Simple Idea of forging an AP (win7 + linux)

Win7

I have seen a friend using backtrack software to forge an ap and then wait for it. However, that system is still difficult for new users who have not used linux. So we should use win7, there is a function that can still meet this requirement. Many people now like to stick to the Internet. The most important thing is to do something that can't be seen. It's so annoying. Let's make a decision, take a vacation and check whether he is a master or a low-handed player.

Implementation Method: in fact, it is nothing advanced, that is, win7 has a function to set up a temporary network, the requirement is that your computer has two NICs, one wired, one wireless, And the other wired for Internet access, wireless is used to transmit signals, because we need to wait until the other party connects to our false AP, and then we can capture packets to see what the other party is doing.

This function is mainly used for sharing. If there is no switch for business trip or other reasons and only one computer can access the Internet, this method is definitely a good function!

Linux

Wireless phishing is simply to apply the methods of phishing attacks in wired networks to the wireless network field. However, due to different network transmission protocols, wireless phishing methods are also different. A common wireless phishing method is to trick wireless clients into accessing fake wireless access points to intercept their Internet accounts and passwords.

Attackers will also use soft aps to construct false APs, and then use them with some automated response software. For example, for such tools, they will always monitor wireless network requests, when the wireless client sends an SSID question request, the tool automatically replies to the request: Yes, I am the SSID you are looking. At this time, as these wireless clients will trust and contact the tool. If the Pre-forged AP adopts encryption, the attacker will first crack its encryption and add the encrypted password to the forged AP, so that more wireless clients can automatically connect to the AP, it is very likely to access the phishing AP.

Multiple wireless access points with similar SSID names are scanned

By scanning multiple wireless access points with similar SSID names, refresh the Firmware wireless router to create a dedicated AP for phishing, which is also one of the methods taken by attackers. In the past few years, the Firmware used by wireless enthusiasts to refresh their wireless routers is mainly for DD-WRT and OpenWRT, but in terms of security, the more famous Firmware for wireless phishing is airsnscarf.

As shown in the figure below, after the refresh is successful, attackers can configure the phishing AP interface to make it closer to the simulated real environment and more realistic.

Dedicated routing kernel for phishing-airsnscarf logon Interface



 

Dedicated routing kernel for phishing-airsnscarf logon Interface