Howto:Airsnarf

From Offensive-security.com

Contents 1 Note : This method works with some errors. This page will be modified to reflect the corrections. 1.1 1. Open Kwrite and Copy/Paste 1.2 2. Open Kwrite and Copy/Paste 1.3 3. Alter permissions and create folders 1.4 4. Download dhcp-3.0.*-i486-2.tgz 1.5 5. Move the dhcp file to / 1.6 6. Change directory and edit airsnarf 1.7 7. Edit airsnarf.cfg 1.8 8. Edit dhcpd.src 1.9 9. Edit airsnarf_dns.pl 1.10 10. Copy/Paste index.html & airsnarf.jpg

Note : This method works with some errors. This page will be modified to reflect the corrections.

1. Open Kwrite and Copy/Paste

• Save as : /etc/rc.d/rc.httpd

#!/bin/sh
conffile=/etc/apache/httpd.conf
function start() {
if grep -q "^Include /etc/apache/mod_ssl.conf" $conffile ; then
/usr/sbin/apachectl startssl
else
/usr/sbin/apachectl start
fi
}
function stop() {
/usr/sbin/apachectl stop
}
function restart() {
/usr/sbin/apachectl restart
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo "usage $0 start|stop|restart" ;;
esac

2. Open Kwrite and Copy/Paste

• Save as : /etc/rc.d/rc.dhcpd

#!/bin/sh
dhcpd_start() {
if [ -x /usr/sbin/dhcpd -a -r /etc/dhcpd.conf ]; then
echo "Starting Dhcp..."
/usr/sbin/dhcpd -cf /etc/dhcpd.conf ath0
fi
}
dhcpd_stop() {
killall dhcpd
}
dhcpd_restart() {
dhcpd_stop
sleep 2
dhcpd_start
}
case "$1" in
'start')
dhcpd_start
;;
'stop')
dhcpd_stop
;;
'restart')
dhcpd_restart
;;
*)
dhcpd_start
esac

3. Alter permissions and create folders

chmod 755 /etc/rc.d/rc.httpd
chmod 755 /etc/rc.d/rc.dhcpd
mkdir -p --verbose /var/www/html
mkdir --verbose /var/www/cgi-bin

4. Download dhcp-3.0.*-i486-2.tgz

• Main website : here choose a mirror closest to your location.
• Alternate method :

slapt-get --update
slapt-get --install dhcp-3.0.4-i486-2

5. Move the dhcp file to /

• Why does it need to be moved?

tar -zxvf dhcp-3.0.5-i486-2.tgz
touch /var/state/dhcp/dhcpd.leases

6. Change directory and edit airsnarf

cd /pentest/wireless/airsnarf-0.2
nano airsnarf

• Locate line 36

iwconifg $ROGUE_INTERFACE essid $ROGUE_SSID mode master

• Replace with this :

ifconfig $ROGUE_INTERFACE down
wlanconfig $ROGUE_INTERFACE destroy
wlanconfig $ROGUE_INTERFACE create wlandev wifi0 wlanmode ap
ifconfig $ROGUE_INTERFACE up
iwconfig $ROGUE_INTERFACE essid $ROGUE_SSID mode master

• Locate :

# restart some services
/etc/init.d/dhcpd restart
/etc/init.d/httpd restart
/etc/init.d/sendmail restart

• Replace with :

/usr/sbin/dhcpd -cf /etc/dhcpd.conf
/usr/local/apache/bin/apachectl restart
#/etc/init.d/sendmail restart (we dont really need this line thats why its commented out)

7. Edit airsnarf.cfg

nano cfg/airsnarf.cfg

• Change ROGUE_NET & ROGUE_GW to what you want.
• i.e. : ROGUE_NET 192.168.1.5 and ROGUE_GW 192.168.1.1

8. Edit dhcpd.src

nano etc/dhcpd.src

Replace with this

ddns-update-style ad-hoc;
subnet 192.168.1.0 netmask 255.255.255.0 {
       option subnet-mask              255.255.255.0;
       option broadcast-address        192.168.1.255;
       option routers                  192.168.1.1;
       option domain-name-servers      192.168.1.1;
       option domain-name              "domain.com";
       range dynamic-bootp 192.168.1.3 192.168.1.50;
       default-lease-time 21600;
       max-lease-time 43200;
}

9. Edit airsnarf_dns.pl

nano bin/airsnarf_dns.pl

• Change line 21 ip to ip you set i.e. 192.168.1.1

10. Copy/Paste index.html & airsnarf.jpg

cp /pentest/wireless/airsnarf-0.2/cfg/html/* /usr/local/apache/htdocs/