[Script] [Video] FakeAP_pwn (v0.2.1)

[frostbyt3]

g0tm1k...
Awesome stuff man, I'm always a big fan of your videos.

I'm having a little problem maybe you can help me with or point me in the right direction.
I get to the point where I connect to the "Free WiFi" AP, but when I open a browser it times out and I don't get any results. The "upgrade" page is never displayed. I'm running VMWare on Windows 7 Ultimate. I have turned off firewall, and AV as recommended. Is there something else I need to edit in the .sh file?

Thanks for your help and excellent quality work.

[nivong]

g0tmi1k just posted a update on his blog:
( g0tmi1k: [Script] [Video] fakeAP_pwn (v0.2.1) )
g0tmi1k said...

@Everyone:
Before I make a post about it - here is v0.2.2-beta2
fakeAP_pwn.sh

+ Fix Gatway Bug
+ Fix DHCP PID Bug
+ Checks for other index files. And acts on it.
+ Checks to make sure user copied www/. And acts on it.
+ Added more tools to "extra"
+ Added extra settings (Respone to all requests, WiFiName)
> "Improved" chances of DHCP working <-- Needs more work
> "Started" work on transparent <-- Needs more work
> "Started" work on allow a custom backdoor <-- Needs more work
- Removed Linux/OSX - was confusing people
17 May 2010 17:50

[frostbyt3]

Thanks nivong & g0tmi1k, for the update, but still isn't working.

2 AP's show up in Windows & Wicd. One labeled "Other Network" & "Free-Wifi (as it should)

When I look to investigate the problem it states a problem with the DNS. Here's the error in Windows...
•The Domain Name Server (DNS) is not reachable.
•The Domain Name Server (DNS) does not have a listing for the website's domain.

[seanile]

great script worked first time on eeepc does what it says on the can !!.
not tried v2.2 yet
suggestion would it be possible to include hm2075 wireless key grabber?
many thanks

[joker5bb]

youhave to start a dynamic dns (bind9)
or use ettercap-ng

i still cant port forward 80

so if a user enters
Mozilla Firefox Start Page
it will not redirect
nor would this
https://mail.google.com/mail/?shva=1#inbox

[nivong]

Thanks nivong & g0tmi1k, for the update, but still isn't working.

2 AP's show up in Windows & Wicd. One labeled "Other Network" & "Free-Wifi (as it should)

When I look to investigate the problem it states a problem with the DNS. Here's the error in Windows...
•The Domain Name Server (DNS) is not reachable.
•The Domain Name Server (DNS) does not have a listing for the website's domain.

Is your ETH0 connected to the internet? do you have internet in backtrack trough eth0? check with ifconfig if you have a IP

youhave to start a dynamic dns (bind9)
or use ettercap-ng

i still cant port forward 80

so if a user enters
Mozilla Firefox Start Page
it will not redirect
nor would this
https://mail.google.com/mail/?shva=1#inbox

well you don't need to, if you look in the script and have touch a THING then it redecricts all users to: 10.0.0.1:80 so there is something wrong with your btrack i thing, dubble checked everything?

[joker5bb]

i know what it says, but it does not work

[g0tmi1k]

fakeAP_pwn - Updated to v0.2.2
+ Fix Gateway Bug
+ Fix DHCP PID Bug
+ Checks for other index files. And acts on it.
+ Checks to make sure user copied www/. Else acts on it.
+ Added more tools to "extra".
+ Added extra settings (Respone to all requests, WiFiName)
> Improved debug info
> Aligned the output windows
> Improved chances of DHCP working (Might need more work)
> "Started" work on transparent (Needs more work)
> "Started" work on allow a custom backdoor (Needs more work)
> Improved the code/Clean it up.
- Removed Linux/OSX - was confusing people

[g0tmi1k]

i know what it says, but it does not work

Care to share, what doesn't work?! What you have tired, whats your setup?

I may just have misinterpreted them. If you have the redirect rule in place (to redirect the target to your FakeAP webpage) but don't have the masquerade rule (which does the NAT work for you) they will not be able to route packets through your FakeAP - timeouts or flatout errors will occur. I'm making an educated guess here.

By the way, the ddns update thing is for automatically updating named to reflect the hostname of the machine that has requested the IP if memory serves, "none" should be sufficient for our needs here.

Code:

iptables -t nat -A PREROUTING -i at0 -p udp -j DNAT --to $gatewayIP
iptables -A FORWARD -i at0 -j ACCEPT
iptables -t nat -A POSTROUTING -o $gatewayInterface -j MASQUERADE

and thanks for choosing which one (DDNS Update) is needed. (=

g0tm1k...
Awesome stuff man, I'm always a big fan of your videos.

I'm having a little problem maybe you can help me with or point me in the right direction.
I get to the point where I connect to the "Free WiFi" AP, but when I open a browser it times out and I don't get any results. The "upgrade" page is never displayed. I'm running VMWare on Windows 7 Ultimate. I have turned off firewall, and AV as recommended. Is there something else I need to edit in the .sh file?

Thanks for your help and excellent quality work.

Thanks.
Try the new update.

Thanks nivong & g0tmi1k, for the update, but still isn't working.

2 AP's show up in Windows & Wicd. One labeled "Other Network" & "Free-Wifi (as it should)

When I look to investigate the problem it states a problem with the DNS. Here's the error in Windows...
•The Domain Name Server (DNS) is not reachable.
•The Domain Name Server (DNS) does not have a listing for the website's domain.

Try the new update.

great script worked first time on eeepc does what it says on the can !!.
not tried v2.2 yet
suggestion would it be possible to include hm2075 wireless key grabber?
many thanks

Glad to hear that it work for you!
Umm...in the the new v0.2.2, Ive started work on allowing the user to enter their own payload. BUt the problem is, it doesnt get anything back. Saying that, isnt their already a script for that?

[frostbyt3]

g0tmi1k
Even after the update = Still not working. eth0 is connected to my home wan. wlan0 is my wifi interface. Other boxes using to test include Windows 7 Ultimate & Windows Vista both with the firewalls and AV turned off for this test specifically. Like I said before the ssid "Free Wifi" shows just no connection is being made.
Any other ideas?

Guess I'll just have to go back to running the commands separately. ::sigh::