How to: E-Z setup a Multi Mode WLAN based on a Fake AP

[BT2008]

Quote:

Originally Posted by pureh@te

Didnt see that. Guess I need to read before I post.

Found this post: sslsniff or sslstrip & transparent Squid3

[Nick_the_Greek]

@BT2008 and master pureh@te

Can you please guys provide me more info:

How are you connected to inet ? (ethernet?) . Can you try getting inet wirelessly?

What mode is used? ("sslstrip and proxy-ed" ?)

When running this script in "simple" or "proxyed" or "sslstriped" mode only, can you access https sites?

If it is used "sslstriped and proxyed" mode, in sarg reports did you see any 'DENIED" messages?

In "sslstriped and proxyed" mode, when your clients trying to access https sites, did you see in proxychains xterm "OK" messages?

What version of sslstrip did you try with my script? (v0.1 or v0.6 ?).

@mikec: pureh@te already answered your question. You may also re-read my 1st post: (I know.Its a little bit long and my English rocks )

Quote:

This script is tested with:
Running on: BT4PF (kernel 2.6.29.4 x86) it should work with newer kernel.

Internet from: pppoA and wirelessly

Wireless cards: Atheros AR5001X+ (ath5k and ath_pci) and zydas zd1211rw

clients: BT4PF and windows XP SP3 EN

[BT2008]

[QUOTE=Nick_the_Greek;157612]@BT2008 and master pureh@te

thanx for your fast response here are my answers:

How are you connected to inet ? (ethernet?) . Can you try getting inet wirelessly?
--> BT4 in VMware workstation, eth0 for inet and wlan0 with my ALFA
--> network model: AWUS036E

What mode is used? ("sslstrip and proxy-ed" ?)
--> mode 4

When running this script in "simple" or "proxyed" or "sslstriped" mode only, can you access https sites?
--> no

If it is used "sslstriped and proxyed" mode, in sarg reports did you see any 'DENIED" messages?
--> no

In "sslstriped and proxyed" mode, when your clients trying to access https sites, did you see in proxychains xterm "OK" messages?
--> in the shell ssl-output.log I see OK messages but no with all https sites

What version of sslstrip did you try with my script? (v0.1 or v0.6 ?).
--> v0.6

[Nick_the_Greek]

Quote:

Originally Posted by BT2008

--> BT4 in VMware workstation, eth0 for inet and wlan0 with my ALFA
--> network model: AWUS036E

Well, if you are able to access http pages in "Simple" you should be able to access https pages also. I haven't tried with VMware. Maybe the problem is how VMware handles the hardware. I will try it this week with VMware and I will report back.
PS.Can you try it with a BT4PF livedvd? If you can not running it again correctly maybe I miss a iptable rule when people are connected to inet through eth. I was presuming that if it is working wirelessly (inet from wireless card) it should be working with Ethernet cards. Which is more than less the same. Maybe I was wrong. Time will tell.

Nick

[pureh@te]

nick, I was running mine in almost the exact same way as they other guy having the issue. I can provide the logs if you need. I am not to familer with sslstrip so i am having a hard time debugging it. I guess I can try with the live cd and see if it works a little latter today. I was using just ssl strip mode with no proxy,I had some other errors with the proxy option.

[BT2008]

Quote:

Originally Posted by Nick_the_Greek

Well, if you are able to access http pages in "Simple" you should be able to access https pages also. I haven't tried with VMware. Maybe the problem is how VMware handles the hardware. I will try it this week with VMware and I will report back.
PS.Can you try it with a BT4PF livedvd? If you can not running it again correctly maybe I miss a iptable rule when people are connected to inet through eth. I was presuming that if it is working wirelessly (inet from wireless card) it should be working with Ethernet cards. Which is more than less the same. Maybe I was wrong. Time will tell.

Nick

I will try it with the livedvd and give you the results

For your information:
2 wireless cards, 1 onboard and 1 trough usb (ALFA)
Onboard wireless card inet, in BT I see eth0 has the IP of the VMware dhcp.
So you have wireless connection trough eth0 to inet and trough wlan0 the FakeAP.

[BT2008]

Quote:

Originally Posted by BT2008

I will try it with the livedvd and give you the results

For your information:
2 wireless cards, 1 onboard and 1 trough usb (ALFA)
Onboard wireless card inet, in BT I see eth0 has the IP of the VMware dhcp.
So you have wireless connection trough eth0 to inet and trough wlan0 the FakeAP.

Here are the results:

BT4 boot, eth0 (ethernet) for init and wlan1 (usb) for fakeAP.
Mode 4 --> no https
Mode 1 (simple wlan) YES I get access to https.

So what kind of conclusion do we have??
Hope that we can solve this issue

[pureh@te]

So now I am trying your script with a eeepc with bt4 on hardrive in case the vw was the issue and now I cant get to the internet at all. Ill keep trying it but as of now its not working. Heres what I am using:

eeepc
bt4 on hardrive
eth0 connected to LAN with cable
Alfa 500w usb card for the soft AP

note: I do know how to use sslstrip and that works fine on my lan so its a soft AP issue. At least with the vm I had http working. More testers would help to people.

EDIT: well i spent all morning on this and could not get it to work

[Nick_the_Greek]

Well, I am missing something and this must be dhcpd.conf and iptables rules. I know my script it's working, when you are getting internet through a modem or through a wireless card. Unfortunately I don't have any router at my home to test with. I have in my work. I will do some testing with it no soon then the next weekend. Sorry guys. You have be patient. Kids - work doesn't left me much free time. Anyway, I will try I quick fix:

@BT2008
I got to change some things, when eth0 is used to connect to Internet. Since you are able to access http & https sites in "Simple" mode then the fault is mine. I was wrong in iptables rules in the other 3 modes. You can try this.(It's working for me, but I am getting right know Internet through a modem)
Download link removed. Please download from the 1st post

@Pureh@te
Clients can ping the server and vise versa?
Clients can resolve domain names?
Maybe some firewall rules in your LAN doesn't let the script to forward dns request to LAN? ( I am using dnsmasq)
If the problem is in resolving domain names you can manually modify the script by:
1).Go to line 924. and edit:

Code:

DNS1=$INETIP

to yours ISP primary DNS server

Code:

DNS1="xxx.xxx.xxx.xxx

and if your ISP provide you with a secondary DNS server goto line 925 and edit:

Code:

DNS2=""

to

Code:

DNS2="xxx.xxx.xxx.xxx"

If not leave it as it is.
Run the script again and check dhcpd.conf file in /$HOME_DIR///dhcpd3/ to see if changes have been made.

For both you guys, for the moment, the easiest way to get this script to work is to get internet through a modem or wirelessly. It's tested and verified.

I am looking forward for your feedbacks.

Keep in touch.

Nick

[Revelati]

Hi there guys I was going over the thread and saw some of you were having troubles connecting to certain sites while others worked. I ran into similar trouble when testing hm2075's WPA keygrabber. After testing for days I finally found out that the problem was with the USB Alfa cards mtu size.

For some reason by reducing the mtu it solved the problems and allowed access to all the web pages.

I know its a shot in the dark for what is most likely an SSLStrip problem, but give it a try before you pull your hair out if you guys can't find another solution.