How To Secure Yourself From Evil Twin Attack


Hello, in this article you are going to learn how to evil twin attack works and how to secure yourself from getting hacked using evil twin attacks. This is one of the best methods to hack wifi without using either wordlist or reaver or any other method. This method is called EVIL TWIN ATTACK. Evil twin creates a new fake access point and lures the victim into entering their password. Unlike other methods, this method chances of hacking wifi passwords are 95%, only a few routers are secured from an evil twin attacks.

No reaver, No Wordlist, No normal tricks – Best way to hack wifi in Linux


Evil twin attack creates a fake access point as same as the network that we want to hack and deauthenticate them from their network and stops their connectivity. Then the victim tries to connects to their network and finds the new network with the same name as their network and connects to it, so times windows disconnects from its original network and connects to the fake free network and in which appears a new web page which asks the victim to enter their wifi password and unless they enter it, they can’t access wifi. That’s how it works, easy, simple and the best way to hack wifi without using wordlist easily. 



THIS IS MERELY CREATED FOR EDUCATIONAL & ETHICAL PURPOSE, AUTHOR IS NOT RESPONSIBLE FOR ANY ILLEGAL ACTIVITIES DONE BY THE VISITORS


What is Evil Twin Attack?

An evil twin is a fake Wi-Fi access point that appears to be legitimate, set up to capture credentials on wireless communications. The evil twin method is same as phishing anything. Evil twin method creates a new phishing page which sends credentials over a LAN network.
This type of attack may be used to steal the passwords of unsuspecting users, either by monitoring their connections or by phishing, which involves setting up a fraudulent website and luring people there. Often, users are unaware they have been hacked until well after the incident has occurred.
  


How Evil Twin Attack Works?

Fake access points are set up by configuring a wireless card to act as an access point (known as HOSTAP). They are hard to trace since they can be shut off instantly. The counterfeit access point may be given the same SSID and BSSID as a nearby Wi-Fi network. The evil twin can be configured to pass Internet traffic through to the legitimate access point while monitoring the victim's connection, or it can simply say the system is temporarily unavailable after obtaining a username and password. 


Process of Evil Twin Attack

1)   Scan the networks.
2)   Select network.
3)   Capture handshake (can be used without handshake)
4) We choose one of several web interfaces tailored for me (thanks to the collaboration of the users)
5)   Mounts one FakeAP imitating the original
6)   A DHCP server is created on FakeAP
7)   It creates a DNS server to redirect all requests to the Host
8)   The web server with the selected interface is launched
9) The mechanism is launched to check the validity of the passwords that will be introduced
10) It deauthentificate all users of the network, hoping to connect to FakeAP and enter the password.
11)  The attack will stop after the correct password checking




Requirements To hack Wifi Password Without using Wordlist


1)   Laptop
2)   WifiSlax (Operating System)
3)   Lineset (Mostly Inbuilt)
4)   Pendrive or Flash Drive (2gb or higher)
5) Universal USB Installer


Software Requirements for Linset 

Aircrack-ng
Aireplay-ng
Airmon-ng
Airodump-ng
Awk
Curl
Dhcpd
Hostapd
Iwconfig
Lighttpd
Macchanger
Mdk3
Php5-cgi
Pyrit
Python
Unzip
Xterm
As it’s a BASH script, there’s quite a list of external apps required to perform evil twin attack successfully, so we use Lineset. 

How To Secure Yourself From Evil Twin Attack 

1) Do not connect to any public networks, anyone can sniff your data while you are on a public network.Evil Twin attack will be performed as a public network, so wherever possible restrict connecting to any open or public networks mainly if it wifi name is same as your wifi name

2) When your internet connection suddenly stops working, you might be under DOS attack using evil twin attack, just restart the router and the hacker need to restart the attack and as it takes some time.  Maybe they leave it or continue some other time 

3) Running a VPN to ensure that any browsing and transmitted data is done through an encrypted tunnel that cannot be easily snooped. 

4) Do not always rely on the name of the network, make sure it is a legitimate and trusted network or not. 


What is WifiSlax and Why WifiSlax


Wifislax is one of the best Spanish Linux Operating system. It is one of the most famous operating system for wifi hacking, to be precise this linux based operating system is for hacking wifi networks. WifiSlax has all inbuilt tools required to hack wifi, of course, linset as well. So for this tutorial, I am using WifiSlax. 


How To Secure Yourself From Evil Twin Attack 

1) Do not connect to any public networks, anyone can sniff your data while you are on a public network.Evil Twin attack will be performed as a public network, so wherever possible restrict connecting to any open or public networks mainly if it wifi name is same as your wifi name

2) When your internet connection suddenly stops working, you might be under DOS attack using evil twin attack, just restart the router and the hacker need to restart the attack and as it takes some time.  Maybe they leave it or continue some other time 

3) Running a VPN to ensure that any browsing and transmitted data is done through an encrypted tunnel that cannot be easily snooped. 

4) Do not always rely on the name of the network, make sure it is a legitimate and trusted network or not. 



=============     Hacking Don't Need Agreements     ============
Just Remember One Thing You Don't Need To Seek Anyone's  To Hack Anything Or Anyone As Long As It Is Ethical, This Is The Main Principle Of Hacking Dream
                           Thank You for Reading, Hope It's Useful 

I Will Be Very Happy To Help You So For Queries or Any Problem Comment Below Or You Can Mail Me At Bhanu@HackingDream.net
Bhanu Namikaze

Bhanu Namikaze is an Ethical Hacker, Security Analyst, Blogger, Web Developer and a Mechanical Engineer. He Enjoys writing articles, Blogging, Debugging Errors and Capture the Flags. Enjoy Learning; There is Nothing Like Absolute Defeat - Try and try until you Succeed.

1 comment:

  1. How do you know when the handshake capturing process is complete

    ReplyDelete