Evil Twin Attack Methodology

  • Not a member? Join our community and get access to all private sections on this forum.
    (free membership ends in 7hrs 15mins)
    BlackHatNaija Countdown Timer

Web Hosting

Tevcy

Active member
Apr 6, 2018
241
28
28
20
Lagos
www.jefftechs.com
#1
🌀Evil Twin Attack Methodology🌀

Ⓜ️Step 1: We will first scan the air for a target access point. Then create an access point using airbase-ng with the same name and channel of the target access point, hence Evil TWIN attack.

Ⓜ️Step 2:The client is now disconnected repeatedly from the original access point and as most modern system’s setting says… “Connect back to same ESSID (AP name) if disconnects”.

This also happens because when the client disconnects from any access point it starts sending probe requests in the air with the name of the access point it connected to earlier. Hence BSSID isn’t a barrier, you just need ESSID to spoof the AP

Ⓜ️Step 3: Clients is now connected to the Evil Twin access point and now client may start browsing Internet.

Ⓜ️Step 4: Client will see a web administrator warning saying “Enter WPA password to download and upgrade the router firmware”

Ⓜ️Step 5: The moment client enters the password, s/he will be redirected to a loading page and the password will be stored in the MySQL database of the attacker machine

Follow @Tevcy For More