A quick article about fun with Software defined WIFI Access Points
Requires a Kali Linux machine / Debian. Here it's Kali.
The first we need, is some software. Update the host with
apt update
apt upgrade
Install dnsmasq and hostapd
apt install hostapd dnsmasq
Plug in your wifi card, and lets give it an address
ifconfig wlan1 10.0.0.1/24
Turn on forwarding in the kernel
echo "1" > /pros/sys/net/ipv4/ip_forwardTest that forwarding is on (=1)
cat /proc/sys/net/ipv4/ip_forwardSo, with that out of the way, let's move on to config files.
Here it's /etc/dnsmasq.d/dnsmasq.conf
interface=wlan1
dhcp-range=10.0.0.10,10.0.0.254,12h
#Router config push via DHCP
dhcp-option=3,10.0.0.1
#DNS Server config PUSH via DHCP
dhcp-option=6,10.0.0.1
server=8.8.8.8
log-queries
log-dhcpWith that in place, on to /etc/hostapd.conf
#Ordinary config, no crypto
interface=wlan1
driver=nl80211
ssid=AP-TEST
channel=6
# WPA2 Settings
# wpa=2
# wpa_passphrase=testcode
# wpa_key_mgmt=WPA-PSK
#accept_mac_file="/etc/hostapd/hostapd.accept"
#deny_mac_file="/etc/hostapd/hostapd.deny"
And, on with something completely different. Time for firewall rules
iptables -P FORWARD ACCEPT
iptables --table nat -A POSTROUTING -o wlan0 -j MASQUERADE
And, now we're ready for launch :)
dnsmasq -C /etc/dnsmasq.d/dnsmasq.conf
hostapd /etc/hostapd/hostapd.conf
If the systems bitching about dnsmaq can't bind to port, look for the service using it with
lsof -Pn +M | grep ':53 (LISTEN)'
OR
netstat -utlnpSimply kill of the service. Check if NetworkManager /systemd-resolve is running. If they are, kill them both :)
'That's it. You should have a running service, and a running software AP.
or, you could simple use a software / script called mitmAP to do the heavy lifting. It can be found here.