0

I have a website in my localhost:

index.html

I want to convert my laptop into a hotspot in a way that any url that the client will open in his browser will be considered as my local webserver mentioned above.

For that, I used airbase.

#put interface card in monitor mode
airmon-ng start wlan0

#scanning interface to clone
airodump-ng -M mon0


#create wifi access point
airbase-ng -e GamingOpenWifi -c 6 -P mon0

This is my /etc/dnsmasq.conf configuration

# Listen for DHCP and DNS on this interface
interface=at0

# dhcp range
dhcp-range=192.168.1.10, 192.168.1.250, 12h

# DNS
dhcp-option=6,192.168.1.1

# router
dhcp-option=3,192.168.1.1

# Servers to use
server=8.8.8.8

#enable logging
log-queries
log-dhcp

# Authoritative
dhcp-authoritative

To configure the dhcp server, I ran:

# configuring tunnel interface so that we can create a bridge between our access point and our wired interface

ifconfig at0 192.168.1.1 netmask 255.255.255.0

#adjust maximum transmission unit or MTU

ifconfig at0 mtu 1400

# booting up dns service/ dhcp server tut 2
dnsmasq -C /etc/dnsmasq.conf -d 

#adding routing table 
route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1
                        
# enabling IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

And these are my iptables rules:

# rule inside tunnel interface
iptables --append FORWARD --in-interface at0 -j ACCEPT 
# allow tcp connection on port 80 and forward them to our server
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.1.1:80 
iptables -t nat -A POSTROUTING -j MASQUERADE

What is not working:

  1. When I open a website with a domain name, I get website not found.
  2. When I open anything with https, I get website not found
  3. However, when I open any IP address, it redirects to my webserver.

How can I make 1) and 2) redirect to my local webserver as well?

TSR
  • 101
  • 1
  • You don't seem to have set dnsmasq.conf up to resolve every hostname to your IP (or your iptables config is messing with this somehow... can you resolve anything from the access point directly?). Without that, if the user puts a hostname in their browser, if the browser can't get an IP from your DNS server, the browser won't go anywhere. As for SSL, unless you set up your own Certificate Authority and install your CA on everyone's browser as a trusted cert, trying to do this with SSL will just give a bunch of invalid cert errors. – DerfK Jun 23 '17 at 18:48
  • @DerfK thank you for replying. Could you please tell me how to set dnsmasq.conf up to resolve every hostname to my IP? – TSR Jun 23 '17 at 18:53
  • See [here](https://serverfault.com/a/351614/56830) it should be a line like `address=/#/xx.xx.xx.xx` to match everything. – DerfK Jun 23 '17 at 18:55
  • @DerfK thank you for address resloving part. it works. Why is the SSL not resolved by the dnsmasq.conf? – TSR Jun 23 '17 at 19:13

0 Answers0