Results 1 to 6 of 6

Thread: how to force clients to connect to fake ap

  1. #1
    Just burned his ISO
    Join Date
    Dec 2010
    Posts
    1

    Question how to force clients to connect to fake ap

    Hi every one i have a simple question that i didn't find an answer for it i wish this forum help me ::

    when i set up the fake ap with airbase and haveing apache server configured,dnsspoof ready and the pishing page ready too

    all this to hack wpa/wpa2 but there is still one *** problem when i use aireplay -0 0 - (bssid) to deauth the clients of the real ap i also deauthinticate my fake ap too as i have previosly set up the same bssid and the channel and the same essid of the real ap so no one can connect either to my fake ap or the real ap

    even when i use airdrop-ng the same thing happens pleeeaaaase help

    thanks

  2. #2
    Just burned his ISO
    Join Date
    Jan 2011
    Location
    Mississauga, Ontario, Canada
    Posts
    20

    Default Re: how to force clients to connect to fake ap

    Quote Originally Posted by karam View Post
    Hi every one i have a simple question that i didn't find an answer for it i wish this forum help me ::

    when i set up the fake ap with airbase and haveing apache server configured,dnsspoof ready and the pishing page ready too

    all this to hack wpa/wpa2 but there is still one *** problem when i use aireplay -0 0 - (bssid) to deauth the clients of the real ap i also deauthinticate my fake ap too as i have previosly set up the same bssid and the channel and the same essid of the real ap so no one can connect either to my fake ap or the real ap

    even when i use airdrop-ng the same thing happens pleeeaaaase help

    thanks
    No laughing at this idea...it may be a long shot. I'm thinking that your problem relates to your antenna...as I type this i have doubts. However, nothing ventured, nothing gained. Here is a link to a homemade device that allows you to boost/focus your antenna

    http://www.freeantennas.com/projects...te2/index.html

    Good luck.

  3. #3
    Just burned his ISO
    Join Date
    May 2010
    Posts
    19

    Default Re: how to force clients to connect to fake ap

    As far as i know, you do not need to use the same BSSID of real AP, but only the ESSID must be the same.

  4. #4
    Senior Member iproute's Avatar
    Join Date
    Jan 2010
    Location
    Midwest, USA
    Posts
    192

    Default Re: how to force clients to connect to fake ap

    Deauth the client's MACs specifically, not the AP MAC. I think the trouble is you are not being specific enough with your command, or airdrop rule list.

  5. #5
    Just burned his ISO
    Join Date
    Dec 2010
    Posts
    15

    Default Re: how to force clients to connect to fake ap

    This forum has helped me out before, so I'll give it my best to return the favor.

    Please, somebody correct me if I'm wrong.

    I'm definitely not an expert on airbase-ng, but what I've gathered from some episodes of Hak5 and other forum posts is that the only clients that you're going to net with an attack like this are clients that have previously connected to an UNSECURED network, have remembered that network, and are set to auto-connect to it: for example, a coffee shop, airport, or some public libraries.

    The reason for this is that in order for the client to connect to you, your fake AP has to have the same settings as the real ap that your target would try to connect to. Same MAC, same ESSID, and most importantly, the same encryption and encryption key.

    If you don't know the encryption key for the real AP, then how can you set it on your fake one? That's why this attack works for unsecured networks... It's easy to spoof an ESSID and MAC address of an open network, and you don't have to worry about the encryption key at all. Then if you net the client, you can grab their WPA or WPA2 keys with a program like Wireless Key Viewer fairly easily of you successfully exploit their box and open a session.

    This way, you're not actually trying to spoof the AP that the target is currently connected to, but rather an unsecured AP that the target remembers and would send out a probe request for if deauth-ed. This easily gets around the problem of their real AP and your fake AP both getting deauth-ed because they're essentially identical.

    If airbase could work by setting an encryption flag, but then get the client to connect unencrypted anyway, that would be news to me. Awesome news.
    Last edited by AzraelSepultura; 01-20-2011 at 09:28 AM. Reason: Forgot to include the point I tried to make :/

  6. #6
    Senior Member
    Join Date
    Jun 2007
    Location
    UK
    Posts
    175

    Default Re: how to force clients to connect to fake ap

    Are you to close i.e. testing on the same desk.
    I have intermittent problems but move fake AP to another room and things improve.
    This may also be the wifi card. I have been using atheros wifi which works some of the time. The last few days I have been testing using a zidas zd1211 USB with an extenal aerial on the same desk and things seem a lot more stable.
    Using g0tmi1k fakeAP127_pwn script, this script is magic.

Similar Threads

  1. Replies: 4
    Last Post: 07-17-2010, 01:58 PM
  2. How to "force" a client to connect to a fake AP?
    By JackBauer in forum Beginners Forum
    Replies: 13
    Last Post: 06-23-2010, 03:59 PM
  3. Multiple Clients, Opn Encryption, Wont let connect!
    By thebellbell in forum OLD BackTrack 4 General Support
    Replies: 0
    Last Post: 03-05-2010, 06:19 AM
  4. Brute force a .cap
    By grahamb314 in forum OLD Newbie Area
    Replies: 2
    Last Post: 01-02-2010, 02:49 PM
  5. How to force ARP packets
    By wcsdkqh in forum OLD BackTrack v2.0 Final
    Replies: 2
    Last Post: 05-27-2007, 02:44 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •