|
Post by xtr4nge on Jun 17, 2016 8:04:28 GMT
DetectRogue A tool for detecting rogue access points. Author: xtr4nge [_AT_] gmail.com - @xtr4nge [OPTIONS] Vigilant: Enables detection using filters on Monitor tab. Karma|Mana: Enables detection against Karma and Mana attacks. Delay: time between ssid|bssid alert display time in log. Alert: enables|disables email alerts Email: Sender and Recipient for email alerts. SMTP: smtp server to send email alerts (server | port | user | pass). Channel: channels to be scanned for detecting rogue APs. SMTP setup (example): LOCAL: SERVER = "localhost" PORT = 25 GMAIL: SERVER = "smtp.gmail.com" PORT = 587 USER = {account}@gmail.com PASS = {password} AUTH = enabled STARTTLS = enabled Note: To use GMAIL as SMTP, it is required to change the email account security: www.google.com/settings/security/lesssecureapps [MONITOR] To monitor and find rogue access points, it is required to specify the legitimate devices (SSID+BSSID). On the monitor tab you can add all the SSIDs+BSSIDs to be monitored (one SSID+BSSIDs per line). Format: SSID|BSSID,BSSID,BSSID Example: WIFIAP|00:00:00:00:00:01,00:00:00:00:00:02,00:00:00:00:00:03 Note: WIFIAP is the name of the AP to be monitored. 00:00:00:00:00:{01-03} are multiple BSSIDs configured as WIFIAP.)
|
|