GitHub - nanderh/WebGUI: Web GUI for the Raspberry Pi, button control for arpspoof, sslstrip etc.

nanderh / WebGUI Public

Notifications You must be signed in to change notification settings
Fork 0
Star 1

Web GUI for the Raspberry Pi, button control for arpspoof, sslstrip etc.

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
configs		configs
images		images
resources		resources
README		README
admin.php		admin.php
ap.php		ap.php
cleaner.py		cleaner.py
client.php		client.php
dhcp.php		dhcp.php
dnsspoof.php		dnsspoof.php
downloads.php		downloads.php
functions.js		functions.js
index.php		index.php
parselog.py		parselog.py
phpincs.php		phpincs.php
sslstrip.php		sslstrip.php
style.css		style.css

Repository files navigation

Allows the raspberry pi to be deployed and accesed through hostapd and does arpspoofing and sslstrip and cleans up the results.
Uses parselog.py to clean everything up: http://forum.intern0t.org/offensive-guides-information/2769-stealing-credentials-via-mitm-attacks-arpspoof-sslstrip-iptables.html

Prerequisites: lighttpd php5-cgi dnsiff sslstrip udhcpd hostapd

After install run: sudo lighty-enable-mod fastcgi-php

And for the moment add: www-data ALL=(ALL) NOPASSWD: ALL
to /etc/sudoers. Not very safe or figure out which commands and files should be allowed and replace ALL with them.

In the /etc/default/hostapd don't change anything because otherwise it runs before the dhcp server is started which sometimes causes problems. 

The configs folder contains all the necessary config files.
When using the supplied lighttpd.conf the webserver is listening on port 81. This is necesarry because of the iptables port 80 traffic redirect. So feel free to use this one or any other port.