Wifi access point on Kali Linux with Raspberry Pi
This is a series of posts sharing with you the way of building wifi access point on Kali Linux, with Raspberry Pi
[Disclaimer]This article is for learning purpose, not for practical use, not to mention for aid and abet any illegal action.
When I was researching how secure WiFi passwords are, and how they are attacked, I thought, “First, let’s make our own WiFi and try to attack it. This was the start.
I studies the basics of network, from OCI layer model to linux configurations, and implemented wifi access point myself with Raspberry Pi then captured packets with Wireshark. And I’m gonna share this experience.
What you will learn in this series of posts:
[Practical Application]
- Raspberry Pi set up
- Launch your WiFi access point
[Background Knowledge]
- Linux configurations related to wifi hosting
- Network - how packet is conveyed
- Network - OCI layer model
- Network - Configurations network on Linux
This is the final picture of how Raspberry Pi works as WiFi router.
Target Audience
- People who are interested in networking
- Beginner of Linux or Kali Linux
- Web engineer who is interested in network security
- Those who want to try building something with Raspberry Pi
Prerequisites
Items, Devices
- Raspberry Pi(*)
- microSD card(*)
- Network Adapter(TP-Link)
- USB3.0 extension cable (optional)
- Power supply adapter(*)
- HDMI cable(*)
- Thermal cooling metals(*)
- Monitor, Keyboard, Mouse
Items with (*) icon can be found as packaged kit like this in Amazon.
Let’s get it started!!
Overview of the building steps:
Hardware setup
Flashing the OS
Initial Pi configuration
Installation of network drivers
Access point construction
Network setup
Set up the Raspberry Pi
- Putting up a metal heat sink
Some hardware can get very hot when Pi is run, so we’d better put metal with high thermal conductivity on the surface area.
The following three areas should be covered with metal
- CPU
- Memory
- USB3.0 host controller
2. Attach a fan.
This is also for cooling purpose.
Burn the OS image to the card
- Download the OS image of Kali Linux
Download the 64-Bit image from the official site.
kali-linux-2021.1-rpi4-nexmon-64.img.xz.If you want to download it using a torrent file, please use utorrent.
2. Download and install balenaEtcher from the following site.
To flash the image to the SD card, use an application called balenaEtcher.
3. Connect the microSD card to your PC and flash the image downloaded in step 1.
Initial setup of Kali Linux
You need to log in with the default ID/PW at the first boot. The following ID/PW is currently initial value for Kali Linux.
username: root
password: kali
1. Change the password of root user
sudo -i
passwd2. Connect to the Internet
We first need to connect the Pi to the Internet so that we can install tools and libraries. Connecting to Internet can be done either wired or wireless whichever you want, but in this post I choose wireless configuration.
Some people might wonder why I need to buy a network adapter as WiFi adapter is built in from the start, but this will be explained in a later chapter.
3. Install Git
$ apt-get update
$ apt-get install git# You can use apt as well.
4. Update SSH key and start SSH daemon
It is very vulnerable to use the same SSH key that is initially set in the Kali Linux image. Make sure to issue a new key before using it.
$ rm /etc/ssh/*key*
$ ssh-keygen -A# This may not be necessary
$ mkdir /run/sshd
$ /user/sbin/sshd
$ systemctl start ssh
5. Install the network driver
This time, we will use the driver for Realtek’s 8188eu. This driver is compatible with the TP-Link network adapter used in this book. If you have purchased a different adapter, you will need to chose another adapter according to your device, but the basic idea of installing the driver is the same.
Here is the procedure
5.a) clone the source code of the driver.
$ cd ~
$ mkdir tools && cd tools
$ git clone https://github.com/aircrack-ng/rtl8188eus5.b) Declare black list for modprobe to avoid reading
$ echo 'blacklist r8188eu'|sudo tee -a '/etc/modprobe.d/realtek.conf'5.c) Remove the driver with the same name
The driver with the name “8188eu” is actually installed in Kali Linux from the beginning. If this driver remains in the lib directory, Kali Linux will not recognize the driver with the same name, so let’s remove it beforehand.
$ cd /lib/modules/$(uname -r)/kernel/drivers/net/wireless
$ rm -rf . /realtek5.d) Compile & Install
$ make && sudo make installThe make command will create a binary file in the existing folder, and the make install command will copy it to lib/module.
5.e) Check if configured correctly
After that, restart Pi and plug the network adapter into the USB port (it is OK even if it is plugged in from the beginning) and then execute the following command.
$ airmon-ng
# -> Check the interface where 8188eu is the driver. In my case, it was wlan1.$ ifconfig wlan1 down$ iwconfig wlan1 mode master
# -> If the installation of the driver is not successful, you will get an error here.$ ifconfig wlan1 up$ iwconfig
# -> If the mode of wlan1 is set to Master, it’s configured properly.
At this point you are ready to host WiFi access point.
Hosting WiFi access point
We will now configure the necessary settings for two Internet interfaces. In this manual, let
<WLAN0>: The interface TP-Link is connected
<WLAN1>: The interface of Raspberry Pi’s built-in WiFi adapter
You can check the network interface by iwconfig or airmon-ngcommand.
Hosting WiFi
For the access point, use Hostapd (Host Access Point Daemon). This allows you to run a specific network interface as an access point and authentication server.
- Installation & Configuration
$ apt-get install hostapd
$ vi /etc/hostapd/hostapd.conf2. Add the following contents to the hostapd.conf file.
interface=<WLAN0
driver=nl80211
ssid=YOUR-WIFI-NAME
hw_mode=g
channel=11
macaddr_acl=0
ignore_broadcast_ssid=0
auth_algs=1
ieee80211n=1
wme_enabled=1# The following is for adding a PW
wpa=2
wpa_passphrase=yourpassword
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
wpa_group_rekey=86400
3. Start hostapd
$ hostapd /etc/hostapd/hostapd.conf
$ ifconfig <WLAN0> up 192.168.1.1 netmask 255.255.255.0At this point, you should be able to see your own WiFi name on the WiFi access point.
(I’ve given it the dubious name “SecureWiFi.”)
However, this WiFi is not able to access the Internet yet.
**Please keep in mind that if you have a Raspberry Pi with port 22 or 80 open, anyone can brute-force an SSH login attempt or send an HTTP request, so be aware of the possibility of an attack.
DNS Settings
In order to be able to connect to the Internet, we need to set up DNS for the hosted WiFi, using dnsmasq.
- Install and configure
$ apt-get install dnsmasq
$ vi /etc/dnsmasq.d/dnsmasq.conf2. Write the following contents in the dnsmasq.conf file.
interface=<WLAN0>
dhcp-range=192.168.1.2,192.168.1.30,255.255.255.0,12h
dhcp-option=3,192.168.1.1
dhcp-option=6,192.168.1.1
server=8.8.8.8
log-queries
log-dhcp
listen-address=127.0.0.13. Start dnsmasq
$ systemctl start dnsmasqForwarding IP packets
This is the last step.
Add the settings for packet processing in the Linux kernel, and set IP forwarding to TRUE.
$ iptables — table nat — append POSTROUTING — out-interface <WLAN1> -j MASQUERADE
$ iptables — append FORWARD — in-interface <WLAN0> -j ACCEPT$ echo 1 > /proc/sys/net/ipv4/ip_forward
Finished!
Now you’ll be able to connect to the Internet from any PC/phone that’s connected to your homebrewed WiFi! Great work!
Further Reading
References
Websites
- balena Etcher
- Kali Linux
- Create A Fake AP With DNSMASQ And HOSTAPD [Kali Linux]
- GitHub aricrack-ng/rtl8188eus
- USB Rubber Ducky
- Linux Network Administrator’s Guide, 2nd Edition|Chapter 11
IP Masquerade and Network Address Translation - Find MAC Address Vendors.
- Root name server IP address
- Google Public DNS
Youtube Links
- The Linux File System…for humans
- Load Kali Linux on a Raspberry Pi 4 Model B for a Mini Hacking Computer * [Tutorial]
- Top 10 things to do after installing kali linux
- iptables: Packet Processing
- NAT Masquerading
- OSI Model Explained | OSI Animation | Open System Interconnection Model | OSI 7 layers | TechTerms
- Linux Runlevels Explained
