#!/usr/bin/env bash

# Usage:       ./wireshark_with_no_ip
#                or
#              bash wireshark_with_no_ip
# Description: Brings a nic up without an ip address and without arp and
#                starts wireshark really passive.
# Author:      Patrick Neumann (patrick@neumannsland.de)
# Platform:    Kali Linux (tested: 2018.2)
# Version:     1.0
# Date:        24.08.2018
# License:     GPL3
# Warranty:    This program is distributed WITHOUT ANY WARRANTY

# check for root
if [[ 0 -ne "$( /usr/bin/id --user )" ]] ; then
  printf "you need to be root - EXIT!\n"
  exit 2
fi

# select network device
printf "Please select a NIC:\n"
select NIC in $( ls /sys/class/net | grep -F eth ) ; do
  if [ -n "${NIC}" ] ; then break ; fi
done

# deconfigure the network
systemctl stop NetworkManager.service
pkill dhclient &> /dev/null
ip addr flush dev "${NIC}"
ip route flush dev "${NIC}"
echo > /etc/resolv.conf

# configure nic without ip address and without arp
ip addr add 0.0.0.0/32 dev "${NIC}"
ip link set "${NIC}" arp off up

# start wireshark
wireshark -i "${NIC}"

exit 0