Nice Work, very easy to do as well. I have been fooling around with new methods airbase and airplay ad hocs and this takes the cake. I do not think most people see the big picture with this exploit . GoT MilK & GoT sKiLLs!
Re: [Script] [Video] fakeAP_pwn (v0.3)
Great work guy’s script looks good; I can't wait to get mine working.
Using version #102 with atheros wifi on eeepc using BT4-r1
First problem
can't get consistent results using airbase-ng, sometimes XP or Vista won't connect, the next time it connects OK. I have tried changing line 1412 as previous discussions. (Removed -W 0 & -a) in various configurations still same. Tried different environments, distance between machines and the results are never the same. I think some of the better results were in an area where there were NO other AP’s, so I guess it may be interference from other signals.
Second problem
When I do get my client connected firefox gets Server Not Found, and 10.0.0.1 Failed to connect. (It has worked it many, many times in previous versions, even had wkv working but not much success in the last couple of weeks)
Log shows –
Monitoring connections
Connections~watch –d –n 1 “arp –n –v –I at0”
Waiting for target to run “update” file
Started reverse handler on 10.0.0.1:4564
Starting the payload handler…
Client 00:1A:73:xx:xx:xx associated (unencrypted) to ESSID “Free-WiFi 102”
Tried HostAP but this fails to start. Any pointers to getting hostAP working as I hope this may solve some problems then I can concentrate on the other nice things.
So frustrating as the script now looks awesome and so much work put into it.
Great Work .
Re: [Script] [Video] fakeAP_pwn (v0.3)
Nice Work, very easy to do as well. I have been fooling around with new methods airbase and airplay ad hocs and this takes the cake. I do not think most people see the big picture with this exploit . GoT MilK & GoT sKiLLs!
Last edited by AlphaOmega; 09-10-2010 at 07:15 PM.
Re: [Script] [Video] fakeAP_pwn (v0.3)
Originally Posted by Tr00g33k
Ive just tired all the links for fakeAP_pwn/evilDEB/evilGrade - both the scripts and video links are working for me.
I've found a few little fixes for fakeAP_pwn as it is, the next time I update the SVN, Ill upload a copy to GoogleCode for another mirror. (if you cant wait - PM me your email address)
First problem - Sounds like your using airbase-ng.
Yeah, it does have a few bugs. I think it depends on your hardware/drivers. If you can, its worth doing hostapd
Second problem - Using the latest version of dhcp3-server?
Does the target get an IP address? Can get target ping itself? 10.0.0.1?
Ive only just got my laptop back from repairs, so I havent look into hostapd too much. Joker knows alot more, and has it working.
What hardware are you using? How are you running backtrack?
Thanks for the thanks, and I hate it when something SHOULD work, but doesn't.
Thanks for thanks!
Have you...g0tmi1k?
Re: [Script] [Video] fakeAP_pwn (v0.3)
Yes I am using airbase as I can't get hostAP to runFirst problem - Sounds like your using airbase-ng.
Yeah, it does have a few bugs. I think it depends on your hardware/drivers. If you can, its worth doing hostapd
target gets IP address no problem did not try to ping 10.0.0.1, browser won't connect to 10.0.0.1Second problem - Using the latest version of dhcp3-server?
Does the target get an IP address? Can get target ping itself? 10.0.0.1?
I have bt4-r1 installed on an 8gb sdhc card running in eeepc. wifi is atheros
will set it up again as soon as I get time & try ping.
many thanks
Re: [Script] [Video] fakeAP_pwn (v0.3)
how did you compile hostapd?
Last edited by joker5bb; 09-12-2010 at 05:34 PM.
Re: [Script] [Video] fakeAP_pwn (v0.3)
Hey
i try it and it worked
but i just made a payload for my new AP
My AP works on every OS
can be a separate AP(like yours)
And can be use to fuse with any AP you want and place your fake page on it
thanks
Re: [Script] [Video] fakeAP_pwn (v0.3)
when i try to connect to "free wifi" using window xp sp3, it connects with limited access... ap is in the next room.
Wiffy-Auto-Cracker - was the best thing that ever happen to me. :) Wo0oT :)
AWUSO36H_500mW_5dBi Antenna
Re: [Script] [Video] fakeAP_pwn (v0.3)
Well...What mode do you have fakeAP_pwn set to run in!?
It might be working correctly, just not the mode you want it in!
Example, it will be "limited" if you have it in "non".
Have you...g0tmi1k?
Re: [Script] [Video] fakeAP_pwn (v0.3)
Not got my head round hostapd yet, I need to spent more time looking.how did you compile hostapd?
All Ive done was apt-get to install. I have found the hostapd.conf but not made any changes yet.
/etc/init.d/hostapd start seems to work. If I try and use hostapd in the script it says "hostapd failed to start"
Also tried install via the script with same results.
I have changed the attacker machine to HP laptop with Broadcom WiFi and the FreeWiFi does not show up as an AP on the target machine(another HP laptop). But using a USB adapter (zd1211) in the attack machine (wlan1) things work better. The target can connect to FreeWiFi, down load and get a meterpreter session, and also shell works, but NO access to the internet.Does the target get an IP address? Can get target ping itself? 10.0.0.1?
Target gets IP 10.0.0.150 and can ping 10.0.0.1
I can also ping the router 192.168.1.250
Is this a DNS problem? But I can’t ping googles IP.
Many thanks
Re: [Script] [Video] fakeAP_pwn (v0.3)
no i have it on Transparent
ok it connects now...but
when I run the update file on the victim(s) machine, nothing happens...
Attacker machine just sits at:
[i] Waiting for the target to run the "update" file
everything is set to:
mode:transparent
payload="vnc"
victim1 OS=Windows XP SP3 32-Bit
victim2 OS=Windows 7 64-Bit
same thing happens on both scenarios...
help, thanks.
Last edited by Eatme; 09-15-2010 at 08:27 AM.
Wiffy-Auto-Cracker - was the best thing that ever happen to me. :) Wo0oT :)
AWUSO36H_500mW_5dBi Antenna
Posting Permissions
