what's going on !

##############


Thx for the help :/
srsly, game 7
too many targets :O

-edit-

well FYI it didn't work when I was connected to "free wi-fi" in a place with probably 300 ppl. Does that mean the router has a firewall blocking something this needs to do? I don't know what exactly it's scanning for.
I tried it at home and it works, detects more hosts...

Yup, several subnets are used on those stuff, so you might not be able to scan others subnets, and the AP might be blocking our probes. To know if there are client connected to the AP, check with airodump ;)

My first "bad" feedback, finally ! :P

So, as I posted earlier : i didn't know maemo before this thread existed and I do not own a N900. I just "ported" it according to what I was told.

" It is a NEEDLESS dependancy, use osso-xterm instead (the built in one)."
Fine ! you just had to say it, it shouldn't be to hard to do ! Could you please send me the part of code that should change accordingly ? (in case it's not just xterm that becomes osso-xterm of course)

"Why does it depend on BASH, why not modify it to be compliant with ash?"
Cause it was made for bash, duh. What should change for it to be ash compliant ? You input is welcomed !

There is no extra script needed, just a file I use to parse the logs. Think of it as a pseudo-definition file. The only point of this is that it allows me to update it as soon as I find something new, whitout the need for the end-user to check for updates. If you guys don't like it, I can put it back in, without downloads. But since you should use that on network, you should have connectivity. What are 13 fcuking bits anyway? Could be handy for the --parse option, I must admit. But really, I think being connected isn't too much to ask !
If a majority of people don't like it, I'll reverse it back to a grep line !

Thanks for the feedback, that should help improve it ! But just try to cool it on the way you say it. I'm a student in law, doing it for fun, and for free ;)

Waiting for your input ;) Don't hesitate to mail me !

Cheers

##############


While I agree with unhuman, I agree with that too. Let me clarify : script kiddies should keep the hell away from it. Noobs should devour the source to learn what is going on.
As stated in the disclaimer (cf. source), this script is intended for learning purposes (both bash and network security). I believe I wrote the needed comments in it for anyone to understand what's going on !

chillout bromaX, we're all on the same team.

As far as I can tell the ONLY reason this script requires bash is because of the use of the '-e' flag on the read command. The version of ash on the n900 does not have that flag. Can the script be re-written to omit the use of the '-e' (readline) flag?

As you don't have an n900 I will explain. There is no xterm as such, the terminal emulator built in is called 'osso-xterm'. While xterm has been built for the n900 it sucks harder than the hoover dam. Unfortunatley running a command under osso-xterm requires a little more finesse.

After a bit of discussion on maemo IRC it was determined that to run a command under osso... instead of xterm you need to run ASH with your command passed to it as a script.

i.e.

osso-xterm -e "ash -c 'ettercap -blah -blah -blah';read foo;'"

As you cannot test this I will start looking into how xterm can be replaced by osso-xterm.

As for wget'ting the list of key words, it would be far better to have a list of the keywords defined at the start of the script and to grep as you said with no need to access the internet. What if I am uh testing the pens of a completly locked off LAN?

Also there are numerous spelling mistakes and supeflous wordage that could be trimmed out.

If you are wondering why it is important to have have as few dependancies as possible it is becasue the n900 is challenged for resources enough as it is. Besides as an engineer I crave the simplest most elegant solution that uses the basic tools that are available.

For this to be simple and elegant, it has to be self contained and flexible.

chillout bromaX, we're all on the same team.
[...]
For this to be simple and elegant, it has to be self contained and flexible.

" Can the script be re-written to omit the use of the '-e' (readline) flag?"
Consider it done ! As I said earlier (maybe it was a mail though, not this thread), the -e flag is pretty useless.

"As you cannot test this I will start looking into how xterm can be replaced by osso-xterm." Please ! That would be great !

" What if I am uh testing the pens of a completly locked off LAN?" Yup, good point ! (but unlikely)

"Also there are numerous spelling mistakes and supeflous wordage that could be trimmed out."
I did ask people to give me feedback on that too, many times, but it seems it doesn't bother them. It matters to me though, so please, mail me anything I can correct. I try my best but english isn't my native language so grammatical errors and all are to be expected.

About the superfluous wordage, I think you mean things I did on purpose, like asking what ports, what gateway, etc. The first goal of the script it to learn from it. That way people know a minimum about what they are doing. But sure, that script could be trimmed down to almost nothing if I decided to make a real, full automation. That is not my goal though !

"If you are wondering why it is important to have have as few dependancies as possible it is becasue the n900 is challenged for resources enough as it is. Besides as an engineer I crave the simplest most elegant solution that uses the basic tools that are available."
All right, I understand ! Let's do that :)

In a nutshell : get rid of wgets, xterms, and -e. On another note, get rid of bad engrish.

Since there is quite a few things to do, could you mail me so that we don't spam this thread too much ? I don't mind though, but it's better if we keep it clean !

Thanks again !

" Can the script be re-written to omit the use of the '-e' (readline) flag?"
Consider it done ! As I said earlier (maybe it was a mail though, not this thread), the -e flag is pretty useless.

"As you cannot test this I will start looking into how xterm can be replaced by osso-xterm." Please ! That would be great !

" What if I am uh testing the pens of a completly locked off LAN?" Yup, good point ! (but unlikely)

"Also there are numerous spelling mistakes and supeflous wordage that could be trimmed out."
I did ask people to give me feedback on that too, many times, but it seems it doesn't bother them. It matters to me though, so please, mail me anything I can correct. I try my best but english isn't my native language so grammatical errors and all are to be expected.

About the superfluous wordage, I think you mean things I did on purpose, like asking what ports, what gateway, etc. The first goal of the script it to learn from it. That way people know a minimum about what they are doing. But sure, that script could be trimmed down to almost nothing if I decided to make a real, full automation. That is not my goal though !

"If you are wondering why it is important to have have as few dependancies as possible it is becasue the n900 is challenged for resources enough as it is. Besides as an engineer I crave the simplest most elegant solution that uses the basic tools that are available."
All right, I understand ! Let's do that :)

In a nutshell : get rid of wgets, xterms, and -e. On another note, get rid of bad engrish.

Since there is quite a few things to do, could you mail me so that we don't spam this thread too much ? I don't mind though, but it's better if we keep it clean !

Thanks again !

I think it is better to keep development in the open, that way when one of the real hardcore scripters (i.e. not me) see it they might lend an ear (*ahem benson).

I think I have removed the need for xterm however I have not had an oppurtunity to test if it actually works!(I am at work ;))

I have altered some of the read choices so you dont have to press enter.

read -n 1 variable

just grabs the first character and does not need a return character.

You can see how I have done it in the link below.

http://pastebin.com/DT2ReF1V

I will probably have a hack at this later tonight.

II think I have removed the need for xterm however I have not had an oppurtunity to test if it actually works!(I am at work )

I have altered some of the read choices so you dont have to press enter.

Code:
read -n 1 variable
just grabs the first character and does not need a return character.

You can see how I have done it in the link below.

http://pastebin.com/DT2ReF1V

I will probably have a hack at this later tonight

I know the -n option, but pressing return never bothered me. And if someone makes a mistake, he can correct it before continuing to something he might not want...

About the xterm, that's great ! I'll just wait for it I guess ;)

Take your time, there's no hurry !

You can see how I have done it in the link below.

http://pastebin.com/DT2ReF1V

I will probably have a hack at this later tonight.

I'm trying your modified version, it seems that it doesn't work cause the osso-xterm windows don't have root access (solved by adding a "sudo" in front of the commands, I have sudser installed); using sudo works pretty well, but it can't correctly kill the processes when closing.

Thanks everyone for the hard work ;)

I'm trying your modified version, it seems that it doesn't work cause the osso-xterm windows don't have root access (solved by adding a "sudo" in front of the commands, I have sudser installed); using sudo works pretty well, but it can't correctly kill the processes when closing.

Thanks everyone for the hard work ;)

Thankyou for testing torp, if you are feeling adventurous, try modifying all the 'osso-xterm' lines with:

osso-xterm -e "ash -c 'sudo somecommand;read foo;exit;'"

i.e. add the exit command as shown above to the end of each call to osso-xterm. If this works the next logical step is to write a sub-routine that will take any command and run it as root in a term.

i.e.

root_term(command){
osso-xterm -e "ash -c 'sudo $command;read foo;exit;'"}


or somthing.

You Guys Should Realy check this link out

http://talk.maemo.org/showthread.php?t=73572

it has all the tools needed

Thankyou for testing torp, if you are feeling adventurous, try modifying all the 'osso-xterm' lines with:

osso-xterm -e "ash -c 'sudo somecommand;read foo;exit;'"

i.e. add the exit command as shown above to the end of each call to osso-xterm.

It seems not to work, at the closing of the script ettercap and rtp windows are still there. No alternative ideas here :(

it works but the passwords some times **** giving %20 or %20%40 or %40
scripts says it is space but it is not

and also one other error about converting nil2 font or something like that

It seems not to work, at the closing of the script ettercap and rtp windows are still there. No alternative ideas here :(

This is possibly because ettercap is not 'exiting' therefore the exit command never gets executed.

What happens if you press ctrl+c on the ettercap window while it is still open after shutdown? I imagine it SHOULD close after that.

What happens if you kill the ettercap process from another xterm window? does it close then?

Thanks for the testing dood.

it works but the passwords some times **** giving %20 or %20%40 or %40
scripts says it is space but it is not

and also one other error about converting nil2 font or something like that

we are working on it, consider what you are using an alpha release. An n900 specific version is being brewed as we speak.

it works but the passwords some times **** giving %20 or %20%40 or %40
scripts says it is space but it is not

and also one other error about converting nil2 font or something like that

The spaces show up as +. %40 is @ and %20 is a space too. For the other ones, you should have a look at the ASCII table in the menu ;)


The nil2 is just an error about some fonts, don't mind it !

@Unhuman

please add this link to the first post

http://forums.internettablettalk.com/showpost.php?p=1018150&postcount=1

it has more tools than the link you already added
also most of the guide that the link you added is grabbed from that thread
another also
i remember karam maid an update for that thread to remove iw installation guide
cause it is not confilicting with aircrack-ng packages anymore
the link you already added doesn't made that update
and also the link you added has a metasploit guide error
check that out

@Unhuman

please add this link to the first post

http://forums.internettablettalk.com/showpost.php?p=1018150&postcount=1

it has more tools than the link you already added
also most of the guide that the link you added is grabbed from that thread
another also
i remember karam maid an update for that thread to remove iw installation guide
cause it is not confilicting with aircrack-ng packages anymore
the link you already added doesn't made that update
and also the link you added has a metasploit guide error
check that out


Oh btw this script is awesome

@Unhuman

please add this link to the first post

http://forums.internettablettalk.com/showpost.php?p=1018150&postcount=1

it has more tools than the link you already added
also most of the guide that the link you added is grabbed from that thread
another also
i remember karam maid an update for that thread to remove iw installation guide
cause it is not confilicting with aircrack-ng packages anymore
the link you already added doesn't made that update
and also the link you added has a metasploit guide error
check that out

Sure, can you give me a heads up where that metasploit guide error is?

The famous metasploit framework can also be run on the N900 and the instructions + the actual file can be found HERE. Everything works flawlessly and I have successfully

the work HERE has the link
http://dev.metasploit.com/redmine/projects/framework/wiki/Install_N900

which is a dead link

PS: THANKS for fast reply

@Seker_94

it says that the guide is moved to
https://community.rapid7.com/docs/DOC-1295

so it is not a dead link
maybe moved link will be better ;)

idk it says server not found in my case
is it an isp problem?

http://pastebin.com/rmvNSCAR

latest dev version.

This does not need xterm or bash to be installed. Install as per unhumans instructions in post #1. Except miss out xterm and bash.

All processes are shut down nicely

only problem I see with limited testing is the ettercap window doesnt close (after it has been killed). A solution is in the works.

http://pastebin.com/rmvNSCAR

latest dev version.

This does not need xterm or bash to be installed. Install as per unhumans instructions in post #1. Except miss out xterm and bash.

All processes are shut down nicely

only problem I see with limited testing is the ettercap window doesnt close (after it has been killed). A solution is in the works.

Testing right now, seems to work pretty well. Just a doubt: how should I launch it? If I launch it with bash ("bash mitm.etc.sh") no problems at all, but that would include bash as a dependency, wouldn't that?

If I make it executable and launch it without bash (just "./mitm.etc.sh"), it SegFaults (invalid -n option in final function, so the menu goes crazy).

Insults are welcome if this is a dumb question ;)

Testing right now, seems to work pretty well. Just a doubt: how should I launch it? If I launch it with bash ("bash mitm.etc.sh") no problems at all, but that would include bash as a dependency, wouldn't that?

If I make it executable and launch it without bash (just "./mitm.etc.sh"), it SegFaults (invalid -n option in final function, so the menu goes crazy).

Insults are welcome if this is a dumb question ;)

Well thats odd, it starts fine on my one. You need to download the script, chmod +x it (make executable) then run it (i.e. while in the same directory as script type ./<the name of the script>)

Please tell me:

Are you using busybox power? To test, type busybox from the xterm and tell me your version number.

The -n flag on the read command isnt really needed, I just liked not having to press return after each choice.

If you are using the stock busybox then we will have to remove the '-n 1' from all the instances of the 'read' command. It is no great loss really.

As for ettercap not shutting down, this is a good thing. Ettercap PREFERS to have you quit properly with 'q' button so it can un-ARP everyone (shutdown nicely). With this in mind I am thinking of removing the instances of killall ettercap, forcing the user to shut it down properly. That is of course unless someone can work out how to send a 'q' keystroke to the ettercap window. However I feel that is a stick of dynamite to crack a nut.

If all this is the case, then all we need to do is remove the wgets, correct some spelling, slap its *** and send it on its way!

tl;dr, stock busybox might not like -n 1 parameter. Please report your version of busybox.

Well thats odd, it starts fine on my one. You need to download the script, chmod +x it (make executable) then run it (i.e. while in the same directory as script type ./<the name of the script>)

Please tell me:

Are you using busybox power? To test, type busybox from the xterm and tell me your version number.

The -n flag on the read command isnt really needed, I just liked not having to press return after each choice.

If you are using the stock busybox then we will have to remove the '-n 1' from all the instances of the 'read' command. It is no great loss really.

As for ettercap not shutting down, this is a good thing. Ettercap PREFERS to have you quit properly with 'q' button so it can un-ARP everyone (shutdown nicely). With this in mind I am thinking of removing the instances of killall ettercap, forcing the user to shut it down properly. That is of course unless someone can work out how to send a 'q' keystroke to the ettercap window. However I feel that is a stick of dynamite to crack a nut.

If all this is the case, then all we need to do is remove the wgets, correct some spelling, slap its *** and send it on its way!

tl;dr, stock busybox might not like -n 1 parameter. Please report your version of busybox.

I was launching it the right way, but as you correctly said I was not using busybox power (busybox version was the stock one, 1.10.2): just installed it, now it works flawlessly. We should add busybox-power as a dependency, or remove the -n 1 parameter (better).

BTW I can't properly use the script without changing the temp folder: ettercap always stops its activity when the log file exceeds ~930 KB (because /tmp is full). Shouldn't we change the temp folder too?

I was launching it the right way, but as you correctly said I was not using busybox power (busybox version was the stock one, 1.10.2): just installed it, now it works flawlessly. We should add busybox-power as a dependency, or remove the -n 1 parameter (better).

BTW I can't properly use the script without changing the temp folder: ettercap always stops its activity when the log file exceeds ~930 KB (because /tmp is full). Shouldn't we change the temp folder too?

Now your cookin' with gas bro! The obvious solution is to remove ALL instances of '-n 1' (fewer dependancies woot!)

Very good point with the moving of the temp folder, we want to minimise read/writes on the NAND (and <1MB is too small). The obvious place is somwhere in /opt. If there is an '/opt/tmp', put it there. If there is not, we will create one.

So:

1. remove all instances of '-n 1'
2. check/create for /opt/tmp
3. possibly check if script is being run as root and exit if not.
4. edit some of the wordage for better flow.
5. remove the wgets.

Now your cookin' with gas bro! The obvious solution is to remove ALL instances of '-n 1' (fewer dependancies woot!)

Very good point with the moving of the temp folder, we want to minimise read/writes on the NAND (and <1MB is too small). The obvious place is somwhere in /opt. If there is an '/opt/tmp', put it there. If there is not, we will create one.

So:

1. remove all instances of '-n 1'
2. check/create for /opt/tmp
3. possibly check if script is being run as root and exit if not.
4. edit some of the wordage for better flow.
5. remove the wgets.

I'm working on points 1 and 3 (easiests :p), posting the result in minutes.

EDIT: http://pastebin.com/LusgAMpx
Just removed the "-n 1" so busybox-power is not needed, and added a little check for being sure it is run as root. Hope that's ok; should I start working on point 2?

EDIT2: just noticed that "#" was missing before !/bin/sh, added that too.

This is my last version of the script:

http://pastebin.com/YGjb7UeE

It should create /opt/tmp and operate there, however it still saves the results in /root. I'd like to make it saving the output somewhere else, e.g. /opt/yamas or/MyDocs/Yamas or even MyDocs/.documents/yamas for more user-friendliness; what do you think about it?

The results for sure must be moved from /tmp/.. I personally suggest /MyDocs/Yamas/. At the moment /tmp/ limits the file size and at one point the script stops working as some people are reporting.

This is my last version of the script:

http://pastebin.com/YGjb7UeE

It should create /opt/tmp and operate there, however it still saves the results in /root. I'd like to make it saving the output somewhere else, e.g. /opt/yamas or/MyDocs/Yamas or even MyDocs/.documents/yamas for more user-friendliness; what do you think about it?

I don't know about you but I HATE it when a program sh|ts files/folders all over the place. I feel the best option would be for the script to simply put it's log files into the directory the script was invoked in.

+1 /MyDocs/Yamas

I don't know about you but I HATE it when a program sh|ts files/folders all over the place. I feel the best option would be for the script to simply put it's log files into the directory the script was invoked in.

+1 on this ;)

Also, it would be great to put it into repos, when we'll get N900 optimized version (seems that's few fixes ahead).Unhumans & vi_, maybe You could become maintainers? I think it would be hard for ComaX to maintain it without owning N900.

It should create /opt/tmp and operate there, however it still saves the results in /root. I'd like to make it saving the output somewhere else, e.g. /opt/yamas or/MyDocs/Yamas or even MyDocs/.documents/yamas for more user-friendliness; what do you think about it?

Yup, that would be nice.

+1 on this ;)

Also, it would be great to put it into repos, when we'll get N900 optimized version (seems that's few fixes ahead).Unhumans & vi_, maybe You could become maintainers? I think it would be hard for ComaX to maintain it without owning N900.

The script originally doesn't sh|t files all over the place, only tmp and root, which made sense under BT. But I must admit, given your configuration, it would be better to do everything in one place.

About maintaining, I would still be able to make updates and all (for dsn spoofing for instance, and other features I have in mind). But I would surely need you guys to help. After all, except from a few things here and there, it's not much different !

For now, I'll be waiting on _vi and torpedo version, then review it, change what I feel should be changed (shouldn't be much though !). And when it's ready, I'll upload it to Unhuman's blog (pcsci3nce.info).

I'm glad you guys like it and work that much on it ! Cheers :)

Yup, that would be nice.



The script originally doesn't sh|t files all over the place, only tmp and root, which made sense under BT. But I must admit, given your configuration, it would be better to do everything in one place.

About maintaining, I would still be able to make updates and all (for dsn spoofing for instance, and other features I have in mind). But I would surely need you guys to help. After all, except from a few things here and there, it's not much different !

For now, I'll be waiting on _vi and torpedo version, then review it, change what I feel should be changed (shouldn't be much though !). And when it's ready, I'll upload it to Unhuman's blog (pcsci3nce.info).

I'm glad you guys like it and work that much on it ! Cheers :)

The sh|tting everywhere is wrt creating a Mydocs/yamas folder.

I have made a first release, final copy of my modifications of yamas. (http://talk.maemo.org/showthread.php?p=1030935#post1030935)

If there are no obvious bugs then this is as far as I go. Feel free to do with it as you wish.

comaX: add the terms 'Email' and 'Passwd' to your list of things to grep for!

What is this?

No idea about this issue. Does ti happen every time?

I will update the script in the first post to /MyDocs/Yamas so that it doesn't suddenly stop when it reaches 1MB. Please test it in a few minutes.

EDIT:

Try it out
http://pcsci3nce.info/files/mitm_pcsci3nce.sh

let me know when is done pls

my script is working mint what new in the udate you just posted is it worth my updating ???

Yup, that would be nice.



The script originally doesn't sh|t files all over the place, only tmp and root, which made sense under BT. But I must admit, given your configuration, it would be better to do everything in one place.

About maintaining, I would still be able to make updates and all (for dsn spoofing for instance, and other features I have in mind). But I would surely need you guys to help. After all, except from a few things here and there, it's not much different !

For now, I'll be waiting on _vi and torpedo version, then review it, change what I feel should be changed (shouldn't be much though !). And when it's ready, I'll upload it to Unhuman's blog (pcsci3nce.info).

I'm glad you guys like it and work that much on it ! Cheers :)

Hi comaX! Of course I'm not talking about "excluding" you from script "production" for N900 (that would be hilarious, lol) - I'm just talking about strictly maintaining package in Maemo repository, which is sometimes counter-intuitive even for N900 users ;) Of course I'm sure that You would get how it's going, but I'm sure guys here will happily do repos-side things.

Its very nice that You're so involved in creating N900 optimized version of Your script, without even possessing N900 - for that, I'm very thankful.

Anyway, I'm little confused about current "upstream" version for N900 - on first post is it vi_ modified, or another one? AFAIK You guys don't try to achieve different things, so producing 2 different versions in parallel would be counter productive IMO. Especially, that comaX would like to provide updates and overall check script for any possible mistakes - I think it's much better to show him one version, that incorporate both Unhuman and vi_ work (and other people as well if someone else contribute).

/Estel

I just fixed a small 'glitch' with the place files are saved. I haven't changed anything else. I've been having issues with vi's current script for some reason. Anyway, comaX seems to be away from a PC these days so we just have to wait.

Can you tell us what exactly are these issues? Maybe vi_ or other experienced one will help fixing it? Less work for comaX.

no is workin just fine for me, i do get the "data" but the victim ca not see the emails ( i got a test acount on yahoo) and after imputing the login data i get BAD REQUEST on the website. this is normal? ore the victim should be able to continu to read the email...

Depends on how the particular site handles multiple logins really.

I just fixed a small 'glitch' with the place files are saved. I haven't changed anything else. I've been having issues with vi's current script for some reason. Anyway, comaX seems to be away from a PC these days so we just have to wait.

Yup ! But I should get back on track tomorrow or tuesday !

Hi comaX! Of course I'm not talking about "excluding" you from script "production" for N900 (that would be hilarious, lol) - I'm just talking about strictly maintaining package in Maemo repository, which is sometimes counter-intuitive even for N900 users ;) Of course I'm sure that You would get how it's going, but I'm sure guys here will happily do repos-side things.

Its very nice that You're so involved in creating N900 optimized version of Your script, without even possessing N900 - for that, I'm very thankful.

Anyway, I'm little confused about current "upstream" version for N900 - on first post is it vi_ modified, or another one? AFAIK You guys don't try to achieve different things, so producing 2 different versions in parallel would be counter productive IMO. Especially, that comaX would like to provide updates and overall check script for any possible mistakes - I think it's much better to show him one version, that incorporate both Unhuman and vi_ work (and other people as well if someone else contribute).

/Estel

Oh, if that script makes it to the repos, of course you guys will handle anything you like. I don't know sh*t about that ! And that would be a great honour !

The available version should be patched so that users are no longer limited to the 1Mb in /tmp/ directory, but I didn't check yet, and I need to get some sleep before doing that ! So, again, tomorrow or tuesday :p
But, it doesn't contain anything _vi has done so far, since I couldn't check what he has done. I also think it's a bit counter-productive to have two parallel scripts, but if he wishes to do that, I'm fine with it !
Maybe what he should do is ask Unhuman to make him an author on pcsci3ence.info so that he can work directly on the available version. Then we would just increment a version file containing changelog so that we (authors) know what has been done by the others. Just speculating here, you guys do whatever you want !
In deed I intend to make updates, add features and all, so it would be better to have only one version, but again, I don't give much of a fcuk =D I'll maintain and update my version and the N900's, anyone who wants to participate is very welcomed and that's about it !

I'll post again when I will have reviewed all versions (_vi, current one, and ones I was sent...)

Meanwhile, keep up the good work guys !

Cheers !

right just wandering is the script on first page the newist version as i see a lot of pastebin links about so which is best working version >??##

many thanks

Yup ! But I should get back on track tomorrow or tuesday !



Oh, if that script makes it to the repos, of course you guys will handle anything you like. I don't know sh*t about that ! And that would be a great honour !

The available version should be patched so that users are no longer limited to the 1Mb in /tmp/ directory, but I didn't check yet, and I need to get some sleep before doing that ! So, again, tomorrow or tuesday :p
But, it doesn't contain anything _vi has done so far, since I couldn't check what he has done. I also think it's a bit counter-productive to have two parallel scripts, but if he wishes to do that, I'm fine with it !
Maybe what he should do is ask Unhuman to make him an author on pcsci3ence.info so that he can work directly on the available version. Then we would just increment a version file containing changelog so that we (authors) know what has been done by the others. Just speculating here, you guys do whatever you want !
In deed I intend to make updates, add features and all, so it would be better to have only one version, but again, I don't give much of a fcuk =D I'll maintain and update my version and the N900's, anyone who wants to participate is very welcomed and that's about it !

I'll post again when I will have reviewed all versions (_vi, current one, and ones I was sent...)

Meanwhile, keep up the good work guys !

Cheers !

This will never make it to the repositorys...it is just a script.

The version torpedo and I worked on addresses all the issues that have been raised about running this thing on the n900.

You will be unable to include the changes into your 'master' version 'upstream' as It has not really been written in a 'portable' fashion.

As far as I am concerned the version I have 'fixed' as linked to in the other thread is the only version worth even attempting to run on an n900. The version in this thread is plain broken and was untested on release.

Concerning future development, that is all up to you bromaX. I have 'scratched my itch', created a working version. I have even provided a paste n' script psuedo installer. What you guys now do with this is up to you.

Despite the fact this makes stealing secured passwords so easy my mother could do it some people are still managing to ****itup. This fact concerns me. This script is the equivalent of giving an AK47 to a mal-balanced child. (but there again, i feel guilty when using aircrack. Do I understand the weakness in the WEP implementation of the RC4 cipher enough to feel legitimate enough to use aircrack? - where TF am I going with this??)

tl;dr; I have nothing more to contribute to YAMAS. My pastebin link will expire in 28 days. This version sucks, use the one in the other thread. Don't actually ever use this script, if you do it is nothing to do with me.

F am I going with this??[/I])
As far as I am concerned the version I have 'fixed' as linked to in the other thread is the only version worth even attempting to run on an n900. The version in this thread is plain broken and was untested on release.

This version sucks, use the one in the other thread.

I don't even know how to comment this. You sir, just lost all my gratitude and respect. Please learn how to appreciate other people's work and how to communicate as a normal human being.

This will never make it to the repositorys...it is just a script.[...]Don't actually ever use this script, if you do it is nothing to do with me.

Yeah, whatever dude :) Maybe you should just re-read what you wrote in the script, because speaking of f*cking something up, you did good ;)

Up to you to find where is the problem.

By the way, according to your next post, I might warn moderators about some people's work being stolen. Me not giving a damn about the code itself, doesn't mean the name isn't mine. Please change it so people don't make association between your shitty perfect stuff and mine.
Also, since a script is pretty much a wrap up of some other stuff, I don't mind anyone learnin, copying from it. The parsing method is mine though, and I worked my arse off on this one. If you wish to continue with "your" script, please remove the parsing I wrote. The other stuff are free for you to use though.

Cheers !


####


right just wandering is the script on first page the newist version as i see a lot of pastebin links about so which is best working version >??##

many thanks
The link on the first page is in deed the last version. Please not we are still working on it ;) The different pastebins are people submitting modifications for me to take into account.
Having a social life, and friends to meet, I don't spend my whole time reading scripts (don't take that personnaly at all, it's meant for the arshole above) and modifying mine. Tonight, or tomorrow, according on what I'm planning on doing tonight, I'll make substantial modifications with what you guys submitted =D

If you are ready to install some dependencies that we should get rid of in the next release, then do, the script is functionnal. And if you experience troubles, just report, and I'll do my best along with the other members !

Yeah, whatever dude :) Maybe you should just re-read what you wrote, because speaking of f*cking something up, you did good ;)

Up to you to find where is the problem.

By the way, according to your next post, I might warn moderators about some people's work being stolen. Me not giving a damn about the code itself, doesn't mean the name isn't mine. Please change it so people don't make association between your shitty perfect stuff and mine.

Cheers !

Right, you both appear to have missed the point. -_-'

1. YAMAS belongs to COMAX, in every respect. The credits are the same, the name is the same COMAX WROTE IT. Nobody has stolen anything and to say otherwise is preposterous.

2. The version posted here ITT is broken for the N900 when first posted and is still broken for the N900. This is NO reflection upon the quality of the original which runs perfectly fine on a 'normal' linux computer.

ComaX, if you want confirmation of this, go and read the source of the 'modified' version. It is still yours, just tweaked to run on an n900.


3. Generally, scripts don't go into the repository as individual entities. To suggest they do is as Ludacris as the SCUD battery box.


4. When I am saying 'don't run this'. I mean DONT ARP SPOOF some network you have no right to be on and steal some ones passwords.


I can only assume English is not your first language and therefore accept that you may have mis-read what is being said. Thusly I won't take offence.

Wow, i didnt expect that VI. I am English and come from England, and even I read your post different to how your most recent one has put it. Its a shame you no longer want to work on it, however can I take this time to thankyou for your input up to now in making the script better.

Also a massive thanks to ComaX, unhuman and torpedo48.

The original script works fine for me however I support the act of cleaning it up, making it use less dependancies and making it 'designed' for the n900 - I just wish I had the knowledge to help you guys code it ;)

Yeah, whatever dude :) Maybe you should just re-read what you wrote in the script, because speaking of f*cking something up, you did good ;)

Up to you to find where is the problem.

By the way, according to your next post, I might warn moderators about some people's work being stolen. Me not giving a damn about the code itself, doesn't mean the name isn't mine. Please change it so people don't make association between your shitty perfect stuff and mine.
Also, since a script is pretty much a wrap up of some other stuff, I don't mind anyone learnin, copying from it. The parsing method is mine though, and I worked my arse off on this one. If you wish to continue with "your" script, please remove the parsing I wrote. The other stuff are free for you to use though.

Cheers !


####



The link on the first page is in deed the last version. Please not we are still working on it ;) The different pastebins are people submitting modifications for me to take into account.
Having a social life, and friends to meet, I don't spend my whole time reading scripts (don't take that personnaly at all, it's meant for the arshole above) and modifying mine. Tonight, or tomorrow, according on what I'm planning on doing tonight, I'll make substantial modifications with what you guys submitted =D

If you are ready to install some dependencies that we should get rid of in the next release, then do, the script is functionnal. And if you experience troubles, just report, and I'll do my best along with the other members !

well not sure if any one else is having issues but i am the latist script is not working for me was all fine untill i redownloaded new script an now nothing is collecting as it was before ...

it would be so much better if you all worked in this more heads is always better but you need to get on an agree that is forthe benifit of this script an people using it no point in pointing fingers really work with each other ..

many thanks to all who have helped out so far keep it up please ..

This will never make it to the repositorys...it is just a script.

The version torpedo and I worked on addresses all the issues that have been raised about running this thing on the n900.

You will be unable to include the changes into your 'master' version 'upstream' as It has not really been written in a 'portable' fashion.

As far as I am concerned the version I have 'fixed' as linked to in the other thread is the only version worth even attempting to run on an n900. The version in this thread is plain broken and was untested on release.

Concerning future development, that is all up to you bromaX. I have 'scratched my itch', created a working version. I have even provided a paste n' script psuedo installer. What you guys now do with this is up to you.

Despite the fact this makes stealing secured passwords so easy my mother could do it some people are still managing to ****itup. This fact concerns me. This script is the equivalent of giving an AK47 to a mal-balanced child. (but there again, i feel guilty when using aircrack. Do I understand the weakness in the WEP implementation of the RC4 cipher enough to feel legitimate enough to use aircrack? - where TF am I going with this??)

tl;dr; I have nothing more to contribute to YAMAS. My pastebin link will expire in 28 days. This version sucks, use the one in the other thread. Don't actually ever use this script, if you do it is nothing to do with me.

Dude the version he wrote originally is not perfect, but it DOES WORK, please don't say that it "sucks". If I come over to your house for dinner and I think the food could use some more salt or hot sauce, do I tell you that it sucks? Try to be nice to people that aren't getting paid to take abuse... We don't want to scare away all the developers!
Also, thanks for both of your work so far, I trust you can combine this into one script without arguing about it too much :)

2. The version posted here ITT is broken for the N900 when first posted and is still broken for the N900. This is NO reflection upon the quality of the original which runs perfectly fine on a 'normal' linux computer.

Really? As it works flawlessly on my phone and a few others that have reported that here, on private and on my blog. Though you indeed created a BORKEN version of it by ****ing up the parsing method and removing the ability of remotely updating the grep process.

I still don't like your tone.


@stevomanu - the only difference between this version and the previous is the place the log of sslstrip is saved. I just moved it from /tmp/ to /home/user/MyDocs/Yamas. It doesn't make sense not to work.

The only thing I can think you can try is manually creating /home/user/MyDocs/Yamas directory and trying again.

Cheers

EDIT: Yep pretty sure its that now -.- Uploaded a version without a mkdir /home/user/MyDocs/Yamas command -_- Will have it fixed asap - until then create the directory manually.

0_o Another little flame war due to vi_ sociopathic behavior... Yea, thats REALLY what i hoped in this thread, FFS...

Flamewars aside, moving to concrete things - i don't see any reasons why it shouldn't make it way into repos IF it's technically possible to pack it into .deb file. Every program is "just a script", to some degree ;) If no one care (except comaX who definitely care, but he don't have N900) to move *** and try, I'll talk with Mentalist about his recent experiences with maintaining packages and maybe I'll be able to do it. Still as i said only if it's technically possible.

I hate when such a good things are scattered around many parts of forum. In case of reflash/whatever You must remember #@$# dozen of places outside repos, where You can find things You've used.

/Estel

//Edit

Backupmenu is also JUST A SCRIPT, but it sit in repos happily.

0_o Another little flame war due to vi_ sociopathic behavior... Yea, thats REALLY what i hoped in this thread, FFS...

Flamewars aside, moving to concrete things - i don't see any reasons why it shouldn't make it way into repos IF it's technically possible to pack it into .deb file. Every program is "just a script", to some degree ;) If no one care (except comaX who definitely care, but he don't have N900) to move *** and try, I'll talk with Mentalist about his recent experiences with maintaining packages and maybe I'll be able to do it. Still as i said only if it's technically possible.

I hate when such a good things are scattered around many parts of forum. In case of reflash/whatever You must remember #@$# dozen of places outside repos, where You can find things You've used.

/Estel

//Edit

Backupmenu is also JUST A SCRIPT, but it sit in repos happily.

About places to remember, you shouldn't have to remember much. I deleted the auto-updating feature in this version, but when it will be stable enough, I'll think about an argument to pass to the script so that it updates itself ;)

I don't believe this script would make it any near any repo, but if it does, I would just be really glad ^^

If you guys want to do it, be my guests !

As I have time this afternoon, I should make quite some updates !

If someone still has doubts about what this script is and what it does, I've made a video showing YAMAS in action:

http://www.youtube.com/watch?v=9bSq7tXSGAo

PS: vi_ is right, this script is like putting an AK-47 in a child's hand :)

If someone still has doubts about what this script is and what it does, I've made a video showing YAMAS in action:

http://www.youtube.com/watch?v=9bSq7tXSGAo

PS: vi_ is right, this script is like putting an AK-47 in a child's hand :)

nice video glad to see its working for some , im having no luck it was working perfect but sinch updating script things have gone pair shaped ..

If someone still has doubts about what this script is and what it does, I've made a video showing YAMAS in action:

http://www.youtube.com/watch?v=9bSq7tXSGAo

PS: vi_ is right, this script is like putting an AK-47 in a child's hand :)

Nice video ! I wish I could make one that good for the original one !

nice video glad to see its working for some , im having no luck it was working perfect but sinch updating script things have gone pair shaped ..

You can always download the original script and install the additional required dependences, like xterm, and it should be perfectly working!

Nice video ! I wish I could make one that good for the original one !

Unfortunately I can't afford a notebook (yet), so I'm using BackTrack on a virtual machine on my Windsucks 7 PC; unfortunately wifi isn't working properly and I'm not able to use your original script there, or I'd make a good video for you!

I promise to make it as soon as I'll buy a notebook ;)

You can always download the original script and install the additional required dependences, like xterm, and it should be perfectly working!

were is the orignal script then please ??

were is the orignal script then please ??

I published this link in the description of my video, but here it is:

http://pcsci3nce.info/?p=291

Any chance that I can use the video on the official post on my blog ? :>

Unfortunately I can't afford a notebook (yet), so I'm using BackTrack on a virtual machine on my Windsucks 7 PC; unfortunately wifi isn't working properly and I'm not able to use your original script there, or I'd make a good video for you!

I promise to make it as soon as I'll buy a notebook ;)

You sir, are a real gentleman !

Any chance that I can use the video on the official post on my blog ? :>

Mmmmhh you mean mine (can't understand what "official post" means in this context, as there are no videos in the OP)?

If you mean my video: sure, use it as you like, I'd be honoured. The Youtube sharing code is here (http://www.youtube.com/watch?v=9bSq7tXSGAo).

If you write a little note sounding like "thanks to torpedo48 for the video" I'd be very happy too, but it doesn't really matter.

<advertisement>I can create any kind of video for anybody (within the limits of my knowledge of course), just ask ;) </advertisement>

If you mean my video: sure, use it as you like, I'd be honoured. The Youtube sharing code is here (http://www.youtube.com/watch?v=9bSq7tXSGAo).

"A LINK TO A COMPLETE GUIDE FOR YAMAS WILL BE PUBLISHED SOON"

By the way, what do you mean by a complete guide to yamas ?
Whatever this is, if you need anything, just ask ;)

(by the way, nice song you got on the screenshot in your real multitasking thread \m/ )

By the way, what do you mean by a complete guide to yamas ?
Whatever this is, if you need anything, just ask ;)

Thanks a lot for your disposability! I mean a simple step-to-step noob-proof guide for obtaining the script (a working version of course), correctly installing all the necessary dependences and running it without errors. I know that's a dumb guide, but I'm receiving many PMs requesting this kind of things.

And, between ourselves, I write those articles as reminders for me, so that I can write down some notes and learn better (cause as you've already understood, I'm just an undercover noob who desperately wants to increase his knowledge).

HI guys ! So, I've done some little updates, nothing too fancy though.
It now checks for the installed dependencies, and if you are root.
I would need you to test it, and report back. Usual stuff, you know :p
Those should work.

We are now working on being able lo launch it only by typing the name of the script, and not "bash yamas.sh". What I think should be done is change the first line of the script to where ash is installed.
Another thing I have in mind is to ask for installation of missing dependencies : instead of failure it would say something like "Herpderp is missing. Do you want to install it (Y/n)"
Yes --> installs.
No --> Quits.

That last part is not sure though. I'll stay on the basics for now, but let's say I'm thinking about it.

Waiting for feedback and all, I'll try to work on the Standard edition (check BT forums if interested). DNS spoofing should be on the way ! Maybe an easter egg too, if ever I have the time =D

HI guys ! So, I've done some little u
We are now working on being able lo launch it only by typing the name of the script, and not "bash yamas.sh". What I think should be done is change the first line of the script to where ash is installed.


We got function like that incorporated in N900. If we place any .sh script into:

/usr/bin/

...and make it executable (for example test.sh), we can run that script just by executing:

test.sh

on our osso-xterm. So i think you don't need to worry about that.

We got function like that incorporated in N900. If we place any .sh script into:

/usr/bin/

...and make it executable (for example test.sh), we can run that script just by executing:

test.sh

on our osso-xterm. So i think you don't need to worry about that.

Yup, I know, that's the same in every linux (afaik) and I use it in my original script. The thing here is that you have to tell the term how to "read" the script by launching it with "bash" before. But what I would want is to get rid of that, so that it launches with only /path/scipt.sh. That should be achieved by writing #! /bin/ash on the first line of the script.
It would then use the default ash of maemo (so, no need to install bash), and you wouldn't have to launch it with "ash script.sh".
So far results are inconclusive though, because I can't test directly (not that Unhuman's tests are bad, but I always forget to tell him things, so it's better if I trial and fail on my own ^^).
But if someone understood what I mean and achieves that, that would be very nice :)

DNS spoofing should be on the way ! Maybe an easter egg too, if ever I have the time =D

Good news, if you need a tester for the new scripts I'll gladly help.

From I got from comaX today is that the script should be completely functional with ash now ( so no need for bash ). However when I run it with ash I get errors in the new dependency part of the script:
ash: unknown operand

and gives a false positive for missing dependencies (no such thing happens when run as bash)

Moreover, after using chmod +x on it the script still returns permission denied when run as ./mitm_pcsci3nce.sh.

I will try putting the script in /usr/bin now and running it directly and see what happens.


EDIT:

This works. Script can be started after chmod +x in /usr/bin by simply issuing mitm_pcsci3nce.sh in terminal. However, it still returns:
ash: unknown operand
and claims I have unmet dependencies (despite all showing success)

EDIT 2:

So until figuring out why this happens with ash, bash will still be required. ( first line of the script should link to /bin/bash, not bin/ash)

Good news, if you need a tester for the new scripts I'll gladly help.

That's noted, thanks !

I must warn you guys though : I'm moving out this week, so I should be pretty busy, and when in my new apartment, I might not have internet for some time :s (or Edge connection from mobile phone... Yepee !)
I'll kindly ask the neighbors, but I don't think they'll just let me connect to their network like that.

#####

From I got from comaX today is that the script should be completely functional with ash now [...]
So until figuring out why this happens with ash, bash will still be required. ( first line of the script should link to /bin/bash, not bin/ash)
Yup, yup, yup ! We'll try some more, but if it's too much of a hassle, we'll stick to bash. After all it's not heavy or anything, and I believe is the most spread version of sh !

If you guys find a way to use ash though, we'll be happy bunnies =)

New version with dependency check added - test if it works .

It still requires bash to be run, however it can now be run as
mitm_pcsci3nce.sh only, no need to type bash before the name now.

New version with dependency check added - test if it works .

It still requires bash to be run, however it can now be run as
mitm_pcsci3nce.sh only, no need to type bash before the name now.

Hi, the check would be best done by using dpkg; e.g. for wget


if dpkg -l | grep wget 1>/dev/null; then echo $?;fi

finally got this working after reinstalling every thing all is working fine one thing i noticed i was sniffing on phone an was using pc an if i click on facebook it goes to white page with

location: ht

if i refresh page it works but surly some1 would realiz someting was wrong ..

thanks for all work on script to all involved

New version with dependency check added - test if it works .

It still requires bash to be run, however it can now be run as
mitm_pcsci3nce.sh only, no need to type bash before the name now.

Placed it in /usr/bin and give it permissions. It does run using "mitm_pcsci3nce.sh"

Works like a charm and checks for deps on start up, but why not use osso-xterm and ash like vi_ did?

Hi, the check would be best done by using dpkg; e.g. for wget


if dpkg -l | grep wget 1>/dev/null; then echo $?;fi


I didn't think about that, but I think just checking for a file to exist is simpler than calling two other programs, however light they are. That's a good idea though.

####

Placed it in /usr/bin and give it permissions. It does run using "mitm_pcsci3nce.sh"

Works like a charm and checks for deps on start up, but why not use osso-xterm and ash like vi_ did?

Osso-xterm seems to be a pain in the *** to use ! But if we find a way to use it, it will be used. That's not a priority though, since xterm is pretty light and is the most used script-wise. As for ash, that's just plain weird. It should be working but when Unhuman tested it, it failed.

What would be nice is for you guys to test with ash on your own, either with :
- ash script.sh
- script.sh, with the first line of the script being #! /bin/ash
And then report back, either here, or by mail.

####


finally got this working after reinstalling every thing all is working fine one thing i noticed i was sniffing on phone an was using pc an if i click on facebook it goes to white page with

location: ht

if i refresh page it works but surly some1 would realiz someting was wrong ..

thanks for all work on script to all involved

That comes from sslstrip 0.9, and there's nothing we can do about it, unfortunately. But the script is not at fault here !

the script has failed to find ettercap but on its own ettercap works. I installed ettercap via karma's debz from link below. how can i correct this?

http://talk.maemo.org/showthread.php?t=73572&highlight=hacking+tutorial



cd /home/user/MyDocs/karam
mv ettercap-ng.tar.gz /opt
cd /opt
tar xzvf ettercap-ng.tar.gz
chmod +rwx -R ettercap/
rm ettercap-ng.tar.gz
cd # maybe not required
ln -s /opt/ettercap/lib/libnet.so.1.3.0 /usr/lib/libnet.so.1
ln -s /opt/ettercap/bin/ettercap /usr/bin
ln -s /opt/ettercap/bin/etterfilter /usr/bin
ln -s /opt/ettercap/bin/etterlog /usr/bin

What would be nice is for you guys to test with ash on your own, either with :
- ash script.sh
- script.sh, with the first line of the script being #! /bin/ash
And then report back, either here, or by mail.


Works fine with ash actually, but it shows this error after "You can discover hosts and enter IP(s) manually by entering D

ash: D: unknown operand

the script has failed to find ettercap but on its own ettercap works. I installed ettercap via karma's debz from link below. how can i correct this?

http://talk.maemo.org/showthread.php?t=73572&highlight=hacking+tutorial

i had this issue an reinstalled ettercap from these instructions an now all is working fine



http://talk.maemo.org/showpost.php?p=852862&postcount=17



now all works mint

Works fine with ash actually, but it shows this error after "You can discover hosts and enter IP(s) manually by entering D

ash: D: unknown operand

Hi comaX,

to correct those errors you need for example in line 79:


if [[ $(grep "0" ./test.txt) == "" ]]; then


the following:

if [[ "$(grep "0" ./test.txt)" == "" ]]; then


that is "$(blabla)" type of thing.

You have this in many ifs but not everywhere and ash is strict about (bash can handle those).

i had this issue an reinstalled ettercap from these instructions an now all is working fine



http://talk.maemo.org/showpost.php?p=852862&postcount=17



now all works mint

coolz, that worked. thanks.

coolz, that worked. thanks.

no problem any time , cant i suggest next time use THANKS button it saves on loads of thank you posts ..

That is what happens when you have 5 different ettercap ports with 5 different places that it shits its files to... Can someone say where is ettercap placed from the karam installation?

EDIT:
Obviously if you are sure ettercap is installed ignore the dependency warning. Gotta update the script to search in multiple locations due to the explanation above.

Hi comaX,

to correct those errors you need for example in line 79:


if [[ $(grep "0" ./test.txt) == "" ]]; then


the following:

if [[ "$(grep "0" ./test.txt)" == "" ]]; then


that is "$(blabla)" type of thing.

You have this in many ifs but not everywhere and ash is strict about (bash can handle those).

Yeah, I noticed ash is pretty strict ! But also pretty cool on some point, especially echo, for instance.
I'm working on all those operand errors, but as I said earlier, I'm in the middle of a moving out, so it might take some time !

Also, now that the dependencies check works in ash, I'll introduce looking for different paths ;)
How should the script react to a missing dependency ? Just a warning ? Exiting ?

Do you guys know why am I getting :
Warning : Cannot convert string "nil2" to type Fontstruct

Do you guys know why am I getting :
Warning : Cannot convert string "nil2" to type Fontstruct

Just discard this error, it's just some font stuff. If you tell me the line the error comes at, I'll try to fix it !

Hi comaX and Unhuman,

I think this removes bash dependencies. Have added also tabs here and there for me to read it easier.

Hope you find it useful.

Note: Haven't tested it much.

Hi comaX and Unhuman,

I think this removes bash dependencies. Have added also tabs here and there for me to read it easier.

Hope you find it useful.

Note: Haven't tested it much.

Operand errors are gone now. I let it run for 5 minutes, and got no errors whatsoever.

On a side note: xterm really annoys me, font is small, and you can't copy directly from it :o

Edit: after 10 minutes of running device crashed and restarted. This never happened with the previous scripts.

Operand errors are gone now. I let it run for 5 minutes, and got no errors whatsoever.

On a side note: xterm really annoys me, font is small, and you can't copy directly from it :o

Edit: after 10 minutes of running device crashed and restarted. This never happened with the previous scripts.

Nice to report on Saturn's version. On each echo line, is the argument printed ? Because I had to remove them all with my version of ash...
Xterm is a secondary problem dude, just copy from the .pass.txt for now ^^ I promise I'll try and make it through with osso when I have the time ;)

The fact that you device crash is not surprising ! The parsing method is very CPU-consuming (working on something about that, btw ; but I'm having a hard time !). What I can suggest is that you go to the RTP menu, and pause or kill the process for some time.

Could you provide me with screenshots of Saturn's version please ? That may help me a great lot !

Thanks to you both :)

Screenshots as requested:

Some screenies of Saturn version

Edit: Too late, but i'll keep them anyway :)

http://img7.imageshack.us/img7/2092/screenshot2011062619310.png

http://img687.imageshack.us/img687/1194/screenshot2011062619311.png

http://img3.imageshack.us/img3/7537/screenshot2011062619313.png

http://img405.imageshack.us/img405/3516/screenshot2011062619315.png

http://img98.imageshack.us/img98/3516/screenshot2011062619315.png

Well it seems Saturn's version is just perfect ! What did you change ?
How do you launch the script ?
ash script.sh ? (I'd guess this one since you use #! /bin/sh ...)
or script.sh ?

Have you tried after apt-get purge bash ?

I know, I'm asking too much :p

How do you launch the script ?
ash script.sh ? (I'd guess this one since you use #! /bin/sh ...)
or script.sh ?

Have you tried after apt-get purge bash ?

script.sh works fine.

Purged bash and it's still working.

script.sh works fine.

Purged bash and it's still working.

Awesome ! I still want to know what changed ! By a quick look at it, I couldn't find !

Well, I think Saturn just won a nice and cozy place in the credits section !
So, I'll have to modify bits here and there so that it sticks to what I last wrote concerning dependency check (it's not really pretty the way it is now... But not much really !).

Thank you guys for working on that, giving feedback and all !

[PS : just to make clear : you chmod'ed +x the script and then just launched it with /path/to/script.sh ?]

Well it seems Saturn's version is just perfect ! What did you change ?
How do you launch the script ?
ash script.sh ?
or script.sh ?

Have you tried after apt-get purge bash ?

I know, I'm asking too much :p

No problem, I learn a lot reading your code. It's quite nice.

on your questions:
- didn't change much, just "protected" some variables. really check with a diff.
- made it first executable, and then ./script.sh is enough.
- yes, I have removed bash and still works.

Very, very nice ! I'll save it, and upload it to Unhuman's website, ASAP !

Next step : osso-xterm. Then finish ! Only need to add features, if possible at the same time as the BT5 version !

What about calling it "yamas-ME" (for Maemo Edition) ? Not that I don't like pcsci3nce, but I guess on a handled device it's not very handy. Since Pcsci3nce is in the banner right after the script title, Unhuman wouldn't loose any credit ;)

Cheers !

Edit : could you tell me what are the different possible paths for ettercap ?

Edit2 : if it weren't for some different paths, it would work on BT5 too. That's pretty damn great ! The new version is uploaded, you can now download it ! Cf. 1st post ;)

"yamas-me" seems to be great name. Or just "yamas-m" ;)

Anyway, feel free to correct me guys if i missed something, but AFAIK vi_ version work essentially in osso-xterm, but he screwed some parts of it (not related to working in osso-xterm). So, can't "his" method of using it in xterm be checked through diff, and incorporated into "non-screwed" version?

Disclaimer:

Keep in mind that anything i wrote about this may be wrong and possibly is, cause this is pure guessworking based on user experiences.

Very, very nice ! I'll save it, and upload it to Unhuman's website, ASAP !

Next step : osso-xterm. Then finish ! Only need to add features, if possible at the same time as the BT5 version !

What about calling it "yamas-ME" (for Maemo Edition) ? Not that I don't like pcsci3nce, but I guess on a handled device it's not very handy. Since Pcsci3nce is in the banner right after the script title, Unhuman wouldn't loose any credit ;)

Cheers !

Edit : could you tell me what are the different possible paths for ettercap ?

Edit2 : if it weren't for some different paths, it would work on BT5 too. That's pretty damn great ! The new version is uploaded, you can now download it ! Cf. 1st post ;)

Cool. thanks for the mention.

@all: One more tip to make it easier for launching.

after you make the script executable then you can make a symbolic link. e.g.


ln -s /home/user/myscripts/mitm_pcsci3nce.sh /usr/bin/mitm


replace the path (/home/user/myscripts) with the one you are using and then you can execute only with mitm

Hey everyone, great job! I managed to get everything working (i.e no errors) through saturns script and was just wondering, on the n900, how long does it take before i get any results for the passwords and stuff? also whats the traffic meant to look like when running this? im getting 0up 0down :S

edit: maybe its just my rubbish router

i have bleeding edge installed and some custom drivers for wl11251

as soon as the password window opens the up and down hit Zero.

any ideas?

i have bleeding edge installed and some custom drivers for wl11251

as soon as the password window opens the up and down hit Zero.

any ideas?

Some screenies of Saturn version


http://img98.imageshack.us/img98/3516/screenshot2011062619315.png

what is the last screenshot please ..

what is the last screenshot please ..

Tail-grep hosts, option 4 in the script.

Tail-grep hosts, option 4 in the script.

Yeahp, by the way, I should maybe do it only for secure references or POST data... And correct the title ><

EDIT : started working on DNS spoofing ;)

i have all the dependencies and i chmod-ed +x the script in /usr/bin but i get alot of 'not found' and 'permission denied' also i want to scan the whole network but it keep saying 0 network
here is the otput :

- there must be a password captured in order to save it in Yamas the older, right ? or it may leave an empty password.txt ?

# # # # # # #####
# # # # ## ## # # # #
# # # # # # # # # # #
# # # # # # # # #####
# ####### # # ####### #
# # # # # # # # #
# # # # # # # #####
ARM Edition For Pcsi3ence.info
================================================== =========================
= Welcome to Yet Another MITM Automation Script. =
= Use this tool responsibly, and enjoy! =
= Feel free to contribute and distribute this script as you please. =
= Official thread : http://tinyurl.com/yamas-arm =
= Check out the help (-h) to see edition informations =
= You are running YAMAS-arm =
================================================== =========================
[+] Cleaning iptables
[-] Cleaned.
/usr/bin/mitm_pcsci3nce.sh: line 271: ip: not found

[+] Activating IP forwarding...
[-] Activated.

[+] Configuring iptables...
To what port should the traffic be redirected to? (default = 8080)

Port 8080 selected as default.

From what port should the traffic be redirected to? (default = 80)

Port 80 selected as default.


Traffic from port 80 will be redirected to port 8080
[-] Traffic rerouted

[+] Activating sslstrip...
Choose filename to output : (default = yamas)

Sslstrip will be listening on port 8080 and outputting log in /home/user/MyDocs/Yamas/yamas.txt

sslstrip 0.9 by Moxie Marlinspike running...

[-] Sslstrip is running.


[+] Activating ARP poisoning...

/usr/bin/mitm_pcsci3nce.sh: line 412: ip: not found
/usr/bin/mitm_pcsci3nce.sh: line 413: ip: not found

Enter IP gateway adress or press enter to use .
192.168.1.1

Using wlan0 as interface

We will target the whole network as default. You can discover hosts and enter IP(s) manually by entering D.
Press enter to default.


sh: missing ]]
/usr/bin/mitm_pcsci3nce.sh: line 458: : Permission denied
/usr/bin/mitm_pcsci3nce.sh: line 458: xterm: not found
Targeting the whole network on 192.168.1.1 on wlan0 with Ettercap
[-] Arp cache poisoning is launched. Keep new window(s) running.

Attack should be running smooth, enjoy.


/usr/bin/mitm_pcsci3nce.sh: line 482: xterm: not found

Attack is running. You can :
1. Rescan network.
2. Add a target (useless if targeting whole network).
3. Display ASCII correspondence table.
4. Tail-grep hosts through output (make sure there is traffic).
5. Real-time parsing...
6. Quit properly.

Enter the number of the desired option.

sounds to me like your missing some dependencies

sounds to me like your missing some dependencies

at the startup checking it says success to all the dependencies so i don't think its the case

at the startup checking it says success to all the dependencies so i don't think its the case

Don't follow that check just yet ! I put some in to make a test, but it's not thorough !

It's seems like you are missing "ip" and "xterm" dependencies.
I'll ask Unhuman about the correct paths for those, and will add them to the check.

Sorry for the confusion !

at the startup checking it says success to all the dependencies so i don't think its the case

what command did you use to run this ??

Don't follow that check just yet ! I put some in to make a test, but it's not thorough !

It's seems like you are missing "ip" and "xterm" dependencies.
I'll ask Unhuman about the correct paths for those, and will add them to the check.

Sorry for the confusion !

the ettercap check worked yesterday so i reinstalled it an all worked mint .

Don't follow that check just yet ! I put some in to make a test, but it's not thorough !

It's seems like you are missing "ip" and "xterm" dependencies.
I'll ask Unhuman about the correct paths for those, and will add them to the check.

Sorry for the confusion !

so i should run apt-get install xterm & apt-get install ip ?

what command did you use to run this ??

root
/usr/bin/mitm.sh

Yeahp, by the way, I should maybe do it only for secure references or POST data... And correct the title ><

EDIT : started working on DNS spoofing ;)

i guess thi script is gunna end up something like easy-creds that i use on backtrack5 , have tryed easycreds on n900 some things work but no others ...

thanks for all your work an comitment to this project ...

so i should run apt-get install xterm & apt-get install ip ?



root
/usr/bin/mitm.sh

Try this:

apt-get install iproute xterm

It will install those two commands you were missing, xterm and ip.

i guess thi script is gunna end up something like easy-creds that i use on backtrack5 , have tryed easycreds on n900 some things work but no others ...

thanks for all your work an comitment to this project ...

Hmm, yes and no ! I created this script precisely because I wasn't satisfied by easy-creds ! The parsing method is very different for one thing, and it doesn't do all the stuff that easy-creds offers, and that I find not useless but... Not fitting for my script. By the way, if you use BT5, you should check out the BT5 version of this script :
http://comax.pagesperso-orange.fr/info/#yamas
The current version is 0.9.1.

if you were saying it will become like EC because I keep adding stuff EC also has, it's only half true, because after dns spoofing, I think I'll be very close to some final version !
And if you say so because some things work and others doesn't, you're plain wrong, cause I'll correct it until it's (almost) perfectly fitting ! =D

Cheers :)

the ettercap check [didn't work][?] yesterday so i reinstalled it an all worked mint .
See edit below ;)

Edit : I added ip and xterm to the dependency check, and a second path for ettercap, since it seems it could be installed in two different places according to what install method you used.

If ever you notice e dependency I forgot, or another path to it, don't hesitate to submit it !

@AgogData check first post for dependencies. You are missing busybox-power and xterm.

EDIT:

comaX - ip is part of busybox-power. The script should check for ip, but point out that busybox-power isn't installed :)

Hi comaX and Unhuman,

One more edit for you to consider.

- The dependencies are checked by dpkg (in my opinion agnostic and more resilient to custom installations).
- the dependency check is done not every time but on request using the -d option. That is,

./mitm_pcsci3nce.sh -d

- made the two "wget" to happen only when needed.
- the home folder is a variable - easier to change
- one small correction: if the root privileges check failed you were stuck with red font - the echo command color was not terminated.

I think that's all. Thanks again.

Everything seems to work alright for me(no dependency problems, no iptables error etc), but I get this message on my computer so I thought I were protected:

http://i.imgur.com/296gX.png

However, I shut down all protection and still no passwords, neither for HTTP or HTTPS. I run with all default settings. When I do submit a password, there's a brief flicker on the password terminal window, but nothing shows up. Any advice?

Everything seems to work alright for me(no dependency problems, no iptables error etc), but I get this message on my computer so I thought I were protected:

http://i.imgur.com/296gX.png

However, I shut down all protection and still no passwords, neither for HTTP or HTTPS. I run with all default settings. When I do submit a password, there's a brief flicker on the password terminal window, but nothing shows up. Any advice?

what is your browser ? It seems you are just protected against this kind of attack !

Satun, I'm not home right now, so I can't check the version you posted. Did you do all the modifications you suggested ?
It seems to me those are good ideas (especially -d, but we should also add a warning message so that people do check for the dependencies before running the script, and coming complain about it not working :p - I'll add a message for that below the banner. Also Unhuman should write it in the 1st post. I'll mail him about that), so I'll have a look but I'll probably just uplaod it as is. And some more credits for you ;)
Thanks !

Edit : finally I found a way to read the text file on the crappy mac i'm on... So everything seems fine, but I'm just not sure using dpkg and grep is more efficient than just a simple existence check.
Why not though...

what is your browser ? It seems you are just protected against this kind of attack !


I'm using Firefox 5, maybe I should try internet explorer and see if I'm still protected..

Hmm, yes and no ! I created this script precisely because I wasn't satisfied by easy-creds ! The parsing method is very different for one thing, and it doesn't do all the stuff that easy-creds offers, and that I find not useless but... Not fitting for my script. By the way, if you use BT5, you should check out the BT5 version of this script :
http://comax.pagesperso-orange.fr/info/#yamas
The current version is 0.9.1.



ye i already use that in its ace many thanks , what about a fakeAP with login screen or something simular that maybe easyist way to get WPA2 key on ya phone ...

As for easy-creds its not to bad offers some good features a little buggy for me thou to be fair

Try this:

apt-get install iproute xterm

It will install those two commands you were missing, xterm and ip.

This actually worked by opening ettercap and password windows and start poisoning, but after finishing and choosing Y for "do you wanna save the passwords" it says
sh:missing ]]
/usr/bin/mitm.sh: line 484: y: not found
password saving skipped

also i get this after pressing enter for targeting the whole network

ateway : 192.168.0.1 Interface : wlan0

Enter IP gateway adress or press enter to use 192.168.0.1.

sslstrip 0.9 by Moxie Marlinspike running...

192.168.0.1 selected as default.


Using wlan0 as interface

We will target the whole network as default. You can discover hosts and enter IP(s) manually by entering D.
Press enter to default.


sh: missing ]]
/usr/bin/mitm_pcsci3nce.sh: line 458: : Permission denied
Warning: Cannot convert string "nil2" to type FontStruct
Targeting the whole network on 192.168.0.1 on wlan0 with Ettercap
[-] Arp cache poisoning is launched. Keep new window(s) running.

Attack should be running smooth, enjoy.


Warning: Cannot convert string "nil2" to type FontStruct

Attack is running. You can :
1. Rescan network.
2. Add a target (useless if targeting whole network).
3. Display ASCII correspondence table.
4. Tail-grep hosts through output (make sure there is traffic).
5. Real-time parsing...
6. Quit properly.

Enter the number of the desired option.


i'm using ad-hoc wireless connection hence the 192.168.0.1 IP

This actually worked by opening ettercap and password windows and start poisoning, but after finishing and choosing Y for "do you wanna save the passwords" it says
sh:missing ]]
/usr/bin/mitm.sh: line 484: y: not found
password saving skipped

also i get this after pressing enter for targeting the whole network

ateway : 192.168.0.1 Interface : wlan0

Enter IP gateway adress or press enter to use 192.168.0.1.

sslstrip 0.9 by Moxie Marlinspike running...

192.168.0.1 selected as default.


Using wlan0 as interface

We will target the whole network as default. You can discover hosts and enter IP(s) manually by entering D.
Press enter to default.


sh: missing ]]
/usr/bin/mitm_pcsci3nce.sh: line 458: : Permission denied
Warning: Cannot convert string "nil2" to type FontStruct
Targeting the whole network on 192.168.0.1 on wlan0 with Ettercap
[-] Arp cache poisoning is launched. Keep new window(s) running.

Attack should be running smooth, enjoy.


Warning: Cannot convert string "nil2" to type FontStruct

Attack is running. You can :
1. Rescan network.
2. Add a target (useless if targeting whole network).
3. Display ASCII correspondence table.
4. Tail-grep hosts through output (make sure there is traffic).
5. Real-time parsing...
6. Quit properly.

Enter the number of the desired option.


i'm using ad-hoc wireless connection hence the 192.168.0.1 IP

I think you need to write a big Y to save the passwords. Also, it looks like you might not run the script as root(hence the "/usr/bin/mitm_pcsci3nce.sh: line 458: : Permission denied").

It seems either like scripting errors, so I'll have a look at that, but also of permission error ! Make sure to be root before launching the script, not launching the script as root :
su
script

and not
sudo script

;)

I'm using Firefox 5, maybe I should try internet explorer and see if I'm still protected..

Yup, and keep us posted ;)

(sorry for double post, little tab mistake...)

Hi comaX and Unhuman,

One more edit for you to consider.

- The dependencies are checked by dpkg (in my opinion agnostic and more resilient to custom installations).
- the dependency check is done not every time but on request using the -d option. That is,

./mitm_pcsci3nce.sh -d

- made the two "wget" to happen only when needed.
- the home folder is a variable - easier to change
- one small correction: if the root privileges check failed you were stuck with red font - the echo command color was not terminated.

I think that's all. Thanks again.

Ok ! I reviewed your version :
- Using dpkg and grep is indeed slower than -e, but it's smarter, and (see next)
- -d option is good ! Since it won't be done everytime, it can be slower ;)
- Home folder to var : I must have missed something since I don't know why you would do that... I left it there though ;)
- No more red color : check.

I modified the way the -d option is used though : deleted exit 0 after calling dep() but introduced it after failing the check. When the test is a success, the script will just continue.

Now, I have another idea for that check : it could be run automatically everytime, unless a certain file exists. That file would be created when the check is successful. It'd be something like this :

if [[ ! -e $pathLog/.ok ]]; then
dep
fi


That way, even if the user didn't use the -d option, the test would be done if it never successed in a first place. We would leave the -d option in case after some changes the script fails again. -d would be a force-check option !
A failed test would delete .ok of course.

What do you think about that ? Waiting on your feedback ;)

Also, I saw you wrote comment, so I suggest that in order to find them easily we write our nicks after them like this : -comaX. When we have read the comment, we delete it. We only do that for comments that do not explain what is going on.
That should help us keep up with what's changes, and why !

Thank you very much for your work on that, cheers !

(damn, sorry for triple posting... If some mod can merge the posts, please do !)

Agree with all you comments and find your idea nice, something like first run check.

On another subject: if you find it useful, i could package it and even upload it to the repos.

Cheers.

I think you need to write a big Y to save the passwords. Also, it looks like you might not run the script as root(hence the "/usr/bin/mitm_pcsci3nce.sh: line 458: : Permission denied").

about the Y, i tried it both y and Y..also n and N
and i'm always root before running mitm

Agree with all you comments and find your idea nice, something like first run check.

