Page 1 of 14 12311 ... LastLast
Results 1 to 10 of 136

Thread: Soft AP / Phishing Script [Release]

  1. #1
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Soft AP / Phishing Script [Release]

    Meet the PwnSTAR: Pwn_SofT_Ap_scRipt

    Will do far more than launch airbase-ng:

    • manage interfaces and MACspoofing
    • set up sniffing
    • serve up phishing or malicious web pages
    • launch karmetasploit
    • grab WPA handshakes
    • de-auth clients
    • manage IPtables

    Updated feature list:
    • captive-portal with iptables and php
    • more php scripts added
    • exploits added
    • mdk3 and airdrop deauth


    Designed to lead beginners through all the steps (and hopefully experts too will find it useful) - everything should work OOTB.

    Huge nod to snafu777, and in fact to everyone who has posted a script here.





    All comments appreciated - let me know if anything doesn't work, and what features you would like added.

    [Current version 0.84 - see post #125]

    Spend an evening with the PwnSTAR at http://code.google.com/p/pwn-star/downloads/list
    Last edited by VulpiArgenti; 01-13-2013 at 07:06 PM. Reason: Update announced

  2. #2
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Here is an example of a phishing page, as seen by the victim, demonstrating PwnSTAR acting as a web server. It offers free WiFi in exchange for credentials. It only needs one...

    As it stands it doesn't have too many legitimate uses. However, it would be a simple job to copy the target's business logo onto the page, or clone their site, and then fire up PwnSTAR near the premises.

    I've only started learning html, so this is pretty rough. Feel free to contribute a more refined version. The more elegant, the more chance of success.




    Instructions for use:
    download and untar
    copy the hotspot directory into /var/www
    set permissions;
    hotspot directory:- group www-data, create and delete files
    formdata.txt:- group www-data, rw
    process-form-data.php:- make executable
    leave index.html where it is; PwnSTAR will move it into position

    Download from http://code.google.com/p/pwn-star/downloads/list
    Last edited by VulpiArgenti; 04-10-2012 at 06:37 AM. Reason: Updated version

  3. #3
    Member
    Join Date
    Jan 2010
    Location
    Netherlands
    Posts
    84

    Default Re: Soft AP / Phishing Script [Release]

    THis looks great! An update of FakeAP by g0tm1lk finaly !

  4. #4
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Thanks nivong. G0tm1lk's script did have more powerful exploits than PwnSTAR - I'm working on it!

  5. #5
    Member
    Join Date
    Dec 2011
    Posts
    86

    Default Re: Soft AP / Phishing Script [Release]

    looks good! can't wait to see it in action

  6. #6
    Member
    Join Date
    Jan 2010
    Location
    Netherlands
    Posts
    84

    Default Re: Soft AP / Phishing Script [Release]

    Cool, can't wait to see it getting futher developed!

    will test now and report back.

    Report:
    #resize -s 38 85 &> /dev/null # resize the terminal
    commented out because it really f*cks up the resize and it's way to small and totaly weird resizing

    2e:
    wlan0 00:1e:65:24:8c:ce
    is in use, stupid. Try another interface
    It's not and I have no other interface for wlan. I would recommend make an option to "unuse" it. Ifconfig wlan0 down didn't work. Going for a restart now.
    After reboot, same error. Can't continue
    BTW I used option uno, honypot.
    Last edited by nivong; 04-05-2012 at 03:29 AM.

  7. #7
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Hi nivong,

    Thanks for the quick feedback - just what I need to progress the script.

    The resize isn't important but I'm curious to discover why it doesn't work for you. You can see in the screenshot the size it gives me. Are you perhaps in KDE, or using an alternative terminal?

    The interface error message will only appear if you are trying to set wlan0 for both internet connected interface and AP interface. For the honey pot we don't give internet access - set your wlan0 as the AP interface. This is how it goes:

    Code:
    How do you want to use the AP?
        
        1) Honeypot: get the victim onto your AP, then use nmap, metasploit etc 
    
                     no internet access given
        
        2) Grab WPA handshake
        
        3) Sniffing: provide internet access, then be MITM
        
        4) Web server: redirect the victim to your webpage
        
        5) Karmetasploit
         
         
        q) Exit from the script
        
        
    1  ### enter 1
    
    
    
    Wireless interface to use for AP?
    
    
    wlan0   00:c0:XXXXXX
    wlan0   ### enter wlan0
    
    Starting monitor mode...
    etc
    Let me know how you get on.

  8. #8
    Member
    Join Date
    Jan 2010
    Location
    Netherlands
    Posts
    84

    Default Re: Soft AP / Phishing Script [Release]

    I am on BT5 R2 64 BIT KDE. With a resolution of : 1366x768 (if I am correct)


    The problem was I just hit enter after it says:
    Wireless interface to use for AP?


    wlan0 00:c0:XXXXXX
    (I just hitted enter here)

    So I didn't wrote wlan0. Little confusing meby? I would have changed it in :
    Which Wireless interface to use for AP? (write down)
    wlan0 00:c0:XXXXXX
    I haven't tested it yet on BT5, I will do this tomorrow on april 6te

  9. #9
    Junior Member
    Join Date
    Dec 2011
    Posts
    30

    Default Riferimento: Soft AP / Phishing Script [Release]

    hello vulpiargenti, my compliments for your great script. i tried it with the webserver option, and had a little problem: the fake ap goes up perfectly, but the pc that connect to it can't see the fake web page. i tried giving access to internet when asked (when you select the first card it's highlighted in yellow, the second instead remains in brown, probably a little omission in the code?) and without connection; the files index.html, formdata.txt and process-form-data.php are in var/www but cannot be found, so i created another folder in var/www and placed the files in it. now they are found and trying the localhost in firefox indeed shows everything, but it's working only on local and not on the fake connection. what am i doing wrong? thank you. (oh and in the airodump session starting the purple-on-black text isn't very readable )

  10. #10
    Senior Member VulpiArgenti's Avatar
    Join Date
    Sep 2011
    Location
    lost
    Posts
    174

    Default Re: Soft AP / Phishing Script [Release]

    Hi bugme,

    Thanks for your comments - much appreciated.

    Regarding the Eterm colours, you can see on the screenshot that they should be a very readable purple/yellow. Please launch Eterm then adjust the background settings: transparency off, pixmap none; then "save theme settings". This gives a blank background to show the script colours.

    You shouldn't need to create any additional directories once you have moved "hotspot" into /var/www. Your directory setup should look like this:

    Code:
    root@bt:~# ls /var/www
    hotspot  index.html  wstool
    root@bt:~# ls /var/www/hotspot
    facebookLogo.jpg  GmailLogo.png   HotmailLogo.png  process-form-data.php
    formdata.txt      GoogleWifi.jpg  index.html       yahoo.gif
    And then running the script (red is your entries):
    Code:
    Setting up the web page
    
    MUST have directory structure set up correctly
    
    Available web directories:
    hotspot
    index.html
    wstool
    
    Select directory
    hotspot
    
    hotspot/index moved into position
    
    Starting Apache...
     * Starting web server apache2                                                [ OK ] 
    ...success
    
    Starting DNS spoofing...
    
    Do you want to tail the credentials txtfile? (y/n)
    y
    
    
    facebookLogo.jpg  GmailLogo.png   HotmailLogo.png  process-form-data.php
    formdata.txt      GoogleWifi.jpg  index.html       yahoo.gif
    
    Enter name of txtfile
    formdata.txt
    
    Web Server attack running
    Try again with it set up like this.

    If there are still problems we need to troubleshoot your victim's connection. Does a lease show up in the "DHCP Tail" eterm, and does the DNSSpoof eterm show activity?

Page 1 of 14 12311 ... LastLast

Similar Threads

  1. SET 0.7 phishing demo
    By pentest09 in forum BackTrack Videos
    Replies: 7
    Last Post: 12-19-2010, 10:31 PM
  2. Soft AP Upside Down image help pls, script nearly works
    By spriggsy in forum Beginners Forum
    Replies: 0
    Last Post: 11-05-2010, 12:01 PM
  3. Soft AP Script not working?
    By spriggsy in forum Beginners Forum
    Replies: 1
    Last Post: 05-19-2010, 01:08 PM
  4. Soft AP bash script
    By junke1990 in forum OLD Wireless
    Replies: 1
    Last Post: 04-03-2010, 08:30 AM
  5. backtrack 4 pre release user login script
    By eidos in forum OLD Newbie Area
    Replies: 1
    Last Post: 07-30-2009, 09:57 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •