autoscan - automatic fingerprint of visited networks autscan remembers network parameters (addresses, dns...) and runs a basic fingerprinting (traceroute, scan) of the network you are connected to. It has 2 modes: * runnow: run the fingerprint on the specified interface * monitor: daemonize and wait on the specified interface, and everytime you connect to a new network it will do the fingerprint Fingerprinting steps: _test_pcap records a 15s PCAP _test_ifconfig remembers attributed ipv4 and ipv6 _test_iwconfig remembers AP name and MAC _test_route remmebers routing table _test_resolv remembers DNS given by dhcp (resolv.conf) _test_pubip_get gets your internet public IP (curl ifconfig.me) _test_pubip_ping tests if an arbitrary public IP answers to ping (8.8.8.8) _test_pubip_traceroute runs a traceroute to an arbitrary public IP (8.8.8.8) _test_resolv_traceroute runs a traceroute to the DNS given by dhcp The following steps can be disabled using -x to run faster: _test_explor_traceroute runs traceroute to arbitrary private IP ranges _test_explor_scan runs an nmap scan on the local IP range =============================================================================== Example usage: Run fingerprinting on wlan0 $ sudo ./autoscan.py wlan0 20130724-143501 [>] wlan0: _do_tests 20130724-143501 [-] wlan0: _test_pcap 20130724-143501 [-] wlan0: _test_ifconfig 20130724-143501 [-] wlan0: _test_iwconfig 20130724-143501 [-] wlan0: _test_route 20130724-143502 [-] wlan0: _test_resolv 20130724-143502 [-] wlan0: _test_pubip_get 20130724-143510 [-] wlan0: _test_pubip_ping 20130724-143510 [-] wlan0: _test_pubip_traceroute 20130724-143516 [-] wlan0: _test_resolv_traceroute 20130724-143527 [-] wlan0: _test_explor_traceroute 20130724-143710 [-] wlan0: _test_explor_scan 20130724-143725 [*] wlan0: ./20130724_123501_wlan0_82.247.114.4_freeflo List the generated files: find ./20130724_123501_wlan0_82.247.114.4_freeflo ./20130724_123501_wlan0_82.247.114.4_freeflo ./20130724_123501_wlan0_82.247.114.4_freeflo/resolv_traceroute ./20130724_123501_wlan0_82.247.114.4_freeflo/resolv_traceroute/out ./20130724_123501_wlan0_82.247.114.4_freeflo/pubip_get ./20130724_123501_wlan0_82.247.114.4_freeflo/pubip_get/ip ./20130724_123501_wlan0_82.247.114.4_freeflo/pubip_traceroute ./20130724_123501_wlan0_82.247.114.4_freeflo/pubip_traceroute/out ./20130724_123501_wlan0_82.247.114.4_freeflo/iwconfig ./20130724_123501_wlan0_82.247.114.4_freeflo/iwconfig/ap ./20130724_123501_wlan0_82.247.114.4_freeflo/iwconfig/essid ./20130724_123501_wlan0_82.247.114.4_freeflo/iwconfig/out ./20130724_123501_wlan0_82.247.114.4_freeflo/route ./20130724_123501_wlan0_82.247.114.4_freeflo/route/gw ./20130724_123501_wlan0_82.247.114.4_freeflo/route/out ./20130724_123501_wlan0_82.247.114.4_freeflo/pcap ./20130724_123501_wlan0_82.247.114.4_freeflo/pcap/tcpdump.pcap ./20130724_123501_wlan0_82.247.114.4_freeflo/resolv ./20130724_123501_wlan0_82.247.114.4_freeflo/resolv/dns0 ./20130724_123501_wlan0_82.247.114.4_freeflo/resolv/dns1 ./20130724_123501_wlan0_82.247.114.4_freeflo/resolv/resolv.conf ./20130724_123501_wlan0_82.247.114.4_freeflo/ifconfig ./20130724_123501_wlan0_82.247.114.4_freeflo/ifconfig/up ./20130724_123501_wlan0_82.247.114.4_freeflo/ifconfig/ip4 ./20130724_123501_wlan0_82.247.114.4_freeflo/ifconfig/ip6 ./20130724_123501_wlan0_82.247.114.4_freeflo/ifconfig/out ./20130724_123501_wlan0_82.247.114.4_freeflo/explor_scan ./20130724_123501_wlan0_82.247.114.4_freeflo/explor_scan/localnet.nmap ./20130724_123501_wlan0_82.247.114.4_freeflo/explor_scan/localnet.xml ./20130724_123501_wlan0_82.247.114.4_freeflo/explor_scan/localnet.gnmap ./20130724_123501_wlan0_82.247.114.4_freeflo/explor_scan/out ./20130724_123501_wlan0_82.247.114.4_freeflo/explor_traceroute ./20130724_123501_wlan0_82.247.114.4_freeflo/explor_traceroute/out_172.16.0.1 ./20130724_123501_wlan0_82.247.114.4_freeflo/explor_traceroute/out_192.168.0.1 ./20130724_123501_wlan0_82.247.114.4_freeflo/explor_traceroute/out_192.168.2.1 ./20130724_123501_wlan0_82.247.114.4_freeflo/explor_traceroute/out_10.0.0.1 ./20130724_123501_wlan0_82.247.114.4_freeflo/explor_traceroute/out_192.168.1.1 ./20130724_123501_wlan0_82.247.114.4_freeflo/pubip_ping ./20130724_123501_wlan0_82.247.114.4_freeflo/pubip_ping/code ./20130724_123501_wlan0_82.247.114.4_freeflo/pubip_ping/out Look at the output of iwconfig: $ more ./20130724_123501_wlan0_82.247.114.4_freeflo/iwconfig/out wlan0 IEEE 802.11abgn ESSID:"freeflo" Mode:Managed Frequency:2.462 GHz Access Point: 7A:A4:42:A7:92:34 Bit Rate=54 Mb/s Tx-Power=15 dBm Retry long limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=62/70 Signal level=-48 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:18 Invalid misc:1208 Missed beacon:0 Look at the SSID: $ more ./20130724_123501_wlan0_82.247.114.4_freeflo/iwconfig/essid freeflo Look at the public IP: $ more ./20130724_123501_wlan0_82.247.114.4_freeflo/pubip_get/ip 82.247.82.44 =============================================================================== Example usage: Run in monitor mode on wlan0 $ sudo ./autoscan.py -m wlan0 # Connect via WIFI to "freeflo" then "FreeWifi" networks $ cat autoscan.log 20130724-144805 [>] wlan0: _wait_up # autoscan waits for a network 20130724-144808 [>] wlan0: _do_tests # I just connected to "freeflo" 20130724-144808 [-] wlan0: _test_pcap 20130724-144808 [-] wlan0: _test_ifconfig 20130724-144811 [-] wlan0: _test_iwconfig 20130724-144811 [-] wlan0: _test_route 20130724-144811 [-] wlan0: _test_resolv 20130724-144811 [-] wlan0: _test_pubip_get 20130724-144814 [-] wlan0: _test_pubip_ping 20130724-144815 [-] wlan0: _test_pubip_traceroute 20130724-144821 [-] wlan0: _test_resolv_traceroute 20130724-144842 [-] wlan0: _test_explor_traceroute 20130724-145041 [-] wlan0: _test_explor_scan 20130724-145050 [*] wlan0: ./20130724_124808_wlan0_82.247.114.4_freeflo 20130724-145050 [>] wlan0: _wait_down # autoscan waits for me to disconnect 20130724-145455 [>] wlan0: _wait_up # I disconnected from "freeflo" 20130724-145514 [>] wlan0: _do_tests # I connect to "FreeWifi" 20130724-145514 [-] wlan0: _test_pcap 20130724-145514 [-] wlan0: _test_ifconfig 20130724-145514 [-] wlan0: _test_iwconfig 20130724-145514 [-] wlan0: _test_route 20130724-145514 [-] wlan0: _test_resolv 20130724-145514 [-] wlan0: _test_pubip_get 20130724-145515 [-] wlan0: _test_pubip_ping 20130724-145518 [-] wlan0: _test_pubip_traceroute 20130724-145549 [-] wlan0: _test_resolv_traceroute 20130724-145604 [-] wlan0: _test_explor_traceroute 20130724-145835 [-] wlan0: _test_explor_scan 20130724-150202 [*] wlan0: ./20130724_125514_wlan0_78.251.248.51_FreeWifi 20130724-150202 [>] wlan0: _wait_down