Page 12 of 15 FirstFirst ... 21011121314 ... LastLast
Results 111 to 120 of 144

Thread: [Script] [Video] fakeAP_pwn (v0.3)

  1. #111
    Member joker5bb's Avatar
    Join Date
    Feb 2010
    Posts
    166

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    I just got back to testing and I got bind9 to do all dns lookups to us.
    here is how to do it:

    Code:
    nano /etc/bind/named.conf.default-zones
    zone "." {
    type master;
    file "/etc/bind/db.home.com";
    };
    Code:
    nano /etc/bind/db.home.com
    $TTL 604800
    @ IN SOA ns.home.com. root.home.com. (
    6444666 ; Serial
    604800 ; Refresh
    86400 ; Retry
    2419200 ; Expire
    604800 ) ; Negative Cache TTL
    ;
    @ IN NS 192.168.1.1
    IN A 192.168.1.1
    * IN A 192.168.1.1
    Code:
    /etc/init.d/bind9 restart

  2. #112
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    Quote Originally Posted by 00diabolic View Post
    Ahh ok.. damn so even if they send the WPA key it will be like capturing the handshake and doing a standard dictionary attack? No real benefit to it? Or does this capture reveal more of the key like its length or something for example?

    If you have that kind of ability to have them connected to your fake ap you would think you could get the key with no fuss.

    Maybe running a app to infiltrate there system is necessary after all. There WPA key is stored under network properties under the ESSID.

    Thanks for the reply Ill keep looking into this..
    Yes, it's just a different way to get the handshake that is needed to crack WPA/WPA2.
    The advanage is some people have "issues" with deauthing the client, this way they connect to you *Just have to wait for them to do so. FakeAP + Deauth ~MAY~ work, when just Deauth doesn't.*
    As far as I know - its the same info. (and there isn't a way of knowing the length until you found the key =P)

    The reason why it is a "fuss", is because its all salted (Not sent in plain-text - it compare hashs instead), hence why you need the SSID (and with rainbow tables - you have to create a new table for each SSID).

    You can use WirlessKeyView to create a text file with all the networks (just have to find a different way into the system run it), OR use a bigger dictionary until you crack it.



    Quote Originally Posted by pentest09 View Post
    A nice little phishing attack serve it up from webserver on bt? bit like login phishing neat idea. No need for a host banning you

    Keep up the good work
    regards dee
    The issues I believe with a phishing attack, if people are just surfing around for a WiFi, they connect, open their browser, see that they need to login, then they just move on to another network.
    If they they use they just need to run a program before they can use the internet - I believe there is a greater chance that they will stay.

    I'm not sure what you mean by "host banning".



    Quote Originally Posted by joker5bb View Post
    well im redoing the whole thing with jquery & ajax
    there will be client-side and server-side validation, output to .txt file with ip & passphrase
    also we can write commands to php file to check if the passphrase is correct.
    We are now talking of using 3 wifi cards.
    Well done with the new web page & bind9 work
    Nice new attack to try =) maybe bind9 might the DNS answer that some people need =D
    Side note: 3 WiFi cards = Health issues?! :P


    Quote Originally Posted by cseven View Post
    Well then luckily I have 3 wifi cards
    =O I'm running out of USB ports...
    Have you...g0tmi1k?

  3. #113
    Member joker5bb's Avatar
    Join Date
    Feb 2010
    Posts
    166

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    Im testing out Coovachilli for the multiclient feature for fakeap_pwn. In vmware hostapd is too slow. I need to build a dedicated test server.

  4. #114
    Just burned his ISO
    Join Date
    Dec 2010
    Location
    Behind You....
    Posts
    2

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    I'm getting some weird things from this script.

    Whenever it fires up, my victim box (win 7) shows every wireless ap from my bt box (btr2).

    When i connect to "Free Wifi" i sometimes get nothing but an "IE Cannot Display Webpage error" or a continuous search loop.

    Any ideas?

    id be happy to provide more information.

    Best regards ,

    The Midget

  5. #115
    Just burned his ISO
    Join Date
    Jan 2011
    Posts
    1

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    My setup and problem

    Attacker: VMWare backtrack 4 + rtl8187l + fakeAP_pwn 0.3 115
    Target: Windows 7 (no antivirus/firewall etc is my own computer)

    Target can find the network find, can connect fine, gets IP etc, loads up the spoof webpage, downloads the backdoor.

    However that is it? Nothing else happens.

    So on the attacker it's stuck at "sending stage (xxxxx bytes) to 10.0.0.151"

    On the target the program is running, checked process list, but nothing is happening? Tried leaving it running for few minutes, nada, tried hostapd but that doesn't load, tried different browsers and different wireless adaptors for the ap, no diff???

  6. #116
    Junior Member leg3nd's Avatar
    Join Date
    Feb 2011
    Posts
    32

    Question Re: [Script] [Video] fakeAP_pwn (v0.3)

    Quote Originally Posted by g0tmi1k View Post
    Thanks fnord0 for testing/feedback.

    Hmm...
    After a quick google search of, IceTransOpen, I found this.
    Source: https://lists.ubuntu.com/archives/ub...ry/066789.html
    Personally I wouldn't delete it, just move it somewhere safe...
    ORSource: http://www.ubuntux.org/dapper-gnome-error


    I've just downloaded a fresh copy from mediafire, and tested it with my Linksys WUSB54GC using BackTrack 4 R1 (In VirtualBox) and I didn't get any like that...
    So the programs/commands run correctly (e.g. it works & you can see all the xterm windows?), just getting that output?

    Thanks for the thanks!
    Hey I have narrowed down this error a bit more and was curious if anyone had found a solution..

    It makes sense that you would not have gotten the error in a BT4 R1 installation because it doesn't seem to be an issue in R1.

    I tried these solutions and all it did was start giving me the same error, but now in terminator as well.. So I restored the backed up folders and I am back to square one.

    Xterm throws out these errors all over the place while terminator has no problems.

    So basically this seems to only be an issue with BT4 R2 installations, or maybe a fluxbox problem. (im not using KDE, maybe fnord0 is using fluxbox too?).

    Regardless, it seems that full functionality is available in xterm, but these errors all over the place do make most my scripts a bit messy.

    Any help or advice is appreciated.

  7. #117
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    16

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    Very nice... I will help to enhance it and post my progress here

  8. #118
    Member joker5bb's Avatar
    Join Date
    Feb 2010
    Posts
    166

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    Today I went back to bind9, and i finally made it work properly, this method below would be the solution for dns.
    For me it worked really fast with hostapd, please test it out - this is not in the scipt yet

    edit /etc/bind/named.conf
    options {
    directory "/var/cache/bind";
    auth-nxdomain no;
    recursion yes;
    allow-recursion {any;};
    allow-query {any;};
    };
    zone "." {
    type master;
    file "/etc/bind/db.root";
    };
    edit /etc/bind/db.root
    $TTL 604800
    @ IN SOA localhost. root.localhost. (
    1337 ; Serial
    604800 ; Refresh
    86400 ; Retry
    2419200 ; Expire
    604800 ) ; Negative Cache TTL
    ;
    @ IN NS 192.168.1.1
    @ IN A 192.168.1.1
    * IN A 192.168.1.1
    start bind9
    Code:
    /etc/init.d/bind9 start
    next step is squid proxy - insert our own javascript in to web pages

    *if hostapd does not work for you, make sure you are using mac80211-based drivers and check if it has AP mode support for your wireless card
    check with "iw list"

    Possible fixes:
    -If it hostapd does not work correctly upgrade to latest drivers
    -using fragmentation patch on mac80211 breaks hostapd
    -try out the dev version of hostapd
    Last edited by joker5bb; 02-22-2011 at 06:17 PM.

  9. #119
    Just burned his ISO Jaylong's Avatar
    Join Date
    Dec 2010
    Location
    China
    Posts
    15

    Question 回复: Re: [Script] [Video] fakeAP_pwn (v0.3)

    Quote Originally Posted by herrdign View Post
    after updating to v #112 the script gave me an error:

    Code:
    [>] Analyzing: Environment
    fakeAP_pwn.sh: line 531: wlan0: command not found
    [!] Internet access: Failed.
    [i] Switching mode: non

    changed line 531 to:
    Code:
    if  [ ! "$command" ]  ; then
    don't know if i messed it up, but it's working again. using gprs-modem via usb (wvdial) at ppp0.
    can you tell me how can it work again,my problemi is it stuck Analyzing: Environment or Internet access: Failed
    斯须九重真龙出,一洗万古凡马空

  10. #120
    Just burned his ISO Jaylong's Avatar
    Join Date
    Dec 2010
    Location
    China
    Posts
    15

    Question 回复: [Script] [Video] fakeAP_pwn (v0.3)

    i get new version from this site #127,yesterday it worked well ,it is amazing ...but today i use it again but
    Code:
    [>] Analyzing: Environment # here is stuck long time then 
    [!] Internet access: Failed
    [i] Switching mode: non
    [>] Configuring: Environment
    i have no idea about this ,yesterday it worked ,
    斯须九重真龙出,一洗万古凡马空

Page 12 of 15 FirstFirst ... 21011121314 ... LastLast

Similar Threads

  1. [Script][Video] EvilGrade (v0.1.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 27
    Last Post: 03-06-2011, 12:24 PM
  2. [Script] [Video] metasploit-FakeUpdate (v0.1.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 30
    Last Post: 12-06-2010, 04:53 PM
  3. [Script][Video] - Using McGrew Security's nbnspoof.py
    By orgcandman in forum Beginners Forum
    Replies: 3
    Last Post: 11-17-2010, 07:36 PM
  4. [Script] [Video] FakeAP_pwn (v0.2.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 184
    Last Post: 09-02-2010, 11:01 AM
  5. Replies: 10
    Last Post: 07-12-2010, 03:04 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •