Thursday, 6 September 2012

#8 Setting Up PwnSTAR

Setting Up PwnSTAR
Now am going to show you how to setup the requirments of a grate script that will allow us to do grate things. This script will allow us to setup a rouge AP (fake wireless spot) which test victems can connect too and then we can do many thing to. such as:
- Direct to a webpage of are choosing
- Direct to are captive portal
- SSLStrip there logins to websites they visit
- Use karmetasploit to exsplot the machine and gain access
and some other thing too.
I will do tutorials on these later but first lets just get eveything setup.
First fire up the Backtrack VM again and download the file from the link below and save it to your desktop.
Now right click on the zipped file you just downloaded and select 'Open With Archive Mounter'.
You should see another file created with the same name around the zipped file. It has what looks like a stack of what paper as its icon.
When you see it just right click it and select 'Open'
You will then be presented with a new window with a folder inside named Hacks. Now highlight it, then copy and paste it to the desktop.
Inside this folder is the script we will use to run the attack later and we will be leaving that there. Also inside this folder is webpages, these web pages need to be placed in the apache WWW folder.
We will be using the CLI to move the files/folders. So now open a new terminal and enter the bold text below into the terminal. Be sure the command you hae entered has completed its task before you enter the next line.
mv -f '/root/Desktop/Hacks/Wireless Attacks/hotspot_2' /var/www
mv -f '/root/Desktop/Hacks/Wireless Attacks/portal_hotspot' /var/www
mv -f '/root/Desktop/Hacks/Wireless Attacks/portal_pdf' /var/www
mv -f '/root/Desktop/Hacks/Wireless Attacks/portal_simple' /var/www

Now we need to install sslstrip (because backtrack did a shit job) just open a terminal and enter the code in bold below.

cd /pentest/web/sslstrip
python install

Now we have sslstrip! :D
Now we just need to clean up, to do this we just need to right click on the mounted zip file (the one with the icon that looks like a stack of white paper) and when the menu appears, select unmount. Now just delete the zip file we downloaded and your all done, nice, clean, organised desktop.

Well done you have just completed the setup, the next tutorial will be on how to use one of the functions of this script.

No comments:

Post a Comment