Fake Wireless Access Point Creation-Rogue AP

In this tutorial for Cr0w’s Place we are creating a fake wireless access point to sniff login credentials from the users that connect in it. We are going to use a pc with Kali Linux installed, a WiFi NIC with monitor mode capabilities and the fake ap script that you can download from the link down here and automates our attack. But lets see some theory on the tools that we are going to use:

Airbase-ng is multi-purpose tool aimed at attacking clients as opposed to the Access Point (AP) itself.

The Dynamic Host Configuration Protocol (DHCP) is a network protocol used to configure devices that are connected to a network so they can communicate on that network using the Internet Protocol (IP). The protocol is implemented in a client-server model, in which DHCP clients request configuration data, such as an IP address, a default route, and one or more DNS server addresses from a DHCP server.

SSL stripping is a man-in-the-middle attack in which a network attacker could prevent a web browser from upgrading to an SSL connection in a subtle way that would likely go unnoticed by a user.

Ettercap is a free and open sourcenetwork security tool for man-in-the-middle attacks on LAN. It can be used for computer network protocol analysis and securityauditing.

Monitor mode, or RFMON (Radio Frequency MONitor) mode, allows a computer with a wireless network interface controller (WNIC) to monitor all traffic received from the wireless network. Unlike promiscuous mode, which is also used for packet sniffing, monitor mode allows packets to be captured without having to associate with an access point or ad hoc network first. Monitor mode only applies to wireless networks, while promiscuous mode can be used on both wired and wireless networks. Monitor mode is one of the six modes that 802.11 wireless cards can operate in: Master (acting as an access point), Managed (client, also known as station), Ad hoc, Mesh, Repeater, and Monitor mode.

You can download FakeAP.sh script from here.

You can buy Alfa AWUS036H card that I used from here.

Compatibility list for wifi hardware.

Everything you are going to see is for educational purposes only, so operate carefully and in your own property. I bring no responsibility in what happens to you if you act irresponsibly.

 

If you like my videos please Subscribe to my channel.

Thank You For Watching.

Cr0w Tom

Advertisements

4 thoughts on “Fake Wireless Access Point Creation-Rogue AP”

  1. Hi, very great video.
    It’s possible to host your script on a next hoster?
    Have always “The captcha code was invalid, please try again.” error message.
    Thanks

  2. hi, its look so easy on your video tutorial, but when i try using that script, i got so many error, so please reupload your script :’)
    cuz i really want to try if this useful, i got many error on the first step like this :

    /root/Desktop/FakeAP.sh: line 5: $’\r’: command not found
    /root/Desktop/FakeAP.sh: line 7: $’echo\r’: command not found
    FakeAP 2.0 – Credits killadaninja & G60Jon
    /root/Desktop/FakeAP.sh: line 9: $’echo\r’: command not found
    /root/Desktop/FakeAP.sh: line 11: $’echo\r’: command not found
    /root/Desktop/FakeAP.sh: line 12: $’echo\r’: command not found
    Enter the networks gateway IP address, this should be listed above. For example 192.168.0.1:
    ‘: not a valid identifierline 14: read: `gatewayip
    Enter your interface that is connected to the internet, this should be listed ab’: not a valid identifierline 16: read: `internet_interface
    ‘: not a valid identifierline 18: read: `fakeap_interfaceple wlan0:
    ‘: not a valid identifierline 20: read: `ESSIDo be called:

  3. Is it mandatory that we have wireless card with monitoring abilities, or can we just set up our own laptop as the access point ( Hot Spot ) ?

    1. Suddenly it is mandatory, I thing that there is a way of doing it without the monitor mode but it will not have the same results!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s