Results 1 to 2 of 2

Thread: Fake AP (WEP encripted) with airbase-ng

  1. #1
    Just burned his ISO
    Join Date
    Feb 2012

    Default Fake AP (WEP encripted) with airbase-ng

    I'm trying to setup a fake AP for learning purposes with WEP encryption. I'm following the SecurityTube's wlan security megaprimer.

    In part 16/17 we are required to set up a fake AP with WEP with airbase-ng and have the client connect to it.

    Vivek then says that the client should connect even without any DHCP server and use APIPA to get an IP after a while.

    I can't get the client to connect when the access point is encrypted. In any other case it goes as it is supposed to. What i mean is that if i don't have the wep encription beacon up in airbase-ng, i can use a bridge with brctl to and the client connects perfectly. Also, if in airbase-ng i give it the -w option with the pass the client uses, it also goes well. But as the goal is using this AP to do a caffe latte attack, i don't think a should need to do this...

    I've followed the packets trace and what happens is that after the authentication and association fase, the clieant sens a deauth package to the AP. My fake AP replie that the authentication and the association went well. I don't know why this happens. Can you guys help me?

    I'm using the Alfa AWUSO36H and Backtrack 5 r2 kde 32 bits inside a Vbox.

    Here are all the commands i type:
    airmon-ng start wlan0
    iwconfig mon0 channel 1
    iwconfig wlan0 channel 1
    airobase-ng -W 1 -c 1 --essid test mon0
    #i also tried this sometimes
    #ifconfig at0 up
    #and even this
    #brctl addbr mitm
    #brctl addif eth0
    #brctl addif at0
    #ifconfig eth0 up
    #ifconfig at0 up
    #ifconfig mitm up
    #dhclient3 mitm
    Nothing works, any help?

  2. #2
    Just burned his ISO
    Join Date
    Jul 2012

    Default Re: Fake AP (WEP encripted) with airbase-ng

    After entering all those commands, enter

    echo 1 > /proc/sys/net/ipv4/ip_forward

    Also, it could be your network card. I was using a AR9285 (i think), and I had to recompile the kernel with the b43 drivers that were in the backtrack 5r1 kernel. You can find directions here:

    But try the command first (i think that's the right folder...if not check around in the /proc/sys folder, its there somewhere.

Similar Threads

  1. New Ghost Phisher (Fake DNS, Fake HTTP e.t.c)
    By savioboyz in forum Experts Forum
    Replies: 51
    Last Post: 05-08-2011, 06:38 PM
  2. Replies: 5
    Last Post: 12-11-2010, 04:32 PM
  3. Using Airbase-ng
    By lex0429 in forum Beginners Forum
    Replies: 3
    Last Post: 10-17-2010, 03:59 PM
  4. airbase-ng -P -C 30
    By imported_onryo in forum OLD Wireless
    Replies: 2
    Last Post: 05-22-2009, 10:04 PM
  5. airbase-ng
    By level in forum OLD Wireless
    Replies: 4
    Last Post: 04-22-2008, 01:20 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts