158 lines
6.2 KiB
Bash
158 lines
6.2 KiB
Bash
#!/bin/bash
|
|
#
|
|
# wipri-list - saved/trusted list mode
|
|
#
|
|
# Why this? People like to recognize machines on network and there was interest.
|
|
# This can also be helpful where more than one machine carries same default hardware address (mac)
|
|
#
|
|
# You can use this to create valid yet random OUI mac address lists + use them
|
|
#
|
|
# USAGE:
|
|
# wipri-list -d eth0 -s # this selects/sets random from list
|
|
# (if no device is selected after -d, wlan0 is default)
|
|
# wipri-list -a # generates and adds new valid mac to list
|
|
# wipri-list -l # show our current list of mac addresses
|
|
# wipri-list -r 00:00:00:00:00:00 # remove 00:00:00:00:00:00 from list
|
|
#
|
|
# Public Blog/Support options: https://buymeacoffee.com/politictech
|
|
# email righttoprivacy[at]tutanota.com
|
|
#
|
|
|
|
# COLORS
|
|
export BLUE='\033[1;94m'
|
|
export GREEN='\033[1;92m'
|
|
export RED='\033[1;91m'
|
|
export WHITE='\033[0;37m'
|
|
export ENDCOLOR='\033[1;00m'
|
|
|
|
|
|
# VARIABLES
|
|
macfile='/etc/wipri/maclist' # current mac list file
|
|
oui_file='/etc/wipri/phone.OUI' # OUI file - default is phones - change to any OUI list
|
|
netdev="wlan0" # default value for wifi or ethernet card (not all cards allow mac changes)
|
|
kern="off" # wipri kern mitigations
|
|
checktime='.5' # time between checks
|
|
newmac="" # variable for the new mac in each setting
|
|
|
|
if [ $kern == "off" ]; then
|
|
#sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 >/dev/null # delete hashes to disable ipv6
|
|
#sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1 >/dev/null
|
|
#sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=1 >/dev/null
|
|
sudo sysctl -w net.ipv4.tcp_timestamps=0 >/dev/null
|
|
sudo sysctl -w net.ipv4.icmp_echo_ignore_all=1 >/dev/null
|
|
fi
|
|
|
|
|
|
echo -e "\n"
|
|
cat << "EOF"
|
|
██╗ ██╗██╗██████╗ ██████╗ ██╗ ██╗ ██╗███████╗████████╗
|
|
██║ ██║██║██╔══██╗██╔══██╗██║ ██║ ██║██╔════╝╚══██╔══╝
|
|
██║ █╗ ██║██║██████╔╝██████╔╝██║█████╗██║ ██║███████╗ ██║
|
|
██║███╗██║██║██╔═══╝ ██╔══██╗██║╚════╝██║ ██║╚════██║ ██║
|
|
╚███╔███╔╝██║██║ ██║ ██║██║ ███████╗██║███████║ ██║
|
|
╚══╝╚══╝ ╚═╝╚═╝ ╚═╝ ╚═╝╚═╝ ╚══════╝╚═╝╚══════╝ ╚═╝
|
|
|
|
Public Blog/Tutorials + More: https://buymeacoffee.com/politictech
|
|
|
|
EOF
|
|
|
|
sleep .5
|
|
|
|
echo "" && sleep .2
|
|
echo -e "$WHITE Example:$ENDCOLOR wipri-list -a"
|
|
echo -e "${BLUE}[Above]${ENDCOLOR} generates ${RED}NEW${ENDCOLOR} valid OUI mac address adding it to our file"
|
|
echo "" && sleep .2
|
|
echo -e "${WHITE}Example:${ENDCOLOR} wipri-list -d eth0 -s"
|
|
echo -e "${BLUE}[Above]${ENDCOLOR} selects random address from list - MUST first use -a to add mac addresses]${ENDCOLOR}"
|
|
echo -e "Run wipri-list -a \e[1;5m at least once \e[0m to begin creating your mac address list (or single mac)"
|
|
echo "" && sleep .2
|
|
echo -e "$WHITE Example:${ENDCOLOR} wipri-list -l"
|
|
echo -e "${BLUE}[Above]${ENDCOLOR} lists current mac addresses from our list${ENDCOLOR}"
|
|
echo "" && sleep .2
|
|
echo -e "$WHITE Example:$ENDCOLOR wipri-list -r fe:ed:de:ad:be:ef"
|
|
echo -e "${BLUE}[Above]${ENDCOLOR} removes ${RED}fe:ed:de:ad:be:ef${ENDCOLOR} from our list"
|
|
echo "" && sleep .2
|
|
|
|
|
|
# concept I created to check current mac address to be sure firmware didn't change it/crash/set back mac;
|
|
# when device is detected to have wrong mac, immediately sets our valid OUI random addr
|
|
maccheck() {
|
|
while :
|
|
do
|
|
curmac=$(cat /sys/class/net/$netdev/address)
|
|
sleep .25
|
|
if [ "$curmac" != "$newmac" ]; then
|
|
echo "Sys MAC addr chang detected. Fixing!"
|
|
ip link set dev $netdev down;ip link set dev $netdev address $newmac;ip link set dev $netdev up;
|
|
fi
|
|
sleep $checktime
|
|
done
|
|
}
|
|
|
|
|
|
# SHOW MAC ADDRESS LIST AND CHOOSE
|
|
macList() {
|
|
cat $macfile && sleep .5
|
|
#read -p "What mac address command would you like to start at boot? (ex: wipri -d wlan0 -p): " wpcmd
|
|
#sed -i "13s/.*/ExecStart=$wpcmd/" $wpservicefile
|
|
}
|
|
|
|
# CREATE AND ADD NEW MAC TO LIST
|
|
macAdd() {
|
|
hexchar="abcdef0123456789"
|
|
beg=$(shuf -n 1 $oui_file) # $oui_file contains important info to generate valid random macs: ma>
|
|
end=$( for i in {1..6} ; do echo -n ${hexchar:$(( $RANDOM % 16 )):1} ; done | sed -e 's/\(..\)/:\1/g' )
|
|
mac=$beg$end
|
|
/bin/echo -e "$BLUE Created And Added MAC: $RED$mac$ENDCOLOR"
|
|
#ip link set dev $netdev down;ip link set dev $netdev address $mac;ip link set dev $netdev up;
|
|
echo ""
|
|
echo $mac >> $macfile
|
|
echo "$mac has been added to our MAC List Memory"
|
|
echo "A single mac in our list allows for quasi-perm mac, adding multiple in list allows randomly chosen each run of -s"
|
|
}
|
|
|
|
|
|
while getopts ":d:alr:s" arg; do
|
|
case $arg in
|
|
|
|
# SET NETWORK DEVICE FOR MAC CHANGES - ALWAYS USE -d FLAG
|
|
d)
|
|
netdev=${OPTARG}
|
|
echo -e "Device chosen: ${RED}$netdev${ENDCOLOR}\n"
|
|
;;
|
|
|
|
# GENERATE AND ADD NEW RANDOM BUT VALID OUI MAC TO OUR LIST
|
|
a)
|
|
macAdd
|
|
;;
|
|
|
|
# DISPLAY CURRENT MAC LIST
|
|
l)
|
|
echo -e "Recalling mac address list"
|
|
cat $macfile
|
|
;;
|
|
|
|
# REMOVE SPECIFIC MAC FROM OUR CURRENT LIST
|
|
r)
|
|
remmac=${OPTARG}
|
|
echo -e "Removing ${RED}$remmac${ENDCOLOR} from our list"
|
|
sed -e s/$remmac//g -i $macfile && sleep .5
|
|
sed -i '/^$/d' $macfile
|
|
echo "Updated File:"
|
|
cat $macfile
|
|
;;
|
|
|
|
# SELECT RANDOMLY CHOSEN MAC FROM OUR LIST AND SET IT WITH MAC LEAK PROTECTION
|
|
s)
|
|
echo -e "Selecting Random MAC From Our Listfile..." && sleep .5
|
|
newmac=$(shuf -n 1 $macfile)
|
|
echo -e "MAC selected: $newmac\n"
|
|
ip link set dev $netdev down;ip link set dev $netdev address $newmac;ip link set dev $netdev up;
|
|
maccheck
|
|
echo -e "* MAC Checking ${GREEN}Enabled${ENDCOLOR} To Prevent Leaks *\n"
|
|
echo -e "If installed at boot check with ${BLUE}sudo systemctl status wipri${ENDCOLOR}\n"
|
|
;;
|
|
|
|
esac
|
|
done
|