How to Setup Wireless Access Point (AP) with roguehostapd on Linux

by hash3liZer . 09 January 2019

How to Setup Wireless Access Point (AP) with roguehostapd on Linux

Hosting a wireless access point is rather easy on windows and android as compared to those of based on debian and other linux distros. In this sceneario you would have to provide every single detail youself by configuring packages and writing configuration. Well, in windows there are just a couple commands to accomplish the task and as for android, it's hotspot. Approaching this in linux would be a bit tricky and as for new commers perplexing.

The widely accepted tool for the purpose is hostapd which we have also used in some of the earlier tutorials. Lately, developers of wifiphisher developed a small tool that could tackle the problem of handling hostapd configuration in a more robust way. And later, it was used in wifiphisher and was named roguehostapd (a modified version of hostapd). The developers record that some previous known errors were removed in newer version and also supports some other wireless attacks as well.

Roguehostapd provides a simple CLI interface with argument options to deal with user requirements, just like a normal command line tool. It also supports karma attack where an attacker provides it's users internet connectivity but still own's the actual arena. However, note that we will still have to configure a DHCP server for which we will use dnsmasq.

STEP 1

Installation

Dnsmasq can easily be installed with apt, however that's not the case with roguehostapd. Update your system and install pre-requisities.

$ apt update
$ apt install libnl-3-dev libnl-genl-3-dev libssl-dev dnsmasq

To make roguehostapd work as a usual tool, we will have to manually place it under some directory and produce a link to an execution directory. Move to /opt directory and clone the tool from github:

$ cd /opt/
$ git clone https://github.com/wifiphisher/roguehostapd.git
$ cd roguehostapd/roguehostapd/
$ ls -l

And finally create the soft link to command execution directory:

$ ln -s /opt/roguehostapd/roguehostapd/run.py /usr/bin/rghostapd

We've followed this way of installation to install it as a normal command utility. To integrate it with wifiphisher, it can be done with a single command:

$ pip install roguehostapd

STEP 2

Monitor Mode

Put your wireless card in monitor mode:

$ airmon-ng start wlan1

STEP 3

Wireless Access Point

The manual for roguehostapd can be issued from CLI now:

$ rghostapd --help

To launch wireless access point with rghostapd, execute the following command:

$ rghostapd -i "wlan1mon" --ssid "WiFi Name" -c 6 -pK "password"
  • -i, --interface: Monitor Mode interface to host AP on.
  • -c, --channel: Access Point Channel.
  • --ssid:  Wireless Access Point ESSID or Name.
  • -pK, --wpa2password: Access Point WPA password.

STEP 4

DHCP server

Since, we have our Access Point, all we need is a DHCP server to let the actual traffic flow through our network. We have dnsmasq for this part. Create a temporary configuration file for dnsmasq with nano:

$ nano /tmp/dnsmasq.conf

And write the following configurations into the file with the wireless interface replaced with your interface:

interface=wlan1mon
dhcp-range=192.168.1.2,192.168.1.30,255.255.255.0,12h
dhcp-option=3,192.168.1.1
dhcp-option=6,192.168.1.1
server=8.8.8.8
log-queries
log-dhcp
listen-address=127.0.0.1

Press CTRL+X and then ENTER to save the file. Then execute the following two commands to assign reqired ip and netmask to your interface:

$ ifconfig wlan1mon up 192.168.1.1 netmask 255.255.255.0
$ route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1

sThen for sure, kill dnsmasq process if any running already on your system:

$ killall dnsmasq

And finally, start dnsmasq:

$ dnsmasq -C /tmp/dnsmasq.conf -d

STEP 5

IP Forwarding

And finally the last thing is providing the Access Point users with internet facility. For this we need another wired or wireless interface from where traffic will be forwarded to our Access Point interface. I've got two wireless adapters, one is connected to internet (wlan0) and the other on which currently I've an access point (wlan1mon).

Just execute the following commands with the bold words replaced by your respective interfaces:

$ iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
$ iptables --append FORWARD --in-interface wlan1mon -j ACCEPT

And at last, allow the traffic forwarding rules in linux configuration:

$ echo 1 > /proc/sys/net/ipv4/ip_forward

After this, you will have your access point on duty to serve it's users.

Conclusion

Setting up a wireless access point on linux is rather tricky than windows and android for we have to configure traffic forwarding and setup the network as well. Roguehostapd which is the newer and updated version of hostapd is not officially but developed by wifiphisher developers to be integrarted into their project. It also provides users with support of wifi karma attack.