Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • #11737
    AvatarAtul Koshta
    Participant

    Hi Zaid Sir,
    I have successfully created fake AP but when i browse in my real home PC connected to my fake AP,it doesn’t redirect any request to my ip.Although its strange that when i type my server ip in url it directs correctly.
    Redirection command is already included in dnsmasq.conf (address=/#/192.168.1.1 ) where 192.168.1.1 is my AP ip.
    Kindly help!

    #11739
    AvatarZaid Sabih
    Moderator

    Hello Atul,
    Please try to remove the browsing data (catch, history…..etc) before doing the attack, you wouldn’t need to do this in a real life scenario but this happens sometimes when you keep accessing the same website over and over across a very short period of time.

    #11744
    AvatarAtul Koshta
    Participant

    Hi Zaid sir,
    I have tried every possible ways including what you have told above but still i am unlucky.Here are steps that i followed:
    #Machine started>adapter is plugged in>service network-manager stop>bash ‘flushiptables.sh script path’ >ifconfig .Result is shown below:

    eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
    inet6 fe80::a00:27ff:fe59:1b51 prefixlen 64 scopeid 0x20<link>
    ether 08:00:27:59:1b:51 txqueuelen 1000 (Ethernet)
    RX packets 11651 bytes 16658111 (15.8 MiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 3310 bytes 233662 (228.1 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
    inet 127.0.0.1 netmask 255.0.0.0
    inet6 ::1 prefixlen 128 scopeid 0x10<host>
    loop txqueuelen 1000 (Local Loopback)
    RX packets 26 bytes 1350 (1.3 KiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 26 bytes 1350 (1.3 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    2> I used following conf file n my recent try which was 24 hours ago:
    #dnsmasq.conf
    interface=wlan0
    dhcp-range=192.168.1.2,192.168.1.100,8h
    dhcp-option=3,192.168.1.1
    dhcp-option=6,192.168.1.1
    address=/#/192.168.1.1

    #hostapd.conf
    interface=wlan0
    ssid=Stark Industry
    channel=5
    driver=nl80211

    [email protected]:~# dnsmasq -C Downloads/dnsmasq.conf
    [email protected]:~# hostapd Downloads/hostapd.conf
    [email protected]:~# ifconfig wlan0 192.168.1.1 netmask 255.255.255.0
    [email protected]:~# service apache2 start

    #ifconfig now seem like this:
    eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
    inet6 fe80::a00:27ff:fe59:1b51 prefixlen 64 scopeid 0x20<link>
    ether 08:00:27:59:1b:51 txqueuelen 1000 (Ethernet)
    RX packets 49597 bytes 71848691 (68.5 MiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 12782 bytes 802876 (784.0 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
    inet 127.0.0.1 netmask 255.0.0.0
    inet6 ::1 prefixlen 128 scopeid 0x10<host>
    loop txqueuelen 1000 (Local Loopback)
    RX packets 26 bytes 1350 (1.3 KiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 26 bytes 1350 (1.3 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    inet 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
    inet6 fe80::2c0:caff:fe96:64e9 prefixlen 64 scopeid 0x20<link>
    ether 00:c0:ca:96:64:e9 txqueuelen 1000 (Ethernet)
    RX packets 1324 bytes 142681 (139.3 KiB)
    RX errors 0 dropped 2 overruns 0 frame 0
    TX packets 1228 bytes 115622 (112.9 KiB)
    TX errors 0 dropped 2 overruns 0 carrier 0 collisions 0

    #AP is now enabled and devices can connect to it.Moreover they can browse to my server’s index.php,explicitly by typing 192.168.1.1 in url and not automatically upon browsing anything in the browser’s url.

    #11760
    AvatarZaid Sabih
    Moderator

    Everything looks fine, so what do they get when they try to go to websites?
    Also can you please try to just do
    ping http://www.google.com
    from the Windows command prompt after connecting to the fake AP? see which IP returns the result.

    #11763
    AvatarAtul Koshta
    Participant

    Hello sir,
    When I try to browse any website (for example your’s favorite bing.com) it shows me :
    This site can’t be reached
    bing.com refuses to connect
    Try:
    Checking the connection
    checking the proxy and firewall
    ERR_CONNECTION_REFUSED

    But amazingly when I type 192.168.1.1 in the URL I get redirected to my kali machine server’s index.php page. This should happen every time when I browse anything in the target machine.
    Also when I ran the command ‘ping http://www.google.com&#8217; in the target machine it returns following 4 times with some additional details:
    Reply from 192.168.1.1: byte=32 time=3ms TTL=64

    #11765
    AvatarAtul Koshta
    Participant

    Hi Zaid sir,
    I am glad to tell you that it worked after n number of tries.
    Thanks a lot for your support.

    #11779
    AvatarZaid Sabih
    Moderator

    Great stuff 🙂

Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.