Create_ap
This script creates a NATed or Bridged WiFi Access Point.
Features
Features
- Create an AP (Access Point) at any channel.
- Choose one of the following encryptions: WPA, WPA2, WPA/WPA2, Open (no encryption).
- Hide your SSID.
- Disable communication between clients (client isolation).
- IEEE 802.11n & 802.11ac support
- Internet sharing methods: NATed or Bridged or None (no Internet sharing).
- Choose the AP Gateway IP (only for ‘NATed’ and ‘None’ Internet sharing methods).
- You can create an AP with the same interface you are getting your Internet connection.
- You can pass your SSID and password through pipe or through arguments (see examples).
Installation
Kali
sudo apt-get install haveged hostapd git util-linux procps iproute2 iw dnsmasq iptables
git clone https://github.com/oblique/create_ap
cd create_ap
sudo make install
cd .. && rm -rf create_ap
Linux (Debian, Mint, Ubuntu)
sudo apt-get install haveged hostapd git util-linux procps iproute2 iw dnsmasq iptables
git clone https://github.com/oblique/create_ap
cd create_ap
sudo make install
cd .. && rm -rf create_ap
Usage
create_ap [options] <wifi-interface> [<interface-with-internet>] [<access-point-name> [<passphrase>]]
Flags
Options:
-h, --help Show this help
--version Print version number
-c <channel> Channel number (default: 1)
-w <WPA version> Use 1 for WPA, use 2 for WPA2, use 1+2 for both (default: 1+2)
-n Disable Internet sharing (if you use this, don't pass
the <interface-with-internet> argument)
-m <method> Method for Internet sharing.
Use: 'nat' for NAT (default)
'bridge' for bridging
'none' for no Internet sharing (equivalent to -n)
--psk Use 64 hex digits pre-shared-key instead of passphrase
--hidden Make the Access Point hidden (do not broadcast the SSID)
--mac-filter Enable MAC address filtering
--mac-filter-accept Location of MAC address filter list (defaults to /etc/hostapd/hostapd.accept)
--redirect-to-localhost If -n is set, redirect every web request to localhost (useful for public information networks)
--hostapd-debug <level> With level between 1 and 2, passes arguments -d or -dd to hostapd for debugging.
--isolate-clients Disable communication between clients
--ieee80211n Enable IEEE 802.11n (HT)
--ieee80211ac Enable IEEE 802.11ac (VHT)
--ht_capab <HT> HT capabilities (default: [HT40+])
--vht_capab <VHT> VHT capabilities
--country <code> Set two-letter country code for regularity (example: US)
--freq-band <GHz> Set frequency band. Valid inputs: 2.4, 5 (default: 2.4)
--driver Choose your WiFi adapter driver (default: nl80211)
--no-virt Do not create virtual interface
--no-haveged Do not run 'haveged' automatically when needed
--fix-unmanaged If NetworkManager shows your interface as unmanaged after you
close create_ap, then use this option to switch your interface
back to managed
--mac <MAC> Set MAC address
--dhcp-dns <IP1[,IP2]> Set DNS returned by DHCP
--daemon Run create_ap in the background
--pidfile <pidfile> Save daemon PID to file
--logfile <logfile> Save daemon messages to file
--stop <id> Send stop command to an already running create_ap. For an <id>
you can put the PID of create_ap or the WiFi interface. You can
get them with --list-running
--list-running Show the create_ap processes that are already running
--list-clients <id> List the clients connected to create_ap instance associated with <id>.
For an <id> you can put the PID of create_ap or the WiFi interface.
If virtual WiFi interface was created, then use that one.
You can get them with --list-running
--mkconfig <conf_file> Store configs in conf_file
--config <conf_file> Load configs from conf_file
Non-Bridging Options:
--no-dns Disable dnsmasq DNS server
--no-dnsmasq Disable dnsmasq server completely
-g <gateway> IPv4 Gateway for the Access Point (default: 192.168.12.1)
-d DNS server will take into account /etc/hosts
-e <hosts_file> DNS server will take into account additional hosts file
Useful informations:
* If you're not using the --no-virt option, then you can create an AP with the same
interface you are getting your Internet connection.
* You can pass your SSID and password through pipe or through arguments (see examples).
* On bridge method if the <interface-with-internet> is not a bridge interface, then
a bridge interface is created automatically.
Examples:
create_ap wlan0 eth0 MyAccessPoint MyPassPhrase
echo -e 'MyAccessPoint\nMyPassPhrase' | create_ap wlan0 eth0
create_ap wlan0 eth0 MyAccessPoint
echo 'MyAccessPoint' | create_ap wlan0 eth0
create_ap wlan0 wlan0 MyAccessPoint MyPassPhrase
create_ap -n wlan0 MyAccessPoint MyPassPhrase
create_ap -m bridge wlan0 eth0 MyAccessPoint MyPassPhrase
create_ap -m bridge wlan0 br0 MyAccessPoint MyPassPhrase
create_ap --driver rtl871xdrv wlan0 eth0 MyAccessPoint MyPassPhrase
create_ap --daemon wlan0 eth0 MyAccessPoint MyPassPhrase
create_ap --stop wlan0
Examples
Basic OPEN Network
sudo create_ap wlan0 eth0 OpenWiFiNetwork
Basic Protected Network (WPA1+2)
To only use WPA2, which is recommended, use the -w2
flag.
sudo create_ap wlan0 eth0 MyProtectedNetwork 1337Password420
Routing Traffic Through PortSwigger BurpSuite
In BurpSuite proxy settings: Enable “Support invisible proxying”
sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 53 -j REDIRECT --to-port 8080
sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-port 8080
sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j REDIRECT --to-port 8080
sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 80 -j REDIRECT --to-port 8080
sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 443 -j REDIRECT --to-port 8080
sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 443 -j REDIRECT --to-port 8080