Soft AP / Phishing Script [Release]

Printable View

Show 40 post(s) from this thread on one page

04-23-2012, 05:10 AM
deviney

Re: Soft AP / Phishing Script [Release]

Below i have included that output of what you asked and iwconfig. I will try manual setup of mac soon as i have a chance and let you know the result

Code:

root@bt:~# ifconfig eth0 Link encap:Ethernet HWaddr 00:0c:29:78:7f:0a inet addr:192.168.64.131 Bcast:192.168.64.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe78:7f0a/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:119 errors:0 dropped:0 overruns:0 frame:0 TX packets:32 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:12190 (12.1 KB) TX bytes:3263 (3.2 KB) Interrupt:19 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:45 errors:0 dropped:0 overruns:0 frame:0 TX packets:45 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2961 (2.9 KB) TX bytes:2961 (2.9 KB) mon0 Link encap:UNSPEC HWaddr 00-C0-CA-61-C9-35-00-00-00-00-00-00-00-00-00-00 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:15068 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:3901118 (3.9 MB) TX bytes:0 (0.0 B) wlan1 Link encap:Ethernet HWaddr 00:c0:ca:61:c9:35 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) root@bt:~# ifconfig -a | grep wlan wlan1 Link encap:Ethernet HWaddr 00:c0:ca:61:c9:35

Quote:

Originally Posted by VulpiArgenti

Hi deviney,

This output is the problem: wlan1 00-0C-D0-24-15-04-00-00-00-00-00-00-00-00-00-00. I've seen these extra 0's with aircrack, but not ifconfig.

Could you post details of your setup, and the output of:

Code:

ifconfig -a | grep wlan

As a temporary measure, instead of accepting a random MAC, select manual and then enter a (sensible) value. I suspect that will work.
04-24-2012, 06:52 AM
VulpiArgenti

Re: Soft AP / Phishing Script [Release]

[Help requested]

I used a tortuous work-around to set up the captive portal, requiring dnotify.
The elegant way of doing it is based on http://www.andybev.com/index.php/Usi...captive_portal

Steps:

1. Allow apache to write iptables rules, edit SUDOERS so:

Code:

www-data ALL = NOPASSWD: /sbin/iptables

2. Obtain client MAC

3. Call iptables from the php script

PHP Code:

exec("sudo /sbin/iptables -t nat -I PREROUTING -m mac --mac-source $mac -j ACCEPT");

It doesn't work; the script runs, no error messages, but no change to the iptables rules.

I've tried every possible variation without success. Can any php-guru kindly make any suggestions?
04-24-2012, 07:23 PM
deviney

Re: Soft AP / Phishing Script [Release]

I figured out how to fix the mac, i just pluged the usb wireless in and connect it to the VMware before boot of the VM.

hope this helps anyone else who is having this problem

EDIT: new problem

it is that now everythings up and running smoothly i connected my blackberry to the rouge AP and gained internet access trought it.

I then went to gmail login on my blackberry browser and logged in a few times but sslstrip did not catch any of the logins (i also tried facebook, hotmail and yahoo but non worked)

any idea why this could be?

my setup

Code:

64x BT5r2 KDE running in VMWARE Rouge AP on Alfa AWUS036H (eth0) Internet connection from wireless on vm host and NATed to VMWARE (wlan1) using the gateway ip from eth0
04-24-2012, 10:01 PM
devi1

Re: Soft AP / Phishing Script [Release]

Quote:

exec("sudo /sbin/iptables -t nat -I PREROUTING -m mac --mac-source $mac -j ACCEPT");

Have you tried running the command on its own in a terminal?

I tried and did not get any error messages but there were no changes to the iptables
04-25-2012, 02:49 AM
Bl4ckSky

Re: Soft AP / Phishing Script [Release]

Hello I have the following error

My client `s not get DHCP IP

This error comes in the console.

HoW can I fix it?

Thank you

Code:

/tmp/dhcpd.conf Starting DHCP server... Internet Systems Consortium DHCP Server V3.1.3 Copyright 2004-2009 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ /tmp/dhcpd.conf line 10: semicolon expected. } ^ /tmp/dhcpd.conf line 10: unexpected end of file } ^ Configuration file errors encountered -- exiting dhcpd.conf default-lease-time 300; max-lease-time 360; ddns-update-style none; authoritative; log-facility local7; subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.100 192.168.0.200; option routers 192.168.0.1; option domain-name-servers ; }
04-26-2012, 01:32 AM
VulpiArgenti

Re: Soft AP / Phishing Script [Release]

@devi1, the iptables command (without "exec" ) runs fine from the shell (which is how it is currently done in PwnSTAR). It's the calling it from the php script which fails :(

@Bl4ckSky, the script isn't detecting your name-server for some reason. Can you please post the output of:

Code:

cat /etc/resolv.conf apdns=$((grep "nameserver 192.168" /etc/resolv.conf || grep "nameserver 10." /etc/resolv.conf || grep "nameserver 172." /etc/resolv.conf) | awk '{print $2}') echo $apdns
04-26-2012, 02:58 AM
Bl4ckSky

Re: Soft AP / Phishing Script [Release]

@VulpiArgenti

Code:

root@bt:~# cat /etc/resolv.conf nameserver 8.8.8.8 nameserver 8.8.4.4

What should I enter there?

thx
04-26-2012, 04:26 AM
nivong

Re: Soft AP / Phishing Script [Release]

Where is the index.html saved /var/www/portal_hotspot/index.html or /var/www/index.html

Because when I check the HTML file:
/hotspot/GoogleWifi.jpg (i think this needs to be: /portal_hotspot/GoogleWifi.jpg)
and other img as well.
04-26-2012, 04:58 AM
VulpiArgenti

Re: Soft AP / Phishing Script [Release]

Hi nivong,

Quote:

Where is the index.html saved /var/www/portal_hotspot/index.html or /var/www/index.html

/var/www/portal_hotspot/index.html

From the instructions in the script:

Quote:

# Keep all related files (including the index) in a single directory eg "phishing".
# Place the phishing directory into /var/www. Check permissions are correct.
#
# DO NOT place the index file separately into its usual position in /www; the script will copy it into position.
# This allows you to build up a number of phishing directories, with the index safely inside each of them.
# Thus avoiding the risk of deleting the only copy from /www.

The idea is to build a number of /www directories. As there will be multiple index.html (same name, different contents), I designed it this way to prevent them being accidentally deleted.

-------------------------------------------------------------------------

Quote:

i think this needs to be: /portal_hotspot/GoogleWifi.jpg

Well spotted :o
Fortunately it still works so long as /hotspot is also installed.
04-26-2012, 06:40 PM
devi1

Re: Soft AP / Phishing Script [Release]

@VulpiArgenti, can you upload what you have so far with the new captive portal method? I'm not the greatest with php but I can take a look at it.

In the meantime you may want to see if there are any errors in apache's log file.

Show 40 post(s) from this thread on one page