ehsan
New Member
Posts: 27
|
Post by ehsan on Oct 6, 2016 14:10:59 GMT
Hi I run FruityWiFi on RPI3 and TL-WN722N as external WiFi Adapter. My config is : Mode : IN-OUT | [AP] IN : wlan0 (which is default RPI3 WiFi interface) OUT : eth0 [AP] : HostapdMana GW : 10.0.0.1
[sniff|inject] : wlan0
Monitor Interface : wlan1 (which is TL-WN722N)
I start both [IN | OUT] (wlan0) And [Monitor Interface] (wlan1 as mon0)
In this case i can see FruityWiFi SSID and can connect to it and monitor everything.
When I start Mana and after that Scatter whith whitelist(for example MyTestNet) and Rogue BSSID as 62:F1:89:27:15:FE . I can see another MyTestNet which is open and does not have password.
So When i select MyTestNet on my android phone it says "Authentication Error Occurred"
Also Polite is running too
Any Idea for solving "Authentication Error Occurred" ?
|
|
|
Post by xtr4nge on Oct 6, 2016 15:48:37 GMT
Hi ehsan, I think I don't understand what you are trying to do and the problem.
Mana and Karma do not work with RPi3 internal wireless iface. If you are using the patched driver, I can't help you with that as I didn't try it.
regards,
|
|
|
Post by finlaydag33k on Oct 6, 2016 16:47:23 GMT
just change the wifi card to the TP-Link one and you should be good to go.
|
|
ehsan
New Member
Posts: 27
|
Post by ehsan on Oct 6, 2016 22:28:00 GMT
just change the wifi card to the TP-Link one and you should be good to go. Hi When i set [IN OUT] on wlan0 which is default RPI3 WiFi interface, I can start AP module. But when i put [IN OUT] on wlan1 which is TP-Link AP module can not start. What is problem ?
|
|
ehsan
New Member
Posts: 27
|
Post by ehsan on Oct 6, 2016 23:00:41 GMT
Hi ehsan, I think I don't understand what you are trying to do and the problem. Mana and Karma do not work with RPi3 internal wireless iface. If you are using the patched driver, I can't help you with that as I didn't try it. regards, Hi I describe what i want to do step by step and please correct my steps if they are not correct. Both WiFi interfaces (wlan1 and wlan2) are external and TL-WN722N My goal is to select a wifi network which is near me (for example MyTestNet) and make a Rogue network. after that deauthenticate clients and when they want to connect again come to my Rogue network and i can monitor them so : 1- in Config page i select wlan1(TP-Link) as IN and eth0 as OUT 2- also select [sniff|inject] wlan1 3- set [AP] as HostapdMana 4- click on Save and start 5- set [Monitor Interface] as wlan2(TP-Link) and start it as mon0 6- Go to status page and click on "edit" on [AP] service. 7- It shows "[AP] disabled." now click on "start" 8- It shows "Mana disabled." now click on "start" 9-Click on "start" next to "Picker" so i can see wifi ssids around me on "Picker" tab (Suppose "MyTestNet" is one of them and is my target) 10-Go to "Filter" tab and in "Filter SSID" section add "MyTestNet" 11-Now go to "Worker" tab and under "Scatter" section select "Whitelist" and check "Rogue BSSID" and click on save 12-Now click on "start" next to "Scatter" and status changed to enabled. So i can see 2 "MyTestNet" which 1 is protected and other is open(First is original and second is FakeAP) 13-On "Polite" section select "Filter SSID" as "Whitelist" too and click on "start" next to "Polite" and status changed to enabled. So every client can login with "MyTestNet" which is open(FakeAP)------> Here is my problem . when i select "MyTestNet" (FakeAP) it says "Authentication Error Occurred". my client is android phone. Any help? 14- Now i can deauthenticate clients with mdk3 module. when they want to reconnect they may select "MyTestNet" (FakeAP) if mine is stronger 15-After Logging in a client i can monitor its activity. So i have problem with number 13. Any Idea for solving them ? (do they have dependencies or my config is not correct or steps are not correct or ...?)
|
|
|
Post by xtr4nge on Oct 7, 2016 7:36:20 GMT
Hi ehsan, You don't need to check "Rogue SSID" (step 11) unless that for some reason you want to broadcast the SSID with a different BSSID. Of course you can put in "Rogue SSID" the macaddress of your AP iface, and that will work too. When you have the setup running, do a capture with wireshark (or anything that you want) to confirm that the SSIDs are broadcasted with the correct BSSID, that should be your the macaddress of your AP iface.
Some devices they are not going to connect unless hey are forced to connect. Try forgetting the real SSID from the device, and connect to the new one to be sure that the setup is working.
regards,
|
|
ehsan
New Member
Posts: 27
|
Post by ehsan on Oct 7, 2016 8:55:57 GMT
Hi If you run without "Rogue SSID" checked, an error raises. because -b feeded to ap_scatter.py without parameter. But this is not the main problem.
Questions :
1-Those steps that i told are right ? even their sequence ? 2-What is the problem in step 13 ?
|
|
ehsan
New Member
Posts: 27
|
Post by ehsan on Oct 7, 2016 9:01:48 GMT
I did it but it says "Authentication Error Occurred".
i also ran "python ap-polite.py -i mon0 -b 62:F1:89:27:15:FE -e whitelist" and got This answer many times but no success:
Sent 2 packets.
*Probe Request: ['62:f1:89:27:15:fe', 'c8:a8:23:62:e0:a4', '62:f1:89:27:15:fe'] Bebeto
Bcast: 62:F1:89:27:15:FE c8:a8:23:62:e0:a4 Bebeto
..
Where to debug ?
Which part is responsible to authentication ?
|
|
ehsan
New Member
Posts: 27
|
Post by ehsan on Oct 8, 2016 0:45:25 GMT
Could anybody test it successfully?
Please someone test it and tell me the result.
it made me so tired.
|
|
|
Post by xtr4nge on Oct 8, 2016 10:13:29 GMT
When you don't check "Rogue SSID" option, the GUI automatically assign the macaddress of the AP to the -b parameter (I'm not talking about the command line script). I assume that you are using an OPEN Access Point setup on FruityWiFi, and that your AP iface macaddress is: 62:F1:89:27:15:FETry the new mode Probe Request + Mana Loud (you need to enable Mana Loud from AP module tab AP) Download the new Scatter script that includes mode Probe Request (-m 2) raw.githubusercontent.com/xtr4nge/module_ap/master/includes/ap-scatter.pypython ap-scatter.py -i mon0 -e none -m 2 The -b parameter is not required for mode Probe Request. You need to run this script from the command line as the Mode cannot be selected from AP module yet, but you can change the default value in the script: " MODE = 1" to " MODE = 2", so then you can start Scatter from AP module page running Probe Request mode. Note: You don't need to start Polite, only Scatter
|
|
ehsan
New Member
Posts: 27
|
Post by ehsan on Oct 9, 2016 8:52:05 GMT
Hi Thank you for your detailed answer. I will do everything that you said and share the results.
But you said I don't need to run Polite. As I know scatter is responsible for broadcasting ssid and Polite is responsible for answering probes which I think authentication error is belong to this point exactly (polite)
Am I wrong ?
|
|
|
Post by xtr4nge on Oct 9, 2016 14:59:43 GMT
The new mode "Probe Request" probes the SSIDs, and Mana (in Loud mode) Broadcast the responses. That is why you need to to combine Mana (loud mode) and the new Scatter mode.
Polite is not required with Scatter Probe Request mode + Mana Loud.
|
|
ehsan
New Member
Posts: 27
|
Post by ehsan on Oct 11, 2016 22:38:06 GMT
Try the new mode Probe Request + Mana Loud (you need to enable Mana Loud from AP module tab AP) Download the new Scatter script that includes mode Probe Request (-m 2) raw.githubusercontent.com/xtr4nge/module_ap/master/includes/ap-scatter.pypython ap-scatter.py -i mon0 -e none -m 2 The -b parameter is not required for mode Probe Request. You need to run this script from the command line as the Mode cannot be selected from AP module yet, but you can change the default value in the script: " MODE = 1" to " MODE = 2", so then you can start Scatter from AP module page running Probe Request mode. Note: You don't need to start Polite, only Scatter Hi When i did it nothing happend. It means no SSID broadcasted But when i use mode 1 SSIDs broadcasted but cannot login to them. Any Idea ?
|
|