How to Setup Wireless Access Point (AP) with roguehostapd on Linux

Topic created · 1 Posts · 7 Views
  • alt text

    Hosting a wireless access point is rather easy on windows and android as compared to those of based on debian and other linux distros. In this sceneario you would have to provide every single detail youself by configuring packages and writing configuration. Well, in windows there are just a couple commands to accomplish the task and as for android, it's hotspot. Approaching this in linux would be a bit tricky and as for new commers perplexing.

    The widely accepted tool for the purpose is hostapd which we have also used in some of the earlier tutorials. Lately, developers of wifiphisher developed a small tool that could tackle the problem of handling hostapd configuration in a more robust way. And later, it was used in wifiphisher and was named roguehostapd (a modified version of hostapd). The developers record that some previous known errors were removed in newer version and also supports some other wireless attacks as well.

    Roguehostapd provides a simple CLI interface with argument options to deal with user requirements, just like a normal command line tool. It also supports karma attack where an attacker provides it's users internet connectivity but still own's the actual arena. However, note that we will still have to configure a DHCP server for which we will use dnsmasq.

    STEP 1 Installation

    Dnsmasq can easily be installed with apt, however that's not the case with roguehostapd. Update your system and install pre-requisities.

    $ apt update
    $ apt install libnl-3-dev libnl-genl-3-dev libssl-dev dnsmasq

    To make roguehostapd work as a usual tool, we will have to manually place it under some directory and produce a link to an execution directory. Move to /opt directory and clone the tool from github:

    $ cd /opt/
    $ git clone
    $ cd roguehostapd/roguehostapd/
    $ ls -l

    And finally create the soft link to command execution directory:

    $ ln -s /opt/roguehostapd/roguehostapd/ /usr/bin/rghostapd

    We've followed this way of installation to install it as a normal command utility. To integrate it with wifiphisher, it can be done with a single command:

    $ pip install roguehostapd

    STEP 2 Monitor Mode

    Put your wireless card in monitor mode:

    $ airmon-ng start wlan1

    STEP 3 Wireless Access Point

    The manual for roguehostapd can be issued from CLI now:

    $ rghostapd --help

    alt text

    To launch wireless access point with rghostapd, execute the following command:

    $ rghostapd -i "wlan1mon" --ssid "WiFi Name" -c 6 -pK "password"

    -i, --interface: Monitor Mode interface to host AP on.
    -c, --channel: Access Point Channel.
    --ssid: Wireless Access Point ESSID or Name.
    -pK, --wpa2password: Access Point WPA password.

    alt text

    STEP 4 DHCP server

    Since, we have our Access Point, all we need is a DHCP server to let the actual traffic flow through our network. We have dnsmasq for this part. Create a temporary configuration file for dnsmasq with nano:

    $ nano /tmp/dnsmasq.conf

    And write the following configurations into the file with the wireless interface replaced with your interface:


    Press CTRL+X and then ENTER to save the file. Then execute the following two commands to assign reqired ip and netmask to your interface:

    $ ifconfig wlan1mon up netmask
    $ route add -net netmask gw

    Then for sure, kill dnsmasq process if any running already on your system:

    $ killall dnsmasq

    And finally, start dnsmasq:

    $ dnsmasq -C /tmp/dnsmasq.conf -d

    alt text

    STEP 5 IP Forwarding

    And finally the last thing is providing the Access Point users with internet facility. For this we need another wired or wireless interface from where traffic will be forwarded to our Access Point interface. I've got two wireless adapters, one is connected to internet (wlan0) and the other on which currently I've an access point (wlan1mon).

    Just execute the following commands with the bold words replaced by your respective interfaces:

    $ iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
    $ iptables --append FORWARD --in-interface wlan1mon -j ACCEPT

    And at last, allow the traffic forwarding rules in linux configuration:

    $ echo 1 > /proc/sys/net/ipv4/ip_forward

    After this, you will have your access point on duty to serve it's users.


    Setting up a wireless access point on linux is rather tricky than windows and android for we have to configure traffic forwarding and setup the network as well. Roguehostapd which is the newer and updated version of hostapd is not officially but developed by wifiphisher developers to be integrarted into their project. It also provides users with support of wifi karma attack.

Log in to reply