[Script] [Video] FakeAP_pwn (v0.2.1)

[joker5bb]

Well one of the big things we fixed was redirection to our page
so no matter which correctly formatted address they type it will work
*this includes https

getting the limited / no connectivity problem is fine for now, there is a valid ip assigned so the victim will still see our page
this would be probably one of the harder thing to fix, since windows contacts a microsoft server requesting some data
dns spoofing is not enough, we need to talk back

[parrotface]

just copied fakeAP_pwn-v0.3 onto BT4 and tried running it but fails at line 185 test -e /usr/sbin/airmon-ng Aircrack-ng isnt installed.
airmon-ng is installed and working an found at /usr/local/sbin/airmon-ng
Does this mean I am not running as correct user or somthing else?
I have never played with users in BT4 only run it as it comes out of the tin.
P.S. Just looked thru your new script and can't wait to get it going with all it's new bits - Great work guy's many thanks

[g0tmi1k]

Good release, cleaner code and more functional, although I still cant seem to assign an IP with the dhcp server... I'v tryed turning off DHCP on the router and even assigning a static IP from the victim computer but still no results; pinging the gateway returns "Host unreachable" and windows is giving "Limited connectivity".

Iv tried all kinds of solutions, What would be causing repeated DHCPDISCOVER / DHCPOFFER requests?

Its a on going issue...
...hope to have a fix for it soon!

Generally? You don't have to be a root user to modify/install a .htaccess file (which is where they came from IIRC). If you're already writing a vhost file, might as well put the ErrorDocument variable inside the definition.

Thanks for the info!
Well the script needs to be root for it to work anyway..so I think it will use vhost file (and yes, its now using ErrorDocument!)

fakedns/DOMAINBYPASS fails for me but when it does want to work I get limited / no connectivity

I never got DOMAINBYPASS to work myself...Now using DNSsppof for the Fake DNS...
but the Limited connectivity is a on going issue...not sure just yet how to fix it

just copied fakeAP_pwn-v0.3 onto BT4 and tried running it but fails at line 185 test -e /usr/sbin/airmon-ng Aircrack-ng isnt installed.
airmon-ng is installed and working an found at /usr/local/sbin/airmon-ng
Does this mean I am not running as correct user or somthing else?
I have never played with users in BT4 only run it as it comes out of the tin.
P.S. Just looked thru your new script and can't wait to get it going with all it's new bits - Great work guy's many thanks

Thats...odd!
Try the newest version?

If anyone wants to help out/try the newest version...

fakeAP_pwn-v0.3-RC8.tar.gz
[Link removed - Newer version out!]

[slowz3r]

If anyone wants to help out/try the newest version...

fakeAP_pwn-v0.3-RC8.tar.gz
http://www.mediafire.com/?21xn2aiztbw

Just tried it out and it says "-geometry command not found" on multiple lines

line 135, "=xterm, not a valid identifier", could be why it fails to draw the xterm windows with -geometry?

in addition "at0: ERROR while getting interface flags. No such device"

in the end failed to create the AP, it could be just something on my end but the previous RC worked pretty well

[joker5bb]

Just tried it out and it says "-geometry command not found" on multiple lines

line 135, "=xterm, not a valid identifier", could be why it fails to draw the xterm windows with -geometry?

in addition "at0: ERROR while getting interface flags. No such device"

in the end failed to create the AP, it could be just something on my end but the previous RC worked pretty well

oopps

remove the $ on line 132 & 135
so it looks like this

if [ "$debug" == "true" ]; then
export xterm="xterm -hold"
echo -e "\e[00;31m[i] Debug Mode\e[00m"
else
export xterm="xterm"
fi

and if any one gets the
Aircrack-ng isnt installed. error
change line 194 to
if ! test -e /usr/local/sbin/airmon-ng; then echo -e "\e[00;31m[-]\e[00m Aircrack-ng isn't installed.";

[slowz3r]

oopps

remove the $ on line 132 & 135
so it looks like this

if [ "$debug" == "true" ]; then
export xterm="xterm -hold"
echo -e "\e[00;31m[i] Debug Mode\e[00m"
else
export xterm="xterm"
fi

and if any one gets the
Aircrack-ng isnt installed. error
change line 194 to
if ! test -e /usr/local/sbin/airmon-ng; then echo -e "\e[00;31m[-]\e[00m Aircrack-ng isn't installed.";

Thanks, didnt notice that when I was browsing through it

Now it seems to work like a normal AP, without the limited/no connectivity but it still doesnt want to redirect to our site?

*edit*

I can navigate to 10.0.0.1 and get our site but clicking "download update" does nothing except open this in a new tabClick Me

[parrotface]

progress report
downloaded latest version v0.3-RC8 and patched lines 132,135,194 and script now runs.
my PDA can see AP but wont connect.
Now fired up XP laptop and connects first time & gets IP address all OK.
Browse google and it connects to the internet NOT our fake page.
browse 10.0.0.1 and I get our fake page (seems very slow)
Tried downloading our update and after very long time I get what looks like a micro soft page "Thank you for your interest in obtaining updates from our site" but No download.
metasploit shows "Starting the payload handler"
arp -n -v -i at0 shows that I am connected
Not changed any settings, just as downloaded, seems I can browse any web page - slower than it did in v2
thanks

[kernel831]

Another progress report with 0.3-RC8... (Using RTL8187 wireless card, and eth0 gateway, NO firewalls/AVs in use on any machine)

A couple of syntax errors fixed with what people have stated above, nothing major. After those were fixed the script executed correctly and the AP goes up. I believe this is important and may be the source of the inconsistent DHCP issues people are having..

-When first tested on a Windows 7 Ultimate(Build 7600), I ran into the repeated DHCP discover/offer requests; Therefore getting no LAN connectivity or internet access on the AP.
-When test again on another machine running Windows XP Pro SP3, DHCP ACK's is almost instant and connectivity is 100% (full LAN access and full internet access via fakeAP).

Could the problem lie within windows 7?

Forcing site redirection to the update page is NOT working properly, although the server is responsive when you type in 10.0.0.1 manually (although when clicking download it redirects in a new window to update.microsoft.com, lags for about 15 minutes, then gets an error). The backdoor download never succeeds.

Transparency and fake DNS servers seem to work flawlessly with an XP victim.

[g0tmi1k]

fakeAP_pwn-v0.3-RC9.tar.gz
[Out Of Date - Newer version out]
> Fix xterm
> Fix aircrack-ng check
> Fix folder copy
> Added new download link in index.php

progress report
downloaded latest version v0.3-RC8 and patched lines 132,135,194 and script now runs.
my PDA can see AP but wont connect.
Now fired up XP laptop and connects first time & gets IP address all OK.
Browse google and it connects to the internet NOT our fake page.
browse 10.0.0.1 and I get our fake page (seems very slow)
Tried downloading our update and after very long time I get what looks like a micro soft page "Thank you for your interest in obtaining updates from our site" but No download.
metasploit shows "Starting the payload handler"
arp -n -v -i at0 shows that I am connected
Not changed any settings, just as downloaded, seems I can browse any web page - slower than it did in v2
thanks

Have you tired using a different MTU value?
How close are you to the AP?

[joker5bb]

can you guys run the script and clear the browser cache,