Post by xtr4nge on Jun 17, 2016 8:04:28 GMT
DetectRogue A tool for detecting rogue access points.
Author: xtr4nge [_AT_] gmail.com - @xtr4nge
[OPTIONS]
Vigilant: Enables detection using filters on Monitor tab.
Karma|Mana: Enables detection against Karma and Mana attacks.
Delay: time between ssid|bssid alert display time in log.
Alert: enables|disables email alerts
Email: Sender and Recipient for email alerts.
SMTP: smtp server to send email alerts (server | port | user | pass).
Channel: channels to be scanned for detecting rogue APs.
SMTP setup (example):
LOCAL:
SERVER = "localhost"
PORT = 25
GMAIL:
SERVER = "smtp.gmail.com"
PORT = 587
USER = {account}@gmail.com
PASS = {password}
AUTH = enabled
STARTTLS = enabled
Note: To use GMAIL as SMTP, it is required to change the email account security: www.google.com/settings/security/lesssecureapps
[MONITOR]
To monitor and find rogue access points, it is required to specify the legitimate devices (SSID+BSSID).
On the monitor tab you can add all the SSIDs+BSSIDs to be monitored (one SSID+BSSIDs per line).
Format:
Example:
Note: WIFIAP is the name of the AP to be monitored. 00:00:00:00:00:{01-03} are multiple BSSIDs configured as WIFIAP.)
Author: xtr4nge [_AT_] gmail.com - @xtr4nge
[OPTIONS]
Vigilant: Enables detection using filters on Monitor tab.
Karma|Mana: Enables detection against Karma and Mana attacks.
Delay: time between ssid|bssid alert display time in log.
Alert: enables|disables email alerts
Email: Sender and Recipient for email alerts.
SMTP: smtp server to send email alerts (server | port | user | pass).
Channel: channels to be scanned for detecting rogue APs.
SMTP setup (example):
LOCAL:
SERVER = "localhost"
PORT = 25
GMAIL:
SERVER = "smtp.gmail.com"
PORT = 587
USER = {account}@gmail.com
PASS = {password}
AUTH = enabled
STARTTLS = enabled
Note: To use GMAIL as SMTP, it is required to change the email account security: www.google.com/settings/security/lesssecureapps
[MONITOR]
To monitor and find rogue access points, it is required to specify the legitimate devices (SSID+BSSID).
On the monitor tab you can add all the SSIDs+BSSIDs to be monitored (one SSID+BSSIDs per line).
Format:
SSID|BSSID,BSSID,BSSIDExample:
WIFIAP|00:00:00:00:00:01,00:00:00:00:00:02,00:00:00:00:00:03Note: WIFIAP is the name of the AP to be monitored. 00:00:00:00:00:{01-03} are multiple BSSIDs configured as WIFIAP.)