So I have followed the guides in the free PDF provided by rootsh3ll to set up a fake AP to capture WPA-passphrases through a fake firmware-upgrade of the victims router.
I have followed the guide in the following steps.
First of all killing all services and running airmon-ng check kill and putting my WiFi-interface in monitor mode.
I’m using dnsmasq in conjunction with Airbase-ng so dnsmasq is initiated with the settings according to the PDF and airbase is started:
interface=at0 dhcp-range=10.0.0.10,10.0.0.250,255.255.255.0,12h dhcp-option=3,10.0.0.1 dhcp-option=6,10.0.0.1 server=220.127.116.11 log-queries log-dhcp listen-address=127.0.0.1
- I’m then allocating the IP-address and so forth:
ifconfig at0 10.0.0.1 netmask 255.255.255.0 route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
I’m not forwarding traffic since i’m not planning on giving the target internet access since the router is supposed to act “offline” because of the firmware-upgrade.
dnsspoofing is started
AP is up and running and I connect with another computer of mine. I get connected and assigned an IP. But when i open a browser nothing happens and i’m not redirected to the apache server and the fake firmware-upgrade site.
Apache is ofc started and restarted several times and the site works fine on the server itself on
What might I be doing wrong? I have tried several guides and using both airbase and hostapd but the clients really don’t want to be redirected to the fake site.
Running Kali Linux and Alfa AWUS036ACH adapter.
My aim is for the client to connect to the fake AP and forced to the fake site running on my apache server.