#!/usr/bin/env bash

# Usage:       ./wireshark_with_no_ip
#                or
#              bash wireshark_with_no_ip
# Description: Brings a nic up without an ip address and without arp and
#                starts wireshark really passive.
# Author:      Patrick Neumann (patrick@neumannsland.de)
# Platform:    Kali Linux (tested: 2018.4)
# Version:     1.01
# Date:        30.01.2019
# Link:
#   https://vcs.neumannsland.de/casualscripter/shell-scripting/src/branch/master/kali/wireshark_with_no_ip
# License:     GPL3
# Warranty:    This program is distributed WITHOUT ANY WARRANTY

# check for root
if [[ 0 -ne "$( /usr/bin/id --user )" ]] ; then
  printf "you need to be root - EXIT!\n"
  exit 2
fi

# select network device
printf "Please select a NIC:\n"
select NIC in $( ls /sys/class/net | grep -F eth ) ; do
  if [ -n "${NIC}" ] ; then break ; fi
done

# deconfigure the network
systemctl stop NetworkManager.service
pkill dhclient &> /dev/null
ip addr flush dev "${NIC}"
ip route flush dev "${NIC}"
echo > /etc/resolv.conf

# deactivate ipv6
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6

# configure nic without ip address and without arp
ip addr add 0.0.0.0/32 dev "${NIC}"
ip link set "${NIC}" arp off up

# start wireshark
wireshark -i "${NIC}"

exit 0