Airsnarf in Auditor Linux

Airsnarf in Auditor Linux

Postby Beetle » Sun May 01, 2005 5:59 pm

Auditor is a decent, quick, ready-to-go platform for wireless penetration testing. It's missing Airsnarf--not that I think Airsnarf ranks with the other wireless utilities in Auditor, mind you, but I personally think Airsnarf is nice for a quick & dirty rogue AP attack setup.

With that in mind, I've just uploaded a version of Airsnarf, which "just works" (I think) with the latest version of Auditor.

Download it HERE.

Untar in /opt/auditor, remaster & reburn (not necessary if you've installed Auditor to your hard drive of course), and just run "airsnarf" from any prompt.

Or if you want to run it on the fly in Auditor booted from CD, just:

mkdir /tmp/airsnarf
cp airsnarf-0.3-auditor.tar.gz /tmp/airsnarf
cd /tmp/airsnarf
tar zxvf airsnarf-0.3-auditor.tar.gz
cd /tmp/airsnarf/bin
vi airsnarf

Then change the PREFIX variable in the airsnarf shell script in the /tmp/airsnarf/bin directory to say "/tmp/airsnarf". Add /tmp/airsnarf/bin to your PATH with:

PATH=$PATH:/tmp/airsnarf/bin
export PATH

and then run airsnarf. Quick & easy rogue AP attack setup. Anyone associating to the "airsnarf" SSID that attempts to go to any website will be redirected to your Airsnarf.

Collected usernames & passwords wind up in /tmp/airsnarfs.txt.

Customizing your captive portal, eg. making a PayPal, Hotmail, T-mobile, Bank of America, etc. portal, adding virtual hosting to your Apache config, backend bridging and local DNS cache poisoning instead of the Perl-based DNS resolver, is still on you. ;)

Sincerely,

Beetle
The Shmoo Group
Beetle
Mini Stumbler
 
Posts: 9
Joined: Mon Jun 24, 2002 5:58 pm
Location: D.C.

Postby joswr1ght » Mon Jun 20, 2005 7:04 am

Beetle wrote:Auditor is a decent, quick, ready-to-go platform for wireless penetration testing. It's missing Airsnarf--not that I think Airsnarf ranks with the other wireless utilities in Auditor, mind you, but I personally think Airsnarf is nice for a quick & dirty rogue AP attack setup.


Thanks Beetle, I've asked Max to ensure that Airsnarf makes it into the next release of Auditor.

-Josh
-Joshua Wright
jwright@hasborg.com
http://home.jwu.edu/jwright/

Today I stumbled across the world's largest hotspot. The SSID is "linksys".


Check out the SANS advanced wireless auditing and assessment course:
Los Angeles
joswr1ght
Mini Stumbler
 
Posts: 90
Joined: Wed Sep 01, 2004 4:18 am

Postby joswr1ght » Tue Jun 21, 2005 3:01 am

joswr1ght wrote:Thanks Beetle, I've asked Max to ensure that Airsnarf makes it into the next release of Auditor.


Quoting myself, how sad...

The new release candidate for Auditor includes Airsnarf on the distribution, just not with a menu button. Devel log http://new.remote-exploit.org/index.php/Auditor_devlog.

Thanks,

-Josh
-Joshua Wright
jwright@hasborg.com
http://home.jwu.edu/jwright/

Today I stumbled across the world's largest hotspot. The SSID is "linksys".


Check out the SANS advanced wireless auditing and assessment course:
Los Angeles
joswr1ght
Mini Stumbler
 
Posts: 90
Joined: Wed Sep 01, 2004 4:18 am

airsnarf enquiries

Postby yoshiboy » Fri Sep 09, 2005 12:44 am

Is there a new version of airsnarf0.3 available for download, other than using the auditor CD?

I have tried airsnarf0.2. However airsnarf was terminated with the follow error msg:

"couldn't create TCP socket: Invalid argument at /ust/lib/perl5/site_perl/5/8/3/i386-linux-thread-multi/Net/DNS/Nameserver.pm line 139

Net::DNS::Nameserver::new('Net::DNS::Nameserver','LocalPort',53,'ReplyHandler', 'CODE(0x8e3f760)', 'Verbose', 1) called at ./bin/airsnarf_dns.pl line 34

couldn't create nameserver object
"
any advice?

Sincerely
Ric
yoshiboy
Mini Stumbler
 
Posts: 11
Joined: Mon Aug 16, 2004 10:44 pm

Postby yoshiboy » Tue Sep 20, 2005 11:03 pm

Could it be airsnarf is having problem with running on fedora core 2?

anyone can help me?
yoshiboy
Mini Stumbler
 
Posts: 11
Joined: Mon Aug 16, 2004 10:44 pm


Return to Unix/Linux

Who is online

Users browsing this forum: No registered users and 6 guests