Evil Twin Attack Methodology

 πŸ”†πŸ”†


Ⓜ️Step 1: We will first scan the air for a target access point. Then create an access point using airbase-ng with the same name and channel of the target access point, hence Evil TWIN attack.


Ⓜ️Step 2:The client is now disconnected repeatedly from the  original access point and as most modern system’s setting says… “Connect back to same ESSID (AP name) if disconnects”.


This also happens because when the client disconnects from any access point it starts sending probe requests in the air with the name of the access point it connected to earlier. Hence BSSID isn’t a barrier, you just need ESSID to spoof the AP


Ⓜ️Step 3: Clients is now connected to the Evil Twin access point and now client may start browsing Internet.


Ⓜ️Step 4: Client will see a web administrator warning saying “Enter WPA password to download and upgrade the router firmware”


Ⓜ️Step 5: The moment client enters the password, s/he will be redirected to a loading page and the password will be stored in the MySQL database of the attacker machine


Enjoy! Follow us for more...

No comments:

Post a Comment

What is Prototype content functions in JavaScript Framework Programming.mp4

  Download now Enjoy! Follow us for more...