Kali/Hotspot
From charlesreid1
The short version: Kali/Hotspot/Short
Contents
Turning a Kali Laptop into a Hotspot
Materials
1 laptop
2 wifi cards
Setup
Create a wifi hotspot/access point with 1 wifi card (wlan2)
Connect to an existing wifi network with 2nd wifi card (wlan1)
Tunnel traffic from AP (wlan1) through to internet-connected wifi network (wlan2)
Procedure
Install Software
Install DNS, DHCP, and AP-hosting software:
sudo apt install dnsmasq dhcpcd5 hostapd
Optional - Connect to Wifi via Command Line
NOTE: This section is REQUIRED if you connect using an existing wifi connection. We will kill the builtin Network Manager so you will need to be connected to wifi manually.
This section assumes you're trying to make sure the interface wlan2 will stay connected to wifi even after the network manager is killed.
To connect to a wifi network from command line (note, also see Linux/Wireless):
1. Edit /etc/network/interfaces and put the wifi connection info there:
auto wlan2
allow-hotplug wlan2
iface wlan2 inet dhcp
wpa-ssid NetName
wpa-psk NetPassword
2. Disable the network manager service
service network-manager stop systemctl disable network-manager
3. Stop and restart the network interface to get it to connect to the wifi network
ifdown wlan2 || ifconfig wlan2 down ifup wlan2 || ifconfig wlan2 up
You may encounter issues due to an error like
SIOCSIFFLAGS: Operation not possible due to RF-kill
In this case, run these two commands to unblock wifi with RF-kill:
rfkill unblock wifi rfkill unblock wlan
4. Bring wlan2 up with the following command (re-run it if it fails the first time):
ifup wlan2 || ifconfig wlan2 up
Troubleshooting
If you successfully connect to your wireless network but are not assigned an IP address, try this
dhclient wlan2
The Linux/Wireless page has more instructions, and alternative methods to specifying the wifi info in /etc/network/interfaces
Set up DHCP
For dhcp we'll use the dhcpcd utility.
Edit dhcpcd config file
Edit /etc/dhcpcd.conf and modify it to contain this:
interface wlan1
static ip_address=192.168.4.1/24
nohook wpa_supplicant
Here, wlan1 is the interface we want to use to run the AP network. Replace wlan1 with whatever interface you want to use.
Restart dhcpcd service
sudo service dhcpcd restart
DNS
DNS is handled by the dnsmasq utility.
Edit dnsmmasq config file
Edit the dnsmasq config file /etc/dnsmasq.conf, which determines what range of IP addresses will be handed out and for how long. Modify it to contain this:
interface=wlan1 dhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h
This will hand out IPs starting at 192.168.4.2 and ending at 192.168.4.20, lasting for 24 hours lease time.
Here we use interface wlan1 (the interface that should host the AP network). Modify to use whatever interface you want to provide the wifi network.
Restart dnsmasq service
If you are installing dnsmasq fresh, enable then start the service:
sudo systemctl enable dnsmasq sudo systemctl start dnsmasq
or reload/restart the service:
sudo systemctl reload dnsmasq
Troubleshooting
Preferred DNS Resolver
Was experiencing problems with reaching the wider internet because of DNS problems:
ping: google.com: Temporary failure in name resolution
Solved this by doing the following:
Following this comment I tried to figure out what was happening with /etc/resolv.conf.
On my system it was a link, to something in /etc/resolvconf/.... I discovered there was a service called resolvconf by running service --status-all.
I disabled the resolvconf service by running the command:
service disable resolvconf
then remove the existing file at /etc/resolv.conf (we will replace it with our own one-line file):
rm -f /etc/resolv.conf
Now edit that file
vim /etc/resolv.conf
paste the contents
nameserver 1.1.1.1 nameserver 8.8.8.8
or whatever other nameservers you want to use.
Check everything is ok
You should be able to ping google.com
ping google.com
Use this to check that everything is ok, or diagnose network issues if they come up
Host an AP
We use hostapd to create the necessary infrastructure to host an access point.
Edit hostapd config file
Now modify the file /etc/hostapd/hostapd.conf to configure hostapd. Modify the contents to the following:
interface=wlan1 driver=nl80211 ssid=MyLittlePony hw_mode=g channel=7 wmm_enabled=0 macaddr_acl=0 auth_algs=1 ignore_broadcast_ssid=0 wpa=2 wpa_passphrase=AardvarkBadgerHedgehog wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP rsn_pairwise=CCMP
Note values for hw_mode are:
- a = IEEE 802.11a (5 GHz)
- b = IEEE 802.11b (2.4 GHz)
- g = IEEE 802.11g (2.4 GHz)
Specify location of hostapd file
Modify the file /etc/default/hostapd to read:
DAEMON_CONF="/etc/hostapd/hostapd.conf"
Restart hostapd
sudo systemctl unmask hostapd sudo systemctl enable hostapd sudo systemctl start hostapd
Check status and ensure running ok:
sudo systemctl status hostapd sudo systemctl status dnsmasq
Troubleshooting hostapd
If something fails it will probably be on the start step:
$ sudo systemctl start hostapd Job for hostapd.service failed because the control process exited with error code. See "systemctl status hostapd.service" and "journalctl -xe" for details.
Strategy for Debugging
For startup problems, you'll use journalctl -xe or your syslog to find the errors.
If hostapd is up and running okay, then you can debug problems with it using the following procedure. In one window, run this command to run hostapd in the foreground:
hostapd -d /etc/hostapd/hostapd.conf
In another window, monitor the system log:
tail -f /var/log/syslog
Now try connecting to the wifi access point that you created. This should generate some useful/interesting events in the log.
No address range available
Nov 24 17:42:56 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1 Nov 24 17:43:12 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1 Nov 24 17:43:28 kali hostapd: wlan1: STA d0:04:01:81:88:00 IEEE 802.11: authenticated Nov 24 17:43:28 kali hostapd: wlan1: STA d0:04:01:81:88:00 IEEE 802.11: associated (aid 1) Nov 24 17:43:28 kali hostapd: wlan1: STA d0:04:01:81:88:00 RADIUS: starting accounting session BE6E459ACB2E3A84 Nov 24 17:43:28 kali hostapd: wlan1: STA d0:04:01:81:88:00 WPA: pairwise key handshake completed (RSN) Nov 24 17:43:28 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1 Nov 24 17:43:30 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1 Nov 24 17:43:33 kali wpa_supplicant[550]: wlan1: CTRL-EVENT-SCAN-FAILED ret=-95 Nov 24 17:43:34 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1 Nov 24 17:43:43 kali dnsmasq-dhcp[6128]: no address range available for DHCP request via wlan1
To solve this one,
service dhcpcd restart service hostapd restart
Link is not ready/Driver initialization failed
This is a problem that happens before hostapd starts. Here is the problem I encountered:
-- Unit hostapd.service has begun starting up. Nov 25 20:36:35 kali hostapd[11486]: Configuration file: /etc/hostapd/hostapd.conf Nov 25 20:36:35 kali hostapd[11486]: nl80211: Could not configure driver mode Nov 25 20:36:35 kali hostapd[11486]: nl80211: deinit ifname=wlan1 disabled_11b_rates=0 Nov 25 20:36:35 kali hostapd[11486]: nl80211 driver initialization failed. Nov 25 20:36:35 kali hostapd[11486]: wlan1: interface state UNINITIALIZED->DISABLED Nov 25 20:36:35 kali hostapd[11486]: wlan1: AP-DISABLED Nov 25 20:36:35 kali hostapd[11486]: wlan1: CTRL-EVENT-TERMINATING Nov 25 20:36:35 kali hostapd[11486]: hostapd_free_hapd_data: Interface wlan1 wasn't started Nov 25 20:36:35 kali systemd[1]: hostapd.service: Control process exited, code=exited status=1 Nov 25 20:36:35 kali systemd[1]: hostapd.service: Failed with result 'exit-code'. Nov 25 20:36:35 kali systemd[1]: Failed to start Advanced IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator. -- Subject: Unit hostapd.service has failed -- Defined-By: systemd -- Support: https://www.debian.org/support -- -- Unit hostapd.service has failed.
Another version of the error:
-- Logs begin at Thu 2019-02-14 10:12:02 UTC, end at Sun 2019-11-24 09:30:31 UTC. -- Nov 24 09:27:18 kali hostapd[1225]: nl80211: deinit ifname=wlan1 disabled_11b_rates=0 Nov 24 09:27:18 kali NetworkManager[154]: <info> [1574587638.4191] device (wlan1): supplicant interface state: inactive -> disabled Nov 24 09:27:18 kali kernel: IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready Nov 24 09:27:18 kali NetworkManager[154]: <info> [1574587638.8258] device (wlan1): supplicant interface state: disabled -> inactive Nov 24 09:27:18 kali hostapd[1225]: nl80211 driver initialization failed. Nov 24 09:27:18 kali hostapd[1225]: wlan1: interface state UNINITIALIZED->DISABLED Nov 24 09:27:18 kali hostapd[1225]: wlan1: AP-DISABLED Nov 24 09:27:18 kali hostapd[1225]: wlan1: CTRL-EVENT-TERMINATING Nov 24 09:27:18 kali hostapd[1225]: hostapd_free_hapd_data: Interface wlan1 wasn't started Nov 24 09:27:18 kali systemd[1]: hostapd.service: Control process exited, code=exited, status=1/FAILURE
This set of commands from this ask ubuntu forum (https://askubuntu.com/a/743127) initially worked, but that is not reproducible.
Try this instead:
ifconfig wan1 down rfkill unblock wifi rfkill unblock wlan ifconfig wlan1 192.168.4.1/24 up service dhcpcd start || service dhcpcd restart service hostapd start || service hostapd restart
Debugging
Create the following minimal hostapd configuration file:
#change wlan1 to your wireless device interface=wlan1 driver=nl80211 ssid=test channel=1
Now run it like this:
hostapd ./minimal-hostapd.conf
Linking AP to Existing Connection
We will use iptables to forward packets from the AP to another network interface with an internet connection to give our wifi hotspot some internet.
Once you get the hostapd network interface (wlan1) up and running with the instructions above, and you get your second interface (wlan2) connected to the internet, you're ready to begin.
iptables rules
To forward traffic from our access point interface (wlan1) to our internet-connected interface (wlan2), we set up a few iptables rules:
# flush the tables iptables -t nat -F iptables -F # add a postrouting rule to specify a mapping to an outgoing interface iptables -t nat -A POSTROUTING -o wlan2 -j MASQUERADE # forward packets from wlan1 to wlan2 iptables -A FORWARD -i wlan1 -o wlan2 -j ACCEPT # enable ipv4 forwarding echo '1' > /proc/sys/net/ipv4/ip_forward
Link: https://www.offensive-security.com/kali-linux/kali-linux-evil-wireless-access-point/
Restart hostapd
service hostapd restart
Test it out
From another client (don't use the same computer running hostapd), connect to the new wifi network, and attempt to reach the internet. It is likely that the connection will be much slower when passed through from the access point to the main wireless network. It may also take 30 seconds or more for the connection to start working.
Flags
 |
hostapd, openvpn, and PIA setting up hostapd, openvpn, and PIA on kali linux
Kali/OpenVPN/Hotspot · Kali/OpenVPN/DNS · Kali/OpenVPN/PIA
|