How to Create Fake Access Points using Scapy in Python?
In this article, we are going to discuss how to create fake access points using scapy module in python
This task can be done with the help of the python package scapy-fakeap. The intention behind using this library is not only making Fake Access Point but also Testing of 802.11 protocols and its implementation.
Scapy is a python module used for interacting with the packets on the network. It has several functionalities through which we can easily forge and manipulate the packet. It is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. Scapy can easily handle most classical tasks like scanning, trace routing, probing, unit tests, attacks or network discovery. It can replace hping, arpspoof, arp-sk, arping, p0f and even some parts of Nmap, tcpdump, and tshark.
For using this library you need to have the following python packages installed in your system :
- dnsmasq (Optional)
These all python packages which can be installed in simple steps via running the below command:
pip3 install scapy-fakeap
- For deep diving into the code we all need to keep your device or network into the monitor mode.
- Make sure that you are in to the Unix or Linux based System.
To keep our system in monitor more we some utilities i.e. aircrack-ng. It can be installed using the below command:
apt-get install aircrack-ng
Steps to go into the monitor mode :
- Enable monitor mode using airmon-ng command
- Firstly, kill all the process of your system using this command:
airmon-ng check kill
- Enable your WLAN network for this run the command ifconfig to check active networks in your system and then run the below command:
airmon-ng start (your WLAN name)
This will activate the connection of your WLAN.
You are all set for further process of building fake access point
Now we will generate a random MAC address as well as setting a name of our access point we want to create, and then we create an 802.11 frame, and the fields are:
- type=0: This will indicate that this is a management frame.
- subtype : This will indicate that this management frame is a beacon frame.
- addr1 : This will refer to the destination mac address.
- addr2 : This will refer to source MAC address or sender’s MAC address.
- addr3 : This will refer to the access point’s MAC address.
Now we will use the same MAC address of addr2 and addr3, because the sender is access point. And then we will create our beacon frame with ssid infos and then stack together and send them using sendp() method of scapy module. Below is the implementation:
When you will reach the last line of your script and loop=0 then your system will only send 1 packet as an access point.
When you will reach the last line of code and loop=1 below output will be generated as the system continuously sends the packets as an access point which will be fake.
On pressing ctrl+c your system will stop sending the packets.