How to Share WiFi in Kali Linux: A Complete Setup Guide

operating system Kali Linux Originally created for information security and penetration testing professionals, its functionality also allows it to be used as a powerful networking platform. Situations often arise where you need to deploy an access point to connect client devices or audit wireless networks directly from a laptop or specialized adapter. Standard internet sharing methods in the graphical interface may be unavailable or malfunction due to specific driver and kernel settings.

In this guide, we'll cover how to share WiFi in Kali Linux using both graphical utilities and console commands for more advanced configuration. You'll learn how to turn your wireless adapter into a fully-fledged access point. Access Point, configure a DHCP server to automatically assign addresses, and ensure basic connection security. Understanding these processes is critical not only for setting up a temporary network but also for in-depth analysis of wireless protocol vulnerabilities.

It's worth noting that the success of the operation directly depends on the hardware, specifically the capabilities of your WiFi adapter. Not all chipsets support monitor or master mode, which are necessary for creating an access point. Therefore, before starting work, you must ensure that the hardware is compatible and that you have the latest drivers, as without support nl80211 It is not possible to launch an access point at the kernel level.

Checking hardware and driver compatibility

The first step before attempting to share the internet is to diagnose the network interface. You need to ensure that the installed WiFi adapter supports Master Mode, which is necessary to create an access point. Most built-in modules in laptops have limited functionality, so external USB adapters with chips are often required. Atheros, Ralink or Realtek with open drivers.

To check the adapter's capabilities, use the utility iw list, which displays detailed information about supported operating modes. In the resulting list, find the "Supported interface modes" section and ensure that the entry is present. APIf this mode is not present, software-based activation of the access point will fail and the hardware will need to be replaced.

⚠️ Attention: When working with network interfaces in Kali Linux, there's always a risk of resetting your current network settings. Before running experiments, we recommend saving configuration files or working in a virtual machine with USB device forwarding.

It is also important to check whether the wireless module is blocked by software or hardware. Utility rfkill allows you to see the status of the lock and, if necessary, remove it with a command rfkill unblock wifiIgnoring this step may lead to the mistaken belief that the drivers are faulty, although the module is simply blocked by the system.

Setting up an access point via a graphical interface

For users who prefer to avoid the command line, modern desktop environments in Kali, such as XFCE or GNOME, offer built-in network management tools. Although the functionality may be limited compared to console utilities, this method is the simplest and most straightforward for quickly sharing the internet. You will need to access the network settings via the system tray or the settings menu.

The setup process typically begins with navigating to the connection editing menu, where you need to create a new "Hotspot" profile. Here, you'll need to specify a network name (SSID), select an encryption method (WPA2/WPA3 is recommended), and set a strong password. The system will automatically attempt to select suitable parameters for the selected interface.

However, it's worth keeping in mind that graphical shells often rely on background services, which can conflict with the security tools used in Kali. If the standard method doesn't work, it may be due to network manager limitations. NetworkManager or the lack of necessary plugins for a specific adapter.

📊 Which network setup method do you prefer?
Graphical User Interface (GUI): Terminal and Command Line: Automated Scripting: Mixed Approach

If successful, the system will notify you that the access point is active, and other devices will be able to detect your network in the list of available WiFi connections. If the connection fails, check the system logs or try restarting the network manager with the command sudo systemctl restart NetworkManager.

Creating an access point manually via Hostapd

The most flexible and professional way to set up a wireless network in Kali Linux is to use the daemon hostapdThis tool allows you to transform a supported wireless interface into an access point and authentication controller. Configuration is performed via a text file, giving you full control over the radio module's parameters.

To get started, you need to install the package if it is missing, and create a configuration file, usually located in the path /etc/hostapd/hostapd.confThis file specifies key parameters: interface name, driver, channel frequency, SSID, and encryption parameters. A sample minimal configuration looks like this:

interface=wlan0

driver=nl80211

ssid=Kali_Secure_Net

hw_mode=g

channel=6

wmm_enabled=0

macaddr_acl=0

auth_algs=1

ignore_broadcast_ssid=0

wpa=2

wpa_passphrase=StrongPassword123

wpa_key_mgmt=WPA-PSK

wpa_pairwise=TKIP

rsn_pairwise=CCMP

After creating the configuration, you need to stop interfering services such as NetworkManager, which can attempt to manage the interface themselves. Then the daemon is started. hostapd indicating the path to the configuration file.

⚠️ Attention: When using When using hostapd in 5 GHz mode, make sure your region is set correctly in the system settings, as legislation in different countries restricts the use of certain channels and power levels.

☑️ Hostapd Launch Checklist

Completed: 0 / 5

Organizing IP address distribution via DHCP

The access point itself, created through hostapd, only establishes a wireless connection but does not assign IP addresses. To ensure that connected clients can receive network settings automatically, a DHCP server must be running. In Debian-based distributions, which include Kali, the standard package is isc-dhcp-server or lighter dnsmasq.

DHCP server configuration requires specifying the range of addresses to be issued, the subnet mask, the gateway address, and DNS servers. Configuration file /etc/dhcp/dhcpd.conf must contain a pool of addresses that does not conflict with other networks, if present. For example, for the local network 192.168.50.0/24, the pool might start with .100 and end with .200.

Enabling IP forwarding in the Linux kernel is critical if you plan to connect your access point's clients to the internet. Without this step, packets from clients will not pass through your computer to the external gateway. net.ipv4.ip_forward=1 must be activated in the file /etc/sysctl.conf or through the command sysctl.

Parameter Description Example of meaning
subnet Subnet address 192.168.50.0
netmask Subnet mask 255.255.255.0
range Address range 192.168.50.100 192.168.50.200
option routers Default Gateway 192.168.50.1

After configuring the DHCP server and starting the corresponding service, clients will automatically receive an IP address and access the local network when connecting to WiFi. For debugging, it's useful to use the utility tcpdump or wiresharkto ensure that DHCP requests (Discover, Offer, Request, Ack) are processed correctly.

Internet forwarding and NAT configuration

To enable your access point's clients to access the global Internet, you need to configure traffic forwarding (NAT - Network Address Translation). This is done using the utility iptables or its modern replacement nftablesThe essence of the process is to redirect packets from the wireless interface to the wired (or other wireless) interface through which network access is provided.

The basic command to add a masquerading rule looks like this iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE, Where eth0 — this is the interface with internet access. It is also necessary to allow packet forwarding between interfaces using the rules in the table. filter. Errors in the settings NAT are the most common reason why WiFi works, but websites don't open.

DNS issues for clients

If websites don't open by name but can be pinged by IP (e.g., 8.8.8.8), the problem is DNS. Ensure that the DHCP server configuration contains the correct DNS addresses (e.g., 8.8.8.8 or 1.1.1.1) that will be issued to clients.

Don't forget to save your firewall rules, as all settings will be lost after rebooting the system. iptables are reset. In Kali Linux, you can use the package iptables-persistent, which allows you to save current rules in configuration files and automatically apply them at boot.

Network security diagnostics and analysis

After deploying an access point, it's a good idea to test it not only for availability but also for security. Kali Linux provides a powerful arsenal of auditing tools that can be applied to your own network. Using utilities like airodump-ng will allow you to see how your network appears to external observers and which clients are connected to it.

Particular attention should be paid to system and daemon logs. hostapd. Analysis of records in /var/log/syslog Using specialized logs helps identify unauthorized access attempts, authentication errors, or connection stability issues. Regular monitoring of connected devices helps quickly detect intruders.

⚠️ Attention: Using Kali Linux tools to attack networks you don't own or to intercept data without permission is prohibited by law. All steps described in this article are for educational purposes only and for setting up your own networks.

To improve security, we recommend disabling SSID broadcasting (hide the network), using complex WPA3 encryption if your equipment supports it, and implementing MAC address filtering. While MAC filtering isn't foolproof, it does create an additional barrier to unauthorized access.

Why doesn't my adapter see the hostapd command?

Most likely, your wireless adapter driver does not support the interface. nl80211 or master mode (AP). Try updating your drivers or using an external USB adapter with an Atheros or Ralink chipset, which are fully supported in the Linux kernel.

How to hide network name (SSID) in Kali Linux?

To hide the SSID you need to add a parameter ignore_broadcast_ssid=1 to the configuration file hostapd.confThis will make the network invisible to regular scanning, but it will still be detectable by specialized sniffers.

Is it possible to distribute WiFi via a laptop's built-in module?

Yes, this is possible if the module driver supports AP mode. However, built-in modules often have limitations on signal strength and the number of simultaneous connections. For stable operation, external adapters are recommended.

How to check how many devices are connected to a hotspot?

Use the command arp -a to view the ARP table or command iw dev wlan0 station dump, which will show detailed information about all connected stations, including signal strength and data transfer rate.