Freelancer developper and Hacker

Back|Track – Fake WIFI AP

Hi guy’s i’m gonna show you how to create an Fake AP

airssl.sh creates a fake access point using Airbase-ng and uses sslstrip to bypass ssl encryption, it also offers the user the choice to use Driftnet to capture images.

Requirements

  • BackTrack
  • At least 1 Wireless Network Interface Card (2 Wireless Network Interface Card if you’re connected to internet over wireless for example wlan0 [connection to internet] wlan1 [broadcast the fake network])
  • A little bit of knowledge in network and BackTrack

So let’s get to work

  1. download this script as airssl.sh (save in the desktop for easer access!)
  2. Open the konsole
  3. Open the following commands
  4. chmod 775 /root/airssl.sh
    /root/airssl.sh

  5. Now you should see something like this…
  6. AIRSSL 2.0 - Credits killadaninja & G60Jon

    0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0

    Enter the networks gateway IP address, this should be listed above. For example 192.168.0.1:

    As you can see i’m connected to the internet throw wlan0 and my gateway is 192.168.1.1

  7. Now input your gateway
  8. Now input the interface you will use to create the Fake access point… in my case it will be wlan1 since i’m connected to the internet throw wlan0 and you can create a fake access point using eth0 or other interface (you can open a new konsole and type airmon-ng to see the interfaces avaible on your computer)
  9. Now choose the name of your access point
  10. Now you should see this…

    Airbase-ng will run in its most basic mode, would you like to configure any extra switches?

    Choose Y to see airbase-ng help and add switches.
    Choose N to run airbase-ng in basic mode with your choosen ESSID.
    Choose A to run airbase-ng in respond to all probes mode (in this mode your choosen ESSID is not used, but instead airbase-ng responds to all incoming probes), providing victims have auto connect feature on in their wireless settings (MOST DO), airbase-ng will imitate said saved networks and victim will connect to us, likely unknowingly. PLEASE USE THIS OPTION RESPONSIBLY.
    Y, N or A

  11. I will use option N but option A is also a good option
  12. Ettercap will run in its most basic mode, would you like to configure any extra switches for example to load plugins or filters, (advanced users only), if you are unsure choose N
    Y or N

  13. Now i advise you to use N but if you are a expert you can use Y
  14. Would you also like to start driftnet to capture the victims images, (this may make the network a little slower),
    Y or N

    Now i will use N i never used Y then i don’t know how that works…

  15. Now only check the window called “SSLStrip-Log” for the logins or check the file sslstrip.log
  16. When you’re done press Y in the konsole

Too confuse? Here is the video

About these ads

51 responses

  1. Acutev6

    Nice tut.. :) Keep it up!

    March 14, 2011 at 7:23 pm

  2. Hitman.pt

    Thanks… I will post more tuts soon as possible

    March 19, 2011 at 12:10 am

  3. Axlr8

    nice one, keep it up

    April 21, 2011 at 11:43 am

  4. defaz0r

    Any chances of me getting in the team?

    May 6, 2011 at 7:33 am

  5. Hitman.pt

    IDK how good are your skills?

    May 6, 2011 at 1:46 pm

    • Crayon

      Im having an issue running in in BT5,
      “xterm: Can’t execvp dhcpd3: No such file or directory”

      if you could help me out on that

      March 18, 2012 at 7:31 pm

  6. kenneth

    hi i would like to know can view other computers wifi password

    May 28, 2011 at 7:57 am

    • I’m not getting the question :S

      May 28, 2011 at 9:25 pm

  7. kenneth chua

    hi i cant use airssl.sh

    May 29, 2011 at 3:20 am

    • Did you use the chmod 777 to the file?
      try put it in your desktop and open a console and type
      ./airssl.sh
      You can’t use any destribution of Linux to do this… You must use BackTrack 4 or 5

      May 29, 2011 at 10:41 am

  8. Oxg

    Respect dude!

    June 9, 2011 at 1:25 pm

  9. My Fake AP start perfectly but i’m trying to connect. Get unable to connect message. How can i fix this issue ?

    June 25, 2011 at 6:19 pm

    • Trying to connect? To the wireless network? If the problem is connecting to the wireless network tell me the options you used… That will help me understand what’s wrong

      June 28, 2011 at 10:24 am

  10. julian

    dosent run in BT 5: “Unknow user dhcpd”. Run with root privileges.

