Results 1 to 10 of 185

Thread: [Script] [Video] FakeAP_pwn (v0.2.1)

Threaded View

  1. #1
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Lightbulb [Script][Video] fakeAP_pwn.sh (v0.2.5)

    Links
    Watch video on-line: http://g0tmi1k.blip.tv/file/3622180
    Download video:
    http://www.mediafire.com/?pmnasjkp3jc7t0k


    ~ V0.3 FINAL IS OUT ~
    [Script] [Video] fakeAP_pwn (v0.3)



    What is this?

    An update to the script, fakeAP_pwn. This is a bash script to automate creating a 'Fake Access Point' and 'pwn' whoever connects to it! The FakeAP is transparent (allowing the target to afterwards surf the inter-webs once they have been exploited!), and the payload is either SBD (Secure BackDoor - similar to netcat!) or VNC (remote desktop).


    How does this work?
    > Creates a fake AP and DHCP server.
    > Runs a web server & creates an exploit with metasploit.
    > Waits for the target to connect, download and run the exploit.
    > Once successfully exploited it grants access to allow the target to surf the inter-webs.
    > Uploads a backdoor; SBD or VNC, via the exploit
    > The attacker has the option to run a few 'sniffing' programs (from the dnsiff suite) to watch what the target does on the FakeAP!


    What do I need?

    > Two interfaces, one for Internet (wired/wireless) and the other for becoming an access point (wireless only - must support monitor mode)
    > A Internet connection (though you could modify it so its non transparent)
    > Airmon-ng, dhcpd3, apache, metasploit, dnsiff suite --- All on BackTrack!
    > The script! fakeAP_pwn-v0.2.5.tar.gz (490.3 KB, SHA1:541d91c19ff32777317385218820233a62f1dc76)


    Whats in the tar.gz?
    > fakeAP_pwn.sh --- Bash script
    > www/index.php --- The page the target is forced to see before they have access to the Internet.
    > www/Linux.jpg, OSX.jpg, Windows.jpg --- OS pictures
    > www/sbd.exe --- SBD Backdoor> www/vnc-g0tmi1k.exe --- VNC Backdoor


    How to use it?1.) Extract the tar.gz file (via tar zxf fakeAP_pwn-v0.2.5.tar.gz).
    2.) Copy the "www" folder to /var/www (cp www/* /var/www/)
    3.) Make sure to "Start Network" and to have an IP address. (via start-network and dhclient [Internet Interface])
    4.) Edit fakeAP_pwn.sh with your "internet" and "wireless" interface. (You can view your interfaces via ifconfig and use kate to edit the file.)
    5.) bash fakeAP_pwn.sh (don't forget to be in the correct folder!)
    6.) Wait for a connection...
    7.) ...Game Over.

    Commands:
    Code:
    tar zxf fakeAP_pwn-v0.2.5.tar.gz
    cd fakeAP_pwn-v0.2.5
    cd fakeAP_pwn
    cp www/* /var/www
    ifconfig
    kate fakeAP_pwn.sh
    bash fakeAP_pwn.sh




    Notes:


    • This time it should work for everyone, just not me =P
    • The video uses fakeAP_pwn.sh v0.2.1
    • It's worth doing this "manually" (without the script) before using the script, so you have an idea of what's happening, and why. The script is only meant to save time.
    • I'm running BackTrack 4 Final in VM, The target is running Windows 7 Ultimate (fully up-to-date 2010-05-13), with no firewall, no AV and no UAC. Tested with windows XP SP3 Professional as well.
    • The connection is reversed - so the connection comes from the target to the attacker, therefore, as the attacker is the server, it could help out with firewalls...
    • As you can see in the code, one day I plan for this to also "affect" Linux and/or OSX...but its taken me this long to update it - so don't hold your breath!

    Song: Medicin - Summer Drummer
    Video length: 3:20
    Capture length: 8:12

    Blog Post: http://g0tmi1k.blogspot.com/2010/05/...ppwn-v021.html
    Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/28363-%5Bscript%5D-%5Bvideo%5D-fakeap_pwn-v0-2-1-a.html#post161837



    v0.2.5
    > Removed silly typos

    v0.2.4
    + Added arguments
    + Checks for superuser
    + Checks interfaces/paths/files exists
    + Improved transparent mode (Thanks joker5bb)
    > General code improvements
    > Updated the help message

    v0.2.3
    + Fakes the MAC address (Thanks joker5bb)
    + Fix “wicd” bug (Thanks joker5bb)
    + Randomizes ports each time
    + Reversed VNC - No need to type in password now
    + Stops and removes existent backdoors
    + Stops services and programs (Thanks joker5bb)
    + Uses “msfencode” - to prevent detection
    + Webpage now has a "favicon"
    > Fix a few minor features - Couple of silly typos (Thanks joker5bb)
    > General code improvements
    > Improved "clean up" code
    > Improved the WiFi interface (Thanks joker5bb)
    > Renamed the backdoor files
    > Renamed the output windows

    v0.2.2
    + Fix gateway bug
    + Fix DHCP PID Bug
    + Checks for other index files. And acts on it.
    + Checks to make sure user copied www/. Else acts on it.
    + Added more tools to "extra".
    + Added extra settings (Response to all requests & WiFiName)
    > Improved debug info
    > Aligned the output windows
    > General code improvements
    > Improved chances of DHCP working (Might need more work)
    > "Started" work on transparent (Needs more work)
    > "Started" work on allow a custom backdoor (Needs more work)
    - Removed Linux/OSX - was confusing people

    v0.2.1
    + Remade first release
    > Created Video

    v0.1
    + First public release
    Last edited by g0tmi1k; 03-05-2011 at 02:17 PM.
    Have you...g0tmi1k?

Similar Threads

  1. Replies: 6
    Last Post: 10-08-2010, 11:40 PM
  2. Script help
    By isdigit in forum OLD Newbie Area
    Replies: 2
    Last Post: 08-21-2009, 02:35 AM
  3. Video: Nmap Video Tutorial 2: Port Scan Boogaloo
    By Irongeek in forum OLD Tutorials and Guides
    Replies: 0
    Last Post: 05-30-2008, 08:07 PM
  4. Video: Nmap Video Tutorial 2: Port Scan Boogaloo
    By Irongeek in forum OLD BT1, Whax and Auditor Videos
    Replies: 0
    Last Post: 05-30-2008, 08:07 PM
  5. LZM Script/lzm2dir script
    By unseen in forum OLD Tutorials and Guides
    Replies: 2
    Last Post: 11-29-2007, 02:51 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •