Page 5 of 15 FirstFirst ... 34567 ... LastLast
Results 41 to 50 of 144

Thread: [Script] [Video] fakeAP_pwn (v0.3)

  1. #41
    Good friend of the forums Eatme's Avatar
    Join Date
    Aug 2009
    Location
    Socks5
    Posts
    308

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    Quote Originally Posted by g0tmi1k View Post
    It was a issue for me! I had to unscrew the antenna of one of my WiFi cards...and the signal as still very strong! #108 has a lot of bug fixes and more of a detailed log file...worth trying!
    wow..lol you're very fast with these updates (#109). To get rid of that, I just made a script to auto run command -u before the script starts.

    But anyway, looks like I got some progress today after installing the new kernel. I got infected (vnc:mode), but I'm having "time out" issues. I changed the MTU to 1800 from the default value and ran it again and it timed out at uploading the .rb script.

    Any further suggestions.. ?

    Until then I'll keep trying different scenarios.. C ya later.
    Wiffy-Auto-Cracker - was the best thing that ever happen to me. :) Wo0oT :)
    AWUSO36H_500mW_5dBi Antenna

  2. #42
    Member joker5bb's Avatar
    Join Date
    Feb 2010
    Posts
    166

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    i actually came up with another way of fixing the redirection to our page by using the bind DNS server

  3. #43
    Just burned his ISO
    Join Date
    Sep 2010
    Posts
    9

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    Having an issue with 109 and rth8187 drivers - no internet access in -m normal -v (worked in 104).

    Found a workaround in 109 that also speeds up internet access speed to almost transparent -
    rmmod rtl8187
    modprobe r8187

    kate fakeAP_pwn.sh - change "mon0" to "wlan1" (if you have 2 cards, else this won't work - also, IP must be through eth0) - there are 2 instances of "mon0" in the script, change them both.

    The script is error checking for multiples of wlan0 and wlan1 and will error out when found - is there an easy way to change this behavior when using the r8187 drivers as they don't spawn a "mon" interface? i.e. wlan0 for IP and wlan1 for AP?

    Thanks for the cool new toy to play with :-)

    Casca

  4. #44
    Senior Member
    Join Date
    May 2010
    Posts
    198

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    Ive been playing with this for a bit now and it took about a day to realize the drivers were damaged in my "victim" comp. I changed cards and tried another computer and it works fine on both.

    Now I'm trying to turn off the running WWW page and run my own stuff.

    Is it wrong to do this to someone connecting to me? My neighbor has been poking at my AP. I know who's doing it but i don't want him to know yet. bastard.

    Thanks again for the learning experience g0tmi1k. I learned a lot watching this progress.

  5. #45
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    Quote Originally Posted by Eatme View Post
    wow..lol you're very fast with these updates (#109). To get rid of that, I just made a script to auto run command -u before the script starts.

    But anyway, looks like I got some progress today after installing the new kernel. I got infected (vnc:mode), but I'm having "time out" issues. I changed the MTU to 1800 from the default value and ran it again and it timed out at uploading the .rb script.

    Any further suggestions.. ?

    Until then I'll keep trying different scenarios.. C ya later.
    Yes, I've got the time at the mo to update it (and reply to threads ). I have been thinking about adding an "auto-update" feature, but the only problem is, I keep messing about with the "internals/framework". I do my best to test as much as I can, but more offend than not, there's a few errors/bugs - breaking peoples builds. If you want to run that risk, keep on using your script

    I don't think (and someone else did too), that the MTU value isn't working. It's on the todo/tofix list.
    I think the issue is that the DNS isn't updating (someone else has reported this as well)
    Does "normal" mode work? I think it's when it changes over from "forced" to "normal", each mode works ("non" and "normal"), but it cant change from one to the other ("transparent").
    Could you also "try transparent" mode, become infected, when it times out, just disconnect and reconnect to the AP, does it then work?



    Quote Originally Posted by joker5bb View Post
    i actually came up with another way of fixing the redirection to our page by using the bind DNS server
    Ill get in touch with you about this (=



    Quote Originally Posted by Casca View Post
    Having an issue with 109 and rth8187 drivers - no internet access in -m normal -v (worked in 104).

    Found a workaround in 109 that also speeds up internet access speed to almost transparent -
    rmmod rtl8187
    modprobe r8187

    kate fakeAP_pwn.sh - change "mon0" to "wlan1" (if you have 2 cards, else this won't work - also, IP must be through eth0) - there are 2 instances of "mon0" in the script, change them both.

    The script is error checking for multiples of wlan0 and wlan1 and will error out when found - is there an easy way to change this behavior when using the r8187 drivers as they don't spawn a "mon" interface? i.e. wlan0 for IP and wlan1 for AP?

    Thanks for the cool new toy to play with :-)

    Casca
    Alot has changed from 104 to 109.. I'll try "normal" out in my lab when I next can, and see whats what.

    Thanks for pointing out the speed up tips. I'll give it a try as well, and add it in for the next release I do.

    Yes the default will not work with everyone's hardware, and the monitor interface may be different (just like it is for you!) You can either edit the file or you can add "-t wlan1" each time.
    I've taken out one "mon0" that shouldn't of been there for the next release I do

    I've tired to use variables instead of "wlan0, wlan1, mon0" therefore it doesn't matter what they are called, it still should check them the same way
    If it's not working for you - could you say what line number (and what build) you are using?

    Thanks for thanks & feedback!
    Last edited by g0tmi1k; 09-18-2010 at 09:54 AM.
    Have you...g0tmi1k?

  6. #46
    Good friend of the forums Eatme's Avatar
    Join Date
    Aug 2009
    Location
    Socks5
    Posts
    308

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    Quote Originally Posted by g0tmi1k View Post
    Yes, I've got the time at the mo to update it (and reply to threads ). I have been thinking about adding an "auto-update" feature, but the only problem is, I keep messing about with the "internals/framework". I do my best to test as much as I can, but more offend than not, there's a few errors/bugs - breaking peoples builds. If you want to run that risk, keep on using your script

    I don't think (and someone else did too), that the MTU value isn't working. It's on the todo/tofix list.
    I think the issue is that the DNS isn't updating (someone else has reported this as well)
    Does "normal" mode work? I think it's when it changes over from "forced" to "normal", each mode works ("non" and "normal"), but it cant change from one to the other ("transparent").
    Could you also "try transparent" mode, become infected, when it times out, just disconnect and reconnect to the AP, does it then work?
    Ok this time I tested with a whole seperate computer in the other room.
    -Windows XP SP3

    Everything is working on transparent mode except:
    1.Internet doesn't work, it just returns error page
    2.After running the script, I had to manually copy all of the files in "www (fakeAP_pwn)" to the "/var/www" folder, not (/var/www/fakeAP_pwn) because the targets pc kept returning a blank white page "It Works!" which is the index.html file in "/var/www". Don't know where it came from but I deleted it.

    weird because I never had to copy the files into this DIR like this...

    PS to everyone-NEVER TEST THIS ON YOU SELF ON VMWARE, it will not work or you will run into slight problems.
    Wiffy-Auto-Cracker - was the best thing that ever happen to me. :) Wo0oT :)
    AWUSO36H_500mW_5dBi Antenna

  7. #47
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    Quote Originally Posted by Casca View Post
    Having an issue with 109 and rth8187 drivers - no internet access in -m normal -v (worked in 104).

    Found a workaround in 109 that also speeds up internet access speed to almost transparent -
    rmmod rtl8187
    modprobe r8187

    kate fakeAP_pwn.sh - change "mon0" to "wlan1" (if you have 2 cards, else this won't work - also, IP must be through eth0) - there are 2 instances of "mon0" in the script, change them both.

    The script is error checking for multiples of wlan0 and wlan1 and will error out when found - is there an easy way to change this behavior when using the r8187 drivers as they don't spawn a "mon" interface? i.e. wlan0 for IP and wlan1 for AP?

    Thanks for the cool new toy to play with :-)

    Casca
    I've tested both 109 and 112 - I didn't get a problem when I tired normal mode (or any mode for that matter!)
    Does the target get an IP? Can it ping google? Does it get the correct DNS? Can it ping the AP? How close/far away are you? Could you post the output from -d? Running in VM? Using airbase-ng?

    I've added in your fix about rtl8187 and mon0. Thanks for the hint (=
    Also I'm hoping that the checks will work with 'wlan*' instead of 'mon*'



    Quote Originally Posted by Eatme View Post
    Ok this time I tested with a whole seperate computer in the other room.
    -Windows XP SP3

    Everything is working on transparent mode except:
    1.Internet doesn't work, it just returns error page
    2.After running the script, I had to manually copy all of the files in "www (fakeAP_pwn)" to the "/var/www" folder, not (/var/www/fakeAP_pwn) because the targets pc kept returning a blank white page "It Works!" which is the index.html file in "/var/www". Don't know where it came from but I deleted it.

    weird because I never had to copy the files into this DIR like this...

    PS to everyone-NEVER TEST THIS ON YOU SELF ON VMWARE, it will not work or you will run into slight problems.
    That message, "It Works!", is the default one when you just run Apache WITHOUT fakeAP_pwn conf file.
    fakeAP_pwn creates a conf when you run it, that give more 'features', one being it changes the the folder it uses from /var/www to $www.
    After fakeAP_pwn stops running, it disables and deletes the conf file, restoring it back to how it was.

    Yes, running either the attacker or target in a virtual machine CAN (not always and not every time) cause problems (just like it says in the 'Troubleshooting/Help' bit. (=
    Have you...g0tmi1k?

  8. #48
    Good friend of the forums Eatme's Avatar
    Join Date
    Aug 2009
    Location
    Socks5
    Posts
    308

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    new version gives me:

    Code:
    [i] Configuring: Chaning monitorInterface to:
    SIOCSIFMTU: No such device
    [!] The monitor interface mon0, isn't correct.
    
    [i] *** BREAK ***
    Wiffy-Auto-Cracker - was the best thing that ever happen to me. :) Wo0oT :)
    AWUSO36H_500mW_5dBi Antenna

  9. #49
    Just burned his ISO
    Join Date
    Sep 2010
    Posts
    9

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    Quote Originally Posted by Eatme View Post
    new version gives me:

    Code:
    [i] Configuring: Chaning monitorInterface to:
    SIOCSIFMTU: No such device
    [!] The monitor interface mon0, isn't correct.
    
    [i] *** BREAK ***
    Hi, I got the same thing - if you have 2 r8187L based wifi cards you can fix it by:

    nano fakeAP_pwn.sh
    change mon0 to wlan1 and save - I had a look at the code and it's removing the rtl8187 drivers and replacing them with r8187 automatically, so there is no "mon0" being created.


    Might want to issue rmmod r8187 & modprobe rtl8187 after the script runs, or just insert that code near the end to complete the cleanup (the mac80211 autoloads with the rtl8187 so no need to modprobe it.

  10. #50
    Senior Member
    Join Date
    May 2010
    Posts
    198

    Default Re: [Script] [Video] fakeAP_pwn (v0.3)

    might have a bug with meterpreter while running "true" for extras.

    VNC WKV and my own encoded payload worked perfectly with the script until I put the extras value to true.
    (it sends the stage then gives a sessions ID then stalls forever)

    test comp gives up to 3 popups for the download and starts 2 sessions

    I was still able to get a meterpreter session on the side with a different port while the fake AP was connected to my test computer. so its not the connection or meterpreter.

    Did I miss if there was wep support for airbase? didn't see it in the script anywhere. I'm afraid to continue with hostapd.

    Ver 112
    using ath9k
    eth0 to an AP without internet access (changed ping google.com to 192.168.1.1 to get around the check by your script)
    these are the only alterations to your script.

    Hope this is helpful. ver 109 works for my purposes but I will keep trying the new versions

    What a fun project!!!

Page 5 of 15 FirstFirst ... 34567 ... LastLast

Similar Threads

  1. [Script][Video] EvilGrade (v0.1.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 27
    Last Post: 03-06-2011, 12:24 PM
  2. [Script] [Video] metasploit-FakeUpdate (v0.1.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 30
    Last Post: 12-06-2010, 04:53 PM
  3. [Script][Video] - Using McGrew Security's nbnspoof.py
    By orgcandman in forum Beginners Forum
    Replies: 3
    Last Post: 11-17-2010, 07:36 PM
  4. [Script] [Video] FakeAP_pwn (v0.2.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 184
    Last Post: 09-02-2010, 11:01 AM
  5. Replies: 10
    Last Post: 07-12-2010, 03:04 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •