Page 5 of 14 FirstFirst ... 34567 ... LastLast
Results 41 to 50 of 137

Thread: Rogue Accesspoint + MitM Sniffing tutorial

  1. #41
    Junior Member
    Join Date
    Sep 2008
    Posts
    85

    Default

    Quote Originally Posted by cybrsnpr View Post
    I don't know that you can run airbase-ng through eth0 (wired side). It's not a wireless interface, so I don't know how the response would be. Can't imagine it would work though.

    If you want a similar test of MTU size, try setting up a VPN using openvpn, run your packets through that and see what happens.
    lets say i were to use a wireless interface? (in this case ath0 or rausb0)
    patience is appreciated =]

  2. #42
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by benzslr123 View Post
    lets say i were to use a wireless interface? (in this case ath0 or rausb0)
    So essentially you are asking if you could use another interface than the one in the script? Yes you could, and you do not have to let airbase-ng respond to all ESSID probes sent out for it to work either. The only difference then will be that the clients have to manually choose to connect to your AP.

    As a side not the steps presented in your previous post seem to leave out all steps needed to actually forward the traffic from airbase-ng to your actual connection. Leaving out this will naturally prevent the clients from accessing the internet and there won't be any traffic for you to sniff using ettercap.
    -Monkeys are like nature's humans.

  3. #43
    Junior Member
    Join Date
    Sep 2008
    Posts
    85

    Default

    so are the following lines

    # ifconfig at0 10.0.0.1 netmask 255.255.255.0
    # ifconfig at0 mtu 1400
    # route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1

    the ones that allow this rogue ap to offer internet connection?
    patience is appreciated =]

  4. #44
    Member imported_Deathray's Avatar
    Join Date
    Oct 2007
    Posts
    381

    Default

    Great add to the thread Revelati! (:

    Quote Originally Posted by benzslr123 View Post
    so are the following lines

    # ifconfig at0 10.0.0.1 netmask 255.255.255.0
    # ifconfig at0 mtu 1400
    # route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1

    the ones that allow this rogue ap to offer internet connection?
    Every line configures the rogue ap to offer internet except the ettercap one.
    What exactly is it you are trying to accomplish?
    - Poul Wittig

  5. #45
    Member
    Join Date
    Jun 2008
    Posts
    50

    Default

    Great thread, thanks to all who are contributing, the script has encouraged me to try a few of my own (simple WEP connection etc) an improvement on the usual "what wifi card should I buy"...

    I have successfully created the rogue AP and can connect and surf various sites on the internet (I am using a ALFA for the rogue AP) and have the settings at 1400 as per the script.

    Once surfing though, I can enable the remote_browser plug in on the ettercap shell which shows the websites being visted but cannot get it configured to show passwords etc? I have tried to use ettercap in another shell but it just closes?

    Is this a limitation of this type of setup or a limitation of my brain?

    Also I have been reading the thread about WirelessKeyHarvesting and am struggling to get it to work on this rogue AP (I havent managed to get it to work on any setup as yet)
    Any pointers?

    Thanks again to all contributers and to all you knowledgable people thank you for sharing...

  6. #46
    Member
    Join Date
    Feb 2010
    Posts
    204

    Default

    what are you struggling with on the wireless key harvester?

    it should be quite simple

    non transparent fake access point with a redirection to a local http server hosting a metasploit payload hidden as a windows update exe, metasploit listener activated with a meterpreter auto script to upload wireless key viewer and download key file.



    let me know how far you have got and i'll try and help

  7. #47
    Junior Member
    Join Date
    Sep 2008
    Posts
    85

    Default

    i guess i'm just trying to break down the script and analyze each step, thank you for the replies
    patience is appreciated =]

  8. #48
    Junior Member
    Join Date
    Sep 2008
    Posts
    85

    Default

    i ran the script and got the following output:

    Enter the name of the interface connected to the internet, for example eth0: ath0
    Enter your wireless interface name, for example wlan0: rausb0
    Enter the ESSID you would like your rogue AP to be called, for example Free WiFi: doNOTconnect
    ./rogueAP.sh: line 7: kill: (9592) - No such process
    dhcpd: no process killed
    airbase-ng: no process killed
    ettercap: no process killed


    Interface Chipset Driver

    wifi0 Atheros madwifi-ng
    ath0 Atheros madwifi-ng VAP (parent: wifi0)
    rausb0 Ralink USB rt73 (monitor mode disabled)



    Interface Chipset Driver

    wifi0 Atheros madwifi-ng
    ath0 Atheros madwifi-ng VAP (parent: wifi0)
    rausb0 Ralink USB rt73 (monitor mode enabled)

    at0: ERROR while getting interface flags: No such device
    SIOCSIFADDR: No such device
    at0: ERROR while getting interface flags: No such device
    SIOCSIFNETMASK: No such device
    SIOCSIFMTU: No such device
    SIOCADDRT: No such process
    X Error: BadWindow (invalid Window parameter) 3
    Major opcode: 20
    Minor opcode: 0
    Resource id: 0x2400007


    any advice on how i can get this to work?
    patience is appreciated =]

  9. #49
    Member
    Join Date
    Feb 2010
    Posts
    204

    Default

    just do it the manual way


    ps modprobe tun is needed as well as ifconfig at0 up

  10. #50
    Member
    Join Date
    Sep 2008
    Posts
    146

    Default

    Quote Originally Posted by benzslr123 View Post
    i ran the script and got the following output:

    Enter the name of the interface connected to the internet, for example eth0: ath0
    Enter your wireless interface name, for example wlan0: rausb0
    Enter the ESSID you would like your rogue AP to be called, for example Free WiFi: doNOTconnect
    ./rogueAP.sh: line 7: kill: (9592) - No such process
    dhcpd: no process killed
    airbase-ng: no process killed
    ettercap: no process killed


    Interface Chipset Driver

    wifi0 Atheros madwifi-ng
    ath0 Atheros madwifi-ng VAP (parent: wifi0)
    rausb0 Ralink USB rt73 (monitor mode disabled)



    Interface Chipset Driver

    wifi0 Atheros madwifi-ng
    ath0 Atheros madwifi-ng VAP (parent: wifi0)
    rausb0 Ralink USB rt73 (monitor mode enabled)

    at0: ERROR while getting interface flags: No such device
    SIOCSIFADDR: No such device
    at0: ERROR while getting interface flags: No such device
    SIOCSIFNETMASK: No such device
    SIOCSIFMTU: No such device
    SIOCADDRT: No such process
    X Error: BadWindow (invalid Window parameter) 3
    Major opcode: 20
    Minor opcode: 0
    Resource id: 0x2400007


    any advice on how i can get this to work?
    For one reason or another your Tun device isnt getting set up correctly. You need to check to make sure that your airbase AP is actually set up, if so then you need to use ifconfig to put up the tun device.

    ifconfig at0 up
    ifconfig at0 10.0.0.1 netmask 255.255.255.0 (or whatever you have based on your dhcpd.conf
    Morpheus: "You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland and I show you how deep the rabbit-hole goes."

    Neo: "What if I take both?"

    Morpheus: "Don't do that! You end up like Nick Nolte!"

Page 5 of 14 FirstFirst ... 34567 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •