I’m not sure who to credit with the writing of the script below. It’s all over the Internet and I haven’t been able to determine with any certainty who originally wrote it.

While technically a way to attack wireless clients, I just wanted a quick way to set up and access point. This worked out well since I had a BackTrack 5 VM, a USB wireless NIC, some familiarity with the Aircrack suite, and a bit of free time.

This post assumes that you already have the Aircrack tools installed. You will also have to install and configure DHCP.

apt-get install dhcp3-server

Configure a DHCP scope for use by the wireless clients that connect to your access point. You can edit the one at “/etc/dhcp3/dhcpd.conf or create a separate one for this task. Just be sure to change the final script to point at the new file location if you create a new one.

ddns-update-style ad-hoc;
default-lease-time 600;
max-lease-time 7200;
subnet netmask {
option subnet-mask;
option broadcast-address;
option routers;
option domain-name-servers;

While this configuration uses Google’s DNS for name resolution you may want to configure BIND as well. This may be useful for other reasons…just sayin’.

Use the below script to configure your NIC, DHCP, and start the AP. Be sure to cha


echo "Killing Airbase-ng..."
pkill airbase-ng
sleep 2;
echo "Killing DHCP..."
pkill dhcpd3
sleep 5;

echo "Putting Wlan In Monitor Mode..."
airmon-ng stop wlan0 # Change to your wlan interface

sleep 5;
airmon-ng start wlan0 # Change to your wlan interface

sleep 5;
echo "Starting Fake AP..."
airbase-ng -e FreeWifi -c 11 -v wlan0 & # Change essid, channel and interface

sleep 5;

ifconfig at0 up
# Change IP addresses as configured in your dhcpd.conf

ifconfig at0 netmask
route add -net netmask gw

sleep 5;

iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables -t nat -A POSTROUTING -o eth3 -j MASQUERADE # Change eth3 to your internet facing interface

echo > '/var/lib/dhcp3/dhcpd.leases'
ln -s /var/run/dhcp3-server/dhcpd.pid /var/run/dhcpd.pid
dhcpd3 -d -f -cf /etc/dhcp3/dhcpd.conf at0 &

sleep 5;
echo "1" > /proc/sys/net/ipv4/ip_forward