In this Post. I'm going to teach you the Basics of the evil twin attack, Choose the Wireless Adapter, How to Hack?.
1) What is an Evil Twin Attack?
Evil Twin Attack is a Fake Wireless Network that appears as a Genuine Hotspot. The idea is to set up a Malicious wireless network with the Same Name as the original one.
Basically, you are making a Clone of the Wireless network which you want to attack.
Now the Device is connected to a Wi-Fi network that has no way to distinguish between two Wi-Fi networks with the same SSID Name. This enables Hackers to set up a fake wireless network that can capture the traffic and extract personal information from the victims or Key.
2) Anatomy of the Evil Twin Attack:-
- So First off the Attacker scans the target access point information like SSID Name Channel number and MAC address.
- Then, He uses that information to Create a Malicious Wireless network with the same Characteristics.
- Now clients on the Legitimate access point are repeatedly disconnected forcing them to connect to the Malicious access point as soon as the client is connected to the fake wireless network.
- He may start browsing the internet and He will see a Web login page saying Please login to access the Internet.
- Now if the client enters the password he will be redirected to a loading page and the password will be stored in the database of the attacker machine.
Now let's learn about captive portals which are often used in Evil Twin Attack.
So a Captive portal is a web page that is displayed to newly connected users over a Wi-Fi Network Captive Portals are used by Business centers, airports, Coffee shops and other places that offer free Wi-Fi for Internet users.
Users can freely connect to these networks and they will often be directed to a logging page where a password is required before accessing the Internet.
The danger in using these types of networks is that an attacker can create a clone of the wireless network with the same logging page and tricking users to connect to the fake wireless network.
So if this happens then the attacker can capture sensitive information using tools like Wireshark.
3) Choose Your Best Wireless Network Adapter:-
- Open your Kali Linux and open Terminal.
- Then, Type iwconfig (Display all the Wireless Interfaces on your system)
- Choose and Start Wlan0 into Monitor mode by entering airmon-ng. And Type iwconfig again.
- If You see the below output, You successfully changed your wlan0 into Monitor Mode.
- Finally, Check Wireless Adapter that supports Packet Injection by type this command aireplay-ng --test wlan0mon.
- If you see 100% in the terminal, Your wireless is supported for this. if the Number is zero then it means that your wireless card does not support injection.
0 Comments