On another subject: if you find it useful, i could package it and even upload it to the repos.

Cheers.

If you feel it's ready for it, please be my guest ! Maybe we should just implement osso-xterm before that. Even though as I stated before, I don't think installing xterm requires too much too do, nor too much capacity consumed so I'm fine with it. I'dont have an N900 though !

###

about the Y, i tried it both y and Y..also n and N
and i'm always root before running mitm

Well then... That's weird ! Both Y and y should work. What version are you using ? What is your maemo version ?
(I think I saw 4.1 being out, and maybe 5 beta ? So there might be differences between different versions...)

Well then... That's weird ! Both Y and y should work. What version are you using ? What is your maemo version ?
(I think I saw 4.1 being out, and maybe 5 beta ? So there might be differences between different versions...)

i'm using maemo pr1.3 and i don't know which mitm version i have but the the guy who made the video has the first release without this problem

If you feel it's ready for it, please be my guest ! Maybe we should just implement osso-xterm before that. Even though as I stated before, I don't think installing xterm requires too much too do, nor too much capacity consumed so I'm fine with it. I'dont have an N900 though !

###


Hopefully you like the YAMAS as a name :)

- missing an icon.
- added all dependencies apart from sslstrip
- start the app with:

sudo gainroot
yamas

Hopefully you like the YAMAS as a name :)

- missing an icon.
- added all dependencies apart from sslstrip
- start the app with:

sudo gainroot
yamas


Yup I like yamas ! Not the greatest, but one could say it refers to the god Yama, and stuff like that. Truth is it's just another man in the middle automation script ! But one that rocks, imho.
Starting it with yamas is perfect, I've been lazy to do that in the BT5 version, and I still start it with "mitm". What a shame :p

You should check the download again though, I just implemented the first-tun check.
I'll upload the .deb to Unhuman's webiste and ask him to edit what needs to be edited ! Due to unfortunate circumstances, he only has limited internet connection these days, so it might take some time.

Do you know how to handle google projects ? With .svn and all that ? We could provide updates that way.

For the icon, I could try to do one, what are the specs of them ?
Size, format, etc. ?

can someone help me out please?

everything seems to be in order, dependencies and all. but i still end up getting nothing. tail-grep is showing me nothing and no details show up in the password window!

Yup I like yamas ! Not the greatest, but one could say it refers to the god Yama, and stuff like that. Truth is it's just another man in the middle automation script ! But one that rocks, imho.
Starting it with yamas is perfect, I've been lazy to do that in the BT5 version, and I still start it with "mitm". What a shame :p

You should check the download again though, I just implemented the first-tun check.
I'll upload the .deb to Unhuman's webiste and ask him to edit what needs to be edited ! Due to unfortunate circumstances, he only has limited internet connection these days, so it might take some time.

Do you know how to handle google projects ? With .svn and all that ? We could provide updates that way.

For the icon, I could try to do one, what are the specs of them ?
Size, format, etc. ?

Yes, google and svn is ok for me.

The icon ideally should be 48x48 and png.

Next version I will add you as a maintainer :) and upload to the repos. I have already added the complete disclaimer you provide.

Some screenshots for you since you haven't got an N900; it's a real pity - this device was made for people like you! Maybe you get the next one, i.e. N9?

Had some problems with the autobuilder which didn't like the long description. I finally had to cut it a little in order to let it pass.

OK finally. Check in 20 min from now here: http://maemo.org/packages/view/yamas/

Cheers

Just AMAZING work... Nothing more to say <3

EDIT:

Updated first post, and pcsci3nce.info

...

Updated first post, and pcsci3nce.info

You can mention that all dependencies will be install automatically apart from ettercap and sslstrip. Those two need to be done first and manually from your guide.

Obviously, reason is they don't exist in extras.

You can mention that all dependencies will be install automatically apart from ettercap and sslstrip. Those two need to be done first and manually from your guide.

Obviously, reason is they don't exist in extras.

so now we remove the old script in /usr/bin and download the new package from extras ?

I've installed both ettercap and sslstrip using the links in the first post. After that, I installed Yamas using the package in extras. When I launch it, after setting all to default (ports, etc.), I get a warning stating that "cannot convert "nil12" to type FontStruct". I am more than a noob. I have no idea what it means as I don't know what is "nil12". I checked with yamas -d, and all dependencies are OK.

By the way, I tried to attack my laptop connected to my private wifi network. It was detected as a host but no passwords were retrieved. Nothing was appended to the main file like in the video shown on pcsci3nce.info. Any idea there?

the new package is working despite the same msg i get as Kabouik (cannot convert "nil12" to type FontStruct) and the saving issue is solved now it can save. but its saving to /home/user/.yamas can i make it save to /home/user/MyDocs/Yamas ? or symlink to there ?

the warning during installing (replacing) busybox-power was a bit scary, whats the difference between the old stock and the new one ?

Ignore all font warnings.

Ignore all font warnings.

Yup and tell me at what line it occurs so that I redirect it to /dev/null? That should do :)

Saturn : I'm trying to create an account on maemo (seems like the one for the forums isn't enough) but it's having problems with confirming registration... Anyway, I'll need your help concerning the repos and all, so send me a mail at contact.comax@gmail.com ;)

By the way, I'm trying to install maemo in a Vmware so that I can do tests on my own !

hi, i've installed ettercap 0.7.3 and ssltrip 0.9 and then i've installed yamas from repos. when i launch yamas as root whith all settings default my network seems slow down and it can't discover any password.. can someone help me?

hi, i've installed ettercap 0.7.3 and ssltrip 0.9 and then i've installed yamas from repos. when i launch yamas as root whith all settings default my network seems slow down and it can't discover any password.. can someone help me?

There seems to be a problem with your egrep. What version do you have ?

There seems to be a problem with your egrep. What version do you have ?
how can i discover my version?

how can i discover my version?

dpkg -l | grep grep

Also, if you haven't rebooted since, is there grepcred.txt in /tmp ?

dpkg -l | grep grep

Also, if you haven't rebooted since, is there grepcred.txt in /tmp ?

thank you for the help.
it says: rc grep-gnu 2.5.-4maemo4
and when i type apt-get install grep it says:
selecting busybox instead of grep
busybox is already the newest version.

what about installing the grep-gnu package?

dpkg -l | grep grep

Also, if you haven't rebooted since, is there grepcred.txt in /tmp ?

Hi comax,

even i am facing the same problem.. all dependicies are met and script runs fine.. however i cant see any passwords ..

the password.txt is also empty

i did dpkg -l | grep grep but i dont get any output..

so i tried apt-get install grep but it says i have the latest version

Please help..

Thanks
Bipin

Got stuck with comax on the maemo sdk in virtual box - how can we install busybox-power in the SDK exactly? Got everything else installed, It returns an error -
dpkg: error processing /var/cache/apt/archives/busybox-power_1.18.5power1.armel.deb ( --unpack):
subprocess pre-installation script returned error exit status 1
Errors were encountered while processing:
/var/cache/apt/archives/busybox-power_1.18.5power1_armel.deb
E: Sub process /scratchbox/devkits/debian-etch/bin/dpkg returned an error code (1)

thank you for the help.
it says: rc grep-gnu 2.5.-4maemo4
and when i type apt-get install grep it says:
selecting busybox instead of grep
busybox is already the newest version.

what about installing the grep-gnu package?

sorry i'm on kernel-power 47 and lastest CSSU. can it helps?

sorry i'm on kernel-power 47 and lastest CSSU. can it helps?

Pretty sure you don't have busybox-power installed.

i have busybox-power installed!

i have busybox-power installed!

It's weird that you had any output, since it's in busybox...
bipinbn has the right output though...

Are you guys trying this on your own network ? Did you saved the whole log file and searched for the credentials you submitted ?

Copy all the output to a pastebin so that we know what's going on. Make it disappear after one or two days, it would look bad if people found them while just searching for yamas :p

It's weird that you had any output, since it's in busybox...
bipinbn has the right output though...

Are you guys trying this on your own network ? Did you saved the whole log file and searched for the credentials you submitted ?

Copy all the output to a pastebin so that we know what's going on. Make it disappear after one or two days, it would look bad if people found them while just searching for yamas :p

yes i'm trying on my own network and my own account :)
i'm quite a noob, do you mean the output saved on /home/user/.yamas/ ?

i've attached my output. i hope it can help to solve my problem. I would love to try this script ;)

what do you think about a bad installation of sslstrip or of ettercap?

what do you think about a bad installation of sslstrip or of ettercap?

Might be... But I talked it over with Unhuman for a quite a longtime this afternoon, and our conclusion was : "well, ****, we don't know what's going on for those dudes."

i'll have a look at your file and report ;)

EDIT : the file was just fine, something must have f*cked up during the parsing...

And it fails for some reason, check that you have /tmp/grepcred.txt and that it's not empty. For some reason, it happens to me from time to time... Maybe my host provider doesn't like too much requests at the same time...

yes i'm trying on my own network and my own account :)
i'm quite a noob, do you mean the output saved on /home/user/.yamas/ ?

i've attached my output. i hope it can help to solve my problem. I would love to try this script ;)

For malicious people the username and pass that i've used for the test are fake ;) don't spend time to try it.

Might be... But I talked it over with Unhuman for a quite a longtime this afternoon, and our conclusion was : "well, ****, we don't know what's going on for those dudes."

i'll have a look at your file and report ;)

EDIT : the file was just fine, something must have f*cked up during the parsing...

And it fails for some reason, check that you have /tmp/grepcred.txt and that it's not empty. For some reason, it happens to me from time to time... Maybe my host provider doesn't like too much requests at the same time...

here is my grep output i can't see any -a option.. may be this the error?

BusyBox v1.18.5 (Debian 1.18.5power1) built-in shell (ash)
Enter 'help' for a list of built-in commands.

~ $ sudo gainroot
Root shell enabled


BusyBox v1.18.5 (Debian 1.18.5power1) built-in shell (ash)
Enter 'help' for a list of built-in commands.

/home/user # egrep
BusyBox v1.18.5 (Debian 1.18.5power1) multi-call binary.

No help available.

/home/user # grep
BusyBox v1.18.5 (Debian 1.18.5power1) multi-call binary.

Usage: grep [-HhnlLoqvsriwFE] [-m N] [-A/B/C N] PATTERN/-e PATTERN.../-f FILE [FILE]...

Search for PATTERN in FILEs (or stdin)

Options:
-H Add 'filename:' prefix
-h Do not add 'filename:' prefix
-n Add 'line_no:' prefix
-l Show only names of files that match
-L Show only names of files that don't match
-c Show only count of matching lines
-o Show only the matching part of line
-q Quiet. Return 0 if PATTERN is found, 1 otherwise
-v Select non-matching lines
-s Suppress open and read errors
-r Recurse
-i Ignore case
-w Match whole words only
-F PATTERN is a literal (not regexp)
-E PATTERN is an extended regexp
-m N Match up to N times per file
-A N Print N lines of trailing context
-B N Print N lines of leading context
-C N Same as '-A N -B N'
-e PTRN Pattern to match
-f FILE Read pattern from file

/home/user #

Missing dependancy
ettercap-common
Should probably remove.

For info..

New version in devel (0.9.4-1) with changes that comaX sent me.

changelog:
* Added option -d to force dependencies check.
* Dependency check will be run automatically unless it has been a success at least once.
* Corrected urls of files to download.
* Protected some tests better.
* Changed log storage folder to /home/user/yamas

Some other info from me:

- we avoid the MyDocs folder to store logs as it is not always available, e.g. when in mass storage mode.
- previous version is broken since I messed the urls to download the grepcred.txt file (sorry guys my fault completely).
Proposal to comaX: we could add the two files needing download in the package and provide updates on them with new distributions.
- the ettercap-common is a dependency (as is sslstrip) but the repos don't have a version atm. Have moved it to the proposed packages.

comaX, you are now maintainer in your project :D

just approved your request.

thank you for the help.
it says: rc grep-gnu 2.5.-4maemo4
and when i type apt-get install grep it says:
selecting busybox instead of grep
busybox is already the newest version.

what about installing the grep-gnu package?

is this output correct? o.o

Yamas 0.9.4-1 did not solve my problem. Still no password retrieved when I attack my private wifi network, and I still get the following output:

egrep: bad regex ' (function(){var s=document.createElement('script');s.async="async";s.type="text/javascript";s.src='http://tcr.tynt.com/ti.js';var h=document.getElementsByTagName('script')[0];h.parentNode.insertBefore(s,h);})();': Invalid content of \{\}


I have not this message each time I launch Yamas however, and no idea of how to reproduce the error. :/

thank you for the help.
it says: rc grep-gnu 2.5.-4maemo4
and when i type apt-get install grep it says:
selecting busybox instead of grep
busybox is already the newest version.

what about installing the grep-gnu package?

hi,

it might be irrelevant but you could try install and purge the grep-gnu package?
from the "rc" flag it seems you still have the configuration.

I would do:

apt-get install grep-gnu
apt-get remove --purge grep-gnu


if that didn't help I would remove/install the busybox-power

hih

hi,

it might be irrelevant but you could try install and purge the grep-gnu package?
from the "rc" flag it seems you still have the configuration.

I would do:

apt-get install grep-gnu
apt-get remove --purge grep-gnu


if that didn't help I would remove/install the busybox-power

hih

Here my output. Thank you for your interest :)

/home/user # apt-get remove --purge grep-gnu
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be REMOVED:
grep-gnu*
WARNING: The following essential packages will be removed.
This should NOT be done unless you know exactly what you are doing!
grep-gnu
0 upgraded, 0 newly installed, 1 to remove and 2 not upgraded.
After this operation, 1143kB disk space will be freed.
You are about to do something potentially harmful.
To continue type in the phrase 'Yes, do as I say!'
?] Yes, do as I say!
dpkg - warning, overriding problem because --force enabled:
This is an essential package - it should not be removed.
(Reading database ... 28776 files and directories currently installed.)
Removing grep-gnu ...
Purging configuration files for grep-gnu ...
dpkg: error processing grep-gnu (--purge):
subprocess post-removal script returned error exit status 1
Errors were encountered while processing:
grep-gnu
E: Sub-process /usr/bin/dpkg returned an error code (1)
/home/user #

Thank you Comax,Unhuman,Saturn.You made N900 invaluable.

Here my output. Thank you for your interest :)

/home/user # apt-get remove --purge grep-gnu
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be REMOVED:
grep-gnu*
WARNING: The following essential packages will be removed.
This should NOT be done unless you know exactly what you are doing!
grep-gnu
0 upgraded, 0 newly installed, 1 to remove and 2 not upgraded.
After this operation, 1143kB disk space will be freed.
You are about to do something potentially harmful.
To continue type in the phrase 'Yes, do as I say!'
?] Yes, do as I say!
dpkg - warning, overriding problem because --force enabled:
This is an essential package - it should not be removed.
(Reading database ... 28776 files and directories currently installed.)
Removing grep-gnu ...
Purging configuration files for grep-gnu ...
dpkg: error processing grep-gnu (--purge):
subprocess post-removal script returned error exit status 1
Errors were encountered while processing:
grep-gnu
E: Sub-process /usr/bin/dpkg returned an error code (1)
/home/user #

crap..

what does it say for:

apt-cache rdepends grep-gnu


I think you should remove yamas, busybox-power
then apt-get -f install
remove grep-gnu if it is still there and then reinstall yamas (if you want it).

we can do it on steps, send me PMs with output of every step.

the warning during installing (replacing) busybox-power was a bit scary, whats the difference between the old stock and the new one ?
Please read the first post of this thread (http://talk.maemo.org/showthread.php?t=72801&page=1); I could copy-paste it into this thread, but a pointer is more practical I think ;)

About the warning: whilst I haven't had a single report of a failing installation (out of a lot of downloads, according to this (http://maemo.org/download-stats2/index.php?unixname=busybox-power&os=Maemo5)), it does seem fair to me to warn users about what the installation does, which is in fact overwriting an essential binary.

Got stuck with comax on the maemo sdk in virtual box - how can we install busybox-power in the SDK exactly? Got everything else installed, It returns an error -
dpkg: error processing /var/cache/apt/archives/busybox-power_1.18.5power1.armel.deb ( --unpack):
subprocess pre-installation script returned error exit status 1
Errors were encountered while processing:
/var/cache/apt/archives/busybox-power_1.18.5power1_armel.deb
E: Sub process /scratchbox/devkits/debian-etch/bin/dpkg returned an error code (1)

I'll look into this; I haven't tried installing busybox-power in Scratchbox before, as I do all testing on the device itself ;)
Seems like I have to implement some checks to detect the current environment, and use different codepaths for them in the shell scripts. Thanks for spotting the failing installation in the SDK environment :)

By the way, if you're going to use the SDK as a development platform for YAMAS: do note that the SDK doesn't match Maemo 100%; e.g. Scratchbox has GNU grep and egrep, whilst these are provided by BusyBox in Maemo. In fact, BusyBox isn't even installed by default in Scratchbox. I'm sure there are quite a few more of these kind of differences.

I've just tested it :
- yamas saves the files into /home/user/yamas not home/user/MyDocs/yamas
- the password.txt contains
website = www.facebook.com
login = true
website = www.facebook.com
login = (some numbers assuming it maybe the password)
why don't it show the ID or the username ?

I've just tested it :
- yamas saves the files into /home/user/yamas not home/user/MyDocs/yamas
- the password.txt contains
website = www.facebook.com
login = true
website = www.facebook.com
login = (some numbers assuming it maybe the password)
why don't it show the ID or the username ?

Hmm... You sir are a bad student ! Since you're assuming it may be the password, it means you don't know it. If you don't know it, it's not yours. I'm sorry, but I won't help you for that.
Here's just a hint : we are parsing the log.

You should use the script on your own connection and then get log into a maximum of sites to know what the output should look like.

The saving location is just a variable now, so you can change it to whatever suits you ;) Saturn used this location because of some problem with MyDocs not being always available or something.

Don't abuse the script on foreign networks. If it was your network you would of known if those numbers were a password.

EDIT:

late by 3 seconds

Don't abuse the script on foreign networks. If it was your network you would have known if those numbers were a password.

EDIT:

late by 3 <i>minutes</i>

<useless post>Mouahahaha*, beat ya !</useless post>

*French evil laugh

Damn frog-eater!*

Still no success at trying Yamas there. I have no idea of what is the problem in my case, since I don't have all the error logs that Price reported, just the one I quoted above.

I can't try it again for the moment 'cause I'm at work, and attacking the wifi of the laboratory/university would be a suicide I guess. :D



* J'en suis un moi-même. :[

Hmm... You sir are a bad student ! Since you're assuming it may be the password, it means you don't know it. If you don't know it, it's not yours. I'm sorry, but I won't help you for that.
Here's just a hint : we are parsing the log.

You should use the script on your own connection and then get log into a maximum of sites to know what the output should look like.

The saving location is just a variable now, so you can change it to whatever suits you ;) Saturn used this location because of some problem with MyDocs not being always available or something.

yes its not my network, its not illegal here but its rude :)
anyway i didn't mean any harm to the...victim, just using my n900's ability

i have this "egrep: bad regex" error too every time i try it. i have all depencies installed, no matter what website i try i allways get this error

Runned the attack this day and worked as it should, except that the victim pc got sometimes a page with only the letters:

ht

then reload gives a page with:

hmtl layout code of that page without images

another reload gives:

The actual page, with good layout =D

On the phone side everything works. Gonna need to find my flashdrive with backtrack again, and test if I get these pages when running from backtrack also. Last time I tried a mitm-attack this wonderful script wasn't available :P Thanks for making me this easy, ComaX

rebooted the n900, now i get following in the password window:

BusyBox v1.18.5 (Debian 1.18.5power1) multi-call binary.

No help available.

it flashes every now and then, the grep error dissappeared but i stil get no other output than this..

yes its not my network, its not illegal here but its rude :)
anyway i didn't mean any harm to the...victim, just using my n900's ability

Well, I don't know where you live, but I'd bet my *** it is pretty much illegal ^^ Anyway, you do whatever you want, it's not like we're the cops or about to call them !

rebooted the n900, now i get following in the password window:

BusyBox v1.18.5 (Debian 1.18.5power1) multi-call binary.

No help available.

it flashes every now and then, the grep error dissappeared but i stil get no other output than this..

So the problem definitively comes from some error at an installation/package level... Since I do not have the N900 I can't help much, but I'm sure others members will :)

Runned the attack this day and worked as it should, except that the victim pc got sometimes a page with only the letters:

ht

then reload gives a page with:

hmtl layout code of that page without images

another reload gives:

The actual page, with good layout =D

On the phone side everything works. Gonna need to find my flashdrive with backtrack again, and test if I get these pages when running from backtrack also. Last time I tried a mitm-attack this wonderful script wasn't available :P Thanks for making me this easy, ComaX

Yeahp, not my fault ! That's sslstrip's work... I mean, sometimes it will just be fine, but most of the time you'll have to reload once. Let's hope that will be fixed in sslstrip 1.0.
About your BT drive, the original script will ony work on BT5. The BT4r2 version is still available though.

Damn frog-eater!*

Still no success at trying Yamas there. I have no idea of what is the problem in my case, since I don't have all the error logs that Price reported, just the one I quoted above.

I can't try it again for the moment 'cause I'm at work, and attacking the wifi of the laboratory/university would be a suicide I guess. :D



* J'en suis un moi-même. :[
Yeah, no. You can do that, but we don't want to know ! And yes, that would be suicide ! Maybe even for your phone if there is a lot of traffic going on...
Don't hesitate to send me your logs (edited if you want, but I could care less about your/their (:p) passwords) by mail and any output you have. You can even write them in French ;)
For the small-talk part, I actually wrote most of the structure of the script while at university. Never tested it there though, since you need you name and pass to connect to the network... So matching my name to some weird-*** ARPs wouldn't have been too much of a hassle.

Yeahp, not my fault ! That's sslstrip's work... I mean, sometimes it will just be fine, but most of the time you'll have to reload once. Let's hope that will be fixed in sslstrip 1.0.
About your BT drive, the original script will ony work on BT5. The BT4r2 version is still available though.




Don't worry I have a strange mood and am installing bt5 on local drive ;)

Edit: Yeah, I f###ed up, grub rescue unknown filesystem yeah :d

Finally i got this to work.. if someone still have same issues i had, in this order what i did:
reinstalled yamas
reinstalled ettercap
reinstalled sslstrip
im not sure if it messed everything, but first time i installed first ettercap then sslstrip and last yamas..
Thank you all, specially comaX