/WiFiChallengeLab

WiFi hacking Lab

Primary LanguageShellGNU General Public License v3.0GPL-3.0

WiFiChallenge Lab


 __          ___ ______ _    _____ _           _ _                           _           _     
 \ \        / (_)  ____(_)  / ____| |         | | |                         | |         | |    
  \ \  /\  / / _| |__   _  | |    | |__   __ _| | | ___ _ __   __ _  ___    | |     __ _| |__  
   \ \/  \/ / | |  __| | | | |    | '_ \ / _` | | |/ _ \ '_ \ / _` |/ _ \   | |    / _` | '_ \ 
    \  /\  /  | | |    | | | |____| | | | (_| | | |  __/ | | | (_| |  __/   | |___| (_| | |_) |
     \/  \/   |_|_|    |_|  \_____|_| |_|\__,_|_|_|\___|_| |_|\__, |\___|   |______\__,_|_.__/ 
                                                               __/ |                           
                                                              |___/                            

Virtualized WiFi pentesting laboratory without the need for physical WiFi cards, using mac80211_hwsim and vwifi proyect.

The competitive CTF began on March 11 and ended on May 15, 2022. Now the lab is still active but giving less points since the solutions have been published.

Access WiFiChallenge Lab

To access the CTFd server click here

Manual create VM

If you want to create the VM manually click here

VM System Requirements

  • 4 gb de RAM (6gb recommended)
  • 4 CPUs
  • Virtualize Intel VT-x/EPT or AMD-V/RVI enabled

Download VMDK for VMWare only


VMDK Usage

  • Download VMDK from mega
  • Import VMDK in VMWare
  • Read the IMPORTANT INTRUCCTIONS
  • Check that the Wi-Fi networks to be audited can be seen from the VM
  • If there is any problem exec restartVM.sh script
  • Go to Challenges list

Challenges


IMPORTANT INTRUCCTIONS

  • You can't see you own traffic with airodump-ng (if you have airodump and mount an AP you won't see it)
  • User/pass:
    • user/toor (use this to login)
  • The VMs starts automatically to the snapshot. In case of error use the home script:
    • restartVM.sh to restart and restore
  • All tools are in /root/tools folder
  • All bruteforce can be done using rockyou
  • The maximum waiting time between automations, connections, etc. is 5 min approx.
  • The numbering of the challenges is indicative, if a challenge is unlocked it can be done regardless of the order.
  • All necessary tools for the lab are installed, but others can be installed.
  • If you fail a challenge until you run out of attempts, you can block the following challenges. Don't answer the flag randomly.
  • Enable nested VT-x / AMD-V on VMWare host if not enabled
  • Scope
    • "wifi-guest"
    • "wifi-mobile"
    • "wifi-corp"
    • "wifi-regional"
    • "wifi-global"
    • "wifi-admin"
    • "wifi-office"
    • Hidden network: <length: 14>

FAQ

From where are the attacks carried out?

All attacks are made from the Debian VM

Where are the tools?

They are in $HOME/tools

Do I have to do something when I turn on the VM to start?

No, everything runs automatically.

What to do if there are problems with some AP or clients?

Run restartVM.sh in $HOME folder, if the problem persists, ask in the telegram group.


For Beginners

READ:

Recommended tools

Pentester Academy videos

Change keyboard layaout

  • Spanish
setxkbmap es 
  • American English
setxkbmap us 

References


Walkthrough

The Walkthrough is available here: https://wifichallengelab.com/walkthrough


Author

Donations