krats
2017-11-08, 23:18
Good evening everyone.
I am trying to setup a WiFi network with Internet access and to capture its traffic.
Starting conditions:
Linux kali 4.12.0-kali1-amd64 #1 SMP Debian 4.12.6-1kali6 (2017-08-30) x86_64 GNU/Linux;
Network controller: Broadcom Limited BCM4360 802.11ac Wireless Network Adapter (rev 03): compatible through wl driver, but no monitor mode or packet injection; I will use this to connect to an existing WiFi network with Internet Access;
TP-LINK 721N Atheros Communications, Inc. AR9271 802.11n: compatible through ath9k driver, monitor mode and packet injection capability; I will use this to monitor my newly created WiFi, where Internet Access comes from the already existing WiFi.
What I want to do is basically setup a WiFi network that serves the Internet to every device connecting to it, and I think I can do this by using one card as monitor and the other one to provide Internet access.
I am successful in creating the WiFi network, thus enabling the capturing of device requests (e.g. device is trying to connect to facebook.com), although the created WiFi is in "no internet available" mode: I can't manage to give my WiFi internet access.
route -n output:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 wlan0
0.0.0.0 192.168.1.1 0.0.0.0 UG 601 0 0 wlan1
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan1
10.0.0.0 0.0.0.0 255.255.255.0 U 600 0 0 wlan1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan1
192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlan1
192.168.1.0 0.0.0.0 255.255.255.0 U 601 0 0 wlan0
Procedure:
nano /etc/dhcp/dhcpd.conf
Content of dhcpd.conf:
authoritative;
default-lease-time 700;
max-lease-time 8000;
subnet 192.168.2.0 netmask 255.255.255.0{
option routers 192.168.2.1;
option subnet-mask 255.255.255.0;
option domain-name "TestWiFi";
option domain-name-servers 8.8.8.8;
range 192.168.2.100 192.168.2.110;
}
airmon-ng start wlan1
(wlan1 is the ath9k monitor mode capable card)
airbase-ng -c 3 -e TestWiFi wlan1mon
root@kali:~/Desktop# ifconfig at0 192.168.2.1 netmask 255.255.255.0
root@kali:~/Desktop# ifconfig at0 mtu 1400
root@kali:~/Desktop# route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1
root@kali:~/Desktop# echo 1 > /proc/sys/net/ipv4/ip_forward
root@kali:~/Desktop# iptables -t nat -A PREROUTING -p udp -j DNAT --to 192.168.1.1
root@kali:~/Desktop# iptables -P FORWARD ACCEPT
root@kali:~/Desktop# iptables --append FORWARD --in-interface at0 -j ACCEPT
root@kali:~/Desktop# iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
root@kali:~/Desktop# iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
(wlan0 is the wl driver card used just for internet connection)
And now the error:
root@kali:~/Desktop# /etc/init.d/isc-dhcp-server start
[....] Starting isc-dhcp-server (via systemctl): isc-dhcp-server.serviceJob for isc-dhcp-server.service failed because the control process exited with error code.
See "systemctl status isc-dhcp-server.service" and "journalctl -xe" for details.
failed!
root@kali:~/Desktop# systemctl status isc-dhcp-server.service
● isc-dhcp-server.service - LSB: DHCP server
Loaded: loaded (/etc/init.d/isc-dhcp-server; generated; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2017-11-08 21:41:40 UTC; 25min ago
Docs: man:systemd-sysv-generator(8)
Process: 3717 ExecStart=/etc/init.d/isc-dhcp-server start (code=exited, status=1/FAILURE)
Nov 08 21:41:40 kali systemd[1]: Starting LSB: DHCP server...
Nov 08 21:41:40 kali isc-dhcp-server[3717]: Launching both IPv4 and IPv6 servers (please configure INTERFACES in /etc/default/isc-dhcp-server if you only want one or the other).
Nov 08 21:41:40 kali isc-dhcp-server[3717]: Starting ISC DHCPv4 server: dhcpddhcpd service already running (pid file /var/run/dhcpd.pid currenty exists) ... failed!
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Control process exited, code=exited status=1
Nov 08 21:41:40 kali systemd[1]: Failed to start LSB: DHCP server.
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Unit entered failed state.
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Failed with result 'exit-code'.
The following is journalctl -xe output:
Nov 08 21:41:40 kali isc-dhcp-server[3717]: Launching both IPv4 and IPv6 servers (please configure INTERFACES in /etc/default/isc-dhcp-server if you only want one or the other).
Nov 08 21:41:40 kali isc-dhcp-server[3717]: Starting ISC DHCPv4 server: dhcpddhcpd service already running (pid file /var/run/dhcpd.pid currenty exists) ... failed!
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Control process exited, code=exited status=1
Nov 08 21:41:40 kali systemd[1]: Failed to start LSB: DHCP server.
-- Subject: Unit isc-dhcp-server.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Unit isc-dhcp-server.service has failed.
--
-- The result is failed.
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Unit entered failed state.
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Failed with result 'exit-code'.
Nov 08 21:43:58 kali dhcpd[3704]: DHCPDISCOVER from 99:99:aa:aa:aa:aa via at0
Nov 08 21:43:59 kali dhcpd[3704]: DHCPOFFER on 192.168.2.100 to 99:99:aa:aa:aa:aa(MyPhone) via at0
Nov 08 21:43:59 kali dhcpd[3704]: DHCPREQUEST for 192.168.2.100 (192.168.2.1) from 99:99:aa:aa:aa:aa (MyPhone) via at0
Nov 08 21:43:59 kali dhcpd[3704]: DHCPACK on 192.168.2.100 to 99:99:aa:aa:aa:aa (MyPhone) via at0
In the end it's me trying to connect to TestWiFi with my phone. It connects, but without Internet access.
Could you please help me out by telling me if and where I am doing something stupid?
Thank you in advance.
I am trying to setup a WiFi network with Internet access and to capture its traffic.
Starting conditions:
Linux kali 4.12.0-kali1-amd64 #1 SMP Debian 4.12.6-1kali6 (2017-08-30) x86_64 GNU/Linux;
Network controller: Broadcom Limited BCM4360 802.11ac Wireless Network Adapter (rev 03): compatible through wl driver, but no monitor mode or packet injection; I will use this to connect to an existing WiFi network with Internet Access;
TP-LINK 721N Atheros Communications, Inc. AR9271 802.11n: compatible through ath9k driver, monitor mode and packet injection capability; I will use this to monitor my newly created WiFi, where Internet Access comes from the already existing WiFi.
What I want to do is basically setup a WiFi network that serves the Internet to every device connecting to it, and I think I can do this by using one card as monitor and the other one to provide Internet access.
I am successful in creating the WiFi network, thus enabling the capturing of device requests (e.g. device is trying to connect to facebook.com), although the created WiFi is in "no internet available" mode: I can't manage to give my WiFi internet access.
route -n output:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 wlan0
0.0.0.0 192.168.1.1 0.0.0.0 UG 601 0 0 wlan1
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan1
10.0.0.0 0.0.0.0 255.255.255.0 U 600 0 0 wlan1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan1
192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlan1
192.168.1.0 0.0.0.0 255.255.255.0 U 601 0 0 wlan0
Procedure:
nano /etc/dhcp/dhcpd.conf
Content of dhcpd.conf:
authoritative;
default-lease-time 700;
max-lease-time 8000;
subnet 192.168.2.0 netmask 255.255.255.0{
option routers 192.168.2.1;
option subnet-mask 255.255.255.0;
option domain-name "TestWiFi";
option domain-name-servers 8.8.8.8;
range 192.168.2.100 192.168.2.110;
}
airmon-ng start wlan1
(wlan1 is the ath9k monitor mode capable card)
airbase-ng -c 3 -e TestWiFi wlan1mon
root@kali:~/Desktop# ifconfig at0 192.168.2.1 netmask 255.255.255.0
root@kali:~/Desktop# ifconfig at0 mtu 1400
root@kali:~/Desktop# route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1
root@kali:~/Desktop# echo 1 > /proc/sys/net/ipv4/ip_forward
root@kali:~/Desktop# iptables -t nat -A PREROUTING -p udp -j DNAT --to 192.168.1.1
root@kali:~/Desktop# iptables -P FORWARD ACCEPT
root@kali:~/Desktop# iptables --append FORWARD --in-interface at0 -j ACCEPT
root@kali:~/Desktop# iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
root@kali:~/Desktop# iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
(wlan0 is the wl driver card used just for internet connection)
And now the error:
root@kali:~/Desktop# /etc/init.d/isc-dhcp-server start
[....] Starting isc-dhcp-server (via systemctl): isc-dhcp-server.serviceJob for isc-dhcp-server.service failed because the control process exited with error code.
See "systemctl status isc-dhcp-server.service" and "journalctl -xe" for details.
failed!
root@kali:~/Desktop# systemctl status isc-dhcp-server.service
● isc-dhcp-server.service - LSB: DHCP server
Loaded: loaded (/etc/init.d/isc-dhcp-server; generated; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2017-11-08 21:41:40 UTC; 25min ago
Docs: man:systemd-sysv-generator(8)
Process: 3717 ExecStart=/etc/init.d/isc-dhcp-server start (code=exited, status=1/FAILURE)
Nov 08 21:41:40 kali systemd[1]: Starting LSB: DHCP server...
Nov 08 21:41:40 kali isc-dhcp-server[3717]: Launching both IPv4 and IPv6 servers (please configure INTERFACES in /etc/default/isc-dhcp-server if you only want one or the other).
Nov 08 21:41:40 kali isc-dhcp-server[3717]: Starting ISC DHCPv4 server: dhcpddhcpd service already running (pid file /var/run/dhcpd.pid currenty exists) ... failed!
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Control process exited, code=exited status=1
Nov 08 21:41:40 kali systemd[1]: Failed to start LSB: DHCP server.
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Unit entered failed state.
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Failed with result 'exit-code'.
The following is journalctl -xe output:
Nov 08 21:41:40 kali isc-dhcp-server[3717]: Launching both IPv4 and IPv6 servers (please configure INTERFACES in /etc/default/isc-dhcp-server if you only want one or the other).
Nov 08 21:41:40 kali isc-dhcp-server[3717]: Starting ISC DHCPv4 server: dhcpddhcpd service already running (pid file /var/run/dhcpd.pid currenty exists) ... failed!
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Control process exited, code=exited status=1
Nov 08 21:41:40 kali systemd[1]: Failed to start LSB: DHCP server.
-- Subject: Unit isc-dhcp-server.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Unit isc-dhcp-server.service has failed.
--
-- The result is failed.
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Unit entered failed state.
Nov 08 21:41:40 kali systemd[1]: isc-dhcp-server.service: Failed with result 'exit-code'.
Nov 08 21:43:58 kali dhcpd[3704]: DHCPDISCOVER from 99:99:aa:aa:aa:aa via at0
Nov 08 21:43:59 kali dhcpd[3704]: DHCPOFFER on 192.168.2.100 to 99:99:aa:aa:aa:aa(MyPhone) via at0
Nov 08 21:43:59 kali dhcpd[3704]: DHCPREQUEST for 192.168.2.100 (192.168.2.1) from 99:99:aa:aa:aa:aa (MyPhone) via at0
Nov 08 21:43:59 kali dhcpd[3704]: DHCPACK on 192.168.2.100 to 99:99:aa:aa:aa:aa (MyPhone) via at0
In the end it's me trying to connect to TestWiFi with my phone. It connects, but without Internet access.
Could you please help me out by telling me if and where I am doing something stupid?
Thank you in advance.