Page 3 of 12 FirstFirst 12345 ... LastLast
Results 21 to 30 of 112

Thread: How to: E-Z setup a Multi Mode WLAN based on a Fake AP

  1. #21
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    It's tested and verified.
    Thanks for the reply. You cant really say tested and verified if no one else can get it to work though. Ill try again later. I was getting internet from a modem and the soft AP was a alfa card. You should re read my post maybe.

  2. #22
    Senior Member MikeCa's Avatar
    Join Date
    Jan 2010
    Location
    DC
    Posts
    129

    Default

    My config:

    - bt4 pre-release running in VMWare Fusion 2.0.5 (host Snow Leopard)
    - Alfa AWUS036E (wlan0)
    - eth0 for connection

    My experience:

    - It was confusing when asked to choose the language for Sarg, just being honest (I see that once I got it right that the example was a good example "English".) What confused me was that there was a # next to each language that made me think I needed to type a number. Either way, type out the language, like "English".

    #1: Simple WLAN worked right away, no issues. (http and https to gmail.com, got certificate warning).
    #2: Same, worked fine, no cerficate warning
    #3: could run http, not https. "code 400, message Bad Request version" showed up in output-ssl.log
    #4: same result as #4, but got "code 400, message Bad Request syntax" in output-ssl.log

    Good start, let's get these bugs ironed out.

    Quote Originally Posted by Revelati View Post
    For some reason by reducing the mtu it solved the problems and allowed access to all the web pages.
    How do I reduce the MTU when using airbase-ng? In this script it fires up and says that it is trying to use 1500. I have searched documentation for airbase-ng and it does not seem to support a mtu argument. Should this be done through ifconfig?

  3. #23
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Do not double post edit your posts using the Edit button located at the bottom right hand side of said post.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  4. #24
    Senior Member Nick_the_Greek's Avatar
    Join Date
    Jan 2010
    Location
    Greece
    Posts
    181

    Default

    Well. Maybe there is an issue with alpha cards and SSLstrip.
    http://forums.remote-exploit.org/wir...tml#post139360

    I also found out that I have some minor faults in iptables for 3 and 4 modes, but in a weird way its working for me. I upload a new version. Please go to the 1st post, download again and try it out. At wlan.conf you will see a new option:
    Code:
    MTU_MON 1400
    If it is needed, please change that. Don't know yet what should be. It will change the mtu value for "at0" when no "madwifi-ng drivers - atheros card" is found, or the mtu value for ath0 when madwifi-ng drivers and atheros card is present.

    9 days ago I started a post
    http://forums.remote-exploit.org/wir...02-11-mtu.html
    but I got no reply yet. So is hard to me to say what to do with mtu.
    For me the value of 1400 (for arheros card broadcasting and internet from pppoA) it's OK. Haven't "played" hard with it.

    @pureh@te
    I am reading very carefully, but you know, my English are...Maybe I misunderstand you.
    Quote Originally Posted by pureh@te View Post
    eth0 connected to LAN with cable
    Quote Originally Posted by pureh@te View Post
    I was getting internet from a modem and the soft AP was a alfa card. You should re read my post maybe.
    What I was trying to say is: if the machine, that is running my script, is getting internet through a modem (point-to-point connection) then things should be easier. Not from a Ethernet card.

    As for:
    Quote Originally Posted by pureh@te View Post
    You cant really say tested and verified if no one else can get it to work though.
    Yes, you are right at some point. It's tested and verified for some very limited configurations. In matter a fact 3 different wifi-cards, 2 different ISPs, 2 types of connections to internet (pppoA and wirelessly), 3 different PCs and one eeepc as a client and a server.

    @Revelati,
    Can you please bring some light to it. Which is that value for Alpha cards?
    So I can add that value into my script, when a Alpha card is used with airbase-ng.

    @Mikec
    Quote Originally Posted by mikec View Post
    #1: Simple WLAN worked right away, no issues. (http and https to gmail.com, got certificate warning).
    #2: Same, worked fine, no cerficate warning
    #3: could run http, not https. "code 400, message Bad Request version" showed up in output-ssl.log
    #4: same result as #4, but got "code 400, message Bad Request syntax" in output-ssl.log
    You shouldn't get any certificate warning in simple mode. We just give Internet access to our clients in this mode.
    Please download again and try out. It should work now.
    To reduce or to increase mtu:
    ifconfig wlan0 mtu xxxx. Note that some wifi cards doesn't let change the mtu value above or below 1500.

