Skip to content

null-p4n/APSD

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
img
img
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
mitmrouter.sh
mitmrouter.sh
 
 

Repository files navigation

APSD - ex / mitmrouter

Bash script to automate setup of Linux router useful for IoT device traffic analysis and SSL mitm.

Arch

Access Point Secure Debugging

Overview

This Bash script automates the process of creating a wireless router/access point on a Linux system (specifically tested on Kali 2024.04). It allows you to quickly set up a network bridge with NAT, DHCP, and WiFi access point functionality.

Features

  • Dynamically detect network interfaces
  • Create a bridge between LAN and WiFi interfaces
  • Set up NAT (Network Address Translation)
  • Configure DHCP server
  • Create a secure WiFi access point
  • Easy up/down management
  • Cleans up iptables, bridge, and IP forwarding changes on down
  • Allows environment variable overrides for interfaces and config paths

Prerequisites

  • Kali Linux 2024.04 (or similar Debian-based distribution)
  • Wireless adapter supporting AP mode . tested with TP-Link wn722n v1
  • Root/sudo access

Required Packages

sudo apt update
sudo apt install -y hostapd dnsmasq iptables net-tools wireless-tools

Configuration

Modify the following variables in the script to match your network setup:

  • WIFI_SSID: Name of the WiFi network
  • WIFI_PASSWORD: WiFi network password
  • LAN_IP: IP address for the bridge interface
  • LAN_SUBNET: Subnet in CIDR notation (e.g., 24 for 255.255.255.0)
  • LAN_DHCP_START and LAN_DHCP_END: DHCP address range
  • LAN_DNS_SERVER: DNS server to use
  • DNSMASQ_CONF, HOSTAPD_CONF, DNSMASQ_PID_FILE, STATE_FILE: Optional paths for generated configs/state
  • WAN_IFACE, WIFI_IFACE, LAN_IFACE: Override automatic interface detection

Usage

# Make the script executable
chmod +x mitmrouter.sh

# Bring up the wireless router
sudo ./mitmrouter.sh up  # requires root privileges

# Tear down the wireless router
sudo ./mitmrouter.sh down

The down command removes bridge membership, restores the previous IP forwarding value, deletes only the iptables rules created by the script (tagged mitmrouter), and restarts NetworkManager if it was active when up ran.

Troubleshooting

  1. Verify interface names using ip link or iwconfig
  2. Ensure wireless adapter supports AP mode
  3. Check that no other network management tools are interfering

Limitations

  • Requires manual interface configuration
  • Temporarily disables NetworkManager
  • Assumes a single wireless and LAN interface

Security Considerations

  • Change default passwords
  • Use strong WiFi encryption
  • Limit DHCP address range
  • Consider additional firewall rules

Contributing

Pull requests and improvements are welcome!

./mitmrouter.sh: <up/down>

The ./mitmrouter.sh up command will bring down all the linux router components and then build them back up again

The ./mitmrouter.sh down command will bring down all the linux router components

About

Bash script to automate setup of Linux router useful for IoT device traffic analysis and SSL mitm

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Shell 100.0%