Wireless to wired soft AP Creation using airbase-ng[TUT]
Airbase-ng is a very powerful tool in the aircrack-ng suite, I'll be using it today to show you how you can use this tool to:
For this tutorial I'll be using Backtrack 5.
You'll also need two network cards, I'll be using the alfa awus036h and my laptops on board nic plugged into my router.
Alright! Lets get started! First things first, we need to get our network cards ready for the attack.
First the Wired interface:
Run a cable from your ethernet port to your router so that eth0 has internet connection. It should automatically connect but you can always use Wicd network manager to verify.
Now your wireless interface:
Open up your terminal and bring your interface into monitor mode, I'll be using my alfa card for this which is on wlan1:
Now that our network cards are ready, its time to make our software access point. I like to pick something that people will want to connect to:
You should see that the access point has started and created a tap interface (at0). So note that we now have an open authentication access point created through software that anyone can connect to with the name "FREE-WIFI", however there is not internet access and clients cannot connect to internet, they'll receive a DHCP error.
To fix that, we're going to create a bridge between our tap interface and our laptops wired interface (at0 and eth0 respectively.) Do that by issuing the following commands:
Now that everything is configured we'll assign an IP Address to our bridge to ping the gateway and test that everything works.
Now if your ping requests are going through everything worked and you have a wireless to wired soft access point with full internet capability! All that's left now is to enable ipv4 forwarding in the kernel.
Once a client connects to you, you'll see it on the terminal still running airbase-ng. From here you can open up wireshark and start sniffing on the at0 interface. This is like a router sniffing its own packets, so we can see everything from here!
Now that everything is configured We're ready to get ready for an attack. Remember that not only are we now the man in the middle since all of the traffic is going through our machine, but we can also launch an attack as one machine on a lan to another. There's many things that we can do from here such as metasploit, session hijacking, and webpage redirection to name a few. I won't be going into depth on any of the actual attacks at this time because the possibilities are virtually endless, but there are many great tutorials around CHF, so see what you can come up with from here!
- create a full access point
- bridge your software access point with your wired internet connection so that connected clients will have full internet access
- set yourself up to orchestrate a man in the middle attack
I won't go fully into detail on everything airbase-ng can do, but I urge you to do so yourself at the aircrack-ng website
For this tutorial I'll be using Backtrack 5.
You'll also need two network cards, I'll be using the alfa awus036h and my laptops on board nic plugged into my router.
Alright! Lets get started! First things first, we need to get our network cards ready for the attack.
First the Wired interface:
Run a cable from your ethernet port to your router so that eth0 has internet connection. It should automatically connect but you can always use Wicd network manager to verify.
Now your wireless interface:
Open up your terminal and bring your interface into monitor mode, I'll be using my alfa card for this which is on wlan1:
Code:
airmon-ng start wlan1Now that our network cards are ready, its time to make our software access point. I like to pick something that people will want to connect to:
Code:
airbase-ng --essid FREE-WIFI -c 6 mon0You should see that the access point has started and created a tap interface (at0). So note that we now have an open authentication access point created through software that anyone can connect to with the name "FREE-WIFI", however there is not internet access and clients cannot connect to internet, they'll receive a DHCP error.
To fix that, we're going to create a bridge between our tap interface and our laptops wired interface (at0 and eth0 respectively.) Do that by issuing the following commands:
Code:
brctl addbr FREE-WIFI-bridge
brctl addif FREE-WIFI-bridge eth0
brctl addif FREE-WIFI-bridge at0
ifconfig eth0 0.0.0.0 up
ifconfig at0 0.0.0.0 upNow that everything is configured we'll assign an IP Address to our bridge to ping the gateway and test that everything works.
Code:
ifconfig FREE-WIFI-bridge 192.168.0.123 up
ping 192.168.0.1Now if your ping requests are going through everything worked and you have a wireless to wired soft access point with full internet capability! All that's left now is to enable ipv4 forwarding in the kernel.
Code:
echo 1 > /proc/sys/net/ipv4/ip_forwardOnce a client connects to you, you'll see it on the terminal still running airbase-ng. From here you can open up wireshark and start sniffing on the at0 interface. This is like a router sniffing its own packets, so we can see everything from here!
Now that everything is configured We're ready to get ready for an attack. Remember that not only are we now the man in the middle since all of the traffic is going through our machine, but we can also launch an attack as one machine on a lan to another. There's many things that we can do from here such as metasploit, session hijacking, and webpage redirection to name a few. I won't be going into depth on any of the actual attacks at this time because the possibilities are virtually endless, but there are many great tutorials around CHF, so see what you can come up with from here!
1 comment:
QUANTUM BINARY SIGNALS
Get professional trading signals delivered to your mobile phone daily.
Follow our trades right now and make up to 270% daily.
Post a Comment