Follow these instructions to get started:
airbase-ng
and give it the ESSID Rogue
:bridge-utils
files, create a bridge interface, and name it Wifi-Bridge
. The following screenshot shows the required commands in action:apt-get install bridge-utils brctl addbr Wifi-Bridge
Let's see the following output of the command:
At0
virtual interface created by Airbase-ng to this bridge:brctl addif Wifi-Bridge eth0 brctl addif Wifi-Bridge ath0
The screenshot of the command as follows:
ifconfig eth0 0.0.0.0 up ifconfig ath0 0.0.0.0 up
The screenshot of the command as follows:
echo 1 > /proc/sys/net/ipv4/ip_forward
The screenshot of the command as follows:
Wifi-Bridge
we just built. We can verify this by connecting a client to the rogue access point. Once connected, if you are using Vista, your screen might look like the following:We created a rogue access point and used it to bridge all the authorized network LAN traffic over the wireless network. As you can see, this is a really serious security threat as anyone can break into the wired network using this bridge.
Check whether you can create a rogue access point that uses WPA/WPA2-based encryption to look more legitimate on the wireless network.
Q1. What encryption does a rogue access point use in most cases?
Q2. What is the advantage of having the same MAC address as the authorized access point in an evil twin?
Q3. What do DoS attacks do?
Q4. What do rogue access points do and how can they be created?