Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#!/bin/bash
# Ref: http://www.contextis.com/resources/blog/wireless-phishing-captive-portals/
#
# Steps :
# ./network_ap.sh
# ./create_ap wlan0 eth0 AccessPoint -g 10.0.0.1
killall hostapd
killall dnsmasq
#
# First, delete all existing rules
#
iptables --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables --table nat -F
iptables --table nat -X
#
# Captive Portal
#
# - Replace `10.0.0.1` to `192.168.1.5:3000` to access remove server
#
iptables -t mangle -N localhost
iptables -t mangle -A PREROUTING -i wlan0 -p udp --dport 53 -j RETURN
iptables -t mangle -A PREROUTING -i wlan0 -j localhost
iptables -t mangle -A localhost -j MARK --set-mark 1
iptables -t nat -A PREROUTING -i wlan0 -p tcp -m mark --mark 1 -j DNAT --to-destination 10.0.0.1
sysctl -w net.ipv4.ip_forward=1
iptables -A FORWARD -i wlan0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.