Master Hacks – For Gamers by Gamers! // Grab WPA Key With Fake AP
Grab WPA Key With Fake AP
Time to start setting up the attack.
Download the zip file and extract the folder in the root of your Windows OS or somewhere that you can access easy and fast from Backtrack.
When extracting the folder don’t remove the folder from the zip file, just make a copy because the copy is the one you will modify and every time you want to use this method with a different network you can extract the folder again from the zip file and modify the text document and the blacklist text file that you need to modify with the new network specifications.
Should look like this:
Run “WifiInfoView” and copy your target BSSID (BSSID = MAC address) and make a note of the channel and ESSID (ESSID = Network name).
To copy the target BSSID easier you can click on “Options”
then point your cursor to “MAC Address Format”
and you will see the first format is selected and it looks like this XX-XX-XX-XX-XX-XX
what you want to do is select the second one that looks like this XX:XX:XX:XX:XX:XX…
Now you “Secondary Click” on top of the network you desire to attack and select “Properties”.
Then you can copy the BSSID “00:16:01:14:22:4A”.
You will need to paste this BSSID in the “blacklist.txt” file located in the following directory:
“[TUT] Grab WPA Key With Fake AP/files/files to copy in root Desktop”.
When you finish with the BSSID hit enter at the end of the BSSID like if you want to start typing something under the BSSID.
This is to leave an empty line at the bottom so MDK3 can read the BSSID. Otherwise it wont read the BSSID and your MDK3 will never start.
Picture here for those who are lost at the very beginning of this tutorial. LOL!
Continue to modify the text document named:
“Modify This Text Document For Copy Pasting”.
Yes open the text document…
You will find this document inside the folder you extracted earlier.
In this tutorial I will be explaining you what to modify in that text document, how and why.
I did it this way because I don’t want you to read this whole tutorial again.
Just read it once and the next time you want to attack a WPA network using this method you just need to modify the text document and the blacklist text file from the extracted folder and you will be good to go.
You will see! This is very easy!
NOTE: The first step from the text document have 4 questions that you will have to memorize how to do them.
Don’t worry there is a little reminder in the bottom of each question.
And if you forget just come here again and look at the pictures from here from the third spoiler.
In the text document you will find the following steps to follow:
### 1- Get ready before copy pasting the commands.
Right here are the 4 questions to remind you to setup the room to work with Backtrack and to copy the files to the directories.
### 2- Paste the following commands in terminal 6.
This commands are to install DHCP3, configure DHCP3, set the first interface to monitor mode,
change MAC address (BSSID), configure and start Apache2 and also start the fake AP (Access Point).
### 3- Paste this commands in terminal 5.
This commands are just to setup and start running DHCP3.
And the title is pretty self explanatory for the rest.
### 4- Start the DNS spoof in terminal 4.
### 5- Start monitoring your fake AP in terminal 3.
### 6- Start monitoring the target AP in terminal 2.
### PERFECT! TIME TO START THE ATTACK…
### 7- Disconnect everyone from your target AP.
Now the 4 questions.
This is one of the steps I am not explaining.
You need to use the folder browser from Backtrack to get access to the downloaded files.
Yes I’m talking about the folder you extracted earlier in a easy to access directory.
I don’t know in GNOME version but in KDE is called “Dolphin – File Manager”.
When you get to Backtrack you need to open the text document “Modify This Text Document For Copy Pasting”
located in the extracted folder which name should be “[TUT] Grab WPA Key With Fake AP”.
1- Did you modified the taskbar to make room?
How you modify the taskbar?
Secondary click at the bottom and click “Remove this System Tray”. Look at the picture for a better understanding.
Why? Because you need to open a lot of terminals and you need room so you don’t get lost and frustrated in the middle of the process.
You need to secondary click at the very very bottom. Otherwise you won’t see the right option.
Remove the clock. If you want to…
Same thing, secondary click but this time in top of the clock and click on “Remove this Digital Clock”
Remove the 4 squares. I really never use this thing but consider to use this if your monitor is not big enough to make the 6 terminals to fit in only one screen. It’s a really nice feature when your resolution is not spacious.
You might ask yourself which 6 terminals I was talking before?
Well keep reading. I will explain about that soon.
Make the taskbar longer. You need to click the icon that looks like a fireball.
Then click and hold the minus (-) icon and drag it all the way to the right.
And finally click the [X] to close.
Next question will be:
2- Did you modified the terminals window sizes?
How you modify the window sizes?
Nice question… You don’t really need to do this. I just recommend you to do it this way because it’s always good to be aware of what’s happening everywhere. However I know a lot of people might have the resolution problem I mentioned before and wont be able to do this. If this is your case you will have to deal switching between terminals. Anyway if this is your case don’t worry. You don’t really need to monitor all of the terminals.
First, click the terminal in the taskbar at the left side. It’s the black icon.
When it opens modify the size as shown in the picture.
So to spot the half of the screen you need to click and hold the window in the top where the title is located and drag the cursor all the way to the right and you will see the window autosize splitting the screen in a half. When you see the autosize happen release the click and close the window to save the size configuration. Then open the terminal again and place it in the right side and pull the window from the top to the bottom to make it smaller making the exact or pretty similar size as in the picture.
Then open the second terminal and you will notice a big half screen terminal open on the left side. Just resize it again then the third and the rest of the terminals will open with the right size. You just need to place them in the same position and order as shown in the following picture:
You should end up with a total of 6 terminals.
Another thing is… I don’t like when the tabs in the taskbar gets merged into one single tab so if this happen to you and you want to separate them again you can secondary click in that tab and select “Do not allow this program to be grouped” to get your terminals separated again.
But there’s a little problem. When you do this the tabs will shuffle the sequence in the taskbar but that’s okay. This is just Linux behavior and you can keep following the tutorial with that exception using your brain or you can close the last 5 terminals and reopen them again to get the 6, 5, 4, 3, 2, 1 sequence in the taskbar.
3- Did you drag and dropped the files?
Drag and drop the following files into directory /var/www/ using the shortcut named “[Drag and Drop var www".
Select the option "Copy Here".
"data.txt" - "index.html" - "login.php" and "rebooting.php".
At this point a popup window should ask you what to do with an already “index.html” existing file. Select “Overwrite”. Sometimes this overwrite step freeze my laptop for like 3 to 5 seconds. Again this is Linux behavior. If this happen to you wait the 3 to 5 seconds without clicking anything else. You don’t want the system to go crazy when it start responding again. Also remember you are running live and sometimes it takes a few seconds before performing some of the actions.
Then enter in folder “files to copy in root Desktop” and drag and drop the following files
into directory /root/Desktop/ using the shortcut named “[Drag and Drop root Desktop".
Once again select the option "Copy Here".
"blacklist.txt" - "dhcp3-server_3.1.3-2ubuntu3.3_i386.deb" and "spoof.txt"...
4- And do you have the little window to monitor the "data.txt" file?
Return to the previous folder “files” using the “BACK” button and click in top of the shortcut named “[Drag and Drop var www" to get access to the folder where the "data.txt" file is located.
Once there secondary click in a empty space of the folder and select "View Mode" then select "Details" and finally make the window size small like in the following picture.
And that’s it setting up the room and placing the files for this attack.
The next steps are to modify the text document so you can go to Backtrack to just copy paste the commands and start running the tools.