Page 2 of 2 FirstFirst 12
Results 51 to 73 of 73

Thread: Aerial - Multi-mode wireless LAN Based on a Software Access point

  1. #51
    Join Date
    2014-Jun
    Location
    Greece
    Posts
    133
    Quote Originally Posted by Rajnish357 View Post
    How can I limit the clients of my Soft AP to access only Facebook or Gmail ??
    Hi Rajnish357.
    An easy way, at least for me is iptables. Search a little bit how to redirect trafic to a specific IP with iptables.
    Security always begins with personal responsibility. - quietman7

  2. #52
    Join Date
    2014-Jun
    Location
    Greece
    Posts
    133
    Quote Originally Posted by eme101 View Post
    I have tried these three with various results:

    ALFA AWUS036NHA
    ath9k_htc
    Atheros AR9271x


    ALFA AWUS051NH
    rt2800usb
    Ralink RT2770 RT2750


    ALFA AWUS036NHR
    rtl8192cu
    RTL8188RU

    The script says the ralink-card is supported using all options when selecting hostapd. I have got it to wark semi-fine if I run hostapd with 802.11g only.
    Hi eme101.
    The script it's not that accurate about the capabilities of a wireless card because is "reading" the output of iw command. The output of that command claims to support a capability, but in reality it might not be supported.
    Is short, the safest way is to use 802.11g. Then you can try to 802.11n with 20 MHz channel width and if you succeeded with that then you can move to 802.11n 40MHz channel width.
    Try them all, one by one. It all depends on chipset, drivers and hostapd.
    Security always begins with personal responsibility. - quietman7

  3. #53
    Join Date
    2013-May
    Posts
    35
    I have read the whole script you did a **** good work. I haven't used it because I want to select only what I need and refresh my rusty shell. thank you very much

  4. #54
    Join Date
    2014-Nov
    Posts
    15
    Quote Originally Posted by Nick_the_Greek View Post
    Hi Rajnish357.
    An easy way, at least for me is iptables. Search a little bit how to redirect trafic to a specific IP with iptables.


    Thanks alot Nick_the_Greek, for the reply..... but I'm a beginner, can you please give me a sample code or point me to any tutorial please....

  5. #55
    Join Date
    2013-May
    Posts
    35
    I have been playing with the script : I reduced it to my need as I already have Hostapd that run through Dhcp . and everything worked except I2P it was driving me crazy

    it won't run as root I changed the I2p file to allow it still nothing . then I tried to restart it even if it's not running and it worked so in the modified script it's run by restart instead of start .

    it start but I can't get it the http proxy to forward the connection I get on the client http outproxy some error with the web interface of i2p server

    thanks I again for the great work I really enjoyed reading throught it . you got style !

    update: after reading about the i2p I finally got it. the .i2p sites are accessible while the regular one I can access them through https when the proxy is set to https port
    Last edited by bahha; 2014-12-07 at 19:13. Reason: fix

  6. #56
    Join Date
    2014-Dec
    Posts
    2
    I get this error.

    [ info ] Airbase-ng NBPPS (Number of packets per second): 300 pps.
    [ ok ] Stopping network connection manager: NetworkManager.
    [ ok ] Deconfiguring network interfaces...done.
    [ ok ] Configuring network interfaces...done.
    [ ok ] Starting network connection manager: NetworkManager.
    [ ok ] Waiting to connect again to the Internet.
    Aerial.sh: 5825: Aerial.sh: cannot create /etc/squid3/squid.conf: Directory nonexistent
    Aerial.sh: 1: Aerial.sh: squid3: not found
    [ ok ] Starting UDHCPD server for subnet.(conf file: /etc/udhcpd.conf)
    [....] Starting DNSMASQ - DNS Forwarder.(conf file: /root/Aerial/Aerial/dnsmasq.conf)Aerial.sh: 5990: Aerial.sh: /etc/init.d/udhcpd: not found
    [ ok ] Starting DNSMASQ - DNS Forwarder.(conf file: /root/Aerial/Aerial/dnsmasq.conf)

    Your clients now can access the Internet.
    There is no interception, no nothing.
    Aerial is acting as an Access Point.

    Everything seems to start fine but when I connect to AP, it has no internet and is limited/ doesnt get an ip address. From the looks of it, it looks like something with DHCP.

  7. #57
    Join Date
    2013-May
    Posts
    35
    Quote Originally Posted by sluggz View Post
    I get this error.

    [ info ] Airbase-ng NBPPS (Number of packets per second): 300 pps.
    [ ok ] Stopping network connection manager: NetworkManager.
    [ ok ] Deconfiguring network interfaces...done.
    [ ok ] Configuring network interfaces...done.
    [ ok ] Starting network connection manager: NetworkManager.
    [ ok ] Waiting to connect again to the Internet.
    Aerial.sh: 5825: Aerial.sh: cannot create /etc/squid3/squid.conf: Directory nonexistent
    Aerial.sh: 1: Aerial.sh: squid3: not found

    [ ok ] Starting UDHCPD server for subnet.(conf file: /etc/udhcpd.conf)
    [....] Starting DNSMASQ - DNS Forwarder.(conf file: /root/Aerial/Aerial/dnsmasq.conf)Aerial.sh: 5990: Aerial.sh: /etc/init.d/udhcpd: not found
    [ ok ] Starting DNSMASQ - DNS Forwarder.(conf file: /root/Aerial/Aerial/dnsmasq.conf)

    Your clients now can access the Internet.
    There is no interception, no nothing.
    Aerial is acting as an Access Point.

    Everything seems to start fine but when I connect to AP, it has no internet and is limited/ doesnt get an ip address. From the looks of it, it looks like something with DHCP.
    that's where the problem is. your IP tables will redirect the traffic through squid but it's not working, may be it's not installed

  8. #58
    Join Date
    2014-Dec
    Posts
    2
    Quote Originally Posted by bahha View Post
    that's where the problem is. your IP tables will redirect the traffic through squid but it's not working, may be it's not installed
    I fixed that problem and I am no longer getting any errors that I can see. I connect to the wifi but it never leases me an IP Address...

  9. #59
    Join Date
    2013-May
    Posts
    35
    Quote Originally Posted by sluggz View Post
    I fixed that problem and I am no longer getting any errors that I can see. I connect to the wifi but it never leases me an IP Address...
    then your dhcp server is not functioning, I personally modified the script to use dhcpd instead of the supplied one

  10. #60
    Join Date
    2014-Dec
    Posts
    1
    Quote Originally Posted by sluggz View Post
    I get this error.

    [ info ] Airbase-ng NBPPS (Number of packets per second): 300 pps.
    [ ok ] Stopping network connection manager: NetworkManager.
    [ ok ] Deconfiguring network interfaces...done.
    [ ok ] Configuring network interfaces...done.
    [ ok ] Starting network connection manager: NetworkManager.
    [ ok ] Waiting to connect again to the Internet.
    Aerial.sh: 5825: Aerial.sh: cannot create /etc/squid3/squid.conf: Directory nonexistent
    Aerial.sh: 1: Aerial.sh: squid3: not found
    [ ok ] Starting UDHCPD server for subnet.(conf file: /etc/udhcpd.conf)
    [....] Starting DNSMASQ - DNS Forwarder.(conf file: /root/Aerial/Aerial/dnsmasq.conf)Aerial.sh: 5990: Aerial.sh: /etc/init.d/udhcpd: not found
    [ ok ] Starting DNSMASQ - DNS Forwarder.(conf file: /root/Aerial/Aerial/dnsmasq.conf)

    Your clients now can access the Internet.
    There is no interception, no nothing.
    Aerial is acting as an Access Point.

    Everything seems to start fine but when I connect to AP, it has no internet and is limited/ doesnt get an ip address. From the looks of it, it looks like something with DHCP.
    I'm also having the issue w/ limited internet access. Everything starts fine, however when connecting w/ a victim machine my AP has "limited access" and can't connect to the web. Any ideas?

  11. #61
    Join Date
    2014-Nov
    Posts
    15

    Unhappy How to Aerial over proxy ??

    On my internet network i must use local proxy server 172.16.8.2:8080 as proxy setting in browers and applications to connect to internet but i'm unable to find how can i apply these settings to Aerial and make it work over Proxy ?

    Please help someone...
    Kali-Linux 1.1.0a 32Bit (VM)
    kali-linux 2.0-amd64
    Lenovo Y510p
    RAM 8GB
    HDD 1TB
    GRAPHICS 2GB NVIDIA GT755M && 1GB Intel Integrated

  12. #62
    Join Date
    2013-Mar
    Location
    milano
    Posts
    301
    hi dear nick:-)
    Now that everything is back to normal (in my real life .... && my 2 cars have returned home ...) .. I started playing with your wonderful script !!!
    I made a little video with the use of the number 9 options (wouhhh)

    https://vimeo.com/117293271

    PS: sorry for low-quality ... i'm not much ""abile"" with the screen-recorders !!!

    AS always very, very thanks Again !!!

  13. #63
    Join Date
    2013-Jul
    Posts
    841
    To Nick The Greek

    Reference the negative one issue with airbase-ng. It has not affected airbase-ng performance with Pwnstar - however we coded around it in the script by putting the wifi device supporting airbase-ng in mode monitor:

    ifconfig wlan0 down # device used by airbase-ng
    iwconfig wlan0 mode monitor
    ifconfig wlan0 up

    This keeps network-manager from trying to use the device used by airbase-ng and kills the negative-one issue.

    MTeams
    Last edited by mmusket33; 2015-01-21 at 02:22.

  14. #64
    Join Date
    2013-Mar
    Posts
    3
    thanks so much for your amazing tool Nick the Greek !
    It works perfectly for me with the option 9 as said Zimmaro!

    This is a really great script!
    Thanks!

  15. #65
    Join Date
    2013-Jul
    Posts
    841
    Aerial.sh is truely the Mona Lisa of bash and phishing programs. But like Mona Lisa it has one small flaw that can ground all your phishing plans to a halt. It doesnot allow you to put spaces in the ESSID name. Thus if your targets' name is:

    Home Wifi

    you cannot emulate it. The reason is in the sophistication of the programming itself and comes down to two(2) parenthasis but that is another story. Here is a simple method to patch your Aerial to allow ESSID names with spaces and unlock the programs full potential.

    1. Install aerial.sh using the stock program. Get all your files downloaded and installed.

    2. Once installed test the stock program using airbase-ng and setup menu item one(1):

    Simple WLAN (Clients can access Internet)

    3. Test here means use a second computer and actually access the internet thru the aerial WLAN.

    One warning. If you are using two(2) wifi devices, the wifi device providing internet access must be connected to a router while the device supporting the rogueAP must be disonnected from any such association. The program during setup constantly resets Network-manager. The device supporting the rogue may keep trying to associate to another router. To function as an AP this device must be disconnected from any association to other devices so keep checking the network-manager appelet during the setup to insure the wifi device supporting airbase-ng is disconnected. During these Network-manager restarts, give the program time to let the wifi device providing internet access to reassociate to the AP.

    4. Once everything is up and running and you are familiar with the program and how it functions you can patch it.

    Make a copy of Aerial.sh and only work on the copy. You can rename it another name like Aerialpatched.sh and run it just the same as the stock version. If you make a mistake delete, make another copy and start again. Go here for the patch. It is just a list of 4 command lines in text format that you need to add or change:

    Once changed airbase-ng will allow ESSID names with spaces.

    The patching steps are detailed, simply download the text file and follow the instructions

    http://www.datafilehost.com/d/49357f28

    Musket Teams
    Last edited by mmusket33; 2015-01-25 at 09:01.

  16. #66
    Join Date
    2015-Feb
    Posts
    1
    Hi,
    I would like yo ask you somethings about the certificates.
    I see the folder where the files are also the readme.
    But how to install them? just doubble click them and import?
    or should i open them in the terminal?

  17. #67
    Join Date
    2015-Feb
    Posts
    2
    Hi Nick,


    After installing the Aerial.sh (although i wasnt able to do the patching of Hostapd since I havent figured out the following on how to issue
    sed 's%#CONFIG_DRIVER_HOSTAP=y%CONFIG_DRIVER_HOSTAP=y% g' $HOME_DIR/hostap/hostapd/defconfig > $HOME_DIR/hostap/hostapd/defconfig1 && mv $HOME_DIR/hostap/hostapd/defconfig1 $HOME_DIR/hostap/hostapd/defconfig
    sed 's%#CONFIG_DRIVER_NL80211=y%CONFIG_DRIVER_NL80211= y%g' $HOME_DIR/hostap/hostapd/defconfig > $HOME_DIR/hostap/hostapd/defconfig1 && mv $HOME_DIR/hostap/hostapd/defconfig1 $HOME_DIR/hostap/hostapd/defconfig
    sed 's%#CONFIG_LIBNL32=y%CONFIG_LIBNL32=y%g' $HOME_DIR/hostap/hostapd/defconfig > $HOME_DIR/hostap/hostapd/defconfig1 && mv $HOME_DIR/hostap/hostapd/defconfig1 $HOME_DIR/hostap/hostapd/defconfig
    sed 's%#CONFIG_IEEE80211N=y%CONFIG_IEEE80211N=y%g' $HOME_DIR/hostap/hostapd/defconfig > $HOME_DIR/hostap/hostapd/defconfig1 && mv $HOME_DIR/hostap/hostapd/defconfig1 $HOME_DIR/hostap/hostapd/defconfig
    sed 's%#CONFIG_IEEE80211AC=y%CONFIG_IEEE80211AC=y%g' $HOME_DIR/hostap/hostapd/defconfig > $HOME_DIR/hostap/hostapd/defconfig1 && mv $HOME_DIR/hostap/hostapd/defconfig1 $HOME_DIR/hostap/hostapd/defconfig
    sed 's%#CONFIG_ACS=y%CONFIG_ACS=y%g' $HOME_DIR/hostap/hostapd/defconfig > $HOME_DIR/hostap/hostapd/defconfig1 && mv $HOME_DIR/hostap/hostapd/defconfig1 $HOME_DIR/hostap/hostapd/defconfig
    sed 's%#CONFIG_TLS=openssl%CONFIG_TLS=openssl%g' $HOME_DIR/hostap/hostapd/defconfig > $HOME_DIR/hostap/hostapd/defconfig1 && mv $HOME_DIR/hostap/hostapd/defconfig1 $HOME_DIR/hostap/hostapd/defconfig
    sed 's%#CONFIG_WPS=y%CONFIG_WPS=y%g' $HOME_DIR/hostap/hostapd/defconfig > $HOME_DIR/hostap/hostapd/defconfig1 && mv $HOME_DIR/hostap/hostapd/defconfig1 $HOME_DIR/hostap/hostapd/defconfig
    sed 's%#CONFIG_WPS_UPNP=y%CONFIG_WPS_UPNP=y%g' $HOME_DIR/hostap/hostapd/defconfig > $HOME_DIR/hostap/hostapd/defconfig1 && mv $HOME_DIR/hostap/hostapd/defconfig1 $HOME_DIR/hostap/hostapd/defconfig

    ....

    everytime I start Aerial.sh and choose option 11 (https://vimeo.com/114373690) to following this video. The Mitmproxy log windows closes. Cant seem to follow the above video.

    Also, in the video, it states that user request (google.de) will be redirected to IP/index.htm then to mitm.it. Can you further illustrate on how to do these?

  18. #68
    Join Date
    2013-Jul
    Posts
    33
    Script won't successfully run.. any ideas? I do have the v3.18-rc1 backport installed to fix the negative one issue, not sure if that conflicts with Aerial somehow.

    Code:
    Most probably network manager automatically connects you again to the Internet
    using the wireless NIC with the strongest signal or sometimes gets confused and
    is using all your wireless NIC's to connect to (if you have more then one)
    Please check the following and if you see STATE connected on more then one
    wireless NIC then please disconnect manually then one that you don't want,
    leave only one connected to Internet and press Enter
    DEVICE     TYPE              STATE        
    eth0       802-3-ethernet    connected    
    wlan0      802-11-wireless   disconnected 
    wlan1      802-11-wireless   disconnected 
    Press ENTER to continue...
    Code:
    Nope!
    You CAN'T continue. You are connected to Internet with more than one
    wireless NIC. Sorry. Exit...

  19. #69
    Join Date
    2014-Oct
    Posts
    44
    anyone tested Aerial with tp-link wn722?

    https://wikidevi.com/wiki/TP-LINK_TL-WN722N

  20. #70
    Join Date
    2015-Apr
    Posts
    2
    Hi nick,

    Everytime i run Aerial.sh, i get this

    D e p e n d e n c i e s :
    [ updated ] apt-get list.
    [ found ] UDHCPD: Very small Busybox based DHCP server.
    [ found ] Aircrack-ng: Wireless WEP/WPA cracking utilities.
    [ found ] Proxychains: Redirect connections through proxy servers.
    [ found ] Proxyresolv: DNS resolving.
    [ found ] ImageMagick's Mogrify: Image manipulation programs.
    [ found ] jp2a: Converts jpg images to ASCII.
    [ found ] Ghostscript: Interpreter for the PostScript language and for PDF.
    [ found ] Apache2: HTTP Server.
    [ found ] DNSmasq: A small caching DNS proxy and DHCP/TFTP server.
    [ found ] Haveged: Linux entropy source using the HAVEGE algorithm.
    [ found ] Squid3 v3.1.20: Full featured Web Proxy cache (HTTP proxy) without SSL support.
    [ found ] Sarg: Squid Analysis Report Generator.
    [ found ] TOR (The Onion Router): A connection-based low-latency anonymous communication system.
    [ found ] ARM (The Anonymizing Relay Monitor): Terminal status monitor for TOR.
    [ ok ] Adding i2P's repository to APT's /etc/apt/sources.list file.
    [ ok ] Installing the keys to sign the repository and add it to apt.
    [ ok ] Updating Repositories.
    [ ok ] Installing I2P (The Invisible Internet Project).
    [ ok ] Removing I2P's repository from APT's /etc/apt/sources.list file.
    [ ok ] Updating Repositories.
    [....] Modifying i2prouter to run as root.sed: can't read /usr/bin/i2prouter: No such file or directory
    chmod: cannot access `/usr/bin/i2prouter': No such file or directory
    [ ok ] Modifying i2prouter to run as root.
    [ ok ] Do not start I2P on Start Up.

    [ found ] Sslstrip version 0.9 :SSL/TLS man-in-the-middle attack tool.
    [ found ] SSLsplit version 0.4.8: Transparent and scalable SSL/TLS interception
    [ found ] Mitmproxy: SSL-capable man-in-the-middle HTTP proxy.
    [ found ] HoneyProxy: HTTP(S) Traffic investigation and analysis.
    [ found ] Installation package Airchat v2.1a: Wireless Fun.
    [ found ] Installation packages Squid3-(i386-amd64) v.3.3.8 with SSL support.

    B a c k U p F i l e s :

    [....] Making a backup copy of current IPTABLES to /root/Aerial/backup//root/Aerial/Aerial.sh: 1255: /root/Aerial/Aerial.sh: cannot create /root/Aerial/backup/iptables.original: Directory nonexistent
    [ ok ] Making a backup copy of current IPTABLES to /root/Aerial/backup/
    [....] Making a backup copy of Sarg's configuration file to /root/Aerial/backupcp: cannot create regular file `/root/Aerial/backup/sarg.conf': No such file or directory
    [ ok ] Making a backup copy of Sarg's configuration file to /root/Aerial/backup
    [....] Making a backup copy of Squid3's configuration file to /root/Aerial/backupcp: cannot create regular file `/root/Aerial/backup/squid.conf': No such file or directory
    [ ok ] Making a backup copy of Squid3's configuration file to /root/Aerial/backup
    [....] Making a backup copy of proxychains.conf configuration file to /root/Aerial/backupcp: cannot create regular file `/root/Aerial/backup/proxychains.conf': No such file or directory
    [ ok ] Making a backup copy of proxychains.conf configuration file to /root/Aerial/backup
    [....] Making a backup copy of proxyresolv file to /root/Aerial/backupcp: cannot create regular file `/root/Aerial/backup/proxyresolv': No such file or directory
    [ ok ] Making a backup copy of proxyresolv file to /root/Aerial/backup
    [....] Making a backup copy of Apache2's httpd configuration file to /root/Aerial/backupcp: cannot create regular file `/root/Aerial/backup/apache2.conf': No such file or directory
    [ ok ] Making a backup copy of Apache2's httpd configuration file to /root/Aerial/backup
    mkdir: cannot create directory `/root/Aerial/backup/www': No such file or directory
    [....] Making a backup copy of /var/www/ folder to /root/Aerial/backup/www/cp: cannot stat `/var/www/*': No such file or directory
    [ ok ] Making a backup copy of /var/www/ folder to /root/Aerial/backup/www/
    [....] Cleaning up /var/www/ folderrm: cannot remove `/var/www/*': No such file or directory
    [ ok ] Cleaning up /var/www/ folder
    [....] Making a backup copy of UDHCPD configuration file to /root/Aerial/backupcp: cannot create regular file `/root/Aerial//backup/udhcpd.conf': No such file or directory
    [ ok ] Making a backup copy of UDHCPD configuration file to /root/Aerial/backup
    [....] Making a backup copy of TOR's configuration file (torrc) to /root/Aerial/backupcp: cannot create regular file `/root/Aerial/backup/torrc': No such file or directory
    [ ok ] Making a backup copy of TOR's configuration file (torrc) to /root/Aerial/backup
    [....] Making a backup copy of I2P's files (i2ptunnel.config, i2prouter) to /root/Aerial/backupcp: cannot stat `/usr/share/i2p/i2ptunnel.config': No such file or directory
    cp: cannot stat `/usr/bin/i2prouter': No such file or directory
    [ ok ] Making a backup copy of I2P's files (i2ptunnel.config, i2prouter) to /root/Aerial/backup
    [....] Making a backup copy of /etc/network/interfaces to /root/Aerial/backupcp: cannot create regular file `/root/Aerial/backup/interfaces': No such file or directory
    [ ok ] Making a backup copy of /etc/network/interfaces to /root/Aerial/backup
    [....] Making a backup copy of /etc/default/crda to /root/Aerial/backupcp: cannot create regular file `/root/Aerial/backup/crda': No such file or directory
    [ ok ] Making a backup copy of /etc/default/crda to /root/Aerial/backup
    Sarg is not modified yet. Please run this script again and when asked to customize, answer (1). - Stop
    cp: cannot stat `/root/Aerial/backup/sarg.conf': No such file or directory

    Please help me. Thanks

  21. #71
    Join Date
    2013-Mar
    Posts
    95
    Just a thought, any chance of incorporating a captive portal style to the simple no(1) in the script. Direct all traffic to one page(apache maybe) guess an accept the conditions of use page maybe :-) . Have been slightly altering the script with little success so far. Any pointers in the right direction or impossible, hopefully not. id like to see this in the script. Thanks

  22. #72
    Join Date
    2015-Jul
    Posts
    1
    Can this be used with a single wireless adapter connected to the internet?

  23. #73
    Join Date
    2015-Oct
    Posts
    1
    Hello!
    I'm trying this scirpt, it installs well, and i'm choosing 10'th attack. It starts hostapd AP but i'm not getting IP for client. Could this be somehow resolved via dnsmasq?
    Thanks!

Similar Threads

  1. fake access point clients can not access internet
    By --JayJay-- in forum General Archive
    Replies: 1
    Last Post: 2016-03-25, 14:02
  2. Cracking a WPA/WPA2 wireless Access Point
    By MrShingles in forum How-To Archive
    Replies: 26
    Last Post: 2015-06-02, 20:44
  3. A Reaver Based Multi-Target Pin Harvesting Program
    By mmusket33 in forum How-To Archive
    Replies: 10
    Last Post: 2014-10-29, 02:15
  4. Rogue Access Point with 2 Wireless Cards
    By m4rshall in forum General Archive
    Replies: 2
    Last Post: 2014-07-01, 07:12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •