Skip to content

Instantly share code, notes, and snippets.

@aureeaubert

aureeaubert/fake-wifi-access-point.md

Last active January 25, 2022 18:54
Show Gist options
  • Save aureeaubert/0cf6a91556b7eceeaaef6e5c998362e1 to your computer and use it in GitHub Desktop.
Save aureeaubert/0cf6a91556b7eceeaaef6e5c998362e1 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
fake-wifi-access-point.md

How to create a fake wireless access point

Equipment

  1. Raspberry Pi 3
  2. An Ethernet connection that will need during the installation

Intructions

You need to assign users an IP Address when they connect to our network. Hostapd is a user space daemon for wireless access point and authentication servers and DNSMasq is used as our DNS server. To install these programs, run the following command:

sudo apt-get install -y isc-dhcp-server hostapd dnsmasq

If you use a Raspberry Pi 3, you can use the built-in wifi dongle, instead you will need to buy an external wifi dongle and run the ifconfig command to see the list of your interfaces.

Now, let's edit the hostapd configuration file

sudo nano /etc/hostapd/hostapd.conf

Then, enter the following configuration:

interface=wlan0
driver=nl80211
ssid=SaaStock Wifi
channel=1

You can save and quit out of the file by pressing Ctrl+X then pressing Y and then Enter.

Now, you need to redirect all traffic to 10.0.0.1 which you will set as your Wifi IP address in the next step. To do so, open the following file:

sudo nano /etc/dnsmasq.conf

and copy-paste the configuration:

address=/#/10.0.0.1
interface=wlan0
dhcp-range=10.0.0.10,10.0.0.250,12h

The dhcp-range is the available IP addresses list that will be assigned to users.

The next step is to set up your wlan0 interface to be static and to match the IP Address we assigned earlier from the dnsmasq configuration file. Type the following command to edit the interfaces:

sudo nano /etc/network/interfaces

Now, remove the previous configuration under allow-hotplug wlan0 and change it to the following one:

iface wlan0 inet static
address 10.0.0.1
netmask 255.255.255.0
broadcast 255.0.0.0

An run the following commands to update the changes to your system:

sudo service hostapd restart
sudo service dnsmasq restart

Now, let's create your web server by installing Apache2 and PHP.

sudo apt-get install -y apache2 php5

You need now to create a fake SSL certificate to redirect all https page to our web server. To do so, create a new directory in the apache folder:

sudo mkdir /etc/apache2/ssl

And then run the following command to create the certificate. Fill out the requested data. The answers don’t matter.

sudo openssl req -x509 -nodes -days 1095 -newkey rsa:2048 -out /etc/apache2/ssl/server.crt -keyout /etc/apache2/ssl/server.key

And enable SSL on the Apache2 server:

sudo a2enmod ssl

Remove the default configuration files from apache:

sudo rm /etc/apache2/sites-enabled/*
sudo rm /etc/apache2/sites-available/*

And then you need to create 2 new configuration files: one for with ssl and the other one without.

First, you need to redirect all the http traffic to the same page

sudo nano /etc/apache2/sites-available/default.conf

Then, copy-paste the following configuration:

<VirtualHost *:80>
  DocumentRoot /var/www/html

  Options +FollowSymlinks -MultiViews
  RewriteEngine On
  RewriteCond %{REQUEST_URI} !/assets
  RewriteRule / /index.php [L]

  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Now, we want to do the same thing with https pages. To do so, we'll redirect all the https pages to http.

sudo nano /etc/apache2/sites-available/default-ssl.conf

<IfModule mod_ssl.c>
  <VirtualHost *:80>
    DocumentRoot /var/www/html

    Redirect permanent / http://10.0.0.1/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/server.crt
    SSLCertificateKeyFile /etc/apache2/ssl/server.key

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
      SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
      SSLOptions +StdEnvVars
    </Directory>

    BrowserMatch "MSIE [2-6]" \
      nokeepalive ssl-unclean-shutdown \
      downgrade-1.0 force-response-1.0
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
  </VirtualHost>
</IfModule>

Then activate these 2 configurations:

sudo a2ensite default.conf
sudo a2ensite default-ssl.conf

And reload apache:

service apache2 reload

Let's change the permissions of the web server directory:

sudo chmod 777 /var/www/html
sudo rm /var/www/html/index.html
sudo mkdir /var/www/html/assets
sudo chmod 777 /var/www/html/assets
sudo nano /var/www/html/index.php

<html>
<body>
	Hello Saastock!
</body>
</html>

Now restart your Raspberry

sudo reboot

And you'll find the access point in your wifi networks list.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment