Introduction
In Wi-Fi networking, a beacon frame is a management frame that is periodically broadcast by an Access Point (AP) to announce its presence. The beacon_int (Beacon Interval) is the time interval between these broadcasts. Adjusting this value can impact how quickly devices discover the network and the overall network overhead.
Fluxion is a security auditing tool that can be used to create a rogue AP for various attacks, such as a Captive Portal attack. By default, Fluxion uses a standard configuration for its AP, but this can be customized for specific scenarios.
In this lab, you will learn how to modify the beacon_int parameter within Fluxion's configuration files. This will give you a deeper understanding of how rogue APs are configured and the effect of beacon intervals on network behavior.
Navigate to the Fluxion 'attacks/Captive Portal' Directory
In this step, you will navigate to the directory containing the configuration files for Fluxion's Captive Portal attack. Fluxion organizes its scripts and configurations into specific folders based on the attack type. The settings for the Access Point, including the beacon interval, are stored here.
First, use the cd command to change your current directory to the Captive Portal attack directory within the fluxion project folder. Note that the directory name contains a space, so you must either enclose it in quotes or escape the space with a backslash (\).
cd ~/project/fluxion/attacks/Captive\ Portal/
Next, list the contents of the directory to verify you are in the right place and to see the files within it. You should see a file named hostapd.conf, which we will edit in the next step.
ls -l
You should see an output similar to this, confirming the presence of the configuration file:
total 20
-rwxr-xr-x 1 labex labex 1338 Jan 1 00:00 attack.sh
-rw-r--r-- 1 labex labex 277 Jan 1 00:00 hostapd.conf
-rw-r--r-- 1 labex labex 1135 Jan 1 00:00 hostapd.conf.wpe
-rw-r--r-- 1 labex labex 4971 Jan 1 00:00 portal.html
-rw-r--r-- 1 labex labex 138 Jan 1 00:00 portal.php
Open the 'hostapd.conf' Configuration File
In this step, you will open the hostapd.conf file using the nano text editor. This file contains the parameters that hostapd (the software that creates the AP) uses to configure the wireless network. By editing this file, you can control various aspects of the rogue AP, such as its name (SSID), channel, and beacon interval.
From your current directory (~/project/fluxion/attacks/Captive Portal/), execute the following command to open the file in nano:
nano hostapd.conf
Your terminal will now display the contents of the hostapd.conf file inside the nano editor. You are now ready to locate and modify the parameters within the file.
Locate the 'beacon_int' Parameter
Now that the hostapd.conf file is open in nano, your task is to find the beacon_int parameter. This parameter defines the time between beacon frames in Time Units (TU), where one TU is equal to 1024 microseconds. The default value is typically 100, which corresponds to 102.4 milliseconds.
You can scroll down through the file using the arrow keys to find the line. Alternatively, you can use nano's search function by pressing Ctrl + W, typing beacon_int, and pressing Enter.
You should find the following line in the configuration file:
## Beacon interval in kus (1.024 ms)
beacon_int=100
This confirms the current beacon interval is set to 100. In the next step, you will modify this value.
Change the Beacon Interval Value (e.g. from 100 to 50)
In this step, you will change the value of the beacon_int parameter. A lower value, such as 50, will cause the AP to send beacon frames more frequently. This can make the network appear more quickly to scanning devices, but it also increases the amount of management traffic on the network.
Locate the line beacon_int=100 and change the value from 100 to 50. The line should look like this after your modification:
## Beacon interval in kus (1.024 ms)
beacon_int=50
Once you have made the change, you need to save the file and exit nano.
- Press
Ctrl + Xto exit. nanowill ask if you want to save the modified buffer. PressYfor Yes.nanowill then ask for the file name to write. The default is correct, so just pressEnterto confirm.
You have now successfully updated the beacon interval for the rogue AP.
Relaunch the Attack and Observe any Performance Change
In a real-world scenario with a physical wireless adapter, your next step would be to relaunch the Fluxion attack to apply the new configuration. This would involve navigating back to the main Fluxion directory and executing the main script.
Let's navigate back to the root directory of the fluxion project:
cd ~/project/fluxion
To launch the attack, you would typically run sudo ./fluxion.sh. However, this lab environment does not have a physical wireless card, so you cannot fully execute the attack.
If you were to run this on a compatible machine, you would observe that with beacon_int=50, client devices would detect your rogue AP slightly faster than with the default setting of 100. This demonstrates how you can fine-tune the behavior of your rogue AP by modifying its underlying configuration files.
Summary
In this lab, you have successfully configured the beacon interval for a rogue AP within the Fluxion framework.
You learned:
- What the beacon interval (
beacon_int) is and its role in Wi-Fi networks. - How to navigate to the specific configuration directory for a Fluxion attack.
- How to use the
nanotext editor to open and modify a configuration file (hostapd.conf). - The practical effect of changing the beacon interval on network discovery and overhead.
This knowledge is fundamental for customizing and fine-tuning network-based security tools to suit specific objectives.