Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • #11737
    Atul Koshta
    Participant

    Hi Zaid Sir,
    I have successfully created fake AP but when i browse in my real home PC connected to my fake AP,it doesn’t redirect any request to my ip.Although its strange that when i type my server ip in url it directs correctly.
    Redirection command is already included in dnsmasq.conf (address=/#/192.168.1.1 ) where 192.168.1.1 is my AP ip.
    Kindly help!

    #11739
    Zaid SabihZaid Sabih
    Moderator

    Hello Atul,
    Please try to remove the browsing data (catch, history…..etc) before doing the attack, you wouldn’t need to do this in a real life scenario but this happens sometimes when you keep accessing the same website over and over across a very short period of time.

    #11744
    Atul Koshta
    Participant

    Hi Zaid sir,
    I have tried every possible ways including what you have told above but still i am unlucky.Here are steps that i followed:
    #Machine started>adapter is plugged in>service network-manager stop>bash ‘flushiptables.sh script path’ >ifconfig .Result is shown below:

    eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
    inet6 fe80::a00:27ff:fe59:1b51 prefixlen 64 scopeid 0x20<link>
    ether 08:00:27:59:1b:51 txqueuelen 1000 (Ethernet)
    RX packets 11651 bytes 16658111 (15.8 MiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 3310 bytes 233662 (228.1 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
    inet 127.0.0.1 netmask 255.0.0.0
    inet6 ::1 prefixlen 128 scopeid 0x10<host>
    loop txqueuelen 1000 (Local Loopback)
    RX packets 26 bytes 1350 (1.3 KiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 26 bytes 1350 (1.3 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    2> I used following conf file n my recent try which was 24 hours ago:
    #dnsmasq.conf
    interface=wlan0
    dhcp-range=192.168.1.2,192.168.1.100,8h
    dhcp-option=3,192.168.1.1
    dhcp-option=6,192.168.1.1
    address=/#/192.168.1.1

    #hostapd.conf
    interface=wlan0
    ssid=Stark Industry
    channel=5
    driver=nl80211

    root@kali:~# dnsmasq -C Downloads/dnsmasq.conf
    root@kali:~# hostapd Downloads/hostapd.conf
    root@kali:~# ifconfig wlan0 192.168.1.1 netmask 255.255.255.0
    root@kali:~# service apache2 start

    #ifconfig now seem like this:
    eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
    inet6 fe80::a00:27ff:fe59:1b51 prefixlen 64 scopeid 0x20<link>
    ether 08:00:27:59:1b:51 txqueuelen 1000 (Ethernet)
    RX packets 49597 bytes 71848691 (68.5 MiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 12782 bytes 802876 (784.0 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
    inet 127.0.0.1 netmask 255.0.0.0
    inet6 ::1 prefixlen 128 scopeid 0x10<host>
    loop txqueuelen 1000 (Local Loopback)
    RX packets 26 bytes 1350 (1.3 KiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 26 bytes 1350 (1.3 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    inet 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
    inet6 fe80::2c0:caff:fe96:64e9 prefixlen 64 scopeid 0x20<link>
    ether 00:c0:ca:96:64:e9 txqueuelen 1000 (Ethernet)
    RX packets 1324 bytes 142681 (139.3 KiB)
    RX errors 0 dropped 2 overruns 0 frame 0
    TX packets 1228 bytes 115622 (112.9 KiB)
    TX errors 0 dropped 2 overruns 0 carrier 0 collisions 0

    #AP is now enabled and devices can connect to it.Moreover they can browse to my server’s index.php,explicitly by typing 192.168.1.1 in url and not automatically upon browsing anything in the browser’s url.

    #11760
    Zaid SabihZaid Sabih
    Moderator

    Everything looks fine, so what do they get when they try to go to websites?
    Also can you please try to just do
    ping http://www.google.com
    from the Windows command prompt after connecting to the fake AP? see which IP returns the result.

    #11763
    Atul Koshta
    Participant

    Hello sir,
    When I try to browse any website (for example your’s favorite bing.com) it shows me :
    This site can’t be reached
    bing.com refuses to connect
    Try:
    Checking the connection
    checking the proxy and firewall
    ERR_CONNECTION_REFUSED

    But amazingly when I type 192.168.1.1 in the URL I get redirected to my kali machine server’s index.php page. This should happen every time when I browse anything in the target machine.
    Also when I ran the command ‘ping http://www.google.com&#8217; in the target machine it returns following 4 times with some additional details:
    Reply from 192.168.1.1: byte=32 time=3ms TTL=64

    #11765
    Atul Koshta
    Participant

    Hi Zaid sir,
    I am glad to tell you that it worked after n number of tries.
    Thanks a lot for your support.

    #11779
    Zaid SabihZaid Sabih
    Moderator

    Great stuff 🙂

Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.
Privacy Overview
ZSecurity logo featuring a stylized red letter Z

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics and Linkedin to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.