Hack WiFi Using Ewil Twin Attack
An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications. The evil twin is the wireless LAN equivalent of the phishing scam.
About Fluxion :
Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) fewer bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read more about fluxion here.
● A Linux-based operating system, I'm using Kali Linux
● A WiFi Adaptor that support packet injection : Amazon India
How to Use? :
● Open Terminal and Clone Fluxion repo :
git clone https://github.com/thehackingsage/Fluxion.git
● Move to fluxion directory :
● Run fluxion :
If all required file are updated and installed then fluxion will run, otherwise a list of unavailable files will show.
● Install required file :
cd install && ./install.sh
It will install all required files. Now you are ready to run Fluxion.
● go back to Fluxion folder :
● Run Fluxion :
● Select Language. (I prefer English)
● Select Channel. (I prefer All channels)
It will start scanning your nearby networks on all channels. Press CTRL + C to stop the search.
● Enter ID of the channel you want to crack.
● Select Attack option. (I prefer FakeAP - Hostpad)
● Select Handshake Location. (Hit Enter)
● Select Handshake check. (I prefer Pyrit)
● Select Capture Handshake option. (I prefer Deauth All)
● Now wait for the Handshake and After handshake is captured close both terminal.
● In Status Handshake select Check handshake.
● Now Select Create a SSL Certification.
● Select Web Interface.
● Select Login Page Language.
● Now wait for the user to connect to our open twin Ap and enter key for authentication.
● After a user is connected he/she has to enter the password.
● As soon as he/she enters the password, we get it.
That's It.. ✌🏾