fFoska

I'm building a robot as a school project, the brain is a RPI with a wifi dongle, and I need a compass reading from an android phone at all times. I'm sure sooner or later someone will screw me with a deauth attacker, so I figured, as a backup system I would try sending the data inside a 802.11 frame and listening for it in monitor mode on the client end with a script using scapy. My question is: 1- In which type of frame is the best to embed the data (at least a byte)? 2- How fast and reliable would it be? alternatively: How to protect myself against deauth attack (Not plausible as far as I know). I know that I'm not meant to use 802.11 frames like this but it seems like an interesting idea ... Thanks for the help in advance!

I'm still not sure if I can figure this out ... But I'll give it a try.It's a start (I'm using a regular laptop running Mint, not pineapple - probably not a problem?) Thanks for your help! Update: It did work. Turns out I just had to add a line to /etc/dnsmasq.conf as you suggested. I have no idea about DNS configuration but it was easier than I thought. I'm sure dnsmaq.conf has some more options to play with ! Thanks again.

I set up my own web-server with an IPtables captive portal. Works fine if I'm connected to the internet, otherwise the clients don't get redirected because they can't reach the DNS server. So I was wondering if it would be plausible to run a simple DNS server on my own machine... It would also serve as a captive portal so it should answer the same IP to every request. 1) How is it plausible to set up my own DNS server? 2) Will the client who's connected to the AP try to reach my server on AP's port 53 ? Thanks in advance.

Never mind, I think I figured it out... I was capturing the wrong type of packets. I'm not sure what kind of packets are these but they are sent to the AP from the connected devices so they contain the AP's mac as a destination. here's the code: def cb(p): if p.haslayer(Dot11): if p.addr1 and p.addr2: # if "from" and "to" mac addr. exists p.addr1 = p.addr1.lower() # convert both macs to all lower case p.addr2 = p.addr2.lower() if APmac.lower() == p.addr1.lower(): # AP's mac address = packt destination mac ! if p.type in [1, 2]: # the type I'm looking for if p.addr2 not in CliList and p.addr2 != '':

Update: So I found out that could get the captured packet's channel by reading the Radio Tap header, however I can't find the information in the header about channel, signal strenght etc. Is that because I messed up something setting up the monitor iface or is it hidden in some other way?

I'm writing a deauth attacker python script to kick everyone from an AP but my own devices (pretty much reverse engineered DanMcInerney's wifi jammer). It works fine so far, but every time scapy captures client macs it also captures devices that are connected to another AP or not connected at all. I tried fixing the mon0 channel with sudo airmon-ng start mon0 11 but it's not working... here's the code that gets the mac addresses: def sniffmgmt(p): stamgmtstypes = (0, 2, 4) if p.haslayer(Dot11): if p.type == 0 and p.subtype in stamgmtstypes: if p.addr2 not in CliList: print p.addr2 CliList.append(p.addr2) sniff(iface=moniface, prn=sniffmgmt, timeout = scantime) I could't find a proper documentation for scapy and I'm new to networking... so any help is apreciated. Thanks in advance !