Originally Posted by
thepoor
Crix,
Can you post the steps that you do? it would be easier for us to debug it for you. I was having the same issue with the connection but I figured it out.
Ok, i follow the same procedure, of Zimmaro:
1 - set the wireless card in monitor mode:
Code:
airmon-ng start wlan0 11
Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e
PID Name
2436 NetworkManager
2531 wpa_supplicant
2543 dhclient
Interface Chipset Driver
wlan0 Intel 3945ABG iwl3945 - [phy0]
(monitor mode enabled on mon0)
2 - start the fake access point :
Code:
root@kali-Cris:/home/cristian# airbase-ng -c 11 -e FAKE-IT mon0
15:55:41 Created tap interface at0
15:55:41 Trying to set MTU on at0 to 1500
15:55:41 Trying to set MTU on mon0 to 1800
15:55:41 Access Point with BSSID 00:1F:xx:xx:xx:xx started.
3 - set the at0 interface
Code:
root@kali-Cris:/home/cristian# ifconfig at0
at0 Link encap:Ethernet HWaddr 00:1f:xx:xx:xx:xx
inet addr:192.168.5.1 Bcast:192.168.5.255 Mask:255.255.255.0
inet6 addr: fe80::21f:3cff:fe35:2930/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1400 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:468 (468.0 B)
4 - set the route for network 192.168.5.0/24
Code:
root@kali-Cris:/home/cristian# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.255.1 0.0.0.0 UG 0 0 0 eth0
192.168.5.0 192.168.5.1 255.255.255.0 UG 0 0 0 at0
192.168.5.0 * 255.255.255.0 U 0 0 0 at0
192.168.255.0 * 255.255.255.0 U 0 0 0 eth0
5 - edit the dhcpd.conf
Code:
root@kali-Cris:/home/cristian# cat /etc/dhcpd.conf
subnet 192.168.5.0 netmask 255.255.255.0 {
authoritative;
range 192.168.5.30 192.168.5.60;
default-lease-time 700;
max-lease-time 8000;
option subnet-mask 255.255.255.0;
option routers 192.168.5.1;
option domain-name-servers 8.8.8.8;
option broadcast-address 192.168.5.255;
}
6 - run dhcp service
Code:
root@kali-Cris:/home/cristian# dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid at0
Internet Systems Consortium DHCP Server 4.2.2
Copyright 2004-2011 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Wrote 3 leases to leases file.
Listening on LPF/at0/00:1f:xx:xx:xx:xx/192.168.5.0/24
Sending on LPF/at0/00:1f:xx:xx:xx:xx/192.168.5.0/24
Sending on Socket/fallback/fallback-net
root@kali-Cris:/home/cristian# /etc/init.d/isc-dhcp-server start
[ ok ] Starting ISC DHCP server: dhcpd.
7 - set ip forwarding
Code:
root@kali-Cris:/home/cristian# echo 1 > /proc/sys/net/ipv4/ip_forward
root@kali-Cris:/home/cristian# cat /proc/sys/net/ipv4/ip_forward
1
8 - clean iptables rules
Code:
root@kali-Cris:/home/cristian# iptables --flush
root@kali-Cris:/home/cristian# iptables --table nat --flush
root@kali-Cris:/home/cristian# iptables --delete-chain
root@kali-Cris:/home/cristian# iptables --table nat --delete-chain
9 - Verify the rules
Code:
root@kali-Cris:/home/cristian# iptables-save > /home/cristian/Start.rules
root@kali-Cris:/home/cristian# cat /home/cristian/Start.rules
# Generated by iptables-save v1.4.14 on Tue Dec 10 16:11:40 2013
*nat
:PREROUTING ACCEPT [44:4885]
:INPUT ACCEPT [44:4885]
:OUTPUT ACCEPT [8:474]
:POSTROUTING ACCEPT [8:474]
COMMIT
# Completed on Tue Dec 10 16:11:40 2013
# Generated by iptables-save v1.4.14 on Tue Dec 10 16:11:40 2013
*filter
:INPUT ACCEPT [184:27160]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [67:19370]
COMMIT
# Completed on Tue Dec 10 16:11:40 2013
- 10 set a new rules
Code:
root@kali-Cris:/home/cristian# iptables --append FORWARD --in-interface at0 -j ACCEPT
root@kali-Cris:/home/cristian# iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
root@kali-Cris:/home/cristian# iptables -P FORWARD ACCEPT
root@kali-Cris:/home/cristian# iptables -t nat -A PREROUTING -p udp -j DNAT --to 192.168.255.1
11 - verify
Code:
root@kali-Cris:/home/cristian# iptables-save > /home/cristian/New.rules
root@kali-Cris:/home/cristian# cat /home/cristian/New.rules
# Generated by iptables-save v1.4.14 on Tue Dec 10 16:15:17 2013
*nat
:PREROUTING ACCEPT [5:208]
:INPUT ACCEPT [5:208]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -p udp -j DNAT --to-destination 192.168.255.1
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Tue Dec 10 16:15:17 2013
# Generated by iptables-save v1.4.14 on Tue Dec 10 16:15:17 2013
*filter
:INPUT ACCEPT [21:2049]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [9:392]
-A FORWARD -i at0 -j ACCEPT
COMMIT
# Completed on Tue Dec 10 16:15:17 2013
ok in this situation, i can pinging a public address from victim's pc, on FAKE AP, in internet, but the victim pc's don't resolve the host names.
Test from victim pc's:
Code:
^CMacBook-Pro-di-Cristian:~ Cristian$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=49 time=48.580 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=49 time=77.322 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=49 time=61.213 ms
Request timeout for icmp_seq 3
64 bytes from 8.8.8.8: icmp_seq=4 ttl=49 time=74.385 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=49 time=73.112 ms
64 bytes from 8.8.8.8: icmp_seq=6 ttl=49 time=73.091 ms
64 bytes from 8.8.8.8: icmp_seq=7 ttl=49 time=72.951 ms
64 bytes from 8.8.8.8: icmp_seq=8 ttl=49 time=107.321 ms
64 bytes from 8.8.8.8: icmp_seq=9 ttl=49 time=61.472 ms
64 bytes from 8.8.8.8: icmp_seq=10 ttl=49 time=70.749 ms
64 bytes from 8.8.8.8: icmp_seq=11 ttl=49 time=75.128 ms
64 bytes from 8.8.8.8: icmp_seq=12 ttl=49 time=68.981 ms
Request timeout for icmp_seq 13
--- 8.8.8.8 ping statistics ---
15 packets transmitted, 12 packets received, 20.0% packet loss
round-trip min/avg/max/stddev = 48.580/72.025/107.321/13.169 ms
^CMacBook-Pro-di-Cristian:~ Cristian$ ping google.it
ping: cannot resolve google.it: Unknown host
MacBook-Pro-di-Cristian:~ Cristian$
Thanks
:-D
Cris
