Get A Free Quotation

Call

Make A Call

+919044264043

Email

Drop An Email

[email protected]

Whatsapp

Chat On WhatsApp

wa.me/+919044264043

Meeting

Schedule A Meeting

cal.com/hacktronian

  • Posted on
  • Tue, 02 Feb 2021

Hack WiFi Using Ewil Twin Attack

Hack WiFi Using Ewil Twin Attack

An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications. The evil twin is the wireless LAN equivalent of the phishing scam.

Ewil Twin Attack

Fluxion :

Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) fewer bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read more about fluxion here.

Requirements :

  • A Linux-based operating system, I'm using Kali Linux
  • A WiFi Adaptor that support packet injection : Amazon India
Fluxion

How to Use?

  • Open Terminal and Clone Fluxion repo :
    git clone https://github.com/thehackingsage/Fluxion.git
Fluxion Github
Git Clone Fluxion
  • Move to fluxion directory : cd fluxion
  • Run fluxion : ./fluxion.sh
Run Fluxion
  • If all required file are updated and installed then fluxion will run, otherwise a list of unavailable files will show.
Update Fluxion
  • Install required file : cd install && ./install.sh
Install Required File
  • It will install all required files. Now you are ready to run Fluxion.
Ready to Run Fluxion
  • go back to Fluxion folder : cd ..
    and run Fluxion : ./fluxion.sh
Run Fluxion Again
  • Select Language. (I prefer English)
Select Language
  • Select Channel. (I prefer All channels)
Select Channel
  • It will start scanning your nearby networks on all channels. Press CTRL + C to stop the search.
Scanning Networks
  • Enter ID of the channel you want to crack.
Enter ID of The Channel
  • Select Attack option. (I prefer FakeAP - Hostpad)
FakeAP - Hostpad
  • Select Handshake Location. (Hit Enter)
Handshake Location
  • Select Handshake check. (I prefer Pyrit)
Pyrit
  • Select Capture Handshake option. (I prefer Deauth All)
Capture Handshake
  • Now wait for the Handshake and After handshake is captured close both terminal.
Handshake Captured
  • In Status Handshake select Check handshake.
Check Handshake
  • Now Select Create a SSL Certification.
SSL Certification
  • Select Web Interface.
Web Interface
  • Select Login Page Language.
Select Login Page Language
Select Login Page Language English
  • Now wait for the user to connect to our open twin access point and enter key for authentication.
Fake Access Point
User Connected
  • After a user is connected he has to enter the password.
Pop-up Page
Enter The Password
  • Once the user enters their password on the pop-up page, the attack is complete and the credentials are saved.
We Get Credentials

In conclusion, while the Evil Twin Attack is a fascinating concept to explore, it's crucial to remember its ethical implications. Using this technique without proper authorization is illegal and can have severe consequences. It's essential to prioritize online security and avoid falling victim to such attacks.

Instead of exploiting vulnerabilities, focus on protecting your own network and devices. Here are some preventive measures:

  • Strong passwords: Use complex, unique passwords for your Wi-Fi network and devices.
  • Avoid public Wi-Fi: Whenever possible, stick to secure, private networks.
  • Keep software updated: Ensure your operating system and router firmware are up-to-date with the latest security patches.
  • Use a VPN: A Virtual Private Network (VPN) can encrypt your internet traffic, making it more difficult for attackers to intercept your data.

By following these guidelines, you can significantly reduce your risk of falling victim to the Evil Twin Attack and other cyber threats.