Convert Figma logo to code with AI

koutto logopi-pwnbox-rogueap

Homemade Pwnbox :rocket: / Rogue AP :satellite: based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap :bulb:

1,821
193
1,821
4
View on GitHub

Top Related Projects

wifiphisher's avatar

wifiphisher

14,023

The Rogue Access Point Framework

v1s1t0r1sh3r3's avatar

airgeddon

7,072

This is a multi-use bash script for Linux systems to audit wireless networks.

P0cL4bs's avatar

WiFi-Pumpkin-deprecated

3,125

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3

FluxionNetwork's avatar

fluxion

5,353

Fluxion is a remake of linset by vk496 with enhanced functionality.

sensepost's avatar

mana

1,095

*DEPRECATED* mana toolkit for wifi rogue AP attacks and MitM

Quick Overview

Pi-pwnbox-rogueap is a project that transforms a Raspberry Pi into a portable pentesting box and rogue access point. It automates the setup of various hacking and network analysis tools, creating a powerful and compact device for security testing and wireless network attacks.

Pros

  • Easy setup process with automated installation scripts
  • Comprehensive set of pre-configured tools for pentesting and network analysis
  • Portable and low-cost solution using Raspberry Pi hardware
  • Supports both Ethernet and Wi-Fi interfaces for versatile connectivity options

Cons

  • Potential for misuse if not handled responsibly
  • Limited processing power compared to full-fledged laptops or desktops
  • Requires basic knowledge of Linux and networking concepts
  • May require additional hardware (e.g., external Wi-Fi adapter) for optimal performance

Getting Started

  1. Clone the repository:

    git clone https://github.com/koutto/pi-pwnbox-rogueap.git

  2. Navigate to the project directory:

    cd pi-pwnbox-rogueap

  3. Run the installation script:

    sudo ./install.sh

  4. Follow the on-screen prompts to configure your Raspberry Pi as a pwnbox and rogue access point.

  5. Reboot your Raspberry Pi to apply all changes:

    sudo reboot

After rebooting, your Raspberry Pi will be configured as a portable pentesting box and rogue access point, ready for security testing and network analysis.

Competitor Comparisons

wifiphisher logo

wifiphisher

14,023

The Rogue Access Point Framework

Pros of Wifiphisher

  • More actively maintained with regular updates and contributions
  • Supports a wider range of attack scenarios and phishing templates
  • Better documentation and user guides available

Cons of Wifiphisher

  • Requires more setup and configuration compared to Pi-pwnbox-rogueap
  • May be more complex for beginners to use effectively
  • Less focused on Raspberry Pi-specific implementations

Code Comparison

Pi-pwnbox-rogueap:

sudo ./pi-pwnbox-rogueap.sh -i wlan0 -c 6 -s "Free WiFi" -p "password123" -u "http://example.com"

Wifiphisher:

sudo wifiphisher -i wlan0 -e "Free WiFi" -p oauth-login --kwargs target_ap_bssid="00:11:22:33:44:55"

Both tools use command-line interfaces for execution, but Wifiphisher offers more customization options and attack scenarios. Pi-pwnbox-rogueap focuses on a simpler, more straightforward approach specifically tailored for Raspberry Pi devices.

While Pi-pwnbox-rogueap is designed as an all-in-one solution for Raspberry Pi, Wifiphisher provides a more versatile framework for various Wi-Fi attack scenarios across different platforms. The choice between the two depends on the user's specific needs, skill level, and target environment.

v1s1t0r1sh3r3 logo

airgeddon

7,072

This is a multi-use bash script for Linux systems to audit wireless networks.

Pros of airgeddon

  • More comprehensive suite of wireless attack tools and techniques
  • Actively maintained with frequent updates and community contributions
  • Supports a wider range of operating systems and distributions

Cons of airgeddon

  • Steeper learning curve due to more complex features and options
  • Requires more manual configuration and setup compared to pi-pwnbox-rogueap

Code Comparison

airgeddon:

if [ "$AIRGEDDON_AUTO_UPDATE" = "true" ]; then
    if check_update_tools; then
        echo -e "${yellow_color}[*]${normal_color} Airgeddon update available. Updating..."
        update_airgeddon
    fi
fi

pi-pwnbox-rogueap:

if [ "$INSTALL_AIRCRACK" = true ]; then
    echo "[+] Installing Aircrack-ng..."
    apt-get install -y aircrack-ng
fi

The airgeddon code snippet shows an auto-update feature, while pi-pwnbox-rogueap focuses on package installation. This reflects airgeddon's more dynamic and feature-rich nature compared to pi-pwnbox-rogueap's simpler setup approach.

P0cL4bs logo

WiFi-Pumpkin-deprecated

3,125

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3

Pros of WiFi-Pumpkin-deprecated

  • More comprehensive set of attack modules and plugins
  • User-friendly graphical interface for easier operation
  • Active community support and contributions

Cons of WiFi-Pumpkin-deprecated

  • Deprecated status may lead to lack of updates and potential security issues
  • Requires more system resources due to graphical interface
  • May have a steeper learning curve for beginners

Code Comparison

WiFi-Pumpkin-deprecated:

class Ui_MainWindow(QMainWindow):
    def __init__(self, parent=None):
        super(Ui_MainWindow, self).__init__(parent)
        self.Main = QVBoxLayout()
        self.setWindowTitle('WiFi-Pumpkin v' + self.version)
        self.loadtheme(self.configure.XmlThemeSelected())

pi-pwnbox-rogueap:

#!/bin/bash
# Start Evil Twin attack
airbase-ng -e "$SSID" -c "$CHANNEL" "$INTERFACE" &
sleep 2
ifconfig at0 up
ifconfig at0 "$IP_ADDR"
route add -net "$NETWORK" netmask "$NETMASK" gw "$IP_ADDR"

The code snippets highlight the different approaches: WiFi-Pumpkin-deprecated uses a Python-based GUI, while pi-pwnbox-rogueap employs bash scripts for configuration and execution.

WiFi-Pumpkin-deprecated offers a more feature-rich and user-friendly experience but may be less maintainable due to its deprecated status. pi-pwnbox-rogueap, on the other hand, provides a simpler, script-based approach that may be easier to customize and maintain for advanced users.

FluxionNetwork logo

fluxion

5,353

Fluxion is a remake of linset by vk496 with enhanced functionality.

Pros of Fluxion

  • More actively maintained with recent updates
  • Larger community and contributor base
  • Supports multiple attack vectors and customization options

Cons of Fluxion

  • More complex setup and configuration process
  • Requires more system resources to run effectively
  • May have a steeper learning curve for beginners

Code Comparison

pi-pwnbox-rogueap:

sudo systemctl start hostapd
sudo systemctl start dnsmasq
sudo sysctl -w net.ipv4.ip_forward=1
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Fluxion:

source lib/APICore.sh
source lib/InterfaceUtils.sh
source lib/EvilTwin.sh
source lib/Handshake.sh
fluxion_header

The pi-pwnbox-rogueap code snippet shows a more straightforward approach to setting up a rogue access point using system commands. In contrast, the Fluxion code demonstrates a modular structure with separate libraries for different functionalities, indicating a more complex and feature-rich implementation.

sensepost logo

mana

1,095

*DEPRECATED* mana toolkit for wifi rogue AP attacks and MitM

Pros of mana

  • More comprehensive set of tools and scripts for advanced wireless attacks
  • Better documentation and community support
  • Regularly updated with new features and bug fixes

Cons of mana

  • Steeper learning curve for beginners
  • Requires more system resources to run effectively
  • May have compatibility issues with some hardware configurations

Code comparison

mana:

#!/bin/bash
source config.rc
start_noupstream
start_hostapd
start_dhcp
start_nat

pi-pwnbox-rogueap:

#!/bin/bash
source config.sh
setup_interface
start_hostapd
start_dnsmasq
enable_ip_forwarding

Both projects use similar bash scripts to set up rogue access points, but mana's implementation is generally more complex and feature-rich. pi-pwnbox-rogueap focuses on simplicity and ease of use for Raspberry Pi devices.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Pi-PwnBox :rocket: -RogueAP :satellite:

Homemade (headless) PwnBox / RogueAP based on Raspberry Pi & Alfa WiFi USB Adapters.

WiFi Hacking Cheatsheets & Mind Map :bulb:

Designed to be used for:

  • On-site Red Team engagements,
  • WiFi Security assessments,
  • WiFi Attacks practice.

Pi-PwnBox-RogueAP

Table of Contents

Equipment used

  • Raspberry Pi 3 Model B+
  • Micro SD Memory Card 64 Go
  • Raspberry Pi Case
  • Alfa WiFi USB Adapter AWUS036NEH
  • Alfa WiFi USB Adapter AWUS036ACH
  • BrosTrend WiFi USB Adapter AC1L AC1200 (can be replaced by any adapter supporting AP mode)
  • USB cable Male to Female
  • Rii Mini Wireless Keyboard (optional)
  • Powerbank

WiFi USB Adapters Overview

DeviceChipsetUsage802.112.4 Ghz5 GhzKali out-of-boxMon. ModeInjec-tionAP
Built-in Raspberry Pi 3 B+ WiFi chipBroadcom 43430Connection to Internet (auto-start at boot if WiFi key added in config)802.11 b/g/n/acYYYN*N*Y
BrosTrend AC1L AC1200Realtek RTL8812AUAcces Point for Remote Access (auto-start at boot)802.11 a/b/g/n/acYYNYNY
Alfa AWUS036NEHRalink RT2870/3070WiFi Attacks802.11 b/g/nYNYYYY
Alfa AWUS036ACHRealtek RTL8812AUWiFi Attacks802.11 a/b/g/n/acYYYYYY

* would require nexmon patch to enable monitor mode and injection support on built-in Broadcom chip (but we do not need it for its usage here).

Installation

  1. Download Kali Linux ARM Image for Raspberry Pi: https://www.offensive-security.com/kali-linux-arm-images/

  2. Flash Kali Linux ARM Image for Rapberry Pi onto Micro SD Card.

  3. Make sure to have Internet connection on PwnBox.

  4. Download install scripts/configurations on the PwnBox:

    git clone https://github.com/koutto/pi-pwnbox-rogueap.git

  5. Important: Edit install script configuration at the top of scripts/install-system.shfile:

    • Choose Guacamole passwords.
    • Set WiFi interfaces persistent names based on their MAC addresses: wlxaabbccddeeff for a device with MAC address aa:bb:cc:dd:ee:ff.
    • Set MAC addresses of eth0 & wlan0 (built-in interfaces).
    • Set WiFi connection settings.

  6. Run install script (will pause at the end of each step in order to allow for manual inspection of command outputs)

    cd pi-pwnbox-rogueap/scripts
./install-system.sh

  7. Reboot & check correct configuration of network interfaces:

    ip a
iwconfig
    • Built-in wired and wireless interfaces should be named eth0 and wlan0 respectively.
    • WiFi USB Adapters should use persistent naming (modern naming convention).
    • AP (PWNBOX_ADMIN) should be started on appropriate wlx*interface.

  8. Configure VNC-over-HTTP on Guacamole:

    1. Connect to Guacamole at http://<ip_pwnbox>:8080/guacamole/
    2. Go to guacadmin (top right) > Settings > Connections
    3. Click on New Connection
    4. Fill connection settings as follows:
      • Name = pwnbox-vnc
      • Location = ROOT
      • Protocol = VNC
      • Maximum number of connections = 3
      • Maximum number of connections = 3
      • Guacamole Proxy Hostname = 127.0.0.1
      • Guacamole Proxy Port = 4822
      • Network Hostname = 127.0.0.1
      • Network Port = 5901
      • Authentication Password = (password chosen at install when running install-system.sh)
      • Color depth = True color (32-bit)

  9. Change default credentials:

    • Kali system credentials
    • Guacamole credentials (via http://<ip_pwnbox>:8080/guacamole/#/manage/mysql/users/guacadmin)

PwnBox Network Configuration

Wireless Dedicated Administration Network

When booting, PwnBox automatically spawns an AP on one interface to allow for easy remote access:

  • SSID = PWNBOX_ADMIN (Hidden SSID)
  • WPA2 Passphrase (PSK) = Koutto!PwnB0x!
  • IP AP = 10.0.0.1 (when connected to this network, PwnBox can be accessed at this IP)
  • Network range = 10.0.0.1/24

LAN Network (Wireless or Wired)

When booting, PwnBox automatically connects to:

  • Wired network if Ethernet port is connected.

  • WiFi network (using built-in Raspberry Pi chip) if there is available wireless network with saved connection settings (in /etc/wpa_supplicant.conf). If you want to connect to a new WiFi network (not saved into PwnBox), it is necessary to add WPA passphrase of the network before:

    1. Access the PwnBox using another way, e.g.:

      • Use wireless dedicated administration network (most convenient approach),
      • Use wired network,
      • Use monitor + (wireless) keyboard.

    2. Add WPA passphrase to PwnBox local configuration:

      wpa_passphrase <SSID> <passphrase> >> /etc/wpa_supplicant.conf

    3. Test connection:

      wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant.conf
dhclient -v wlan0
ping 8.8.8.8

PwnBox Remote Access

PwnBox can be controlled through:

  • SSH Service (22/tcp):

    ssh kali@<ip_pwnbox>

  • VNC-over-HTTP with Guacamole (8080/tcp):

    http://<ip_pwnbox>:8080/guacamole

PwnBox's IP depends on the network you want to access it from:

  • Via Wireless Dedicated Administration Network (i.e. connected to hidden SSID PWNBOX_ADMIN): IP is always 10.0.0.1.
  • Via LAN Network (wireless or wired): IP depends on the value allocated by DHCP server. IP can be found using netdiscoverfor example.

Note: Guacamole service might take a lot of resources (RAM) when running. If not used, it can be stopped using stop-guacamole.sh script.

Usage

  • Most of the time, only SSH access is necessary. (CLI tools).

  • Additional tools are installed into /usr/share.

  • Tools with GUI or requiring spawning of multiple xterm (e.g. airgeddon) can be run through Guacamole.

  • Tools with Web UI (e.g. Kismet, Bettercap) can be started and accessed remotely.

WiFi Hacking Cheatsheets & Mind Map

Possible Upgrade

  • Add 4G USB dongle for remote access to PwnBox using 4G cell network.