×

Evil Twin in Kali Linux

Evil Twin in Kali Linux

Android hacking Apr 12 2024HackerHub8 Blogevil twin attack, Wireless Hacking, cyber tools, kali tools, web hacking
Android hacking

How does Evil Twin Attack work?

This attack creates a false access point (captive login portal) and forces the victim/user to enter their wifi password to this fake access point by de-authenticating them from the real access point; once the password is entered, the victim/user is redirected to the real access point.

 

Tool Required:

1. External Wifi Adapter which supports Monitor Mode & Packet Injection.

How to hack a wifi using Evil Twin Attack?

Step 1: To hack with this technique will be using a tool called Airgeddon. So, clone the Airgeddon’s GitHub Repo to your Kali Machine at any desired location.

 
git clone https://github.com/v1s1t0r1sh3r3/airgeddon.git

Step 2: Switch the Wifi Adapter’s mode to Monitor Mode, with the following command.

sudo airmon-ng check kill
sudo airmon-ng start wlan0
  • airmon-ng check kill – kills the unwanted application, that might interfere the process. 
  • airmon-ng start wlan0 – make the interface i.e. wlan0 switch to Monitor Mode.

image1.png

 

Step 3: Now run the Airgeddon tool that we’ve installed, with root permission.

cd airgeddon
sudo ./airgeddon.sh

image2-660x189.png

 

Step 4: Press Enter, to check if necessary tools are installed or not.

 
 

image3-660x440.png

 

Step 5: Now select the interface to use, in this case, it’s wlan0

image4-660x277.png

 

Step 6: Select Evil Twin Attacks Menu by entering the corresponding number 7.

image5-660x505.png

 

Step 7: From Evil Twin Attacks Menu, select the 9th option Evil Twin AP attack with the captive portal (monitor mode needed).

image6-660x564.png

 

Step 8: Enter y to not to make DOS attack, being part of the Evil Twin Attack. Then, press Enter to discover targets.

image7-660x189.png

 

You’ll be prompted a terminal, discovering wi-fi targets.

image8-660x391.png

 

Press Ctrl+C to exit you if see your target in the terminal.

 

Step 9: By entering the corresponding number, choose Target. eg. 2 [Current Target]

image9-660x278.png

 

Step 10: Now, press 2 to perform Deauth with aireplay-ng.

image10-660x418.png

 

Step 11: Now deny it to perform “Dos pursuit mode” by entering N.

image11-660x129.png

 

Step 12: Press y to spoof your MAC Address.

image12-660x387.png

 

Step 13: The attack requires a handshake file. If you have the file, press y and enter the path of captured handshake else press n to capture the new handshake.

Then enter the amount to timeout or leave it default and press enter to capture the handshake file.

image13-660x484.png

 

Now, two windows will prompt:

image14.png

 

  • Window 1: Capturing Handshake
  • Window 2: Performing Deauth Attack

When the Deauth is complete and a handshake is captured, it will congratulate you and ask where to save the captured handshake.

Step 14: Select your language and hit enter to start the Evil Twin Attack.

image15.png

 

On pre-connected devices, a fake access point will appear, forcing the user to disconnect from the real access point and proceed to the attacker’s captive portal.

image16.png

 

When the target attempts to connect to a fake access point, he or she will be redirected to a captive portal to enter the password, and if the user enters the password, it will be displayed in the Control Window.

image17.png

 


follow us

Telegram-black?style=for-the-badge&logo=Telegram

INSTAGRAM-purple?style=for-the-badge&logo=instagram

Tags

web hackinghackingCyber newsHackersCyber AttackcyberHacking NewsKali-linux Hackingweb toolAttack

Your Better experience on this site will be improved by allowing cookies Cookie Policy