An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Confirmed freeradius-wpe correctly launches and captures captures credentials. Users will still receive an IPv6 listening warning but it not impact rogue's ability to operate anymore.
┌──(vagrant㉿vagrant-kali-rolling-amd64)-[~/rogue]
└─$ sudo python3 rogue.py -i wlan0 -e rogue -h ac -c 36 --auth wpa-enterprise --wpa 2 --ieee8021x 1 --internet --default-eap peap -E peap --ht-mode 2
[*] Launching the rogue toolkit v2.1.0
[*] Reticulating radio frequency splines...
100%|███████████████████████████████████████████████████| 1/1 [00:01<00:00, 1.00s/it]
[+] Creating hostapd-wpe.confg file: /home/vagrant/rogue/tmp/hostapd-wpe.conf
[+] Creating radiusd.conf file: /etc/freeradius-wpe/3.0/radiusd.conf
[+] Rewriting the default site file: /etc/freeradius-wpe/3.0/sites-available/default
[+] Creating eap.conf file: /etc/freeradius-wpe/3.0/mods-available/eap
[+] Creating clients.conf file: /etc/freeradius-wpe/3.0/clients.conf
[*] Launching freeradius-wpe
[+] Creating /etc/default/isc-dhcp-server file: /etc/default/isc-dhcp-server
[+] Creating dhcpd.conf file: /etc/dhcp/dhcpd.conf
[*] Starting isc-dhcp-server service.
100%|███████████████████████████████████████████████████| 4/4 [00:04<00:00, 1.01s/it]
[*] Launching hostapd-wpe
Configuration file: /home/vagrant/rogue/tmp/hostapd-wpe.conf
wlan0: interface state UNINITIALIZED->HT_SCAN
Using interface wlan0 with hwaddr 00:11:22:33:44:00 and ssid "rogue"
RADIUS: socket[PF_INET6,SOCK_DGRAM]: Address family not supported by protocol
RADIUS: socket[PF_INET6,SOCK_DGRAM]: Address family not supported by protocol
wlan0: interface state HT_SCAN->ENABLED
wlan0: AP-ENABLED
[*] Enabling IP forwarding
Press enter to quit...wlan0: CTRL-EVENT-EAP-STARTED d6:92:91:3d:da:1f
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
wlan0: CTRL-EVENT-EAP-RETRANSMIT2 d6:92:91:3d:da:1f
wlan0: CTRL-EVENT-EAP-RETRANSMIT2 d6:92:91:3d:da:1f
wlan0: CTRL-EVENT-EAP-RETRANSMIT2 d6:92:91:3d:da:1f
wlan0: CTRL-EVENT-EAP-RETRANSMIT2 d6:92:91:3d:da:1f
wlan0: CTRL-EVENT-EAP-RETRANSMIT2 d6:92:91:3d:da:1f
wlan0: CTRL-EVENT-EAP-STARTED d6:92:91:3d:da:1f
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
wlan0: CTRL-EVENT-EAP-RETRANSMIT2 d6:92:91:3d:da:1f
wlan0: CTRL-EVENT-EAP-RETRANSMIT2 d6:92:91:3d:da:1f
wlan0: interface state ENABLED->DISABLED
wlan0: AP-DISABLED
wlan0: CTRL-EVENT-TERMINATING
nl80211: deinit ifname=wlan0 disabled_11b_rates=0
[*] Killing all processes for: hostapd-wpe
100%|███████████████████████████████████████████████████| 4/4 [00:04<00:00, 1.00s/it]
[*] stopping isc-dhcp-server service.
100%|███████████████████████████████████████████████████| 4/4 [00:04<00:00, 1.01s/it]
[*] Killing all processes for: freeradius-wpe
100%|███████████████████████████████████████████████████| 4/4 [00:04<00:00, 1.00s/it]
[*] Disabling IP forwarding
[*] Resetting Regulatory Domain
[*] Reticulating radio frequency splines...
100%|███████████████████████████████████████████████████| 1/1 [00:01<00:00, 1.00s/it]
Confirmed freeradius-wpe correctly launches and captures captures credentials. Users will still receive an IPv6 listening warning but it not impact rogue's ability to operate anymore.
closes issue #29