Momentum

Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.0.254 0.0.0.0 UG 0 0 0 wlan0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 I'm not familiar with Awk but had a play anyway. It seems that "getline" may be the problem. Using "route -n | awk '/^0.0.0.0/ {print $2}'" returns the correct gateway IP. Not sure if that works for everyone though. ;)

Looks like you are bang on the money. I altered this line and DNS started resolving straight away. So, are you saying that $gatewayIP should be the IP Address for my internet gateway/router? On line 77 it looks like $gatewayIP is set. I stuck an 'echo $gatewayIP' just before line 142, just to get visibility of what it's being set to, and currently it is being set to 0.0.0.0? I manually set it to my router IP (192.168.0.254) and everything worked as expected. Is $gatewayIP supposed to be 0.0.0.0 or is this a bug in the script or a peculiarity in my setup? Thanks for your help with this...it's proving to be a great learning exercise. Really appreciate it. :)

Yes. Yep. Nope. Victim is an iPhone. I've just tested by trying to visit a website using the domain name (http://www.google.com). That generates the DNS request I'm seeing in wireshark but the Victim never gets a DNS response and Safari times out. If I visit google by numeric IP, the page renders just fine. Don't believe I've tried this yet. I'll test this out tomorrow evening and post the results. Thanks for the assistance. :)

I've got a bit further with the investigation on this. Some setup notes: Fon Router IP: 192.168.10.250 Attacking machine IP ($fonIP) on eth0: 192.168.10.2 Connected victim machine: 192.168.10.3 I ran up wireshark on eth0 and monitored traffic. I can see DNS requests going from 192.168.10.3 (victim) to 192.168.10.2 ($fonIP) but I see no DNS responses. Assume this must mean that my Backtrack 5 laptop DNS is not setting itself up properly? Just to check DNS between the attacking machine and the internet, I swapped wireshark over to monitor wlan0 and ran 'host www.google.com' from the attacking machine. I saw a DNS request go out from 192.168.0.110 (Attacking Machine IP on wlan0) to 192.168.0.254 (my wireless router). As expected, I saw the response come back and the domain was resolved. Again, any help would be much appreciated. :)

Hi. I've been having some issues getting this setup correctly and have hit a brick-wall...some help would be much appreciated. Everything is working with the sole exception of DNS. I can connect to the FON wireless AP with a client; I get an IP and associated config from the DHCP server on my Backtrack 5 laptop. I can see the DHCP requests come through and everything works as expected when I use numerical IP addresses (URL Snarf goes crazy, etc.). Unfortunately, if I try to use domain names (as most ppl would), they never resolve. I've checked DNS resolution on my Backtrack laptop and things resolve as expected. Not sure what might be the problem. Any suggestions? Thanks.