Page 2 of 12 FirstFirst 1234 ... LastLast
Results 11 to 20 of 112

Thread: How to: E-Z setup a Multi Mode WLAN based on a Fake AP

  1. #11
    Junior Member BT2008's Avatar
    Join Date
    May 2008
    Posts
    33

    Default

    Quote Originally Posted by pureh@te View Post
    Didnt see that. Guess I need to read before I post.
    Found this post: http://forums.remote-exploit.org/wir...nt-squid3.html

  2. #12
    Senior Member Nick_the_Greek's Avatar
    Join Date
    Jan 2010
    Location
    Greece
    Posts
    181

    Default

    @BT2008 and master pureh@te

    Can you please guys provide me more info:

    How are you connected to inet ? (ethernet?) . Can you try getting inet wirelessly?

    What mode is used? ("sslstrip and proxy-ed" ?)

    When running this script in "simple" or "proxyed" or "sslstriped" mode only, can you access https sites?

    If it is used "sslstriped and proxyed" mode, in sarg reports did you see any 'DENIED" messages?

    In "sslstriped and proxyed" mode, when your clients trying to access https sites, did you see in proxychains xterm "OK" messages?

    What version of sslstrip did you try with my script? (v0.1 or v0.6 ?).

    @mikec: pureh@te already answered your question. You may also re-read my 1st post: (I know.Its a little bit long and my English rocks )

    This script is tested with:
    Running on: BT4PF (kernel 2.6.29.4 x86) it should work with newer kernel.

    Internet from: pppoA and wirelessly

    Wireless cards: Atheros AR5001X+ (ath5k and ath_pci) and zydas zd1211rw

    clients: BT4PF and windows XP SP3 EN

  3. #13
    Junior Member BT2008's Avatar
    Join Date
    May 2008
    Posts
    33

    Default

    [QUOTE=Nick_the_Greek;157612]@BT2008 and master pureh@te

    thanx for your fast response here are my answers:

    How are you connected to inet ? (ethernet?) . Can you try getting inet wirelessly?
    --> BT4 in VMware workstation, eth0 for inet and wlan0 with my ALFA
    --> network model: AWUS036E

    What mode is used? ("sslstrip and proxy-ed" ?)
    --> mode 4

    When running this script in "simple" or "proxyed" or "sslstriped" mode only, can you access https sites?
    --> no

    If it is used "sslstriped and proxyed" mode, in sarg reports did you see any 'DENIED" messages?
    --> no

    In "sslstriped and proxyed" mode, when your clients trying to access https sites, did you see in proxychains xterm "OK" messages?
    --> in the shell ssl-output.log I see OK messages but no with all https sites

    What version of sslstrip did you try with my script? (v0.1 or v0.6 ?).
    --> v0.6

  4. #14
    Senior Member Nick_the_Greek's Avatar
    Join Date
    Jan 2010
    Location
    Greece
    Posts
    181

    Default

    Quote Originally Posted by BT2008 View Post
    --> BT4 in VMware workstation, eth0 for inet and wlan0 with my ALFA
    --> network model: AWUS036E
    Well, if you are able to access http pages in "Simple" you should be able to access https pages also. I haven't tried with VMware. Maybe the problem is how VMware handles the hardware. I will try it this week with VMware and I will report back.
    PS.Can you try it with a BT4PF livedvd? If you can not running it again correctly maybe I miss a iptable rule when people are connected to inet through eth. I was presuming that if it is working wirelessly (inet from wireless card) it should be working with Ethernet cards. Which is more than less the same. Maybe I was wrong. Time will tell.

    Nick

  5. #15
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    nick, I was running mine in almost the exact same way as they other guy having the issue. I can provide the logs if you need. I am not to familer with sslstrip so i am having a hard time debugging it. I guess I can try with the live cd and see if it works a little latter today. I was using just ssl strip mode with no proxy,I had some other errors with the proxy option.

  6. #16
    Junior Member BT2008's Avatar
    Join Date
    May 2008
    Posts
    33

    Default

    Quote Originally Posted by Nick_the_Greek View Post
    Well, if you are able to access http pages in "Simple" you should be able to access https pages also. I haven't tried with VMware. Maybe the problem is how VMware handles the hardware. I will try it this week with VMware and I will report back.
    PS.Can you try it with a BT4PF livedvd? If you can not running it again correctly maybe I miss a iptable rule when people are connected to inet through eth. I was presuming that if it is working wirelessly (inet from wireless card) it should be working with Ethernet cards. Which is more than less the same. Maybe I was wrong. Time will tell.

    Nick
    I will try it with the livedvd and give you the results

    For your information:
    2 wireless cards, 1 onboard and 1 trough usb (ALFA)
    Onboard wireless card inet, in BT I see eth0 has the IP of the VMware dhcp.
    So you have wireless connection trough eth0 to inet and trough wlan0 the FakeAP.

  7. #17
    Junior Member BT2008's Avatar
    Join Date
    May 2008
    Posts
    33

    Default

    Quote Originally Posted by BT2008 View Post
    I will try it with the livedvd and give you the results

    For your information:
    2 wireless cards, 1 onboard and 1 trough usb (ALFA)
    Onboard wireless card inet, in BT I see eth0 has the IP of the VMware dhcp.
    So you have wireless connection trough eth0 to inet and trough wlan0 the FakeAP.
    Here are the results:

    BT4 boot, eth0 (ethernet) for init and wlan1 (usb) for fakeAP.
    Mode 4 --> no https
    Mode 1 (simple wlan) YES I get access to https.

    So what kind of conclusion do we have??
    Hope that we can solve this issue

  8. #18
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    So now I am trying your script with a eeepc with bt4 on hardrive in case the vw was the issue and now I cant get to the internet at all. Ill keep trying it but as of now its not working. Heres what I am using:

    eeepc
    bt4 on hardrive
    eth0 connected to LAN with cable
    Alfa 500w usb card for the soft AP

    note: I do know how to use sslstrip and that works fine on my lan so its a soft AP issue. At least with the vm I had http working. More testers would help to people.

    EDIT: well i spent all morning on this and could not get it to work

  9. #19
    Senior Member Nick_the_Greek's Avatar
    Join Date
    Jan 2010
    Location
    Greece
    Posts
    181

    Default

    Well, I am missing something and this must be dhcpd.conf and iptables rules. I know my script it's working, when you are getting internet through a modem or through a wireless card. Unfortunately I don't have any router at my home to test with. I have in my work. I will do some testing with it no soon then the next weekend. Sorry guys. You have be patient. Kids - work doesn't left me much free time. Anyway, I will try I quick fix:

    @BT2008
    I got to change some things, when eth0 is used to connect to Internet. Since you are able to access http & https sites in "Simple" mode then the fault is mine. I was wrong in iptables rules in the other 3 modes. You can try this.(It's working for me, but I am getting right know Internet through a modem)
    Download link removed. Please download from the 1st post

    @Pureh@te
    Clients can ping the server and vise versa?
    Clients can resolve domain names?
    Maybe some firewall rules in your LAN doesn't let the script to forward dns request to LAN? ( I am using dnsmasq)
    If the problem is in resolving domain names you can manually modify the script by:
    1).Go to line 924. and edit:
    Code:
    DNS1=$INETIP
    to yours ISP primary DNS server
    Code:
    DNS1="xxx.xxx.xxx.xxx
    and if your ISP provide you with a secondary DNS server goto line 925 and edit:
    Code:
    DNS2=""
    to
    Code:
    DNS2="xxx.xxx.xxx.xxx"
    If not leave it as it is.
    Run the script again and check dhcpd.conf file in /$HOME_DIR///dhcpd3/ to see if changes have been made.

    For both you guys, for the moment, the easiest way to get this script to work is to get internet through a modem or wirelessly. It's tested and verified.

    I am looking forward for your feedbacks.

    Keep in touch.

    Nick

  10. #20
    Member
    Join Date
    Sep 2008
    Posts
    146

    Default

    Hi there guys I was going over the thread and saw some of you were having troubles connecting to certain sites while others worked. I ran into similar trouble when testing hm2075's WPA keygrabber. After testing for days I finally found out that the problem was with the USB Alfa cards mtu size.

    For some reason by reducing the mtu it solved the problems and allowed access to all the web pages.

    I know its a shot in the dark for what is most likely an SSLStrip problem, but give it a try before you pull your hair out if you guys can't find another solution.
    Morpheus: "You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland and I show you how deep the rabbit-hole goes."

    Neo: "What if I take both?"

    Morpheus: "Don't do that! You end up like Nick Nolte!"

Page 2 of 12 FirstFirst 1234 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •