Jeliason Posted March 6, 2018 Share Posted March 6, 2018 Hello everyone! I am a student at a community college and while my major is in Networking Technology, my main interests lay in cyber security. Unfortunately most of my education revolved around configuring Cisco devices, so everything I've learned outside of that has just been mostly on my own and for fun. Anyway the reason I am posting here is because I'm trying to put together a demonstration for the students here involved in the security certificate program at the college to demonstrate some of the dangers of open WiFi or even secure networks. I would appreciate any suggestions or links to resources anyone has regarding how to properly use this device. I am currently able to set up my own WAP, deauth clients from it and connect them to my rogue access point. From there I can run Dwall and see some traffic but only if it isn't HTTPS, which is rare now. I was able to get Evil Portal working somewhat, but the templates I found through the forums aren't working right or I'm doing something wrong. The portal will show up and it will capture the credentials, but the client will see a page that will say "not authorized", then after refreshing the page it will say "authorized" and then you have to open a new tab/window to continue browsing, so it's suspicious. I've tried to get SSLSplit and DNS2proxy working so I can MITM and bypass HSTS but I'm at a loss. I have them installed properly and am avoiding the SD card bug by using a USB SD card reader. I open multiple sessions of putty and run sslsplit in one window and dns2proxy in the other. I'm not fully understanding the output because it doesn't seem to be doing what I expected and I don't know how I'm supposed to use these tools to bypass HSTS. When googling around in some places I'm seeing people say these tools don't work any more and in others I'm hearing the opposite. Randomroll works fine and will probably get a laugh so I will use that. I have random times when the nano just doesn't work properly at all unless I reboot it several times. Clients won't connect properly or other weird unexplainable issues that go away after a reboot. Running some tools (SSLsplit in particular) seems to make it crash sometimes. I don't yet understand what a lot of these tools do and I am unsure where to look. How does the meterpreter module work? I have some cursory experience with the metasploit framework so if I could understand how to use that module better maybe I could do something that way. Does it allow me to MITM and then pivot into the network or what? Am I supposed to create a meterpreter payload and get a client to execute it, then connect to them? Does anyone have any suggestions on how I can go about doing/learning this? Thanks for reading everyone. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.