    July 11, 2011 at 3:25 pm

    • About BT 5 i didn’t tested the script yet… so i don’t know if it’s working…

      July 11, 2011 at 8:11 pm

  11. kenneth chua

    please make a bt5 copy of it sir because i am in need of it thanks

    mailto:kencyk99@gmail.com

    August 19, 2011 at 10:33 am

  12. kenneth chua

    version bt5 kde sir hop you can help

    August 23, 2011 at 12:08 pm

  13. Theju

    I guys,

    Got the same error on my windows machine that try to connect ton my fake AP.
    Connect is OK on my 2 androids phones.

    Any ideas ?

    Theju

    August 26, 2011 at 2:02 pm

    • Are you using backtrack 4 or 5?

      September 3, 2011 at 4:00 pm

  14. mighty

    works great on bt5…kde 32 live cd…belkin wireless nic with atheros internal nic broadcasting ap…was able to get my yahoo password but couldnt surf the net…never reconfig’d dhcp file…need help on it

    September 6, 2011 at 3:20 am

    • I’m reviewing the source code… But when I’ve wrote the script I had the same problem… But now I have other problem… my backtrack machine broke down… so what i though that would take a few days or weeks can take months… but what’s up with dhcp file?

      September 6, 2011 at 1:22 pm

  15. mighty

    jus thought it needed to be configured to match ap settings…been browsing the net and read sumthing about it

    September 6, 2011 at 8:34 pm

    • I think the script does the job… So you don’t need to change anything in the dhcp file

      September 7, 2011 at 10:13 am

  16. n00bsaibot

    RUNNING THIS ON BACKTRACK 5 R1
    figured it out. the script itself if fine, it’s certain programs/scripts that it calls are either missing or improperly configured
    errors I got :
    sslstrip unknown command
    dhcpd3 unknown command
    ettercap unknown command

    solutions:
    sslstrip – it is present, but not installed properly. do the following
    cd /pentest/web/sslstrip
    python setup.py install

    dhcpd3 – not present/installed. while connected to the internet, run the following commands
    apt-get install dhcp3-server

    ettercap – not present/installed. while connected to the internet, run the following commands
    apt-get install ettercap

    there you go.
    -nx

    September 20, 2011 at 4:40 am

    • Thanks for helping other member in this blog ;)

      September 20, 2011 at 6:52 pm

  17. lala

    any one know where to download bt4 r2 direct

    November 30, 2011 at 8:47 pm

  18. Explain the very cool ~
    Thank you

    December 8, 2011 at 9:09 pm

  19. Spectrum

    Everything works incredibly well on BT5R1, I only have one problem:

    When connecting from my test Win 7 box, I can connect to the fake AP but can’t get internet access. I didn’t use the chmod 777, could that be the problem? Thanks!

    Great work on this

    January 17, 2012 at 2:59 am

  20. Spectrum

    I may have figured it out.

    My host OS is connected through wlan0 to my home router. So, I believe a second wifi apadpter on top of my ALFA because VMWare, in conjunction with airssl.sh, won’t be able to use the “Ethernet” connection VMWare has created from my host OS’s actually wireless connection to act as the second wifi adapter…?

    Long story short, my BT5R1 VM is using my ALFA adapter to broadcast the fake AP, while at the same time dropping it’s WiFi connection to my router….
    And this (I think) explains why my separate Win7 Box can connect to the fake AP I have created, but not to the internet?

    Hopefully that doesn’t take more than a read or two to make sense of!

    Thanks again

    January 17, 2012 at 3:14 am

  21. eric

    I get an error xterm: can’t execut dhcp3d no such file or directory using bt5 r1…any ideas? Same error for sslstrip

    January 23, 2012 at 3:29 am

    • eric

      NVM…I got it…just skimmed past the solution a few posts up…my bad

      January 23, 2012 at 4:01 am

  22. Alqaeda

    I’m getting Permissin Denied error and I’m login as root. How can I run the script?

    February 24, 2012 at 10:10 pm

  23. steve

    Hey guys,

    i set this nice thing up under VMWare. It seems that it works but im not able to connect to the fake-ap neither with my winxp machine or android device. i changed nothing in the airssl.sh. The devices try to connect to the fakeap but they wont be able to establish a connection to the fakeap. pls could somebady help ?

    March 3, 2012 at 5:38 pm

  24. Just me...

    Could you make a tutorial about installing and using Karma on BackTrack 5?
    Or if not Karma then Karmetasploit? I tried to use Karma but it worked badly because I didn’t have madwifi installed =(

    March 16, 2012 at 1:08 pm

  25. zardoz

    hi, nice script.
    but i have the same problem than Spectrum.

    my AP appears,
    in “fake ap windows”, it said client xx:xx:xx….. associated to ESSID: “xxxx”
    so it seem good, but cant get internet : “limited connectivity” on my victim machine (win7)

    i’m on BT5 r2 32bit persistent.
    i used one alfa awus036h and one liksys usb54gc
    and i made the upgrade noobsaibot told about.

    any suggestion?

    my linksys to connect to internet, my alfa to create the AP.

    March 28, 2012 at 2:40 pm

  26. irvin_gp

    this is amazing

    April 24, 2012 at 2:49 pm

  27. deviney

    am using 64 bit backtrack 5r2.

    Everything is running fine besides the actual sslstrip trail, it churns up the error below. any idea why?

    xterm: can’t execvp sslstrip: no such file or directory

    p.s am prity sure it is there because YAMAS script runs ssl strip fine :/

    April 25, 2012 at 12:04 am

    • Let me watch into it… I come back to you e a few days

      May 4, 2012 at 1:21 pm

    • Still cant find the problem… :-\ the script runs fine for me

      May 23, 2012 at 8:53 am

  28. Pat

    This scrip looks really cool and thanks for it, but I’m having issues obtaining an ip address (as a client trying to join the fake ap [with either switch]). Do you have a suggestion for that?

    im on bt5 via virtualbox and my et0 gateway ip is 10.0.2.2 (I wasnt sure if that would cause an issue)
    Thanks

    June 12, 2012 at 11:02 pm

    • Probably… Try direct connect to the router… I recomend VMWare that has that option or if you have 2 computer to test… launch bt5 live cd on one pc and test…. Good Luck

      June 23, 2012 at 11:41 am

  29. Ladz

    Getting an error:ssLstrip no such directory

    June 28, 2012 at 9:43 pm

  30. Gogs Davies

    All seems to work well and my wireless test client connects and get’s an IP address but doesn’t seem to want to route out via the wired internet connection on eth0 :( any ideas?

    July 14, 2012 at 1:45 pm

  31. gft

    Thanks , I’ve recently been looking for info about this subject for a long time and yours is the greatest I’ve found out
    so far. However, what in regards to the bottom line? Are
    you sure about the supply? Check out my website to get more info about
    forex, if you like.

    August 1, 2012 at 2:04 am

  32. luco

    sorry but the download script doesn’t work. how we can do ? thanks

    September 24, 2012 at 4:56 pm

  33. what

    this guy can’t help you out with your configuration problems because he just re posted killadaninja’s script and doesn’t understand anything about it. Look back through his replies and it’s obvious he has no idea what up… just Google killadaninja and you will find much better guides on setting up HIS script.

    December 31, 2012 at 6:11 pm

  34. If you desire to obtain a great deal from this article then you
    have to apply such techniques to your won webpage.

    January 23, 2013 at 10:51 am

  35. claude

    Could anyone send me the script at claudiu.toby@yahoo.com
    I would greatly appreciate it

    February 11, 2013 at 2:16 pm

  36. I Need To Get In Im Awsome At Computer Skills i Can Hack Do Lots Of Stuff Give people viruses and yea ill join Oh And Check Out this website i hacked Gaw7.com Oh And its GodMist Here GodMist Signing Out!

    April 1, 2013 at 11:41 am

    • Xen

      Um, no it’s really not.

      December 8, 2013 at 4:34 pm

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.