Turning a Kali Laptop into a Hotspot

Materials

1 laptop

2 wifi cards

Setup

Create a wifi hotspot/access point with 1 wifi card (wlan2)

Connect to an existing wifi network with 2nd wifi card (wlan1)

Tunnel traffic from AP (wlan1) through to internet-connected wifi network (wlan2)

Procedure

Install Software

Install DNS, DHCP, and AP-hosting software:

sudo apt install dnsmasq dhcpcd5 hostapd

Set up DHCP

For dhcp we'll use the dhcpcd utility.

Edit dhcpcd config file

Edit /etc/dhcpcd.conf and modify it to contain this:

interface wlan1
    static ip_address=192.168.4.1/24
    nohook wpa_supplicant

Here, wlan1 is the interface we want to use to connect to the AP network. Replace wlan1 with whatever interface you want to use.

Restart dhcpcd service

sudo service dhcpcd restart

DNS

DNS is handled by the dnsmasq utility.

Edit dnsmmasq config file

Edit the dnsmasq config file /etc/dnsmasq.conf, which determines what range of IP addresses will be handed out and for how long. Modify it to contain this:

interface=wlan1
dhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h

This will hand out IPs starting at 192.168.4.2 and ending at 192.168.4.20, lasting for 24 hours lease time.

Here we use interface wlan1 (the interface that should host the AP network). Modify to use whatever interface you want to provide the wifi network.

Restart dnsmasq service

If you are installing dnsmasq fresh, enable then start the service:

sudo systemctl enable dnsmasq
sudo systemctl start dnsmasq

or reload/restart the service:

sudo systemctl reload dnsmasq

Troubleshooting

Preferred DNS Resolver

Was experiencing problems with reaching the wider internet because of DNS problems:

ping: google.com: Temporary failure in name resolution

Solved this by doing the following:

Following this comment I tried to figure out what was happening with /etc/resolv.conf.

On my system it was a link, to something in /etc/resolvconf/.... I discovered there was a service called resolvconf by running service --status-all.

I disabled the resolvconf service by running the command:

service disable resolvconf

then remove the existing file at /etc/resolv.conf (we will replace it with our own one-line file):

rm -f /etc/resolv.conf

Now edit that file

vim /etc/resolv.conf

paste the contents

nameserver 1.1.1.1
nameserver 8.8.8.8

or whatever other nameservers you want to use.

Check everything is ok

You should be able to ping google.com

ping google.com

Use this to check that everything is ok, or diagnose network issues if they come up

Host an AP

We use hostapd to create the necessary infrastructure to host an access point.

Edit hostapd config file

Now modify the file /etc/hostapd/hostapd.conf to configure hostapd. Modify the contents to the following:

interface=wlan1
driver=nl80211
ssid=MyLittlePony
hw_mode=g
channel=7
wmm_enabled=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=AardvarkBadgerHedgehog
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

Note values for hw_mode are:

a = IEEE 802.11a (5 GHz)
b = IEEE 802.11b (2.4 GHz)
g = IEEE 802.11g (2.4 GHz)

Specify location of hostapd file

Modify the file /etc/default/hostapd to read:

DAEMON_CONF="/etc/hostapd/hostapd.conf"

Restart hostapd

sudo systemctl unmask hostapd
sudo systemctl enable hostapd
sudo systemctl start hostapd

Check status and ensure running ok:

sudo systemctl status hostapd
sudo systemctl status dnsmasq

Troubleshooting hostapd

If something fails it will probably be on the start step:

$ sudo systemctl start hostapd
Job for hostapd.service failed because the control process exited with error code.
See "systemctl status hostapd.service" and "journalctl -xe" for details.

Strategy for Debugging

For startup problems, you'll use journalctl -xe or your syslog to find the errors.

If hostapd is up and running okay, then you can debug problems with it using the following procedure. In one window, run this command to run hostapd in the foreground:

hostapd -d /etc/hostapd/hostapd.conf

In another window, monitor the system log:

tail -f /var/log/syslog

Now try connecting to the wifi access point that you created. This should generate some useful/interesting events in the log.

No address range available

Nov 24 17:42:56 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1
Nov 24 17:43:12 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1
Nov 24 17:43:28 kali hostapd: wlan1: STA d0:04:01:81:88:00 IEEE 802.11: authenticated
Nov 24 17:43:28 kali hostapd: wlan1: STA d0:04:01:81:88:00 IEEE 802.11: associated (aid 1)
Nov 24 17:43:28 kali hostapd: wlan1: STA d0:04:01:81:88:00 RADIUS: starting accounting session BE6E459ACB2E3A84
Nov 24 17:43:28 kali hostapd: wlan1: STA d0:04:01:81:88:00 WPA: pairwise key handshake completed (RSN)
Nov 24 17:43:28 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1
Nov 24 17:43:30 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1
Nov 24 17:43:33 kali wpa_supplicant[550]: wlan1: CTRL-EVENT-SCAN-FAILED ret=-95
Nov 24 17:43:34 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1
Nov 24 17:43:43 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1

To solve this one,

service dhcpcd restart
service hostapd restart

Interface wasn't started

-- Unit hostapd.service has begun starting up.
Nov 25 20:36:35 kali hostapd[11486]: Configuration file: /etc/hostapd/hostapd.conf
Nov 25 20:36:35 kali hostapd[11486]: nl80211: Could not configure driver mode
Nov 25 20:36:35 kali hostapd[11486]: nl80211: deinit ifname=wlan1 disabled_11b_rates=0
Nov 25 20:36:35 kali hostapd[11486]: nl80211 driver initialization failed.
Nov 25 20:36:35 kali hostapd[11486]: wlan1: interface state UNINITIALIZED->DISABLED
Nov 25 20:36:35 kali hostapd[11486]: wlan1: AP-DISABLED
Nov 25 20:36:35 kali hostapd[11486]: wlan1: CTRL-EVENT-TERMINATING
Nov 25 20:36:35 kali hostapd[11486]: hostapd_free_hapd_data: Interface wlan1 wasn't started
Nov 25 20:36:35 kali systemd[1]: hostapd.service: Control process exited, code=exited status=1
Nov 25 20:36:35 kali systemd[1]: hostapd.service: Failed with result 'exit-code'.
Nov 25 20:36:35 kali systemd[1]: Failed to start Advanced IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator.
-- Subject: Unit hostapd.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit hostapd.service has failed.

Link is not ready/Driver initialization failed

This is a problem that happens before hostapd starts. Here is the problem I encountered:

-- Logs begin at Thu 2019-02-14 10:12:02 UTC, end at Sun 2019-11-24 09:30:31 UTC. --
Nov 24 09:27:18 kali hostapd[1225]: nl80211: deinit ifname=wlan1 disabled_11b_rates=0
Nov 24 09:27:18 kali NetworkManager[154]: <info>  [1574587638.4191] device (wlan1): supplicant interface
state: inactive -> disabled
Nov 24 09:27:18 kali kernel: IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
Nov 24 09:27:18 kali NetworkManager[154]: <info>  [1574587638.8258] device (wlan1): supplicant interface
state: disabled -> inactive
Nov 24 09:27:18 kali hostapd[1225]: nl80211 driver initialization failed.
Nov 24 09:27:18 kali hostapd[1225]: wlan1: interface state UNINITIALIZED->DISABLED
Nov 24 09:27:18 kali hostapd[1225]: wlan1: AP-DISABLED
Nov 24 09:27:18 kali hostapd[1225]: wlan1: CTRL-EVENT-TERMINATING
Nov 24 09:27:18 kali hostapd[1225]: hostapd_free_hapd_data: Interface wlan1 wasn't started
Nov 24 09:27:18 kali systemd[1]: hostapd.service: Control process exited, code=exited, status=1/FAILURE

The solution to the problem is to bring down the wlan1 interface, disable the network manager, and then start hostapd.

service hostapd stop
service network-manager stop
ifconfig wlan1 down
rfkill unblock wlan
service hostapd stop
service hostapd start

Link: https://askubuntu.com/questions/472794/hostapd-error-nl80211-could-not-configure-driver-mode/743127#743127

Linking AP to Existing Connection

Update your existing connection

Unfortunately, to make hostapd work you have to disable the network manager, so you need to update/fix your network connection if it was made using network manager and you're running hostapd.

To connect to a wifi network from command line:

1. Edit /etc/network/interfaces and put the wifi connection info there:

auto wlan2
allow-hotplug wlan2
iface wlan2 inet dhcp
    wpa-ssid NetName
    wpa-psk NetPassword

2. Stop and restart the network interface to get it to connect to the wifi network

ifdown wlan2
ifup wlan2

3. (Optional) If you don't get assigned an IP address, try this

dhclient wlan2

The Linux/Wireless page has more instructions and more methods to try.

Check internet gateway

Once you get the hostapd network interface (wlan1) up and running with the instructions above, and you get your second interface (wlan2) connected to the internet, you're ready to begin.

To forward traffic from our access point interface (wlan1) to our internet-connected interface (wlan2), we set up a few iptables rules:

iptables -t nat -F
iptables -F
iptables -t nat -A POSTROUTING -o wlan2 -j MASQUERADE
iptables -A FORWARD -i wlan1 -o wlan2 -j ACCEPT
echo '1' > /proc/sys/net/ipv4/ip_forward

Link: https://www.offensive-security.com/kali-linux/kali-linux-evil-wireless-access-point/

Flags

Kali/Hotspot

From charlesreid1

Contents