- 21 Nis 2020
- 1,208
- 683
Evil Twin Access Point is an attack carried out by attackers by cloning AP in order to confuse the target system and by allowing users to start a new AP. In this way, they can capture all the information.
Method is a method in which WPA and WPA2 Modem passwords are broken.
the information is accessed by capturing their modems through the password that the victims enter into the cloned modem.
We select our Target Network, view the devices connected to the network (to see how many devices are connected to the modem) Then we make a Deauth Attack on the device we selected, disconnect the internet connection and capture the Handshake File while connecting. So the modem password.
After this process, we create a fake network with the name of the wifi network that we will attack and disconnect the target's internet connection. When the target wants to reconnect, it will not be able to connect to the original network, it will connect to the fake network we opened, then the fake network will disappear and the original network will remain. The password he entered while connecting to the fake network will come to us. In short, our attack takes place in this way.
I will explain more detailed below;
If you wish, videos about the attack;
Installation video of the Program we use:
[ame="https://www.youtube.com/watch?v=SQAjMQYcymI"]Program[/ame]
Evil Twin Attack (Video)
[ame="https://www.youtube.com/watch?v=yCQyvewym6Q"]Evil Twin Attack[/ame]
Required Elements:
Atheros AR9271 , Ralink RT3070 , Ralink RT3572 , Realtek 8187L (Wireless G adaptores) , Realtek RTL8812AU (2017 verion) wireless network adapter with chipsets.
Kali Linux ( preferably)
https://github.com/wi-fi-analyzer/fluxion
Handshake (Of course I will teach how to do it.)
NOTE: THIS PENTEST PROCESS IS COMPLETELY FOR EDUCATION. YOU WILL COME AGAINST THE LAWS IF THE SYSTEMS ARE ATTACKED, SO WE DO NOT ACCEPT LIABILITY.
Let's connect our wireless network adapter to our Kali Linux operating system and we will switch it to monitor mode.
Mode : It appears to be managed. Let's use the following command;
We switch from Managed mode to Monitor mode.
Our next action is to catch a handshake;
Networks around us began to appear.
CTRL+C doing this, we stop the scan and let's enter the command;
Handshake is done.
Fluxion Let's Download The Program;
After entering the commands in order, we wait for the installation.
cd.. using this command, we go to the target path
./fluxion.sh using this command, we run the program.
You can select every language you wish, the original author chose Turkish
We select All Channels (1) and press Enter.
We scan networks and stop scanning by doing CTRL+C . Let's select the target net and press enter.
We use the recommended option, type (1) and press Enter.
Path: Here we specify the path to the handshake file and press enter, then the attack will begin. When the target enters the password, the fake AP will be turned off and the password will be on the screen.
If you want to review our previous articles on the subject; (All Turkish)
https://www.turkhackteam.org/linux/1777630-wpa2-wifi-hack-seytani-ikiz-saldirisi-argon.html
https://www.turkhackteam.org/hack-videolari/1842246-seytani-ikiz-saldirisi-kablosuz-ag-hacking-pentester.html
Thanks. Have Good Works.
Source: https://www.turkhackteam.org/siber-guvenlik/1943143-seytan-ikiz-erisim-noktasi-evil-twin-access-point.html
Translator: @Dolyetyus
Method is a method in which WPA and WPA2 Modem passwords are broken.
the information is accessed by capturing their modems through the password that the victims enter into the cloned modem.
We select our Target Network, view the devices connected to the network (to see how many devices are connected to the modem) Then we make a Deauth Attack on the device we selected, disconnect the internet connection and capture the Handshake File while connecting. So the modem password.
After this process, we create a fake network with the name of the wifi network that we will attack and disconnect the target's internet connection. When the target wants to reconnect, it will not be able to connect to the original network, it will connect to the fake network we opened, then the fake network will disappear and the original network will remain. The password he entered while connecting to the fake network will come to us. In short, our attack takes place in this way.
I will explain more detailed below;
If you wish, videos about the attack;
Installation video of the Program we use:
[ame="https://www.youtube.com/watch?v=SQAjMQYcymI"]Program[/ame]
Evil Twin Attack (Video)
[ame="https://www.youtube.com/watch?v=yCQyvewym6Q"]Evil Twin Attack[/ame]
Required Elements:
Atheros AR9271 , Ralink RT3070 , Ralink RT3572 , Realtek 8187L (Wireless G adaptores) , Realtek RTL8812AU (2017 verion) wireless network adapter with chipsets.
Kali Linux ( preferably)
https://github.com/wi-fi-analyzer/fluxion
Handshake (Of course I will teach how to do it.)
NOTE: THIS PENTEST PROCESS IS COMPLETELY FOR EDUCATION. YOU WILL COME AGAINST THE LAWS IF THE SYSTEMS ARE ATTACKED, SO WE DO NOT ACCEPT LIABILITY.
Let's connect our wireless network adapter to our Kali Linux operating system and we will switch it to monitor mode.
Mode : It appears to be managed. Let's use the following command;
Kod:
airmon-ng start wlan0
We switch from Managed mode to Monitor mode.
Our next action is to catch a handshake;
Kod:
airodump-ng wlan0mon
Networks around us began to appear.
CTRL+C doing this, we stop the scan and let's enter the command;
Kod:
airodump-ng --bssid (Target Bssid) --channel (Target Channel) --write handshake-01 wlan0mon
Handshake is done.
Fluxion Let's Download The Program;
Kod:
cd Desktop
git clone https://github.com/wi-fi-analyzer/fluxion
cd fluxion-master
cd install
./install.sh
After entering the commands in order, we wait for the installation.
cd.. using this command, we go to the target path
./fluxion.sh using this command, we run the program.
You can select every language you wish, the original author chose Turkish
We select All Channels (1) and press Enter.
We scan networks and stop scanning by doing CTRL+C . Let's select the target net and press enter.
We use the recommended option, type (1) and press Enter.
Path: Here we specify the path to the handshake file and press enter, then the attack will begin. When the target enters the password, the fake AP will be turned off and the password will be on the screen.
If you want to review our previous articles on the subject; (All Turkish)
https://www.turkhackteam.org/linux/1777630-wpa2-wifi-hack-seytani-ikiz-saldirisi-argon.html
https://www.turkhackteam.org/hack-videolari/1842246-seytani-ikiz-saldirisi-kablosuz-ag-hacking-pentester.html
Thanks. Have Good Works.
Source: https://www.turkhackteam.org/siber-guvenlik/1943143-seytan-ikiz-erisim-noktasi-evil-twin-access-point.html
Translator: @Dolyetyus