    Guys, I don't want to torture you. I am trying to find what is wrong with a hardware that I don't own. Please help me out so anyone can use this little-stupid script.

    Nick

  5. #25
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Nick, sorry I realize there is a language issue I wasnt trying to sound mean although when I re read my post it was a little harsh. Anyway I would like to help you get this working because I think its a great idea. I will try to work on it some today while I am at work.

  6. #26
    Senior Member Nick_the_Greek's Avatar
    Join Date
    Jan 2010
    Location
    Greece
    Posts
    181

    Default

    Quote Originally Posted by pureh@te View Post
    Anyway I would like to help you get this working because I think its a great idea. I will try to work on it some today while I am at work.
    You just won vacations to Greece.

  7. #27
    Junior Member BT2008's Avatar
    Join Date
    May 2008
    Posts
    33

    Default

    @ Nick the Greek
    ----------------

    @BT2008
    I got to change some things, when eth0 is used to connect to Internet. Since you are able to access http & https sites in "Simple" mode then the fault is mine. I was wrong in iptables rules in the other 3 modes. You can try this.(It's working for me, but I am getting right know Internet through a modem)

    For both you guys, for the moment, the easiest way to get this script to work is to get internet through a modem or wirelessly. It's tested and verified.

    Hello Nick, great to see that you really want to have it work for everybody
    When you read my post then you know that I tried to connect trough Internet from a wireless card and from a ethernet card but both don't work for https .

    I will download your 'new' script again and try it tonight I will give you the results asap.

  8. #28
    Senior Member Nick_the_Greek's Avatar
    Join Date
    Jan 2010
    Location
    Greece
    Posts
    181

    Default

    Quote Originally Posted by BT2008 View Post
    Hello Nick, great to see that you really want to have it work for everybody
    With a little help-test from you guys it will work. I am sure for that. It's not something difficult. I just don't own the hardware equipment that you have.

    As for the 'new' script, at least you should get ( I hope ) mode 1-2-3 working. If it is not very hard for you, try as many combinations as you can. Different modes, wifi-cards etc.


    Thank you for being a part of this. Looking forward for your results.

    Nick.

  9. #29
    Junior Member BT2008's Avatar
    Join Date
    May 2008
    Posts
    33

    Default

    Quote Originally Posted by Nick_the_Greek View Post
    Results: http and https is working, so far so good Nick
    But there are no registrations of visited https sites in the output-ssl.log, I only tested mode 4.
    Do you have any idea?
    -BT2008-
    CHATTER: "We can't tell you why you should trust us. But trust us."

  10. #30
    Junior Member
    Join Date
    Jan 2010
    Posts
    55

    Smile

    Nick,
    Excellent script. I spent the last 6 hours or so picking your script apart to understand how and why you do what you do.

    I have an Atheros card (Orinoco 8480-FC) and everything works great. I installed the patched madwifi drivers and got the AP working in both master and monitor modes.

    For some reason I have to `airmon-ng start wifi0` prior to running your script. After that everything works.

    I'm getting AMAZINGLY FAST wifi speeds from connected clients. Sustained download rates of 600+Kbps. No one would even notice any MITM activity. HTTP and *some* HTTPS sites work. My 2 banks work until you actually try to log in, then I get a time out. Other SSL sites work flawlessly like gmail, my work's MS Exchange, etc.. No cert popups of any kind.

    Sarg is a nice touch as well. I'm not that familiar with squid, but will dig a little deeper now that I'm interested. I did notice that when running sslstrip, the reports are all IPs - not domains. Kind of useless without the domain names of the websites.

    What would really be nice is sslsniff... going to keep chopping up your script and see if I can't get it working myself.

    Very good job, I really hope to see this tool evolve over time. I'd be very interested in supporting this and trying new things. I'm going to keep playing around with different things and report back what works / what breaks with new functionality.

    EDIT: Tried my HTTPS banks again and all was good.

Page 3 of 12 FirstFirst 12345 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •