Beruflich Dokumente
Kultur Dokumente
Tutorial
Prerequisites
1. Kali Linux
2. Prior experience with
wireless hacking
You will also need to install a tool
(bridge utils) which doesn't come
pre-installed in Kali. No big dealapt-get install bridge-utils
Objectives
The whole process can be broken
down into the following steps1. Finding out about the access
point (AP) you want to
imitate, and then actually
imitating it (i.e. creating
another access point with
the same SSID and
everything). We'll use
airmon-ng for finding
necessary info about the
network, and airbase-ng to
create it's twin.
2. Forcing the client to
disconnect from the real AP
and connecting to yours.
We'll use aireplay-ng to
deauthenticate the client,
and strong signal strength to
make it connect to our
network.
3. Making sure the client
doesn't notice that he
connected to a fake AP. That
converted by Web2PDFConvert.com
Information
Gathering - airmonng
To see available wireless
interfacesiwconfig
Interfaces
x0 - This has internet
access
at0 - This is create by
airbase-ng (wired face
of the wireless access
point). If you can
somehow give internet
access to at0, then the
clients connected to
your fake wireless
network can connect to
the net.
evil - This is an
interface that we will
create, whose job will
be to actually bridge
the networks.
Creating evil
We will use Bridge control utility
provided by Kali, brctl. Execute
the following codebrctl addbr evil
ifconfig evil up
Have fun
Now that the client is using the
internet via our evil interface, we
can do some evil stuff. This
actually comes under a Man In
The Middle attack (MITM), and I'll
write a detailed tutorial for it later.
However, for the time being, I will
give you some idea what you can
do.
33 comments:
Anonymous
July 16, 2014 at 2:04 AM
Hi,
thanks for this great
Tutorial :)
Although it's easy to
understand, I have some
problems with it:
When I want to create the
Fake-Network using
"airbase-ng -A -ESSID -c "
I get the message, that ESSID is an invalid
argument. When I use "-essid" instead, I get
"ioctl(SIOCGIFINDEX)
failed: no such device".
I found out, that I'm only
allowed to use a monitor
of airmon-ng, but I
thought, that's not what
we want to imitate
another
one's
AP,
especially access point's
MAC.
Next Problem: Even when
I use the mon created
with airmon-ng (e.g. after
Spoong my own MAC
with ifcong) the program
begins to send beacons to
a apparantly random
Client and won't stop that
until I tipe Ctrl+C, so I'm
not able to continue with
the next step.
What am I doing wrong?
Reply
Replies
Anonymous
converted by Web2PDFConvert.com
I have the same problem as the rst guy who commented but when I
try airbase-ng -a -essid mon0 i get this:
root@kali:~# airbase-ng -a -essid ryanmatt mon0
Invalid AP MAC address.
"airbase-ng --help" for help.
But if I try to put the bssid after the -a then i get this:
root@kali:~# airbase-ng -a 00:26:F3:35:4D:31 -essid ryanmatt mon0
"airbase-ng --help" for help.
SHASHWAT CHAUDHARY
Anonymous
July 20, 2014 at 3:17 PM
I really appreciate the time
that went into this. As a
beginner, this has been
hugely helpful. Thanks!
Reply
Replies
SHASHWAT CHAUDHARY
Anonymous
July 27, 2014 at 8:57 AM
Can we hack his wi using
evil twin method.....
Reply
Replies
SHASHWAT CHAUDHARY
We can, but it's kinda tricky. I will write on it after some time.
converted by Web2PDFConvert.com
RAVI RAM
July 27, 2014 at 12:51 PM
hey sashwat nally you
are able to run adsense
ads
on
your
blog...congrats.
Reply
MATTHEW BARNARD
July 28, 2014 at 4:50 PM
Sorry, actually .07mb/sec
upload speed.
Reply
MATTHEW BARNARD
July 29, 2014 at 5:45 PM
This comment has been
removed by the author.
Reply
SHASHWAT
CHAUDHARY
July 29, 2014 at 10:21 PM
I will into those captcha
related sources that
you've listed. Also, I've
sent you a mail.
Reply
CHROMIUMPT
February 18, 2015 at 9:40 AM
Hi, i get the following
error:
root@user:~# airbase-ng -essid Helder mon0
1 7 : 3 6 : 2 6 Created tap
interface at0
17:36:26 Trying to set MTU
on at0 to 1500
17:36:26 Trying to set MTU
on mon0 to 1800
17:36:26 Access Point with
BSSID 00:22:FB:88:A1:E8
started.
Error: Got channel -1,
expected a value > 0.
Reply
Replies
SHASHWAT CHAUDHARY
February 18, 2015 at 8:46 PM
Try this
airbase-ng --essid Helder mon0 --ignore-negative-one
CHROMIUMPT
ty for the fast reply, unfortunately that didn't work. i got this error:
root@user:~# airbase-ng --essid Helder mon0 --ignore-negative-one
airbase-ng: unrecognized option '--ignore-negative-one'
"airbase-ng --help" for help.
SHASHWAT CHAUDHARY
February 19, 2015 at 9:17 PM
My bad. --ignore-negative-one is not present in airbase-ng. The
solution is a bit longer here.
1) airmon-ng check kill - Kill the processes.
2) If you are running monitor mode on wlan0, then turn down that
interface using iwcong wlan0 down (after turning on the monitor
mode on wlan0)
CHROMIUMPT
CHROMIUMPT
SHASHWAT CHAUDHARY
February 20, 2015 at 9:49 PM
root@user:# /etc/init.d/networking start
converted by Web2PDFConvert.com
TEST TZTZ
Dear Shashwat,
I have the same problem as Chromiupt and I have tried to follow your
instructions but there is still problems for me...
Indeed, everything works well when NetworkManager is stopped but I
will need it after in order to give internet access to the client.
It seems that as soon as I start NetworkManager, mon0 is not
assigned anymore to any channel (I check with iwlist mon0 channel) so
the "channel -1" error appears. Doing "airmon-ng start wlan0 6" (6 the
channel I want mon0 to be assigned), assigned mon0 only if
NetworkManager is OFF. For Example, I tried to turn NetworkManager
o, assign mon0 (it works) then turn on NetworkManager on, and
then mon0 was not assigned anymore.
I saw that someone else had the same problem (Astenon at
http://null-byte.wonderhowto.com/how-to/hack-wi-fi-creating-eviltwin-wireless-access-point-eavesdrop-data-0147919/) but could not
solve it either.
Is there any solution ? Will I have to give internet by ethernet ?
Thanks a lot for your answer,
Robert
IINQ
March 7, 2015 at 11:37 AM
Can somebody help me
please?
cant
bridge
interfaces...
my
Anonymous
I'm having the same issue, but with wlan1, which is connected to the
Internet. Apparently bridging is not possible with some wireless cards:
http://www.reddit.com/r/linux/comments/o3ub0/brctl_equivalent_for
_wlan0/c3e54tz
Anonymous
April 25, 2015 at 11:27 PM
wouldn't it be better to
give evil internet access
before sending the death
packet?
Reply
Anonymous
July 24, 2015 at 12:57 PM
After sending the deauth
command my tablet gets
disconnected from my
router and tries to
connect to the evil twin
but it never will. I just
keeps scanning over and
over. If I choose the
connection manually it
trys to authenticate but
never does it just shows
the network as saved or
turned o. Any ideas what
to do about this?
Reply
Replies
Anonymous
converted by Web2PDFConvert.com
Anonymous
July 27, 2015 at 2:41 AM
I am setting the evil bridge
between eth0 and at0
interface.
I
have
successfully established a
connection with a device
after deauthing it. But
after [dhclient evil &]
command i am not able to
connect to internet.
PS: ifcong shows eth0
connected to router with
ip 192.168.1.5
ato is at ip 172.168.1.0
Please help.
Reply
FILOGASBA
August 26, 2015 at 1:26 AM
"iwcong wlan0 txpower
30", but at default how
high it is set?
If I set a value, at a reboot
the value return at
default?
Reply
UNKNOWN
September 14, 2015 at 3:39
PM
So Can I Obtain The Wi's
Router Password Using
This Method?
Reply
UNKNOWN
October 21, 2015 at 1:19 AM
what ip address should we
assign here after creating
the bridge? Should i type
"ifcong at 0.0.0.0 up" and
"ifcong eth0 0.0.0.0 up"?
once i created the bridge i
can no longer get out to
the internet
Reply
Anonymous
October 25, 2015 at 11:35 PM
converted by Web2PDFConvert.com
converted by Web2PDFConvert.com
Comment as:
Select profile...
Publish
Preview
Kali Tutorials
3,804 likes
Like Page
Use App
SPONSORED
converted by Web2PDFConvert.com
POPULAR POSTS
Tutorial on Hacking
With Kali Linux
Hacking With Kali Linux Why Kali
Linux? With Kali Linux, hacking
becomes much easier since you have all the
tools (more than 300 pre...
Denial Of Service
Attacks : Explained for
Beginners and Dummies
Just like most other things
associated with hacking, a denial of service
attack is not everyone's cup of tea. It,
however, can be unders...
AUTHOR
Shashwat Chaudhary
google.com/+ShashwatChaudhary1
1st year CSE @ IIIT Delhi
Follow
569 followers
converted by Web2PDFConvert.com
converted by Web2PDFConvert.com