infamoussyn / rogue Goto Github PK

Hi, i'm using a supported wireless card that supports Monitor and AP mode , don't have issues with this card using other wireless tools that requires AP mode.
But i get error with this tool :

Configuration file: /home/gill/rogue/tmp/hostapd-wpe.conf
ACS: Automatic channel selection started, this may take a bit
wlan1: interface state UNINITIALIZED->ACS
wlan1: ACS-STARTED
Configuration file: /home/gill/rogue/tmp/hostapd-wpe.conf
wlan1: INTERFACE-DISABLED
nl80211: Could not configure driver mode
nl80211: deinit ifname=wlan1 disabled_11b_rates=0
nl80211 driver initialization failed.
wlan1: interface state UNINITIALIZED->DISABLED
wlan1: AP-DISABLED
wlan1: CTRL-EVENT-TERMINATING
hostapd_free_hapd_data: Interface wlan1 wasn't started
ACS: Failed to request initial scan
ACS: Failed to request scan
Interface initialization failed
wlan1: interface state ACS->DISABLED
wlan1: AP-DISABLED
ACS: Failed to start
wlan1: AP-DISABLED
hostapd_free_hapd_data: Interface wlan1 wasn't started
nl80211: deinit ifname=wlan1 disabled_11b_rates=0
wlan1: interface state DISABLED->DISABLED
wlan1: interface state DISABLED->DISABLED
wlan1: AP-DISABLED
wlan1: CTRL-EVENT-TERMINATING
hostapd_free_hapd_data: Interface wlan1 wasn't started

cert-wizard can't currently overwrite existing server.pem files. Solution is to remove any previously generated certificates at the start of the cert-wizard process.

Add the functionality to optionally load a manually crafted hostapd-wpe config file instead of dynamically generating one with rogue.

Currently when the macaddr-acl switch is enabled, the rogue does not automatically manage the MAC address files for hostapd-wpe.

# Accept/deny lists are read from separate files (containing list of
# MAC addresses, one per line). Use absolute path name to make sure that the
# files can be read on SIGHUP configuration reloads.
#accept_mac_file=/etc/hostapd.accept
#deny_mac_file=/etc/hostapd.deny

Currently rogue is set to when doing a WPA2-Enterprise the --log-goodpass and --log-badpass set for freeradius to record the credentials. It should be changed to automatically enabled and if set, then disable the corresponding behaviour.

When deploying a WPA2-Personal network that uses the 802.11AC protocol, hostapd-wpe returns the error after reporting it could not set the channel for the kernel driver:

hostapd_free_hapd_data

Command being used:

sudo python3 rogue.py -i wlan0 -h ac -c 36 --auth wpa-personal --wpa 2 --wpa-passphrase '[[PSK]]'

The changing to -h n -c 11 allowed the network to be provisioned as expected.

Currently when rogue is operating in the WPA2-Enterprise mode, all supported EAP modes are enabled with only the default mode being customisable. The goal of this enhancement is to break out the EAP types so that only single mode operations are supported as well.

Currently the WEP key has no length checks which result in errors when the expected lengths are not met.

# A key may be a quoted string or unquoted hexadecimal digits.
# The key length should be 5, 13, or 16 characters, or 10, 26, or 32
# digits, depending on whether 40-bit (64-bit), 104-bit (128-bit), or
# 128-bit (152-bit) WEP is used.

add iw to apt installed tools

Due to incorrect tab alignments between rogue.py:339 and rogue.py:416, the radius server is launched for all authentication types rather than just wpa-enterprise.

When deploying an AP using the following command, an exception is raised reporting an invalid country_code value.

sudo python3 /opt/rogue/rogue.py -i wlan0 --auth wpa-personal --wpa 2 --wpa-passphrase "test test" --internet --preset-profile wifi4 --channel-randomiser

The full stack trace below:

──(kali㉿kali)-[/opt/rogue]
└─$ sudo python3 /opt/rogue/rogue.py -i wlan0 --auth wpa-personal --wpa 2 --wpa-passphrase "test test" --internet --preset-profile wifi4 --channel-randomiser
[sudo] password for kali: 
[*] Launching the rogue toolkit v3.0.3
[-]
[-] Randomised channel selection is superseding ACS
[-]   Channel 1 was selected
[-] Launching rogue at: 2023-01-12 20:30:51.615436

[*] Reticulating radio frequency splines...

100%|█████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 1/1 [00:01<00:00,  1.00s/it]

[+] Creating hostapd-wpe.confg file: /opt/rogue/tmp/hostapd-wpe.conf
[+] Creating /etc/default/isc-dhcp-server file: /etc/default/isc-dhcp-server
[+] Creating dhcpd.conf file: /etc/dhcp/dhcpd.conf

[*] Starting isc-dhcp-server service.

100%|█████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 4/4 [00:04<00:00,  1.00s/it]

[*] Launching hostapd-wpe
Line 104: Invalid country_code '0'
1 errors found in configuration file '/opt/rogue/tmp/hostapd-wpe.conf'
Failed to set up interface with /opt/rogue/tmp/hostapd-wpe.conf
Failed to initialize interface
[*] Enabling IP forwarding
Press enter to quit...

Error encountered with generation of Modlishka certificate on a fresh and updated installation of Kali linux.

wlan0: ACS-STARTED 
[Sun Sep 17 00:07:10 2023]  INF  Enabling plugin: autocert v0.1
[Sun Sep 17 00:07:10 2023]  INF  Autocert plugin: Auto-generating my-host.com domain TLS certificate
[Sun Sep 17 00:07:11 2023]  ERR  Error creating certificate: x509: serial number must be positive
[Sun Sep 17 00:07:11 2023]  INF  Enabling plugin: control_panel v0.1
[Sun Sep 17 00:07:11 2023]  INF  Enabling plugin: hijack v0.1
[Sun Sep 17 00:07:11 2023]  INF  Enabling plugin: template v0.1
[Sun Sep 17 00:07:11 2023]  INF  Control Panel: modlishka.example.com handler registered
[Sun Sep 17 00:07:11 2023]  INF  Control Panel URL: my-host.com/modlishka.example.com
[Sun Sep 17 00:07:11 2023]  INF  

 _______           __ __ __         __     __          
|   |   |.-----.--|  |  |__|.-----.|  |--.|  |--.---.-.
|       ||  _  |  _  |  |  ||__ --||     ||    <|  _  |
|__|_|__||_____|_____|__|__||_____||__|__||__|__|___._|

>>>> "Modlishka" Reverse Proxy started - v.1.1 <<<<
Author: Piotr Duszynski @drk1wi  

Listening on [192.168.xxx.xxx:443]
Proxying HTTPS [somesite.com] via [https://my-host.com]
Listening on [192.168.xxx.xxx:80]
Proxying HTTP [somesite.com] via [http://my-host.com]
[Sun Sep 17 00:07:11 2023]  !!!  x509: malformed certificate . Terminating.

After attempting to install the Rogue Toolkit on an updated version of Kali I receive the following error:

The following packages have unmet dependencies:
freeradius-wpe : depends: libperp5.26 (>= 5.26.0~rc1) but it is not installable
E: Unable to correct problems, you have held broken packages.

I've attempted to install this version but there is no longer an installation candidate. I should also mention that libperl5.28 is already install on my Kali machine.

Has anyone else come across this problem?

Fresh install of freeradius results in a config error due to support an IPv6 listener - disable in template

Failed opening auth address :: port 1812 bound to server default: Address family not supported by protocol
/etc/freeradius-wpe/3.0/sites-enabled/default[245]: Error binding to port for :: port 1812

Integrate hostapd's -d and -dd switches

python rogue.py -I wlx00c0ca95e9d5 -H ac -C 36 --auth open --internet

Could not set channel for kernel driver
Interface initialization failed
wlx00c0ca95e9d5: interface state UNINITIALIZED->DISABLED
wlx00c0ca95e9d5: AP-DISABLED 
wlx00c0ca95e9d5: Unable to setup interface.
wlx00c0ca95e9d5: interface state DISABLED->DISABLED
wlx00c0ca95e9d5: AP-DISABLED 
hostapd_free_hapd_data: Interface wlx00c0ca95e9d5 wasn't started
nl80211: deinit ifname=wlx00c0ca95e9d5 disabled_11b_rates=0

The wireless adapter is a ALFA AWUS036ACH in a 64-bit Bionic Beaver, using the RTL8812au driver supported by aircrack-ng.

Using dnsmasq, rogue can then perform hostile portal attacks by redirecting users traffic based using a DNS spoofing attack.

Make the --ieee8021x a True or False argument, so that additional user input is not required.

If a file is not located, an exception is meant to be raised to alert the user to run --cert-wizard and exit cleanly. Currently the check silently fails and continues.

When the --karma flag is used, hostapd-wpe is launched twice, resulting in the user never being able to provide 802.1x authentication. Put in exception handling so that --karma can only be used with --auth open.

And is there an option to receive the password in plaintext ?!
As android default settings are peap !!